Okay got a strange situation this person sent me an email saying he did this:
"actually, i setup a malware on the streaming web site and guess what, you visited this site to have fun (you know what i mean). When you were viewing video clips, your internet browser initiated working as a Remote control Desktop that has a keylogger which provided me access to your display and webcam. Just after that, my software obtained all your contacts from your Messenger, Facebook, as well as emailaccount."
Okay I don't have many contacts in messenger and don't use facebook so he is out luck there.
But any help looking over my system would be greatly appreciated.
I posted both logs and if I did something wrong (I'm sorry newbie here) just let me know and I'll fix it.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-06-2019
Ran by User (administrator) on USER-PC (Gigabyte Technology Co., Ltd. To be filled by O.E.M.) (17-06-2019 20:31:00)
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User)
Platform: Windows 10 Pro Version 1803 17134.829 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\Scanner Mouse\Scanner Mouse Monitoring.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19041.16510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1904.42.0_x64__8wekyb3d8bbwe\Calculator.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Dacuda AG -> ) C:\Program Files (x86)\Scanner Mouse\Scanner Mouse.exe
(Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(MEDIATEK INC. -> Mediatek Inc.) [File not signed] C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe
(MEDIATEK INC. -> Mediatek Inc.) C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry.exe
(MEDIATEK INC. -> Mediatek Inc.) C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\MpCmdRun.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\NisSrv.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Samsung Electronics CO., LTD. -> ) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(The CefSharp Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-16] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498728 2015-05-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1932689280-4281254901-3544119085-1001\...\Run: [Google Update] => C:\Users\User\AppData\Local\Google\Update\1.3.34.11\GoogleUpdateCore.exe [410920 2019-05-14] (Google Inc -> Google LLC)
HKU\S-1-5-21-1932689280-4281254901-3544119085-1001\...\Run: [Zoom] => [X]
HKU\S-1-5-21-1932689280-4281254901-3544119085-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) [File not signed]
HKU\S-1-5-21-1932689280-4281254901-3544119085-1001\...\Run: [STUISpeedLauncher] => C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe [411136 2015-02-09] () [File not signed]
HKU\S-1-5-21-1932689280-4281254901-3544119085-1001\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
HKU\S-1-5-21-1932689280-4281254901-3544119085-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30796352 2018-10-24] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKLM\...\Drivers32: [vidc.i420] => C:\WINDOWS\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.90\Installer\chrmstp.exe [2019-06-13] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Mediatek Wireless Utility.lnk [2019-06-13]
ShortcutTarget: Mediatek Wireless Utility.lnk -> C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe (MEDIATEK INC. -> Mediatek Inc.) [File not signed]
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Scanner Mouse.lnk [2017-10-11]
ShortcutTarget: Scanner Mouse.lnk -> C:\Program Files (x86)\Scanner Mouse\Scanner Mouse.exe (Dacuda AG -> )
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {06B90EFF-848B-411A-B1B6-2D7D51939088} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-05-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0C99036C-A758-45CC-897C-44ACDC2BB970} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-05-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0D1A28E5-5034-4DF3-A794-8A79ED787257} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {111FF23E-622A-4472-942A-7C48DB48571A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-07] (Google Inc -> Google Inc.)
Task: {1ED7BD3D-B017-4443-8028-1C9097A14B31} - System32\Tasks\EPM Preload => C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2DotNetHandler.exe [1328352 2015-04-24] (Samsung Electronics CO., LTD. -> )
Task: {23395F1C-C00A-4D35-A137-FD8EF7F75C75} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-05-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {287CC871-AA91-4D48-8F34-7CBEB8AACFF6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1932689280-4281254901-3544119085-1001UA1d257deb3b154b5 => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-05-31] (Google Inc -> Google Inc.)
Task: {29495073-FD5D-4ADC-A4B0-87A0CA65E49D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3A2A4595-15B4-48CE-8760-FF6619FF825F} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-09-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {3A4E4D3C-7FD2-48D7-9C59-A7C87EADA879} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1932689280-4281254901-3544119085-1001UA => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-05-31] (Google Inc -> Google Inc.)
