OK, I should know better. I clicked on a link in an email which was made to look like a USPS Informed Delivery email. Here is what it really is.
From: [email protected]
The link’s actual URL: Payamsamini.com/wp-content/manipulativesg.html
I did not get a good look at the site because I went right to Task Manager and ended my Firefox session. It was prompting me for a username/password and it was speaking. Then I immediately did a Restart.
I don’t see any problems with my PC, but would like gtg to check it out just to make sure.
I have the free version of Avast and ran the full scan. No problems detected.
I have the free version of Malwarebytes and ran the scan. No problems detected.
Thank you.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by WAYNE (administrator) on WAYNE-HP (21-03-2019 07:20:26)
Running from C:\Users\WAYNE\Desktop
Loaded Profiles: WAYNE (Available Profiles: WAYNE & HP_Administrator & DefaultAppPool)
Platform: Windows 10 Home Version 1803 17134.648 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Carbonite -> Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Shenzhen Moyea Software -> ) C:\Program Files (x86)\Common Files\Appkeys\yytool64.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(PDF Complete -> PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(American Power Conversion -> Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(American Power Conversion -> Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Panda Security S.L -> Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intuit, Inc. -> Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
(Intuit, Inc. -> Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19011.19410.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [VDownloader] => C:\Program Files\VDownloader\VDownloader4.exe [13982720 2018-07-27] (Vitzo) [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [260488 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-01-18] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Display] => C:\Program Files (x86)\APC\PowerChute Personal Edition\DataCollectionLauncher.exe [284024 2012-01-24] (American Power Conversion -> Schneider Electric)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [4426560 2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1509049480\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc. -> AOL Inc.)
HKLM-x32\...\Run: [WDDiscovery] => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe [56894944 2017-12-10] (Western Digital Technologies, Inc. -> Western Digital Corporation)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2309008 2017-09-19] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [21888 2017-10-04] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [Carbonite Backup] => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1278568 2018-02-02] (Carbonite -> Carbonite, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [260488 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\Run: [AOL Fast Start] => C:\Program Files (x86)\AOL Desktop 9.8.2\AOL.EXE [80816 2016-09-22] (AOL Inc. -> AOL Inc.)
HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22488952 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\Installer\chrmstp.exe [2019-03-06] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\APC UPS Status.lnk [2015-07-17]
ShortcutTarget: APC UPS Status.lnk -> C:\Program Files (x86)\APC\PowerChute Personal Edition\Display.exe (American Power Conversion -> Schneider Electric)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5e6a6013-3e02-4f95-8d28-f803ea3d142d}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{f07011c9-a074-4415-a7c9-4344a2cbebd4}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP
SearchScopes: HKU\.DEFAULT -> {0D11E902-D1C8-47D3-A1B4-C5BB9C28A6CA} URL =
SearchScopes: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000 -> {0D11E902-D1C8-47D3-A1B4-C5BB9C28A6CA} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2019-01-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2019-01-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2019-01-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (Hewlett-Packard Company -> HP Inc.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH -> Eyeo GmbH)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation) [File not signed]
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2019-01-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (Hewlett-Packard Company -> HP Inc.)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH -> Eyeo GmbH)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {9191F686-7F0A-441D-8A98-2FE3AC1BD913} hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: utl96ugn.default-1464816063778-1546823453901
FF ProfilePath: C:\Users\WAYNE\AppData\Roaming\TomTom\HOME\Profiles\2td2jy9v.default [2016-08-07]
FF Extension: (No Name) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\[email protected] [not found]
FF ProfilePath: C:\Users\WAYNE\AppData\Roaming\Mozilla\Firefox\Profiles\crexsguw.Test profile [2019-03-19]
FF Homepage: Mozilla\Firefox\Profiles\crexsguw.Test profile -> hxxps://www.yahoo.com/?fr=hp-avast&type=avastbcl
FF NewTab: Mozilla\Firefox\Profiles\crexsguw.Test profile -> about:newtab
FF Extension: (Avast SafePrice) - C:\Users\WAYNE\AppData\Roaming\Mozilla\Firefox\Profiles\crexsguw.Test profile\Extensions\[email protected] [2018-04-07] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/sp/update.json]
FF Extension: (Avast Online Security) - C:\Users\WAYNE\AppData\Roaming\Mozilla\Firefox\Profiles\crexsguw.Test profile\Extensions\[email protected] [2018-06-30]
FF SearchPlugin: C:\Users\WAYNE\AppData\Roaming\Mozilla\Firefox\Profiles\crexsguw.Test profile\searchplugins\yahoo-avast.xml [2015-12-29]
FF ProfilePath: C:\Users\WAYNE\AppData\Roaming\Mozilla\Firefox\Profiles\utl96ugn.default-1464816063778-1546823453901 [2019-03-21]
FF Extension: (Avast Online Security) - C:\Users\WAYNE\AppData\Roaming\Mozilla\Firefox\Profiles\utl96ugn.default-1464816063778-1546823453901\Extensions\[email protected] [2019-03-19]
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension => not found
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-07-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @pandasecurity.com/activescan -> C:\Program Files (x86)\Panda Security\ActiveScan 2.0\npwrapper.dll [2010-07-27] (Panda Security S.L -> Panda Security, S.L.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @viewpoint.com/VMP -> C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll [No File]
FF Plugin HKU\S-1-5-21-3431438650-1370896122-3677072999-1000: @citrixonline.com/appdetectorplugin -> C:\Users\WAYNE\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-07-27] (Citrix Online -> Citrix Online)
FF Plugin HKU\S-1-5-21-3431438650-1370896122-3677072999-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101710.dll [2012-08-06] (Amazon.com, Inc.) [File not signed]
Chrome:
=======
CHR Profile: C:\Users\WAYNE\AppData\Local\Google\Chrome\User Data\Default [2019-01-13]
CHR Extension: (Slides) - C:\Users\WAYNE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-07-10]
CHR Extension: (Docs) - C:\Users\WAYNE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-10]
CHR Extension: (Google Drive) - C:\Users\WAYNE\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-10]
CHR Extension: (YouTube) - C:\Users\WAYNE\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-10]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\WAYNE\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-01-06]
CHR Extension: (Sheets) - C:\Users\WAYNE\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-07-10]
CHR Extension: (Google Docs Offline) - C:\Users\WAYNE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-18]
CHR Extension: (Avast Online Security) - C:\Users\WAYNE\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-11-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\WAYNE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-10]
CHR Extension: (Gmail) - C:\Users\WAYNE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-10]
CHR Extension: (Chrome Media Router) - C:\Users\WAYNE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-06]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [255472 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R2 APC Data Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe [21880 2012-01-24] (American Power Conversion -> Schneider Electric)
R2 APC UPS Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe [705912 2012-01-24] (American Power Conversion -> Schneider Electric)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6570352 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [360440 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058392 2017-12-12] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [347512 2018-12-06] (HP Inc. -> HP Inc.)
S2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc. -> HP Inc.)
R2 Leawo_service; C:\Program Files (x86)\Common Files\Appkeys\yytool64.exe [1114608 2016-01-22] (Shenzhen Moyea Software -> )
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-19] (Hewlett-Packard Company) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [635416 2009-10-14] (PDF Complete -> PDF Complete Inc)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
S3 WD Backup Drive Helper; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [19360 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Drive Helper; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [19360 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [19360 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [19360 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [355184 2017-09-19] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4403496 2019-01-09] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 amdiox64; C:\WINDOWS\System32\DRIVERS\amdiox64.sys [46136 2010-02-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [21648880 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [674288 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [82600 2013-03-31] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [42664 2013-03-31] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37320 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205608 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [254408 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196304 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320904 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [58168 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-07] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [249152 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42496 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [169104 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112520 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88152 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034640 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [476256 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [220632 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380160 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R0 AtiPcie; C:\WINDOWS\System32\drivers\AtiPcie64.sys [16440 2010-03-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.)
R3 BrSerIb; C:\WINDOWS\system32\DRIVERS\BrSerIb.sys [95344 2013-11-21] (Brother Industries, Ltd. -> Brother Industries Ltd.)
R3 BrUsbSIb; C:\WINDOWS\system32\DRIVERS\BrUsbSIb.sys [21872 2013-11-21] (Brother Industries, Ltd. -> Brother Industries Ltd.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [274416 2019-03-20] (Malwarebytes Corporation -> Malwarebytes)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2013-08-06] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [47632 2010-01-26] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R0 pavboot; C:\WINDOWS\System32\drivers\pavboot64.sys [33800 2009-06-30] (Panda Security S.L -> Panda Security, S.L.)
S3 rcmirror; C:\WINDOWS\System32\DRIVERS\rcmirror.sys [4608 2010-01-18] (Hewlett-Packard Company -> Windows ® Win 7 DDK provider)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-11] (Microsoft Windows -> Realtek )
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R3 wanatw; C:\WINDOWS\System32\drivers\wanatw64.sys [24064 2006-11-29] (Microsoft Windows Hardware Compatibility Publisher -> America Online, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-03-21 07:20 - 2019-03-21 07:21 - 000031087 _____ C:\Users\WAYNE\Desktop\FRST.txt
2019-03-21 07:20 - 2019-03-21 07:20 - 000000000 ____D C:\FRST
2019-03-21 07:17 - 2019-03-21 07:17 - 002434048 _____ (Farbar) C:\Users\WAYNE\Desktop\FRST64.exe
2019-03-20 18:01 - 2019-03-20 18:01 - 000274416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-03-20 10:56 - 2019-03-20 11:10 - 000008899 _____ C:\Users\WAYNE\Documents\Tickets.xlsx
2019-03-19 22:08 - 2019-03-19 22:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-03-19 15:48 - 2019-03-19 15:48 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2019-03-19 15:48 - 2019-03-19 15:48 - 000047800 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2019-03-19 15:48 - 2019-03-19 15:48 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2019-03-19 15:48 - 2019-03-19 15:48 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2019-03-19 01:03 - 2019-03-19 01:02 - 000362888 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-03-18 17:35 - 2019-03-18 17:36 - 001009696 _____ C:\Users\WAYNE\Documents\pro reverb guitar center.pdf
2019-03-13 09:38 - 2019-03-13 09:38 - 000010731 _____ C:\Users\WAYNE\Documents\Awakening Spring 2019 Roster.xlsx
2019-03-13 05:15 - 2019-03-06 11:39 - 000720536 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-03-13 05:15 - 2019-03-06 11:37 - 001616608 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-03-13 05:15 - 2019-03-06 11:17 - 012730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-03-13 05:15 - 2019-03-06 11:14 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-03-13 05:15 - 2019-03-06 11:13 - 001856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-03-13 05:15 - 2019-03-06 11:13 - 001662976 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-03-13 05:15 - 2019-03-06 11:13 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-03-13 05:15 - 2019-03-06 08:09 - 011919360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-03-13 05:15 - 2019-03-06 08:05 - 004054016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-03-13 05:15 - 2019-03-06 08:04 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-03-13 05:15 - 2019-03-06 05:29 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-03-13 05:15 - 2019-03-06 05:16 - 002822456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-03-13 05:15 - 2019-03-06 05:16 - 001188000 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-03-13 05:15 - 2019-03-06 05:07 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-03-13 05:15 - 2019-03-06 05:07 - 001023800 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-03-13 05:15 - 2019-03-06 05:06 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-03-13 05:15 - 2019-03-06 05:04 - 002765856 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-03-13 05:15 - 2019-03-06 05:04 - 000628024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpx.dll
2019-03-13 05:15 - 2019-03-06 05:03 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-03-13 05:15 - 2019-03-06 05:03 - 002465784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-03-13 05:15 - 2019-03-06 05:02 - 002421048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-03-13 05:15 - 2019-03-06 04:44 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-03-13 05:15 - 2019-03-06 04:36 - 022716928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-03-13 05:15 - 2019-03-06 04:36 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-03-13 05:15 - 2019-03-06 04:34 - 004866048 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-03-13 05:15 - 2019-03-06 04:32 - 003399168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-03-13 05:15 - 2019-03-06 04:31 - 007598592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-03-13 05:15 - 2019-03-06 04:31 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-03-13 05:15 - 2019-03-06 04:31 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-03-13 05:15 - 2019-03-06 04:31 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-03-13 05:15 - 2019-03-06 04:31 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-03-13 05:15 - 2019-03-06 04:29 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2019-03-13 05:15 - 2019-03-06 04:29 - 002174976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-03-13 05:15 - 2019-03-06 04:29 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-03-13 05:15 - 2019-03-06 04:28 - 004937728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-03-13 05:15 - 2019-03-06 04:28 - 001803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-03-13 05:15 - 2019-03-06 04:27 - 002224640 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-03-13 05:15 - 2019-03-06 04:27 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-03-13 05:15 - 2019-03-06 02:17 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-03-13 05:15 - 2019-03-06 02:15 - 002253488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-03-13 05:15 - 2019-03-06 02:14 - 006568528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-03-13 05:15 - 2019-03-06 02:14 - 000785568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-03-13 05:15 - 2019-03-06 02:05 - 022018048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-03-13 05:15 - 2019-03-06 01:56 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-03-13 05:15 - 2019-03-06 01:53 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-03-13 05:15 - 2019-03-06 01:53 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-03-13 05:15 - 2019-03-06 01:52 - 005790720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-03-13 05:15 - 2019-03-06 01:50 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-03-13 05:15 - 2019-03-06 01:49 - 004516352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-03-13 05:15 - 2019-03-06 01:48 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-03-13 05:15 - 2019-03-06 01:48 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-03-13 05:15 - 2019-02-16 09:02 - 002871304 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-03-13 05:15 - 2019-02-16 09:02 - 001644040 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-03-13 05:15 - 2019-02-16 09:02 - 000808456 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-03-13 05:15 - 2019-02-16 09:02 - 000735752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-03-13 05:15 - 2019-02-16 09:02 - 000620040 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-03-13 05:15 - 2019-02-16 09:02 - 000460296 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-03-13 05:15 - 2019-02-16 09:02 - 000322568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-03-13 05:15 - 2019-02-16 08:57 - 001048472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-03-13 05:15 - 2019-02-16 08:53 - 001516416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-03-13 05:15 - 2019-02-16 08:34 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-03-13 05:15 - 2019-02-16 08:33 - 001786880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-03-13 05:15 - 2019-02-16 08:32 - 003646976 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-03-13 05:15 - 2019-02-16 08:32 - 002051072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-03-13 05:15 - 2019-02-16 08:31 - 001271808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2019-03-13 05:15 - 2019-02-16 08:22 - 001322176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-03-13 05:15 - 2019-02-16 08:06 - 002890752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-03-13 05:15 - 2019-02-16 06:24 - 023862272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-03-13 05:15 - 2019-02-16 06:22 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-03-13 05:15 - 2019-02-16 04:16 - 000511800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-03-13 05:15 - 2019-02-16 04:15 - 000505656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-03-13 05:15 - 2019-02-16 04:03 - 007901392 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2019-03-13 05:15 - 2019-02-16 04:03 - 005625360 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-03-13 05:15 - 2019-02-16 04:02 - 005821440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2019-03-13 05:15 - 2019-02-16 04:02 - 003291632 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-03-13 05:15 - 2019-02-16 04:02 - 001934800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-03-13 05:15 - 2019-02-16 04:02 - 001792712 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2019-03-13 05:15 - 2019-02-16 04:01 - 001209696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-03-13 05:15 - 2019-02-16 04:01 - 001014344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-03-13 05:15 - 2019-02-16 04:01 - 000735464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-03-13 05:15 - 2019-02-16 03:57 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-03-13 05:15 - 2019-02-16 03:51 - 002479168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-03-13 05:15 - 2019-02-16 03:51 - 001584536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2019-03-13 05:15 - 2019-02-16 03:50 - 001171336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-03-13 05:15 - 2019-02-16 03:50 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-03-13 05:15 - 2019-02-16 03:37 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2019-03-13 05:15 - 2019-02-16 03:36 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2019-03-13 05:15 - 2019-02-16 03:36 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-03-13 05:15 - 2019-02-16 03:35 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-03-13 05:15 - 2019-02-16 03:35 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-03-13 05:15 - 2019-02-16 03:34 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2019-03-13 05:15 - 2019-02-16 03:33 - 006646784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2019-03-13 05:15 - 2019-02-16 03:33 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-03-13 05:15 - 2019-02-16 03:32 - 002969088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-03-13 05:15 - 2019-02-16 03:31 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2019-03-13 05:15 - 2019-02-16 03:29 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-03-13 05:15 - 2019-02-16 03:28 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2019-03-13 05:15 - 2019-02-16 03:28 - 002585600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-03-13 05:15 - 2019-02-16 03:28 - 001668096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2019-03-13 05:15 - 2019-02-16 03:27 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2019-03-13 05:15 - 2019-02-16 03:27 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-03-13 05:15 - 2019-02-16 03:26 - 001459712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2019-03-13 05:15 - 2019-02-16 03:26 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2019-03-13 05:15 - 2019-02-16 03:25 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2019-03-13 05:14 - 2019-03-06 11:36 - 001047352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2019-03-13 05:14 - 2019-03-06 11:20 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-03-13 05:14 - 2019-03-06 11:19 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-03-13 05:14 - 2019-03-06 11:17 - 000810496 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2019-03-13 05:14 - 2019-03-06 11:17 - 000116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2019-03-13 05:14 - 2019-03-06 11:14 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-03-13 05:14 - 2019-03-06 11:14 - 000488448 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-03-13 05:14 - 2019-03-06 11:13 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-03-13 05:14 - 2019-03-06 11:12 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-03-13 05:14 - 2019-03-06 08:18 - 000918032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2019-03-13 05:14 - 2019-03-06 08:18 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-03-13 05:14 - 2019-03-06 08:10 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-03-13 05:14 - 2019-03-06 08:06 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-03-13 05:14 - 2019-03-06 08:05 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-03-13 05:14 - 2019-03-06 08:04 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-03-13 05:14 - 2019-03-06 07:59 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-03-13 05:14 - 2019-03-06 05:16 - 001457032 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-03-13 05:14 - 2019-03-06 05:16 - 000776792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-03-13 05:14 - 2019-03-06 05:16 - 000722744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2019-03-13 05:14 - 2019-03-06 05:16 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-03-13 05:14 - 2019-03-06 05:16 - 000527160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2019-03-13 05:14 - 2019-03-06 05:11 - 000493880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-03-13 05:14 - 2019-03-06 05:10 - 000248880 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2019-03-13 05:14 - 2019-03-06 05:07 