Task: {3D0AB482-9EFC-4639-9A90-66C90D6AC9B5} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2118352 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {4AF2CBE0-29F4-4F0D-B87B-E015167EACDC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-05-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4ED66D71-3C2A-4767-A75F-6FE080ED9C5C} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {58E25BB6-88F0-44AB-92B9-B5E8AB4BB3FA} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [33280 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
Task: {5E6BF9E9-B6AD-4FD0-83D0-4AB64EA2EFB9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {5E974709-AD35-4DCA-A742-D9F380CEB8D3} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {5EAE0E9D-9AA5-487E-A8BF-8D6924A22BA9} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [978672 2017-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {6E635BCE-C03C-4991-BFF7-DC20BEB317F1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [386776 2017-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {6FB65F3C-196D-4A5D-9C07-985057B0119E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [7651984 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {75188222-0F30-4FCC-8E47-66C561BD07A6} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2211024 2014-03-19] (Microsoft Corporation -> Microsoft)
Task: {80FCA897-066D-41A2-8F83-A4752270CAB7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [135349160 2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8FE203D2-4F68-4A57-961A-A5F9B1B418E3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {905E2EF3-C35C-485A-83B8-5B25A91F43A7} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {90DC99DB-4CDE-4DAE-9143-6B45E2A65CFB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {94A0206B-349A-496E-8249-1BAF8A10676B} - System32\Tasks\{F9020C37-7347-40C1-947B-D8F6F397C7C3} => C:\Windows\system32\pcalua.exe -a C:\Users\User\AppData\Local\WebPlayer\uninstall.exe -c _?=C:\Users\User\AppData\Local\WebPlayer\FLV Player
Task: {94EA8BBD-B3AD-4995-A1CE-AE957D8CDC53} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {96496DA0-21A4-49C5-BE36-3B27C1C9F8D6} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {9E361C85-42DC-41C1-8629-DE998382A822} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {A03DCD55-D0C6-46F0-8E69-DC06CB28407A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1932689280-4281254901-3544119085-1001Core1d257deb39aeb78 => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-05-31] (Google Inc -> Google Inc.)
Task: {A7E2E9A4-8A39-4B25-A76D-BE1F203F75DD} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {AEFB5908-9182-495B-86B7-ACA13F154598} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2118352 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {B72A5EE2-4E13-4A15-89ED-2D85A1C442B5} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1487568 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {BB497B35-5E5D-4FDA-9225-8DDAC5A901A0} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {BD6A2EB5-67C0-4841-B726-C839D8C3EB04} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [386776 2017-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {BDB9ED3C-FF7E-4DA0-8581-41997B3E15A5} - \WPD\SqmUpload_S-1-5-21-1932689280-4281254901-3544119085-1001 -> No File <==== ATTENTION
Task: {C0133F3D-DC6D-4F6F-A037-8B8DF9F3706B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {C25E97B4-1D81-4348-9F88-FD9F43AC8012} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {CA9F28AB-119B-434C-8E08-BFF2AF9DE71A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [978672 2017-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {CDA18AB2-F1AB-46F2-8D8E-5D8A7D8D58D4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {DD990BED-AE26-46CB-B679-4F696049B20B} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [39920 2018-10-24] (Garmin International, Inc. -> )
Task: {DFA06D4D-374C-4E14-B544-4A962B48891A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {EE94EF7B-75E5-419C-98F6-02A45E48FDDF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [6944304 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {EEB23815-0509-4A94-BBF8-D914F2B9F812} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1932689280-4281254901-3544119085-1001Core => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-05-31] (Google Inc -> Google Inc.)
Task: {F27D8F64-D582-472D-8812-0F15C33BE073} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1487568 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {F5152D44-9A99-4C6E-9DCA-FA933AD20662} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-07] (Google Inc -> Google Inc.)
Task: {FCA02A60-79D5-4D65-BC88-914479A8E364} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [7192192 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1932689280-4281254901-3544119085-1001Core.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1932689280-4281254901-3544119085-1001UA.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{94805519-7b91-4336-a1e2-d8adc55e055c}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Internet Explorer:
==================
HKU\S-1-5-21-1932689280-4281254901-3544119085-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=86311377¶m1=y6bdVFVIsvuYsgEClQfz8HyFH9tZCHsOZFHNP%2BYwJC1E8YfVD1SiVZqj%2BVW11eTsjEcCQe6BMuksB9gUHRmoF4SqMCi7bgYom8fRuMG%2B8Y0xYmLPnp8B9%2F%2FkAvNIje6OeDgjUI60mh3miOAyYHey46EXXBujZwKiH0TD%2F%2F3EfJs1nsTLno1sCT%2FwmoxC0QYfNbpMIlFuAZtXRwdfSDuZLe7I94GsnXPc5Xqz%2FESIgRzYb62QmVqVJ1FTax2y5RhNmlEO1iMRpMljARB7dRUdow%3D%3D
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1932689280-4281254901-3544119085-1001 -> {1711FC25-F05A-40CE-B859-A0C1CF01FD18} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=omr&hsimp=yhs-001&type=86311377¶m1=y6bdVFVIsvuYsgEClQfz8HyFH9tZCHsOZFHNP%2BYwJC1E8YfVD1SiVZqj%2BVW11eTs1cW%2FEof8QF4Qfe46x%2FGdCvsl1KEF3Xn4WXxBsRhpuiv9b2bkD8BexpOIzuwomIsYPhyB0I7hC31yU2G35%2F1grK4dlJmUKyRBhlk0oNVEqJazwVNOOgI77vfGBlyGdbMYEj3VgIPD8DfUq1qzb%2Fr%2FLxd4um9E1GHH5JydBKVXpm5PZ6M8CJ3mBR3X1dQmKEy2hRbhrQwEfcectQsz89vXxA%3D%3D&p={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2018-02-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-05-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2018-03-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-05-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-02-25] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2015-05-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2018-03-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-02-25] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2015-05-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2015-05-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2015-05-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-06-13] [Legacy] [not signed]