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-03-13 05:14 - 2019-03-06 05:06 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-03-13 05:14 - 2019-03-06 05:06 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-03-13 05:14 - 2019-03-06 05:05 - 000439224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-03-13 05:14 - 2019-03-06 05:05 - 000436240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-03-13 05:14 - 2019-03-06 05:05 - 000159864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-03-13 05:14 - 2019-03-06 05:04 - 000945464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-03-13 05:14 - 2019-03-06 05:03 - 002719544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-03-13 05:14 - 2019-03-06 05:03 - 001921848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-03-13 05:14 - 2019-03-06 05:03 - 000793400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-03-13 05:14 - 2019-03-06 05:03 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-03-13 05:14 - 2019-03-06 05:03 - 000375608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2019-03-13 05:14 - 2019-03-06 05:02 - 001257672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-03-13 05:14 - 2019-03-06 05:02 - 001140480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-03-13 05:14 - 2019-03-06 05:02 - 000982912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-03-13 05:14 - 2019-03-06 05:02 - 000626488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2019-03-13 05:14 - 2019-03-06 04:33 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-03-13 05:14 - 2019-03-06 04:32 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-03-13 05:14 - 2019-03-06 04:32 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-03-13 05:14 - 2019-03-06 04:31 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-03-13 05:14 - 2019-03-06 04:31 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2019-03-13 05:14 - 2019-03-06 04:31 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-03-13 05:14 - 2019-03-06 04:31 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-03-13 05:14 - 2019-03-06 04:31 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-03-13 05:14 - 2019-03-06 04:31 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-03-13 05:14 - 2019-03-06 04:31 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-03-13 05:14 - 2019-03-06 04:29 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-03-13 05:14 - 2019-03-06 04:27 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-03-13 05:14 - 2019-03-06 04:27 - 000542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-03-13 05:14 - 2019-03-06 04:26 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-03-13 05:14 - 2019-03-06 04:26 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2019-03-13 05:14 - 2019-03-06 04:26 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys
2019-03-13 05:14 - 2019-03-06 04:25 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-03-13 05:14 - 2019-03-06 03:08 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-03-13 05:14 - 2019-03-06 02:17 - 000146712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-03-13 05:14 - 2019-03-06 02:15 - 000434488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-03-13 05:14 - 2019-03-06 02:14 - 000665224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-03-13 05:14 - 2019-03-06 02:14 - 000450872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpx.dll
2019-03-13 05:14 - 2019-03-06 02:14 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-03-13 05:14 - 2019-03-06 02:13 - 000607248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2019-03-13 05:14 - 2019-03-06 01:52 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-03-13 05:14 - 2019-03-06 01:52 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-03-13 05:14 - 2019-03-06 01:51 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-03-13 05:14 - 2019-03-06 01:51 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-03-13 05:14 - 2019-03-06 01:51 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-03-13 05:14 - 2019-03-06 01:50 - 001347584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2019-03-13 05:14 - 2019-03-06 01:50 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-03-13 05:14 - 2019-03-06 01:49 - 000318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-03-13 05:14 - 2019-03-06 01:49 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-03-13 05:14 - 2019-02-20 23:26 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-03-13 05:14 - 2019-02-16 09:02 - 000147464 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-03-13 05:14 - 2019-02-16 09:02 - 000071176 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-03-13 05:14 - 2019-02-16 08:57 - 000506088 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2019-03-13 05:14 - 2019-02-16 08:56 - 000549520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-03-13 05:14 - 2019-02-16 08:56 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-03-13 05:14 - 2019-02-16 08:36 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-03-13 05:14 - 2019-02-16 08:34 - 001725952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-03-13 05:14 - 2019-02-16 08:34 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2019-03-13 05:14 - 2019-02-16 08:31 - 001003520 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-03-13 05:14 - 2019-02-16 08:31 - 000861184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-03-13 05:14 - 2019-02-16 08:31 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-03-13 05:14 - 2019-02-16 08:30 - 002019840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-03-13 05:14 - 2019-02-16 08:30 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2019-03-13 05:14 - 2019-02-16 08:29 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2019-03-13 05:14 - 2019-02-16 08:29 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2019-03-13 05:14 - 2019-02-16 08:24 - 000444176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-03-13 05:14 - 2019-02-16 08:08 - 000373760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2019-03-13 05:14 - 2019-02-16 08:07 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2019-03-13 05:14 - 2019-02-16 08:07 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2019-03-13 05:14 - 2019-02-16 08:06 - 001530880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-03-13 05:14 - 2019-02-16 08:06 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-03-13 05:14 - 2019-02-16 08:06 - 000774656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-03-13 05:14 - 2019-02-16 08:06 - 000765952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2019-03-13 05:14 - 2019-02-16 08:04 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2019-03-13 05:14 - 2019-02-16 04:15 - 000035640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-03-13 05:14 - 2019-02-16 04:05 - 000087800 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2019-03-13 05:14 - 2019-02-16 04:04 - 000193032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-03-13 05:14 - 2019-02-16 04:03 - 000510288 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-03-13 05:14 - 2019-02-16 04:02 - 000705848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-03-13 05:14 - 2019-02-16 04:02 - 000432952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-03-13 05:14 - 2019-02-16 04:02 - 000413712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-03-13 05:14 - 2019-02-16 04:01 - 001285424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-03-13 05:14 - 2019-02-16 04:01 - 001098056 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-03-13 05:14 - 2019-02-16 04:01 - 001028920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-03-13 05:14 - 2019-02-16 04:01 - 000641984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2019-03-13 05:14 - 2019-02-16 04:01 - 000594024 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-03-13 05:14 - 2019-02-16 04:01 - 000527160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-03-13 05:14 - 2019-02-16 04:01 - 000480840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-03-13 05:14 - 2019-02-16 04:01 - 000335672 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2019-03-13 05:14 - 2019-02-16 04:01 - 000161664 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2019-03-13 05:14 - 2019-02-16 03:53 - 000443632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-03-13 05:14 - 2019-02-16 03:51 - 000170952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2019-03-13 05:14 - 2019-02-16 03:50 - 001805648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-03-13 05:14 - 2019-02-16 03:50 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-03-13 05:14 - 2019-02-16 03:50 - 000560384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-03-13 05:14 - 2019-02-16 03:50 - 000504072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2019-03-13 05:14 - 2019-02-16 03:34 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-03-13 05:14 - 2019-02-16 03:34 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-03-13 05:14 - 2019-02-16 03:33 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-03-13 05:14 - 2019-02-16 03:33 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2019-03-13 05:14 - 2019-02-16 03:33 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2019-03-13 05:14 - 2019-02-16 03:33 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-03-13 05:14 - 2019-02-16 03:32 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2019-03-13 05:14 - 2019-02-16 03:31 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2019-03-13 05:14 - 2019-02-16 03:31 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2019-03-13 05:14 - 2019-02-16 03:31 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2019-03-13 05:14 - 2019-02-16 03:30 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2019-03-13 05:14 - 2019-02-16 03:30 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2019-03-13 05:14 - 2019-02-16 03:30 - 001124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2019-03-13 05:14 - 2019-02-16 03:30 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2019-03-13 05:14 - 2019-02-16 03:30 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2019-03-13 05:14 - 2019-02-16 03:30 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2019-03-13 05:14 - 2019-02-16 03:30 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-03-13 05:14 - 2019-02-16 03:29 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2019-03-13 05:14 - 2019-02-16 03:28 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2019-03-13 05:14 - 2019-02-16 03:28 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2019-03-13 05:14 - 2019-02-16 03:28 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-03-13 05:14 - 2019-02-16 03:27 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2019-03-13 05:14 - 2019-02-16 03:26 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2019-03-13 05:14 - 2019-02-16 03:26 - 000935424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-03-13 05:14 - 2019-02-16 03:26 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-03-13 05:14 - 2019-02-16 03:25 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-03-12 14:48 - 2019-03-12 14:49 - 000030208 _____ C:\Users\WAYNE\Documents\Charity mileage 2019.xls
2019-02-24 12:04 - 2019-02-24 12:07 - 000000000 ___RD C:\Users\WAYNE\Documents\Erie insurance payments
2019-02-20 06:44 - 2019-03-18 13:00 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-02-20 06:44 - 2019-02-20 06:44 - 000001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-02-20 06:44 - 2019-02-20 06:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-02-20 06:44 - 2019-02-01 12:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-03-21 07:16 - 2018-04-11 19:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-21 07:11 - 2016-11-24 09:06 - 000000000 ____D C:\Users\WAYNE\AppData\LocalLow\Mozilla
2019-03-21 07:10 - 2018-05-20 16:58 - 000004154 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{94C9F3FB-3962-4941-B144-1BF6B90ED3D0}
2019-03-21 07:10 - 2018-05-20 16:16 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-03-20 22:06 - 2018-05-20 16:58 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-03-20 22:06 - 2017-03-03 14:11 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-03-20 22:06 - 2016-10-21 01:00 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-03-20 18:03 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-03-20 18:00 - 2018-10-26 17:16 - 000000350 _____ C:\WINDOWS\Tasks\HPCeeScheduleForWAYNE.job
2019-03-20 18:00 - 2018-05-20 16:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-03-20 18:00 - 2015-11-01 20:11 - 000000906 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2019-03-20 18:00 - 2015-11-01 20:11 - 000000902 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2019-03-20 17:59 - 2018-04-11 17:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-03-20 17:58 - 2017-12-22 09:01 - 000000000 ____D C:\Users\WAYNE\AppData\Local\Packages
2019-03-20 16:48 - 2018-01-15 10:35 - 000000000 ___RD C:\Users\WAYNE\Documents\Nursing Home gigs
2019-03-20 06:48 - 2018-04-11 19:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-03-19 22:08 - 2015-11-01 20:11 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-03-19 18:27 - 2018-10-26 17:16 - 000003242 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForWAYNE
2019-03-19 13:57 - 2018-07-10 17:32 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-19 13:57 - 2018-07-10 17:32 - 000003122 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-19 13:57 - 2018-05-20 16:58 - 000007588 _____ C:\WINDOWS\System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4}
2019-03-19 13:57 - 2018-05-20 16:58 - 000003420 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2019-03-19 13:57 - 2018-05-20 16:58 - 000003348 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1458724433
2019-03-19 13:57 - 2018-05-20 16:58 - 000003196 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2019-03-19 13:57 - 2018-05-20 16:58 - 000002860 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3431438650-1370896122-3677072999-1000
2019-03-19 13:57 - 2018-05-20 16:58 - 000002380 _____ C:\WINDOWS\System32\Tasks\PandaUSBVaccine
2019-03-19 13:57 - 2018-05-20 16:58 - 000002290 _____ C:\WINDOWS\System32\Tasks\{FC5269F4-123B-49B8-9E24-CA0B9F4B4AF0}
2019-03-19 13:57 - 2018-05-20 16:58 - 000002290 _____ C:\WINDOWS\System32\Tasks\{8C5E6A49-B6CB-41EE-8711-9EB2A2B82850}
2019-03-19 13:57 - 2018-05-20 16:58 - 000002284 _____ C:\WINDOWS\System32\Tasks\{E9A83544-B7AA-4216-87AA-1AA7A5F2C905}
2019-03-19 13:57 - 2018-05-20 16:58 - 000002284 _____ C:\WINDOWS\System32\Tasks\{9E5E5D76-BEA8-4241-A71B-A2DC4B79C73D}
2019-03-19 13:57 - 2018-05-20 16:58 - 000002280 _____ C:\WINDOWS\System32\Tasks\{12388B71-6B6D-4F1F-AB05-2E3B3F581A78}
2019-03-19 13:57 - 2018-05-20 16:58 - 000002274 _____ C:\WINDOWS\System32\Tasks\{3DB4B822-8F0A-4B6B-897B-25EEC36E6544}
2019-03-19 13:57 - 2018-05-20 16:58 - 000002266 _____ C:\WINDOWS\System32\Tasks\{08CE54A7-1A03-44FB-8194-D45D469175DF}
2019-03-19 13:57 - 2018-05-20 16:58 - 000002242 _____ C:\WINDOWS\System32\Tasks\{B3BFC816-702E-46B2-B817-F37852601A84}
2019-03-19 13:57 - 2018-05-20 16:58 - 000002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-03-19 13:57 - 2018-05-20 16:58 - 000002160 _____ C:\WINDOWS\System32\Tasks\SidebarExecute
2019-03-19 13:57 - 2018-05-20 16:58 - 000002146 _____ C:\WINDOWS\System32\Tasks\{DFF6108C-8171-4724-9F72-B13C97BB0FE3}
2019-03-19 13:57 - 2018-05-20 16:58 - 000002146 _____ C:\WINDOWS\System32\Tasks\{B75BA780-F5C2-489E-96D9-B441EA0F8F48}
2019-03-19 13:57 - 2018-05-20 16:58 - 000002146 _____ C:\WINDOWS\System32\Tasks\{7E68DA7F-2A76-4A84-BFB3-3B6DAA99BDF6}
2019-03-19 13:57 - 2018-05-20 16:58 - 000002108 _____ C:\WINDOWS\System32\Tasks\{3B88E11C-6EEE-4B9C-A1F4-ABB279A8096C}
2019-03-19 13:57 - 2018-05-20 16:58 - 000002104 _____ C:\WINDOWS\System32\Tasks\{94E71E9B-7B6C-401D-89CE-5E5DDAF5EAAE}
2019-03-19 13:57 - 2018-05-20 16:58 - 000002104 _____ C:\WINDOWS\System32\Tasks\{5FBB4B39-272E-4C4F-878B-627233C1A795}
2019-03-19 13:57 - 2018-05-20 16:58 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-03-19 13:54 - 2011-01-20 11:30 - 000000000 ____D C:\Users\WAYNE\AppData\Local\CrashDumps
2019-03-19 01:03 - 2018-05-20 16:58 - 000003990 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-03-19 01:03 - 2018-04-11 19:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-03-19 01:02 - 2019-02-13 06:27 - 000249152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-03-19 01:02 - 2019-01-14 09:54 - 000254408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-03-19 01:02 - 2019-01-07 09:53 - 000320904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-03-19 01:02 - 2019-01-07 09:53 - 000196304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-03-19 01:02 - 2019-01-07 09:53 - 000058168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-03-19 01:02 - 2019-01-07 09:53 - 000037320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-03-19 01:02 - 2018-10-10 05:55 - 000042496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-03-19 01:02 - 2018-05-20 11:09 - 001034640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-03-19 01:02 - 2018-05-20 11:09 - 000476256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-03-19 01:02 - 2018-05-20 11:09 - 000380160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-03-19 01:02 - 2018-05-20 11:09 - 000220632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-03-19 01:02 - 2018-05-20 11:09 - 000205608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-03-19 01:02 - 2018-05-20 11:09 - 000169104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-03-19 01:02 - 2018-05-20 11:09 - 000112520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-03-19 01:02 - 2018-05-20 11:09 - 000088152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-03-16 17:00 - 2018-07-09 13:48 - 000008582 _____ C:\Users\WAYNE\Documents\Magazine log.xlsx
2019-03-16 16:46 - 2013-04-30 08:38 - 000000000 ____D C:\Users\WAYNE\Documents\Rental
2019-03-15 22:48 - 2011-03-03 13:28 - 000000000 ____D C:\Users\WAYNE\AppData\Local\ElevatedDiagnostics
2019-03-15 12:38 - 2018-12-28 16:00 - 000157776 _____ C:\Users\WAYNE\Downloads\paper-bill.pdf
2019-03-14 19:37 - 2011-04-21 15:20 - 000000000 ____D C:\Users\WAYNE\Documents\VHS to DVD
2019-03-14 00:55 - 2018-05-20 16:22 - 000968464 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-03-14 00:55 - 2018-04-11 19:36 - 000000000 ____D C:\WINDOWS\INF
2019-03-14 00:50 - 2018-05-20 16:16 - 000439568 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-03-14 00:47 - 2018-05-01 09:33 - 000000000 ____D C:\Program Files\WinRAR
2019-03-14 00:47 - 2014-09-17 20:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-03-14 00:44 - 2018-04-11 19:38 - 000000000 ___SD C:\WINDOWS\system32\UNP
2019-03-14 00:44 - 2018-04-11 19:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-03-14 00:44 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-03-14 00:44 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-03-14 00:44 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-03-14 00:44 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-03-14 00:44 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-03-14 00:44 - 2018-04-11 19:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2019-03-13 05:22 - 2019-01-08 19:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-03-13 05:14 - 2013-07-11 07:20 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-03-13 05:06 - 2011-01-20 11:47 - 127411920 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-03-12 14:47 - 2018-11-05 11:15 - 000000000 ___RD C:\Users\WAYNE\Documents\Mood Swings
2019-03-10 17:16 - 2018-05-20 16:27 - 000002369 _____ C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-03-10 17:16 - 2016-06-08 18:08 - 000000000 ___RD C:\Users\WAYNE\OneDrive
2019-03-09 19:54 - 2018-02-02 18:46 - 000000000 ____D C:\Users\WAYNE\Documents\recipes
2019-03-08 14:43 - 2016-12-21 12:23 - 000018709 _____ C:\Users\WAYNE\Documents\Movies.xlsx
2019-03-06 17:42 - 2015-11-01 20:15 - 000000000 ___RD C:\Users\WAYNE\Dropbox
2019-03-06 14:43 - 2018-07-10 17:32 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-06 14:43 - 2018-07-10 17:32 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-03-03 12:54 - 2018-11-14 18:12 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-03-03 12:54 - 2018-11-14 18:12 - 000179608 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-01 11:50 - 2018-11-15 18:30 - 000000000 ____D C:\Program Files\rempl
2019-03-01 10:08 - 2017-04-16 20:43 - 000000000 ____D C:\Old stuff
2019-03-01 09:12 - 2018-05-01 09:34 - 000000000 ____D C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-03-01 09:12 - 2018-05-01 09:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-03-01 07:13 - 2015-08-15 23:34 - 000001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-02-25 23:21 - 2011-03-01 15:38 - 000000000 ____D C:\Users\WAYNE\Documents\TurboTax
2019-02-25 22:33 - 2016-04-27 17:56 - 000000000 ____D C:\Users\WAYNE\AppData\Roaming\VDownloader
2019-02-25 14:42 - 2016-04-27 17:55 - 000000000 ____D C:\Users\WAYNE\AppData\Local\VDownloader
2019-02-24 12:05 - 2012-03-13 09:38 - 000000000 ____D C:\Users\WAYNE\Documents\DOV
2019-02-20 22:20 - 2019-01-11 10:35 - 000000000 ____D C:\Users\WAYNE\Documents\Taxes 2018
2019-02-20 06:44 - 2011-02-01 18:40 - 000000000 ____D C:\ProgramData\Malwarebytes
==================== Files in the root of some directories =======
2010-06-10 15:59 - 2010-06-10 15:59 - 002020632 _____ (Microsoft Corporation) C:\Users\000\WindowsXP-KB969084-x86-enu.exe
2015-07-15 20:20 - 2015-07-17 14:25 - 000021368 _____ (Schneider Electric) C:\Users\WAYNE\en_res.dll
2015-07-15 20:20 - 2015-07-17 14:25 - 000021368 _____ (Schneider Electric) C:\Users\WAYNE\es_res.dll
2015-07-15 20:20 - 2015-07-17 14:25 - 000021880 _____ (Schneider Electric) C:\Users\WAYNE\fr_res.dll
2015-07-15 20:20 - 2015-07-17 14:25 - 000021880 _____ (Schneider Electric) C:\Users\WAYNE\grm_res.dll
2015-07-15 20:20 - 2015-07-17 14:25 - 000021368 _____ (Schneider Electric) C:\Users\WAYNE\it_res.dll
2015-07-15 20:20 - 2015-07-17 14:25 - 000020344 _____ (Schneider Electric) C:\Users\WAYNE\jp_res.dll
2015-07-15 20:20 - 2015-07-17 14:25 - 001079808 _____ (Microsoft Corporation) C:\Users\WAYNE\mfc80u.dll
2015-07-15 20:20 - 2015-07-17 14:25 - 000626688 _____ (Microsoft Corporation) C:\Users\WAYNE\msvcr80.dll
2015-07-15 20:20 - 2015-07-17 14:25 - 013923704 _____ (Schneider Electric) C:\Users\WAYNE\PCPE Setup.exe
2015-07-15 20:20 - 2015-07-17 14:25 - 000021368 _____ (Schneider Electric) C:\Users\WAYNE\pt_res.dll
2015-07-15 20:20 - 2015-07-17 14:25 - 000018808 _____ () C:\Users\WAYNE\ResourceReader.dll
2015-07-15 20:20 - 2015-07-17 14:25 - 000020856 _____ (Schneider Electric) C:\Users\WAYNE\ru_res.dll
2015-07-15 20:20 - 2015-07-17 14:25 - 000019832 _____ (Schneider Electric) C:\Users\WAYNE\zh_res.dll
2013-05-20 13:42 - 2014-06-22 13:57 - 000003729 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2016-05-06 17:29 - 2016-04-20 16:01 - 000444283 _____ () C:\Program Files\Common Files\WinPcapNmap.exe
2017-10-30 16:13 - 2017-10-30 16:13 - 000000171 _____ () C:\Users\WAYNE\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f
2017-10-30 16:13 - 2018-10-22 11:09 - 000000904 _____ () C:\Users\WAYNE\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf
2017-10-30 16:13 - 2017-10-30 16:13 - 000000175 _____ () C:\Users\WAYNE\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388
2011-04-05 20:39 - 2011-04-05 20:39 - 000007859 _____ () C:\Users\WAYNE\AppData\Roaming\pcouffin.cat
2011-04-05 20:39 - 2011-04-05 20:39 - 000001167 _____ () C:\Users\WAYNE\AppData\Roaming\pcouffin.inf
2011-04-05 20:40 - 2011-04-05 20:40 - 000000034 _____ () C:\Users\WAYNE\AppData\Roaming\pcouffin.log
2011-04-05 20:39 - 2011-04-05 20:39 - 000082816 _____ (VSO Software) C:\Users\WAYNE\AppData\Roaming\pcouffin.sys
2016-10-05 16:59 - 2016-10-05 16:59 - 000003584 _____ () C:\Users\WAYNE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-05-20 16:27 - 2005-05-30 22:03 - 000000136 _____ () C:\Users\WAYNE\AppData\Local\fusioncache.dat
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-05-20 16:16
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by WAYNE (21-03-2019 07:22:36)
Running from C:\Users\WAYNE\Desktop
Windows 10 Home Version 1803 17134.648 (X64) (2018-05-20 20:58:53)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3431438650-1370896122-3677072999-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3431438650-1370896122-3677072999-1007 - Limited - Enabled)
DefaultAccount (S-1-5-21-3431438650-1370896122-3677072999-503 - Limited - Disabled)
Guest (S-1-5-21-3431438650-1370896122-3677072999-501 - Limited - Disabled)
HP_Administrator (S-1-5-21-3431438650-1370896122-3677072999-1001 - Limited - Enabled) => C:\Users\HP_Administrator
WAYNE (S-1-5-21-3431438650-1370896122-3677072999-1000 - Administrator - Enabled) => C:\Users\WAYNE
WDAGUtilityAccount (S-1-5-21-3431438650-1370896122-3677072999-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{0F347A49-E36C-4639-8D2E-003AD408B8B2}) (Version: 1.5 - Eyeo GmbH)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.89 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.3 - Adobe Systems Incorporated)
Amazing Slow Downer (remove only) (HKLM-x32\...\Amazing Slow Downer) (Version: - )
Amazon Cloud Player (HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\Amazon Amazon Cloud Player) (Version: 2.3.0.422 - Amazon Services LLC)
Amazon MP3 Downloader 1.0.17 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Any Video Converter 5.9.2 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Any Video Converter Ultimate 5.9.1 (HKLM-x32\...\Any Video Converter Ultimate_is1) (Version: - Any-Video-Converter.com)
AOL Uninstaller (Choose which Products to Remove) (HKLM-x32\...\AOL Uninstaller) (Version: - AOL Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ATI Problem Report Wizard (HKLM\...\{5F146AD2-9F9B-5284-CD9D-40C881E3ACEC}) (Version: 3.0.821.0 - ATI Technologies) Hidden
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version: - Audacity Team)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.3.2369 - AVAST Software)
Bing Bar (HKLM-x32\...\{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}) (Version: 7.0.609.0 - Microsoft Corporation)
Bing Rewards Client Installer (HKLM-x32\...\{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}) (Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite MFC-7360N (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
Canon Utilities Digital Photo Professional 4 (HKLM-x32\...\Digital Photo Professional 4 (x64)) (Version: 4.4.30.2 - Canon Inc.)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.4.20.0 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 0.9.0.1 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.20.0 - Canon Inc.)
Canon Utilities EOS Utility 3 (HKLM-x32\...\EOS Utility 3) (Version: 3.2.10.0 - Canon Inc.)
Canon Utilities EOS Web Service Registration Tool (HKLM-x32\...\EOS Web Service Registration Tool) (Version: 1.2.10.0 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.15.10.0 - Canon Inc.)
Carbonite (HKLM-x32\...\{ADD4D4D2-4489-43A7-A141-7EDF2C5FB68E}) (Version: 6.3.3 build 7602 (Feb-02-2018) - Carbonite)
CCleaner (HKLM\...\CCleaner) (Version: 5.55 - Piriform)
CD Wave Editor 1.98 (HKLM-x32\...\CD Wave Editor_is1) (Version: 1.9.8.1 - MiLo Software)
Citrix Online Launcher (HKLM-x32\...\{DB014C85-A264-4BCA-A66F-6DD1FCF8EC36}) (Version: 1.0.335 - Citrix)
cloudLibrary 2.0 (HKLM-x32\...\cloudLibrary) (Version: 2.0 - Bibliotheca)
CryptoPrevent (HKLM-x32\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version: - Foolish IT LLC)
CyberLink DVD Suite Premium (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2823 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 69.4.102 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.1.4030 - Hewlett-Packard) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.1.4030 - Hewlett-Packard)
DVDFab (x64) 10.2.1.7 (10/10/2018) (HKLM-x32\...\DVDFab 10(x64)) (Version: 10.2.1.7 - DVDFab Software Inc.)
DVDFab 10.0.7.8 (16/01/2018) (HKLM-x32\...\DVDFab 10) (Version: 10.0.7.8 - Fengtao Software Inc.)
DVDFab 6.2.1.8 (31/12/2009) (HKLM-x32\...\DVDFab 6_is1) (Version: - Fengtao Software Inc.)
DVDFab 8.0.8.5 (19/03/2011) (HKLM-x32\...\DVDFab 8_is1) (Version: - Fengtao Software Inc.)
DVDFab 8.2.2.7 (06/02/2013) Qt (HKLM-x32\...\DVDFab 8 Qt_is1) (Version: - Fengtao Software Inc.)
DVDFab 9.3.0.7 (13/07/2016) (HKLM-x32\...\DVDFab 9_is1) (Version: - Fengtao Software Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
FFmpeg (Windows) for Audacity version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version: - )
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.4.1.16828 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.121 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
honestech VHS to DVD 5.0 Deluxe (HKLM-x32\...\{44FF002B-5AB3-4447-8F98-614387B63EE6}) (Version: 5.0 - honestech)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.12850.3526 - Hewlett-Packard)
HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.1.4229 - Hewlett-Packard)
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.1.4301 - Hewlett-Packard)
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.1.4211 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{5B08AF35-B699-4A44-BB89-3E51E70611E8}) (Version: 3.1.1.12 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.1.4214 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{BDDA1E1E-204E-4368-B0C2-737F16B76307}) (Version: 1.0.3.0 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.7.50.3 - HP)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{5F084DD8-AF2C-4004-9C92-820C32E4BD55}) (Version: 12.10.49.21 - HP)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.2.27173 - Hewlett-Packard)
iTunes (HKLM\...\{D9D08A8F-5A03-486A-AD4D-3A438D521F8B}) (Version: 12.9.3.3 - Apple Inc.)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2823 - CyberLink Corp.) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2823 - CyberLink Corp.)
Leawo iTransfer version 1.9.1.0 (HKLM-x32\...\{93337CC5-9BC4-4FB0-B82E-38EC63E149F3}_is1) (Version: 1.9.1.0 - Leawo Software)
LightScribe System Software (HKLM-x32\...\{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}) (Version: 1.18.15.1 - LightScribe)
LP Recorder (HKLM-x32\...\{375DBB30-93A7-11DF-6DF1-00CE5F8B1649}) (Version: 10.1.1.0 - CFB Software)
LP Ripper (HKLM-x32\...\LP Ripper) (Version: - )
Malwarebytes version 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft Camera Codec Pack (HKLM\...\{D553E8CC-5C56-4B06-AC1A-A443DFF31092}) (Version: 6.3.9723.0 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.5101.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\OneDriveSetup.exe) (Version: 19.012.0121.0011 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.1.4030 - Hewlett-Packard) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.1.4030 - Hewlett-Packard)
Mozilla Firefox 65.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 65.0.2 (x64 en-US)) (Version: 65.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5101.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5101.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.5101.1002 - Microsoft Corporation) Hidden
Panda ActiveScan 2.0 (HKLM-x32\...\ActiveScan 2.0) (Version: 01.04.01.0000 - Panda Security)
Panda USB Vaccine 1.0.1.4 (HKLM-x32\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version: - Panda Security)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 3.5.111 - PDF Complete, Inc)
PhotoNow! (HKLM-x32\...\{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.28 - Hewlett-Packard Company)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4022 - CyberLink Corp.) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4022 - CyberLink Corp.)
PowerChute Personal Edition 3.0.2 (HKLM-x32\...\{8ED262EE-FC73-47A9-BB86-D92223246881}) (Version: 3.0.2 - Schneider Electric)
PowerDirector (HKLM-x32\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2906 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2906 - CyberLink Corp.)
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-13231864975D}) (Version: 5.10.621.0 - NewspaperDirect Inc.)
PrivaZer (HKLM-x32\...\PrivaZer) (Version: 2.39.2.0 - Goversoft LLC)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
REAPER (x64) (HKLM\...\REAPER) (Version: - )
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.2926 - CyberLink Corp.) Hidden
Roxio Creator Copy (HKLM-x32\...\{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}) (Version: 3.3.0 - Roxio)
Roxio Creator DE (HKLM-x32\...\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) (Version: 3.3.0 - Roxio)
SafeZone Stable 1.48.2066.101 (HKLM-x32\...\SafeZone 1.48.2066.101) (Version: 1.48.2066.101 - Avast Software) Hidden
Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version: - ) Hidden
SeaTools for Windows 1.4.0.2 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.2 - Seagate Technology)
Sonic Activation Module (HKLM-x32\...\{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}) (Version: 1.0 - Sonic Solutions) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
Spectro (HKLM-x32\...\{1F8D186D-8C5C-4589-BC28-1A8964CA74A6}) (Version: 1.0.93 - )
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Trader's Little Helper 2.7.0 (HKLM-x32\...\TradersLittleHelper_is1) (Version: 2.7.0 - Robert Hoffmann)
TreeSize Free V3.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.2 - JAM Software)
TurboTax 2010 (HKLM-x32\...\TurboTax 2010) (Version: - Intuit, Inc)
TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
TurboTax 2014 (HKLM-x32\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc)
TurboTax 2015 (HKLM-x32\...\TurboTax 2015) (Version: 2015.0 - Intuit, Inc)
TurboTax 2016 (HKLM-x32\...\TurboTax 2016) (Version: 2016.0 - Intuit, Inc)
TurboTax 2017 (HKLM-x32\...\TurboTax 2017) (Version: 2017.0 - Intuit, Inc)
TurboTax 2018 (HKLM-x32\...\TurboTax 2018) (Version: 2018.0 - Intuit, Inc)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1FD817A6-63E1-4519-BFD4-228DABB7AB6B}) (Version: 2.55.0.0 - Microsoft Corporation)
USB2.0 VIDBOX NW03 (HKLM-x32\...\{2758691A-2CDE-4942-A4AC-0E8F61FE2067}) (Version: 3.0.2 - honestech)
vanBasco's Karaoke Player (HKLM-x32\...\VMidi) (Version: - )
VDownloader 4.5.2973 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version: - Vitzo Limited)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WD Backup (HKLM-x32\...\{463d4278-a46b-4f4b-bfad-81d1c2f2fe2e}) (Version: 1.9.6485.41936 - Western Digital Technologies, Inc.)