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (Garmin International, Inc. -> GARMIN Corp.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (Garmin International, Inc. -> GARMIN Corp.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-02-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-02-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2015-03-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2015-05-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-1932689280-4281254901-3544119085-1001: @tools.google.com/Google Update;version=3 -> C:\Users\User\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-1932689280-4281254901-3544119085-1001: @tools.google.com/Google Update;version=9 -> C:\Users\User\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-1932689280-4281254901-3544119085-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\User\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2015-06-08] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2019-06-17]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2018-09-05]
CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Adobe Acrobat) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-06-10]
CHR Extension: (Chrome Remote Desktop) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-04-22]
CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-15]
CHR Extension: (AdBlock) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-05-28]
CHR Extension: (Skype) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-01]
CHR Extension: (Fakespot - Analyze Fake Amazon Reviews) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nakplnnackehceedgkgkokbgbmfghain [2019-05-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-02]
CHR Extension: (Sling Desktop Share) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pecpbndlndfegjibmbaplkjdkhdgmnei [2018-08-08]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-06]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [560544 2017-10-13] (Advanced Micro Devices, Inc. -> AMD)
S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\74.0.3729.56\remoting_host.exe [73200 2019-04-01] (Google LLC -> Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058392 2017-12-12] (Microsoft Corporation -> Microsoft Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2014-05-11] () [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 MediatekRegistryWriter; C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry.exe [401040 2014-07-31] (MEDIATEK INC. -> Mediatek Inc.)
R2 MediatekRegistryWriter64; C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry64.exe [454288 2014-07-31] (MEDIATEK INC. -> Mediatek Inc.)
S3 RaMediaServer; C:\Program Files (x86)\MediatekWiFi\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [File not signed]
R2 SamsungUPDUtilSvc; C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe [143664 2016-07-20] (Samsung Electronics CO., LTD. -> )
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5074120 2019-03-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\NisSrv.exe [2433136 2019-05-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MsMpEng.exe [109896 2019-05-31] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmdag.sys [38774688 2017-10-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmpag.sys [549792 2017-10-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [71176 2018-11-07] (SZ DJI Technology Co., Ltd. -> hxxp://libusb-win32.sourceforge.net)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-06-13] (Malwarebytes Corporation -> Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R3 netr28ux; C:\WINDOWS\System32\drivers\netr28ux.sys [2224128 2018-04-11] (Microsoft Windows -> MediaTek Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-11] (Microsoft Windows -> Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [22016 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
R3 usbscan; C:\Windows\SysWOW64\DRIVERS\usbscan.sys [8944 2003-01-02] (Microsoft Corporation) [File not signed]
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47496 2019-05-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [337632 2019-05-31] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-05-31] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-06-17 20:31 - 2019-06-17 20:33 - 000037805 _____ C:\Users\User\Desktop\FRST.txt
2019-06-17 20:30 - 2019-06-17 20:31 - 000000000 ____D C:\FRST
2019-06-17 16:51 - 2019-06-17 16:51 - 002418688 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2019-06-13 20:17 - 2019-06-13 20:17 - 000000000 ___HD C:\OneDriveTemp
2019-06-13 20:12 - 2019-06-13 20:12 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-06-13 15:25 - 2019-02-12 23:47 - 001909560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-06-12 07:34 - 2019-06-07 05:04 - 021388752 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-06-12 07:34 - 2019-06-07 05:04 - 001633136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-06-12 07:34 - 2019-06-07 04:47 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-06-12 07:34 - 2019-06-07 04:45 - 012756480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-06-12 07:34 - 2019-06-07 04:42 - 003613696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-06-12 07:34 - 2019-06-07 04:41 - 004055552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-06-12 07:34 - 2019-06-07 04:40 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-06-12 07:34 - 2019-06-07 04:40 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-06-12 07:34 - 2019-06-07 04:23 - 001453920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-06-12 07:34 - 2019-06-07 04:19 - 020383832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-06-12 07:34 - 2019-06-07 04:10 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-06-12 07:34 - 2019-06-07 04:07 - 011942400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-06-12 07:34 - 2019-06-07 04:04 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-06-12 07:34 - 2019-06-07 04:04 - 002881536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-06-12 07:34 - 2019-06-07 04:04 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-06-12 07:34 - 2019-06-07 00:07 - 000707384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-06-12 07:34 - 2019-06-07 00:01 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-06-12 07:34 - 2019-06-06 23:58 - 001220112 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-06-12 07:34 - 2019-06-06 23:58 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-06-12 07:34 - 2019-06-06 23:58 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-06-12 07:34 - 2019-06-06 23:58 - 000422416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2019-06-12 07:34 - 2019-06-06 23:58 - 000135176 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-06-12 07:34 - 2019-06-06 23:58 - 000076304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-06-12 07:34 - 2019-06-06 23:57 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-06-12 07:34 - 2019-06-06 23:57 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-06-12 07:34 - 2019-06-06 23:57 - 002811192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-06-12 07:34 - 2019-06-06 23:57 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-06-12 07:34 - 2019-06-06 23:57 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-06-12 07:34 - 2019-06-06 23:57 - 001209696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-06-12 07:34 - 2019-06-06 23:57 - 000792888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-06-12 07:34 - 2019-06-06 23:57 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-06-12 07:34 - 2019-06-06 23:57 - 000594024 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-06-12 07:34 - 2019-06-06 23:57 - 000435000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-06-12 07:34 - 2019-06-06 23:57 - 000413720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-06-12 07:34 - 2019-06-06 23:57 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-06-12 07:34 - 2019-06-06 23:57 - 000383504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-06-12 07:34 - 2019-06-06 23:57 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-06-12 07:34 - 2019-06-06 23:57 - 000148280 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-06-12 07:34 - 2019-06-06 23:56 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-06-12 07:34 - 2019-06-06 23:56 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-06-12 07:34 - 2019-06-06 23:47 - 000380432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-06-12 07:34 - 2019-06-06 23:46 - 006569344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-06-12 07:34 - 2019-06-06 23:46 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-06-12 07:34 - 2019-06-06 23:46 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-06-12 07:34 - 2019-06-06 23:46 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-06-12 07:34 - 2019-06-06 23:46 - 000581048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-06-12 07:34 - 2019-06-06 23:46 - 000128792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-06-12 07:34 - 2019-06-06 23:38 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-06-12 07:34 - 2019-06-06 23:37 - 022019584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-06-12 07:34 - 2019-06-06 23:31 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-06-12 07:34 - 2019-06-06 23:27 - 022718976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-06-12 07:34 - 2019-06-06 23:24 - 005784064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-06-12 07:34 - 2019-06-06 23:24 - 003400704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-06-12 07:34 - 2019-06-06 23:23 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-06-12 07:34 - 2019-06-06 23:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-06-12 07:34 - 2019-06-06 23:22 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-06-12 07:34 - 2019-06-06 23:22 - 003710976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-06-12 07:34 - 2019-06-06 23:22 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-06-12 07:34 - 2019-06-06 23:21 - 007588864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-06-12 07:34 - 2019-06-06 23:21 - 004866048 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-06-12 07:34 - 2019-06-06 23:21 - 001778688 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-06-12 07:34 - 2019-06-06 23:21 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-06-12 07:34 - 2019-06-06 23:21 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-06-12 07:34 - 2019-06-06 23:20 - 002610688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-06-12 07:34 - 2019-06-06 23:20 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-06-12 07:34 - 2019-06-06 23:19 - 003212288 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-06-12 07:34 - 2019-06-06 23:19 - 002175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-06-12 07:34 - 2019-06-06 23:19 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-06-12 07:34 - 2019-06-06 23:19 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-06-12 07:34 - 2019-06-06 23:19 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-06-12 07:34 - 2019-06-06 23:18 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-06-12 07:34 - 2019-06-06 23:18 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-06-12 07:34 - 2019-06-06 23:18 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-06-12 07:34 - 2019-06-06 23:17 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-06-12 07:34 - 2019-06-06 23:17 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-06-12 07:34 - 2019-06-06 23:17 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-06-12 07:34 - 2019-06-06 23:16 - 001102336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-06-12 07:34 - 2019-06-06 23:16 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-06-12 07:34 - 2019-06-06 23:16 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-06-12 07:34 - 2019-06-06 23:16 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2019-06-12 07:34 - 2019-05-18 16:12 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-06-12 07:34 - 2019-05-18 16:12 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-06-12 07:34 - 2019-05-17 06:44 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-06-12 07:34 - 2019-05-17 06:40 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-06-12 07:34 - 2019-05-17 06:40 - 000280888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-06-12 07:34 - 2019-05-17 06:27 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-06-12 07:34 - 2019-05-17 06:26 - 004393984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-06-12 07:34 - 2019-05-17 06:25 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-06-12 07:34 - 2019-05-17 06:25 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-06-12 07:34 - 2019-05-17 06:23 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistWSDDiscoProv.dll