WD Backup (HKLM-x32\...\{8295047E-9D07-487F-A836-7F9B96EDF713}) (Version: 1.9.6485.41936 - Western Digital Technologies, Inc) Hidden
WD Discovery (HKLM-x32\...\WDDiscovery) (Version: 1.3.482 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{27c7215d-df19-4095-8f6a-eba55cab35be}) (Version: 2.0.0.25 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{F413FB4C-7CFF-4737-BCC3-5EE43BFB3721}) (Version: 2.0.0.25 - Western Digital Technologies, Inc.) Hidden
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17305 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
WMA 9 Lossless to PCM Conversion Tool (HKLM-x32\...\wmal2pcm) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\WAYNE\Dropbox [2015-11-01 20:15]
ShellIconOverlayIdentifiers: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers: [Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers: [Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite -> Carbonite, Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Carbonite] -> {FE8BD682-9A64-4740-A92B-EE7E5F7FA0A5} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite -> Carbonite, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2018-12-25] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Carbonite] -> {FE8BD682-9A64-4740-A92B-EE7E5F7FA0A5} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite -> Carbonite, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [Carbonite] -> {FE8BD682-9A64-4740-A92B-EE7E5F7FA0A5} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite -> Carbonite, Inc.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2018-12-25] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0338F2EF-7465-4725-A175-43B4977D7D86} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {0533A4A2-4F7C-47DE-9523-F3D13DF0B42D} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {078C3A6D-22C7-4359-9ED7-DF2B6938B8AC} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {07BB0287-1679-47AD-A76A-727367FAA209} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0AF461FA-F158-4939-BBF3-D2F52A9DCC7A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {1165EAD8-0CB8-4124-A8DD-BEFF56871B44} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1ED38ACE-7320-463D-B7D4-BA97BC94FBD2} - System32\Tasks\{3DB4B822-8F0A-4B6B-897B-25EEC36E6544} => C:\Windows\system32\pcalua.exe -a C:\Users\WAYNE\Downloads\vkaraoke.exe -d C:\Users\WAYNE\Downloads
Task: {2304A790-FD41-4268-B819-C8B2BC1CE9C9} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {254BE556-D363-41CB-8F82-4884D42AC72C} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {27960216-22B7-4BAC-856B-52003E27175B} - System32\Tasks\{9E5E5D76-BEA8-4241-A71B-A2DC4B79C73D} => C:\Windows\system32\pcalua.exe -a C:\Users\WAYNE\Downloads\PCPEInstaller.exe -d C:\Users\WAYNE\Downloads
Task: {2A8087DF-B25B-4087-A8FA-F3F0388F935D} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {30DB397F-B796-42B2-8727-29B553908183} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe (HP Inc. -> HP Inc.)
Task: {37B96978-7AAA-4A05-92FB-12AF041C1DA7} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.)
Task: {3C7172BA-E154-4210-81CB-80B0F1CEABBE} - System32\Tasks\{12388B71-6B6D-4F1F-AB05-2E3B3F581A78} => C:\Windows\system32\pcalua.exe -a C:\Users\WAYNE\Downloads\jxpiinstall.exe -d C:\Users\WAYNE\Downloads
Task: {488AB9A1-BDF4-48B7-A57F-45554D80C35E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4BD73C14-3D06-49C2-8CB0-6C48A48D3133} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe (HP Inc. -> HP Inc.)
Task: {505680B8-43B0-4AC1-847F-6AAED3918D48} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {505F3B25-D4D6-449A-8E1C-D590C14B3389} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {51A009C1-762F-4AF8-932B-2EB52FE61FFA} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {550479C4-DFA9-41A2-94AB-EA4905FB0BA5} - System32\Tasks\{FC5269F4-123B-49B8-9E24-CA0B9F4B4AF0} => C:\Windows\system32\pcalua.exe -a C:\Users\WAYNE\Downloads\PCPEInstaller(2).exe -d C:\Users\WAYNE\Downloads
Task: {583357E9-E9C2-427D-B29F-6D09DFAFE7B0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe (HP Inc. -> HP Inc.)
Task: {59614545-E0CE-4060-BF34-FAEF6D4A3CC1} - System32\Tasks\HPCeeScheduleForWAYNE => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe (Hewlett-Packard Company -> Hewlett-Packard)
Task: {5BA0AEE3-4D4E-47EC-B2C5-77F7470F291C} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe (HP Inc. -> )
Task: {5BB13A09-50D5-4B37-AB94-3DBB5BB4D7DD} - System32\Tasks\{E9A83544-B7AA-4216-87AA-1AA7A5F2C905} => C:\Windows\system32\pcalua.exe -a C:\Users\WAYNE\Desktop\Flash_Disinfector.exe -d C:\Users\WAYNE\Desktop
Task: {5D79C65C-A7C9-425D-B846-592825B695A7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe (HP Inc. -> HP Inc.)
Task: {63D1F6AB-F870-41DA-9B3B-3F3894CA9541} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {65B68D0B-7AB0-4A3B-85DF-CA55EC7E8996} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6724A5B4-790C-4CA0-B06A-65E303E20F9F} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.)
Task: {675314EA-5203-4440-AC82-3BEFFBA103BA} - System32\Tasks\{8C5E6A49-B6CB-41EE-8711-9EB2A2B82850} => C:\Windows\system32\pcalua.exe -a C:\Users\WAYNE\Downloads\PCPEInstaller(1).exe -d C:\Users\WAYNE\Downloads
Task: {6E347F82-1490-4534-80A0-0873BFD020D1} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {72BF3A2D-806A-406C-B41D-5255FC320731} - System32\Tasks\{B3BFC816-702E-46B2-B817-F37852601A84} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\SUPERAntiSpyware\Uninstall.exe"
Task: {737D388B-8F48-4B1B-87DB-2CC1255EA968} - System32\Tasks\{B75BA780-F5C2-489E-96D9-B441EA0F8F48} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite -> Carbonite, Inc.)
Task: {742C998D-9267-4B64-BB56-9C85614E5EC7} - System32\Tasks\{3B88E11C-6EEE-4B9C-A1F4-ABB279A8096C} => C:\Program Files (x86)\SpywareGuard\sgmain.exe
Task: {775A1906-2FBC-4EC0-AEF8-816F7DDCC341} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {7EF50BAF-56E8-4C78-8C19-005D059A7856} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {81821ACE-5831-4B79-8C1C-F8757FC95A30} - System32\Tasks\{7E68DA7F-2A76-4A84-BFB3-3B6DAA99BDF6} => C:\Users\WAYNE\Downloads\AdobeFlashPlayer_11.5.502.110_ax_SPS.exe
Task: {833D569A-16DD-4867-8647-DD66385697C6} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {885633FA-5515-4091-85B0-3582CAC2B7B7} - System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} => Powershell -noexit -command "&{$carbProgramDataPath = $env:ProgramData + '\Carbonite\Carbonite Backup\';$upgradeExe = 'CarboniteUpgrade.exe';$upgradeFullPath = $carbProgramDataPath + $upgradeExe;$logFile = 'CarboniteUpgrade.log';$logFileFullPath = $carbProgramDataPath + $logFile;$psversion = [string]$psversio (the data entry has 1818 more characters).
Task: {8B16E2C5-FF87-41D9-9310-00FC75F06ABA} - System32\Tasks\{5FBB4B39-272E-4C4F-878B-627233C1A795} => C:\Users\WAYNE\Desktop\Flash_Disinfector.exe
Task: {8FD00272-B3E9-44A5-98B8-398AB52070EA} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {93FB09C5-05A9-443A-BEC6-8B37392F3DA8} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {94B6FEB0-74E5-44E6-AD5D-DC204840329B} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {96C51570-8E87-4313-AD2F-98C8E36472AA} - System32\Tasks\{08CE54A7-1A03-44FB-8194-D45D469175DF} => C:\Windows\system32\pcalua.exe -a C:\Users\WAYNE\Desktop\vkaraoke.exe -d C:\Users\WAYNE\Desktop
Task: {9798FFA0-B30B-4F54-9F4F-DAE78CAB645C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {991B00C0-3018-4EEA-9C23-75B855265849} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe (HP Inc. -> HP Inc.)
Task: {9995EF72-A48A-4938-A1FE-F1A0E656C81A} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe (Panda Security S.L -> )
Task: {9A617CA1-D496-49CF-8C59-6C4746907AC3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe (HP Inc. -> HP Inc.)
Task: {9BFA510A-4F7C-448E-B150-405D3CDB479A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe (HP Inc. -> HP Inc.)
Task: {9E67EE41-AB70-4A98-92E3-731CE177AB97} - System32\Tasks\{94E71E9B-7B6C-401D-89CE-5E5DDAF5EAAE} => C:\Users\WAYNE\Desktop\Flash_Disinfector.exe
Task: {A2C5A2DE-B8C0-464C-B169-1EF68DD1DF9F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {A9338631-20EC-439B-8623-F5F326E01913} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {AE5611E8-2D15-49EE-AEED-7254AAD364A7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {B0265E98-59AA-41EF-83C7-AE63298A77EC} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B744CC91-97BC-47BB-A979-87C7EE041056} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {B84E7BD6-D1FD-47EF-A058-9398330ADC3F} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B9E9D6D1-DDE3-4A66-95C0-A19DBB8F027D} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BB7E4936-8FFC-4A58-8994-E027535C3860} - System32\Tasks\{DFF6108C-8171-4724-9F72-B13C97BB0FE3} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite -> Carbonite, Inc.)
Task: {D0490B63-5A1B-458A-BA6B-FB022C43BE90} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D46E9067-DA16-40D8-A810-97882FDF4104} - System32\Tasks\SafeZone scheduled Autoupdate 1458724433 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {E79AAF22-AF20-4B32-8962-0E54544F1D99} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EF08346A-5F0C-4347-BB96-EFD306F20F5F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {F03E7B64-4EFC-45B2-86DF-A23B0DD66085} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F11E32A3-1148-4F98-91AD-F2EDA3050A4F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F1386389-E976-47BE-AE1A-FA75AD112B86} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F72AEC6B-2A89-4722-ACC1-70B9EC53C528} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe (Apple Inc. -> Apple Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForWAYNE.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 10 (x64)\DVDFab (x64) Online.lnk -> hxxp://www.dvdfab.cn/?s=dvdfab10&p=x64&v=10.2.1.
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 10\DVDFab Online.lnk -> hxxp://www.dvdfab.cn/?s=dvdfab10&v=10.0.7.
==================== Loaded Modules (Whitelisted) ==============
2010-05-19 14:44 - 2010-05-19 14:44 - 000073728 _____ (Hewlett-Packard Company) [File not signed] c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
2010-05-19 14:44 - 2010-05-19 14:44 - 000110592 _____ (Hewlett-Packard Company) [File not signed] c:\Program Files (x86)\Common Files\LightScribe\LSSProxy.dll
2010-05-19 14:44 - 2010-05-19 14:44 - 000033792 _____ (Hewlett-Packard Company) [File not signed] c:\Program Files (x86)\Common Files\LightScribe\LSLog.dll
2012-01-24 16:03 - 2012-01-24 16:03 - 001921024 _____ (Schneider Electric) [File not signed] C:\Program Files (x86)\APC\PowerChute Personal Edition\res.dll
2018-10-07 21:13 - 2019-03-18 13:00 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2018-10-07 21:13 - 2019-03-18 13:00 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2018-10-07 21:13 - 2019-03-18 13:00 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2018-10-07 21:13 - 2019-03-18 13:00 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2018-10-07 21:13 - 2019-03-18 13:00 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2018-10-07 21:13 - 2019-03-18 13:00 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2018-10-07 21:13 - 2019-03-18 13:00 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-02-20 06:44 - 2019-03-18 13:00 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-02-20 06:44 - 2019-03-18 13:00 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-03-18 13:00 - 2019-03-18 13:00 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-03-18 13:00 - 2019-03-18 13:00 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2018-10-07 21:13 - 2019-03-18 13:00 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-03-18 13:00 - 2019-03-18 13:00 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-03-18 13:00 - 2019-03-18 13:00 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-03-18 13:00 - 2019-03-18 13:00 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-03-18 13:00 - 2019-03-18 13:00 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-03-18 13:00 - 2019-03-18 13:00 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-03-18 13:00 - 2019-03-18 13:00 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-03-18 13:00 - 2019-03-18 13:00 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2018-05-20 16:31 - 2018-05-20 16:31 - 000270336 _____ (The Apache Software Foundation) [File not signed] C:\WINDOWS\assembly\GAC_MSIL\log4net\1.2.10.0__1b44e1d426115821\log4net.dll
2018-05-20 16:31 - 2018-05-20 16:31 - 000854016 _____ () [File not signed] C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll
2019-03-16 06:49 - 2019-03-16 06:49 - 000681984 _____ (Intuit Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Intuit.Spc.e37652b5#\9cbca0ea976edaa79d381e85d2d76131\Intuit.Spc.Map.Reporter.ni.dll
2019-03-16 06:48 - 2019-03-16 06:48 - 000159232 _____ (Intuit Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Intuit.Spc.820cb8f8#\54192cf0fcc1ddab0c3d83c32f501dda\Intuit.Spc.Esd.Client.Common.ni.dll
2019-03-16 06:48 - 2019-03-16 06:48 - 001108480 _____ (Intuit Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Intuit.Spc.Esd.Core\a85c855d081109a07cd6f431684f8151\Intuit.Spc.Esd.Core.ni.dll
2019-03-16 06:48 - 2019-03-16 06:48 - 001093120 _____ (Intuit Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Intuit.Spc.8e5e058c#\5cbce81fd87cdb8ac58df0888dc75166\Intuit.Spc.Esd.WinClient.Api.Net.ni.dll
2019-03-16 06:49 - 2019-03-16 06:49 - 000218112 _____ (Intuit Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Intuit.Spc.618c5f21#\e31178fd30215477d96cc14e0536d469\Intuit.Spc.Esd.Client.DataAccess.ni.dll
2019-03-16 06:49 - 2019-03-16 06:49 - 000437760 _____ (Intuit Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Intuit.Spc.09f690bd#\96482a690370ed5a065b63d4d36936c0\Intuit.Spc.Esd.Client.BusinessLogic.ni.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKLM\...\.scr: CryptoPreventSCR => "C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.CryptoPreventEXEC" "%1" /S %*
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\100sexlinks.com -> 100sexlinks.com
There are 5317 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:34 - 2019-01-04 04:48 - 000000109 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snapfish PictureMover.lnk => C:\Windows\pss\Snapfish PictureMover.lnk.CommonStartup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: ControlCenter4 => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpsysdrv => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
MSCONFIG\startupreg: IndexSearch => "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: PDF5 Registry Controller => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
MSCONFIG\startupreg: PDFHook => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
MSCONFIG\startupreg: PPort12reminder => "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
HKLM\...\StartupApproved\StartupFolder: => "APC UPS Status.lnk"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "VDownloader"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "VDownloader"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "Carbonite Backup"
HKLM\...\StartupApproved\Run32: => "Microsoft Default Manager"
HKLM\...\StartupApproved\Run32: => "Display"
HKLM\...\StartupApproved\Run32: => "HostManager"
HKLM\...\StartupApproved\Run32: => "WDDiscovery"
HKLM\...\StartupApproved\Run32: => "DriveUtilitiesHelper"
HKLM\...\StartupApproved\Run32: => "WDAppManager"
HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\StartupApproved\Run: => "VDownloader"
HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\StartupApproved\Run: => "AOL Fast Start"
HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{9B8BC006-D232-4243-A802-D777E2394F52}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{CC6CBC5C-6E6A-41FF-9221-F5DE593AE284}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0BB612AE-C6EA-43D2-9972-A8075D7882F7}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{88ECE08A-C9D8-40A4-8848-526DCA75A919}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0B3C8FE2-6BC6-4559-B4C9-6C48AC889B34}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{513CDA7D-4471-47B2-91C9-EBB159306A85}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{896E11AB-D6C5-4476-9C26-0FCADA9E4357}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{453D4BC5-EDD6-4EA2-8A67-1DAFA2AD43D8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0D8510A3-D231-44D7-B123-AF7F7D4D1433}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{121FEF0C-34F0-4631-8670-BE99915DD229}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D576B179-3A1C-43CE-93C5-00B41B8E9843}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{560C430D-0D9B-4BAB-9F44-AE808FAE6A6C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B16158EA-CFCF-463A-ACEC-4A7E082995B2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{962B06F3-87C3-4787-9061-674ED3A0EB4E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BF8B1AD8-AE80-44AC-BD16-C2A136A43A17}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D63FE239-F915-4AA9-B2F2-0F8DD3039D76}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe (HP Inc. -> HP Inc.)
FirewallRules: [{0386B9E5-7085-4EEA-B4BC-DB3BA49C6D15}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{075AFA60-1457-42BD-9E5D-DAB184E573C6}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{97363095-2633-423D-8947-AA1CF612207E}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{15CB24E3-01C5-45AE-A0B5-86108859B8ED}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{3A00BBDD-B091-47C3-9B3D-452D7780CA41}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{BBDC9B63-4BA7-44C9-9BF4-2883A39BD742}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdater.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{0869C632-DF9D-4C8B-BDED-D88AF67B8378}] => (Allow) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite -> Carbonite, Inc. (www.carbonite.com))
FirewallRules: [{70C0580B-EBA2-4B35-8DC8-0D5DA8DD9B70}] => (Allow) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite -> Carbonite, Inc. (www.carbonite.com))
FirewallRules: [{77DC15B9-AB02-4A94-9549-95F54946859A}] => (Allow) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite -> Carbonite, Inc. (www.carbonite.com))
FirewallRules: [{73308006-0A55-4313-B1A9-39094A5DC029}] => (Allow) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite -> Carbonite, Inc. (www.carbonite.com))
FirewallRules: [{C22006C3-D83C-4CE2-AAFD-02449499C8F0}] => (Allow) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite -> Carbonite, Inc.)
FirewallRules: [{68B43291-7D97-4EBF-B4F9-A762C00D37F8}] => (Allow) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite -> Carbonite, Inc.)
FirewallRules: [{D1574A07-9E09-4944-8DE0-DB54A01545CF}] => (Allow) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite -> Carbonite, Inc.)
FirewallRules: [{6D360B3C-04FA-47D0-A750-59718E04C8D7}] => (Allow) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite -> Carbonite, Inc.)