2019-06-12 07:34 - 2019-05-17 06:22 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-06-12 07:34 - 2019-05-17 06:22 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2019-06-12 07:34 - 2019-05-17 06:21 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-06-12 07:34 - 2019-05-17 06:21 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-06-12 07:34 - 2019-05-17 06:21 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3gpui.dll
2019-06-12 07:34 - 2019-05-17 06:20 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-06-12 07:34 - 2019-05-17 06:20 - 001970688 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSvc.dll
2019-06-12 07:34 - 2019-05-17 06:20 - 000725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistCacheProvider.dll
2019-06-12 07:34 - 2019-05-17 06:20 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSh.dll
2019-06-12 07:34 - 2019-05-17 06:20 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistCleaner.dll
2019-06-12 07:34 - 2019-05-17 06:19 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-06-12 07:34 - 2019-05-17 06:07 - 002206424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2019-06-12 07:34 - 2019-05-17 06:00 - 005658112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-06-12 07:34 - 2019-05-17 05:58 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-06-12 07:34 - 2019-05-17 05:55 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-06-12 07:34 - 2019-05-17 05:55 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-06-12 07:34 - 2019-05-17 05:55 - 000352256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDistSh.dll
2019-06-12 07:34 - 2019-05-17 05:54 - 002016768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-06-12 07:34 - 2019-05-17 01:07 - 000105272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-06-12 07:34 - 2019-05-17 00:44 - 000829960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2019-06-12 07:34 - 2019-05-17 00:44 - 000550520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-06-12 07:34 - 2019-05-17 00:43 - 000297688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2019-06-12 07:34 - 2019-05-17 00:42 - 005625160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-06-12 07:34 - 2019-05-17 00:42 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-06-12 07:34 - 2019-05-17 00:42 - 002256560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-06-12 07:34 - 2019-05-17 00:42 - 001989552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-06-12 07:34 - 2019-05-17 00:42 - 001980256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-06-12 07:34 - 2019-05-17 00:42 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-06-12 07:34 - 2019-05-17 00:42 - 001380096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-06-12 07:34 - 2019-05-17 00:42 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-06-12 07:34 - 2019-05-17 00:42 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-06-12 07:34 - 2019-05-17 00:30 - 013878784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-06-12 07:34 - 2019-05-17 00:26 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-06-12 07:34 - 2019-05-17 00:21 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-06-12 07:34 - 2019-05-17 00:19 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-06-12 07:34 - 2019-05-17 00:19 - 001630720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-06-12 07:34 - 2019-05-17 00:19 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2019-06-12 07:34 - 2019-05-17 00:19 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-06-12 07:34 - 2019-05-17 00:18 - 002796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-06-12 07:34 - 2019-05-17 00:18 - 001006592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-06-12 07:34 - 2019-05-17 00:08 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-06-12 07:34 - 2019-05-17 00:08 - 000723432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-06-12 07:34 - 2019-05-17 00:08 - 000491200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-06-12 07:34 - 2019-05-17 00:08 - 000401328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2019-06-12 07:34 - 2019-05-17 00:07 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-06-12 07:34 - 2019-05-17 00:07 - 002768960 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-06-12 07:34 - 2019-05-17 00:07 - 002571640 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-06-12 07:34 - 2019-05-17 00:07 - 002467320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-06-12 07:34 - 2019-05-17 00:07 - 001459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-06-12 07:34 - 2019-05-17 00:07 - 001288712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-06-12 07:34 - 2019-05-17 00:07 - 001260272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-06-12 07:34 - 2019-05-17 00:07 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2019-06-12 07:34 - 2019-05-17 00:07 - 000275768 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-06-12 07:34 - 2019-05-17 00:07 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-06-12 07:34 - 2019-05-17 00:06 - 001943136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-06-12 07:34 - 2019-05-17 00:06 - 001784696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-06-12 07:34 - 2019-05-17 00:06 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-06-12 07:34 - 2019-05-17 00:06 - 001140992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-06-12 07:34 - 2019-05-17 00:06 - 001098056 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-06-12 07:34 - 2019-05-17 00:06 - 000983424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-06-12 07:34 - 2019-05-17 00:06 - 000151888 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-06-12 07:34 - 2019-05-17 00:04 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-06-12 07:34 - 2019-05-17 00:00 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-06-12 07:34 - 2019-05-16 23:44 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-06-12 07:34 - 2019-05-16 23:38 - 004709376 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-06-12 07:34 - 2019-05-16 23:37 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-06-12 07:34 - 2019-05-16 23:36 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-06-12 07:34 - 2019-05-16 23:35 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-06-12 07:34 - 2019-05-16 23:35 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2019-06-12 07:34 - 2019-05-16 23:35 - 000322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-06-12 07:34 - 2019-05-16 23:34 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-06-12 07:34 - 2019-05-16 23:34 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-06-12 07:34 - 2019-05-16 23:34 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-06-12 07:34 - 2019-05-16 23:34 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-06-12 07:34 - 2019-05-16 23:33 - 003091456 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-06-12 07:34 - 2019-05-16 23:33 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-06-12 07:34 - 2019-05-16 23:33 - 002370560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-06-12 07:34 - 2019-05-16 23:33 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-06-12 07:34 - 2019-05-16 23:33 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-06-12 07:34 - 2019-05-16 23:33 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-06-12 07:34 - 2019-05-16 23:32 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2019-06-12 07:34 - 2019-05-16 23:32 - 000815104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-06-12 07:34 - 2019-05-16 23:31 - 004937216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-06-12 07:34 - 2019-05-16 23:31 - 003376640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-06-12 07:34 - 2019-05-16 23:31 - 003293184 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-06-12 07:34 - 2019-05-16 23:31 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-06-12 07:34 - 2019-05-16 23:31 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-06-12 07:34 - 2019-05-16 23:31 - 001383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-06-12 07:34 - 2019-05-16 23:31 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-06-12 07:34 - 2019-05-16 23:31 - 001211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-06-12 07:34 - 2019-05-16 23:31 - 001027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2019-06-12 07:34 - 2019-05-16 23:31 - 000620032 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-06-12 07:34 - 2019-05-16 23:31 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-06-12 07:34 - 2019-05-16 23:30 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-06-12 07:34 - 2019-05-16 23:30 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-06-12 07:34 - 2019-05-16 23:30 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2019-06-12 07:33 - 2019-06-07 04:48 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-06-12 07:33 - 2019-06-06 23:57 - 000494304 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-06-12 07:33 - 2019-06-06 23:57 - 000137448 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2019-06-12 07:33 - 2019-06-06 23:47 - 000097272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2019-06-12 07:33 - 2019-06-06 23:46 - 000357072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-06-12 07:33 - 2019-06-06 23:24 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-06-12 07:33 - 2019-06-06 23:23 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-06-12 07:33 - 2019-06-06 23:22 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2019-06-12 07:33 - 2019-06-06 23:22 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2019-06-12 07:33 - 2019-06-06 23:21 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-06-12 07:33 - 2019-06-06 23:20 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-06-12 07:33 - 2019-06-06 23:20 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-06-12 07:33 - 2019-06-06 23:19 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2019-06-12 07:33 - 2019-06-06 22:00 - 000001308 _____ C:\WINDOWS\system32\tcbres.wim
2019-06-12 07:33 - 2019-05-18 16:12 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-06-12 07:33 - 2019-05-18 16:12 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-06-12 07:33 - 2019-05-17 06:25 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe
2019-06-12 07:33 - 2019-05-17 06:24 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-06-12 07:33 - 2019-05-17 06:24 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rndismp6.sys
2019-06-12 07:33 - 2019-05-17 06:23 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDist.dll
2019-06-12 07:33 - 2019-05-17 06:23 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2019-06-12 07:33 - 2019-05-17 06:21 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2019-06-12 07:33 - 2019-05-17 06:21 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2019-06-12 07:33 - 2019-05-17 05:58 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDist.dll
2019-06-12 07:33 - 2019-05-17 05:56 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2019-06-12 07:33 - 2019-05-17 05:56 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3gpui.dll
2019-06-12 07:33 - 2019-05-17 05:55 - 000470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2019-06-12 07:33 - 2019-05-17 05:54 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2019-06-12 07:33 - 2019-05-17 03:33 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-06-12 07:33 - 2019-05-17 02:52 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-06-12 07:33 - 2019-05-17 00:42 - 000125504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-06-12 07:33 - 2019-05-17 00:23 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-06-12 07:33 - 2019-05-17 00:23 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-06-12 07:33 - 2019-05-17 00:23 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-06-12 07:33 - 2019-05-17 00:22 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2019-06-12 07:33 - 2019-05-17 00:22 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2019-06-12 07:33 - 2019-05-17 00:21 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2019-06-12 07:33 - 2019-05-17 00:21 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2019-06-12 07:33 - 2019-05-17 00:20 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-06-12 07:33 - 2019-05-17 00:20 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-06-12 07:33 - 2019-05-17 00:19 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-06-12 07:33 - 2019-05-17 00:19 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2019-06-12 07:33 - 2019-05-17 00:18 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-06-12 07:33 - 2019-05-16 23:37 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2019-06-12 07:33 - 2019-05-16 23:37 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2019-06-12 07:33 - 2019-05-16 23:36 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-06-12 07:33 - 2019-05-16 23:36 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-06-12 07:33 - 2019-05-16 23:36 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-06-12 07:33 - 2019-05-16 23:36 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-06-12 07:33 - 2019-05-16 23:36 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-06-12 07:33 - 2019-05-16 23:36 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-06-12 07:33 - 2019-05-16 23:34 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2019-06-12 07:33 - 2019-05-16 23:34 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2019-06-12 07:33 - 2019-05-16 23:34 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-06-12 07:33 - 2019-05-16 23:34 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2019-06-12 07:33 - 2019-05-16 23:33 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2019-06-10 21:43 - 2019-06-10 21:43 - 000327460 _____ C:\Users\User\Desktop\Ticket Viator-Travis Hewitt-BR-709805310.pdf