FirewallRules: [{15AD9551-76A1-40F2-BEF4-80F1A5398027}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7C4F56A3-4AA8-475F-BD46-E05B2FD0CAE2}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7F10951C-ED22-4BAE-BFF3-25A1C2831814}] => (Allow) svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{72BD1BDC-DA9E-4157-BD2D-8608190FD0C6}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F400B9B3-2F3E-4462-B5EC-FB44A14053BA}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\HPTouchSmartMusic.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{7FCB2DEC-6E0D-4B3D-A3DD-9B42D3518917}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Video\HPMediaSmartVideo.exe (CyberLink -> CyberLink Corp.) [File not signed]
FirewallRules: [{67F7F85E-CC62-4C95-8D74-1D1AA6C9051E}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Photo\HPMediaSmartPhoto.exe (CyberLink -> CyberLink Corp.) [File not signed]
FirewallRules: [{77830A32-BAC9-4339-8335-778B2BEC9AB1}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{B01C7204-5A4C-4C9C-8465-682631F1000F}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\CinemaNow\CinemaNow.exe (Sonic Solutions -> Sonic Solutions)
FirewallRules: [{E4C10304-B167-49A7-B8F9-EF0AEB8348AB}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\CinemaNow\CinemaNow.exe (Sonic Solutions -> Sonic Solutions)
FirewallRules: [{CB294ACD-D0CF-4C64-9517-EAA1E8C82191}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [{6E647CCE-B87F-492A-8107-0622548B8170}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLDial.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{4EE21B06-2683-4D62-946D-48D443A71DEC}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLDial.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{36F1DA0D-74E8-4D25-8C08-BE88443F9225}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{FA58FDC9-032F-42D4-A616-184E20003A5A}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{09E90098-E3D3-4328-B768-EC505268D371}] => (Allow) C:\Program Files (x86)\Common Files\AOL\1509049480\ee\aolsoftware.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{34405486-63C2-4BB5-A974-CD0BBF642A54}] => (Allow) C:\Program Files (x86)\Common Files\AOL\1509049480\ee\aolsoftware.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{D563DCC2-47E2-4D3D-9AC1-332D4BE72560}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.8.2\waol.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{2925CB27-5E91-4220-95EE-5D139B65C519}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.8.2\waol.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{6C5F01AA-E571-42F8-AD56-49ACFC9EC743}] => (Allow) C:\Program Files (x86)\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{88EB079B-A303-42F4-BFD9-57F690A618C2}] => (Allow) C:\Program Files (x86)\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{3C9695CF-7F82-46FD-BD26-3E5171BC3B3E}] => (Allow) C:\Program Files (x86)\Common Files\AOL\Loader\aolload.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{5302D749-5134-46AF-AE19-363A54DAF3B4}] => (Allow) C:\Program Files (x86)\Common Files\AOL\Loader\aolload.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{E1495E01-697A-4628-AB94-55B780115EB7}] => (Allow) C:\Program Files (x86)\Common Files\AOL\System Information\sinf.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{81845C2C-9C4E-47FA-A95F-555802947F49}] => (Allow) C:\Program Files (x86)\Common Files\AOL\System Information\sinf.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [TCP Query User{D877CF41-EB1E-45EF-B173-97870F5C4B36}C:\program files (x86)\dvdfab 10\dvdfab.exe] => (Block) C:\program files (x86)\dvdfab 10\dvdfab.exe (Fengtao Software Inc. -> FengTao Software Inc.)
FirewallRules: [UDP Query User{0F2E1CC4-034B-4E65-8531-35BBCC6A47E4}C:\program files (x86)\dvdfab 10\dvdfab.exe] => (Block) C:\program files (x86)\dvdfab 10\dvdfab.exe (Fengtao Software Inc. -> FengTao Software Inc.)
FirewallRules: [{CFE68B1D-ABFE-4E33-AEF3-71E96C97217E}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{D4AA74E0-0543-4136-90BD-FDB0DD8F4398}C:\program files\dvdfab 10\dvdfab64.exe] => (Block) C:\program files\dvdfab 10\dvdfab64.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [UDP Query User{7E2D614B-C86B-487E-BE3B-5B928C8E3CBF}C:\program files\dvdfab 10\dvdfab64.exe] => (Block) C:\program files\dvdfab 10\dvdfab64.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [{9AEE6F75-2C42-46F5-9905-8EB5CE626D92}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{57390CF6-2B3F-4879-AAA2-8CE703CC83C3}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{7046C1F8-6E09-419A-AEBC-6023CAB33ACB}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{64C78D7F-B3AB-46D6-AF26-CD1F01EDE331}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{4465A9F6-3451-4772-B1F0-F6867AD60AA5}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{AC47137F-8634-4CCC-AE78-85E1769F82BA}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{E22F4423-B618-4794-9F4A-931408230CCD}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{60B103EC-C3F7-4C3F-9D3B-589A3B566F88}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{37DAA64F-CAE4-4A97-A00B-B37F48A8B0B3}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{1D012CB6-D7C1-40E9-BAF7-CDE33C6F9714}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{691C3FA5-494E-48D8-880D-CC29B00BDEA0}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
==================== Restore Points =========================
17-03-2019 23:00:27 Windows Backup
18-03-2019 23:36:25 Windows Backup
19-03-2019 23:00:28 Windows Backup
20-03-2019 23:00:36 Windows Backup
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/19/2019 10:08:33 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
Error: (03/19/2019 10:08:33 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
Error: (03/19/2019 01:54:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_WpnUserService, version: 10.0.17134.556, time stamp: 0xf23cada5
Faulting module name: NotificationController.dll, version: 10.0.17134.165, time stamp: 0xe0385185
Exception code: 0xc0000005
Fault offset: 0x000000000007c686
Faulting process id: 0x2d78
Faulting application start time: 0x01d4de02731d74d3
Faulting application path: C:\WINDOWS\system32\svchost.exe
Faulting module path: C:\Windows\System32\NotificationController.dll
Report Id: 926d37b8-39ee-4cd2-80a2-d180cdf13143
Faulting package full name:
Faulting package-relative application ID:
Error: (03/18/2019 11:18:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_WpnUserService, version: 10.0.17134.556, time stamp: 0xf23cada5
Faulting module name: NotificationController.dll, version: 10.0.17134.165, time stamp: 0xe0385185
Exception code: 0xc0000005
Fault offset: 0x000000000007a24d
Faulting process id: 0x21b8
Faulting application start time: 0x01d4dd2469863e0a
Faulting application path: C:\WINDOWS\system32\svchost.exe
Faulting module path: C:\Windows\System32\NotificationController.dll
Report Id: 9423e9b2-cf22-4675-bcc4-241a232a2c30
Faulting package full name:
Faulting package-relative application ID:
Error: (03/18/2019 11:00:00 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location G:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).
Error: (03/17/2019 04:14:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_WpnUserService, version: 10.0.17134.556, time stamp: 0xf23cada5
Faulting module name: NotificationController.dll, version: 10.0.17134.165, time stamp: 0xe0385185
Exception code: 0xc0000005
Fault offset: 0x000000000007c686
Faulting process id: 0x1664
Faulting application start time: 0x01d4dc0fa6ead979
Faulting application path: C:\WINDOWS\system32\svchost.exe
Faulting module path: C:\Windows\System32\NotificationController.dll
Report Id: e5a88641-4186-4f01-ace5-90d88b98bfb5
Faulting package full name:
Faulting package-relative application ID:
Error: (03/16/2019 11:47:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_WpnUserService, version: 10.0.17134.556, time stamp: 0xf23cada5
Faulting module name: NotificationController.dll, version: 10.0.17134.165, time stamp: 0xe0385185
Exception code: 0xc0000005
Fault offset: 0x000000000007c686
Faulting process id: 0xf5c
Faulting application start time: 0x01d4db9affdeb754
Faulting application path: C:\WINDOWS\system32\svchost.exe
Faulting module path: C:\Windows\System32\NotificationController.dll
Report Id: f8303c39-5de6-41e2-b3c0-42e08da89c22
Faulting package full name:
Faulting package-relative application ID:
Error: (03/15/2019 09:52:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_WpnUserService, version: 10.0.17134.556, time stamp: 0xf23cada5
Faulting module name: NotificationController.dll, version: 10.0.17134.165, time stamp: 0xe0385185
Exception code: 0xc0000005
Fault offset: 0x000000000007c686
Faulting process id: 0x77c
Faulting application start time: 0x01d4dad1d009b6fd
Faulting application path: C:\WINDOWS\system32\svchost.exe
Faulting module path: C:\Windows\System32\NotificationController.dll
Report Id: 3da28030-9de1-4080-8c6a-d6332b81d96a
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (03/21/2019 12:38:06 AM) (Source: DCOM) (EventID: 10016) (User: WAYNE-HP)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
and APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
to the user WAYNE-HP\WAYNE SID (S-1-5-21-3431438650-1370896122-3677072999-1000) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
Error: (03/21/2019 12:18:07 AM) (Source: DCOM) (EventID: 10016) (User: WAYNE-HP)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
and APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
to the user WAYNE-HP\WAYNE SID (S-1-5-21-3431438650-1370896122-3677072999-1000) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
Error: (03/20/2019 06:16:46 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Downloaded Maps Manager service hung on starting.
Error: (03/20/2019 06:14:42 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intuit Update Service v4 service hung on starting.
Error: (03/20/2019 06:10:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Touchpoint Analytics service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (03/20/2019 06:10:53 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the HP Touchpoint Analytics service to connect.
Error: (03/20/2019 06:09:50 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The File History Service service hung on starting.
Error: (03/20/2019 06:07:34 PM) (Source: DCOM) (EventID: 10001) (User: WAYNE-HP)
Description: Unable to start a DCOM Server: microsoft.windowscommunicationsapps_16005.11231.20192.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca as Unavailable/Unavailable. The error:
"0"
Happened while starting this command:
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11231.20192.0_x64__8wekyb3d8bbwe\HxTsr.exe" -ServerName:Hx.IPC.Server
Windows Defender:
===================================
Date: 2018-11-28 06:20:19.136
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.259.755.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14405.2
Error code: 0x800b0003
Error description: The form specified for the subject is not one supported or known by the specified trust provider.
Date: 2018-11-28 06:20:19.135
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.259.755.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14405.2
Error code: 0x800b0003
Error description: The form specified for the subject is not one supported or known by the specified trust provider.
Date: 2018-11-28 06:20:19.134
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.259.755.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14405.2
Error code: 0x800b0003
Error description: The form specified for the subject is not one supported or known by the specified trust provider.
CodeIntegrity:
===================================
Date: 2019-03-20 22:00:29.028
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-03-20 22:00:28.757
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-03-20 22:00:28.362
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-03-20 22:00:28.085
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-03-20 22:00:28.044
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-03-20 22:00:27.877
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-03-20 22:00:27.600
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-03-20 22:00:26.097
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: AMD Athlon II X4 635 Processor
Percentage of memory in use: 33%
Total physical RAM: 12287.28 MB
Available physical RAM: 8197.32 MB
Total Virtual: 13055.28 MB
Available Virtual: 8836.9 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:583.19 GB) (Free:185.44 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:12.44 GB) (Free:1.52 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive h: (HP v125w) (Removable) (Total:3.73 GB) (Free:1.03 GB) FAT32
\\?\Volume{a3ee7c82-2453-11e0-adba-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{489ea3c9-0000-0000-0000-b0d291000000}\ () (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 489EA3C9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=583.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=449 MB) - (Type=27)
Partition 4: (Not Active) - (Size=12.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 3.7 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=3.7 GB) - (Type=0C)
==================== End of Addition.txt ============================