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-06-17 20:31 - 2018-05-14 10:16 - 000004150 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3730204B-D1A0-4E74-B802-2910B18C1910}
2019-06-17 20:16 - 2018-04-11 17:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-06-17 20:05 - 2018-05-14 09:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-06-17 16:34 - 2014-05-11 10:08 - 000000000 ____D C:\Users\User\Documents\Outlook Files
2019-06-16 15:08 - 2019-04-21 15:27 - 000000000 ____D C:\Users\User\AppData\Local\Deployment
2019-06-15 02:12 - 2018-04-11 17:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-15 02:12 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-06-13 20:17 - 2014-04-20 15:51 - 000000000 ___RD C:\Users\User\SkyDrive
2019-06-13 20:16 - 2018-05-14 09:59 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-06-13 20:16 - 2018-04-11 17:36 - 000000000 ____D C:\WINDOWS\INF
2019-06-13 20:12 - 2018-05-14 10:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-06-13 20:12 - 2016-06-01 23:05 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2019-06-13 20:11 - 2018-04-11 15:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-06-13 20:11 - 2017-06-21 20:37 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-06-13 15:25 - 2018-04-11 17:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-06-13 12:49 - 2014-04-20 14:55 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-13 12:49 - 2014-04-20 14:55 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-06-12 17:50 - 2018-01-25 17:01 - 000000000 ___RD C:\Users\User\3D Objects
2019-06-12 17:50 - 2016-02-13 07:22 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-06-12 17:48 - 2018-05-14 09:44 - 000415528 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-06-12 17:44 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-06-12 17:43 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-06-12 17:43 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\Provisioning
2019-06-12 17:43 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-06-12 17:43 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-06-12 07:33 - 2014-04-21 17:18 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-06-12 07:27 - 2014-04-21 17:18 - 135349160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-06-05 21:41 - 2018-05-14 10:16 - 000003362 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1932689280-4281254901-3544119085-1001
2019-06-05 21:41 - 2018-05-14 09:50 - 000002401 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-06-04 20:30 - 2015-06-06 13:23 - 000000629 _____ C:\Users\User\Documents\songs.txt
2019-05-31 17:49 - 2018-02-13 22:31 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-05-30 19:57 - 2018-11-14 18:49 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-05-30 19:57 - 2018-11-14 18:49 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-18 20:33 - 2017-06-03 14:28 - 000000000 ____D C:\Users\User\AppData\Roaming\vlc
2019-05-18 08:18 - 2016-08-05 18:10 - 000000000 ____D C:\Users\User\Desktop\Temp Photographs
==================== Files in the root of some directories ================
2015-02-23 15:37 - 2015-02-23 15:37 - 000003584 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== FLock ================
2014-04-10 04:37 C:\WINDOWS\CSC
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-06-2019
Ran by User (17-06-2019 20:34:24)
Running from C:\Users\User\Desktop
Windows 10 Pro Version 1803 17134.829 (X64) (2018-05-14 16:17:44)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1932689280-4281254901-3544119085-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1932689280-4281254901-3544119085-503 - Limited - Disabled)
Guest (S-1-5-21-1932689280-4281254901-3544119085-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1932689280-4281254901-3544119085-1003 - Limited - Enabled)
User (S-1-5-21-1932689280-4281254901-3544119085-1001 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-1932689280-4281254901-3544119085-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2012 Complete 15 Collection - 5 Seats (HKLM-x32\...\{058DCE46-DB52-45FD-B811-6D894BD80F4E}) (Version: 1.00.0000 - International Code Council®)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.11 - Adobe Systems)
AMD Catalyst Install Manager (HKLM\...\{EDC0E654-60C7-758D-6B81-C8D3ACCEDEE5}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x64 (HKLM\...\{D559687A-60C5-4786-9429-C21EC195789D}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center (HKLM-x32\...\{8B1A559A-FB9D-42F5-A8A7-2F132CF28414}) (Version: 1.00.0000 - )
Catalyst Control Center Next Localization BR (HKLM\...\{118C2119-84B6-E32C-63E2-B56DBCF41CE5}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{3E245378-BF77-6946-C6F6-096DBE5EAB82}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{51F85784-6799-5CA3-97B2-2E5904FC3E58}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{55A4D3AB-C8DF-26B2-89A8-7E16E1E40700}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{A16E186C-58C4-3BDC-5CCE-714EFEF5F27F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{365AEAB2-4CF3-7CBB-0DAC-E9E14B688E65}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{45907537-804A-514F-5280-5F4F12A6DCBC}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{5A083A57-10D6-D4E5-292C-F274870E73A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{8E6F5592-ED7E-9C50-74AC-BF417B1FE291}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{E42911E5-48F8-8557-ED20-D72AD1907D25}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{7ABC6D83-816E-6D48-E65D-B0CEDD294E4E}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{962364E4-08BB-347D-32E7-2B789F37BF8A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{AD28960A-6190-C991-C964-308B86EAA2E2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B4C30EF4-B2C5-1395-B534-7B63BCB6E8E4}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{DF0D7C1C-72B6-9FFB-DF66-B3720237BB80}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{238F6F6F-2544-86CF-3AB6-2CDADAB58CF0}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{62098A5F-E03B-31A3-5F9C-51A7F7D25744}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{84C3F2C5-F7B2-2F08-CDF4-79EF7CC55D74}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{A0407E39-2AA4-60B3-885F-3C5347B6909E}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{C3EE628C-7394-FE2C-0C90-C05284EB528D}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0989D0EA-AFF3-5F9A-3D25-20EE133E409B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0E8A3B17-D603-B1B6-C205-1685EBDD23E9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{1757AD9B-0E3C-05F9-FE43-4343BED7DA85}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{2F544F46-5F6E-97BB-3550-A0242A3C5754}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{EC688BD0-240D-AE40-55F3-234E54919AE6}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{1E7D3072-1D28-E33A-99DF-85D9F7ECD06E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{66B06F29-EE4F-9130-D96A-754826093FEA}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{A8689A0F-5928-7300-B82B-C5E85131B7BA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{E27224E3-7913-DA1E-5B08-9BEEC8FEE3D1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{FC4086D6-E345-5F43-08BB-280FB57DAF49}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{76AAF56B-93D8-161D-809A-EC05F3B913DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{821D0A0E-F246-BE40-0D68-93883C14C410}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{95A52FC1-C728-841D-1BFC-CC793B77B0A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{BA26B70C-3D8C-2D14-4122-211FB3E6F691}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{F8EBE530-A4D5-BF51-F623-3787E6B8A878}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{063CED74-F5F0-870E-DC9C-2D78FDEDA3EE}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{42FBD43F-DE53-6D4D-5134-E3C93B45CBEF}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{5FEACE78-C338-9AED-FF05-7DE7E273C774}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{88BD74C4-23AB-4554-915C-6E1F0C81F6CD}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{A22CDEBA-6DB5-12CD-F6CE-6238C2D78363}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{13BB60AA-88F7-4B1F-2DEC-D81EEDE8B3AA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A3795528-F572-6314-C4E3-EE9DAF0FBF02}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A48E2AB0-0866-7783-9657-E1709EB18D02}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{AC85CF50-9A55-0103-ADBF-365C37603AA4}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{C0BFC67D-E447-02C8-6046-C078DFE9EC97}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{37AA6227-FF2C-95AC-87C0-45DCC0BB87DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{4853A56D-7931-A08B-5BA7-8E2D61043DF9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{94C72EBE-2908-F0AC-62DA-D61951830F8F}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{B349892D-B015-033C-4CA8-3635E6B655D7}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{E61CEF9A-BAC3-EAEE-F735-E257D2354DF2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{5B987681-3652-492B-6A11-E02AC0FE5959}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{B28CF677-E2C8-12CA-52BB-19B6F066D36A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{BE8D6AB1-3049-2F0C-67FA-00C0A5D321A3}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{DA0326BB-657D-AAFC-752C-363E8FA33755}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{EB328356-1DF0-1CCE-3607-6361DD329219}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{26567561-DFB2-2B63-9BA8-6A490ED37016}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{43F6D22B-E0E9-EE90-9B62-1C5FC5D15A55}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{86BFE5B4-1FCE-3C02-6373-92B1AE6431E8}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{87E6EC29-AEC5-28CB-F773-93EB6C1B8A2B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{B873A1FB-5EA0-EE5F-A861-1E38880AD08E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{0742432E-42D9-2240-4CA1-8595CCCBAA77}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{0809FEC1-EF86-51E9-8210-DC1B1BDB6745}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{CA55697D-BD74-3ED8-6B21-D7EDAD3B7D02}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{D4490E0F-8E7B-1097-B56A-7643C75F1C28}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{EC9DF9FF-9D75-4CDD-1D58-A2E887B0A42E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{5FD706FF-6AD8-E372-A35A-879409982655}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{7ABACA7E-6E59-0EF9-8FA3-6B32E5F58127}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{CFC860C8-4F51-E08C-A74C-2E444ED06160}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{DAB44116-0266-C65B-B643-AC11217C3041}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{EAEAA839-44F4-22DF-D1CC-88C3B2A3D4B1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3AF70346-52C7-0334-606F-118D1C1CB7A2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3E196AAF-F81C-B384-E2AB-28EE2398FE5F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{9338D693-38B7-1ED4-9B42-BFA1D5600CCB}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{A3973655-E448-4A1B-477C-988A79D132D9}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{A4E7CA0C-84EB-5E29-2F04-06C4E4790C2F}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{53AE8AC7-5213-67AF-0DC0-CED696B77643}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{59D2664C-949B-7FA7-9880-ECB993B6616A}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{6DC92550-D065-4B36-C4D3-D8D7A702A7A7}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{C971C145-258D-6650-7088-13DDB161327A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DAEFFE0C-CD05-1355-6AFC-7B3D4106A820}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{970A40CA-46AB-986C-1798-976ED0EA00FA}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{B2A83706-3F14-1532-20CD-B4EE715A8945}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{DC9DFCBF-87DA-892C-6151-99CC9EF46E3E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{E392A425-53A7-DF90-96A0-E287A75DD3B2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{EBA09DAF-14B4-7BE7-676E-6E2FB21EDBDD}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{44ED2CDA-4197-E9E9-B328-26E1FB749116}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4707CBFC-8ED4-463E-0FF9-DE86F4A743E9}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{9AA4DD93-94BF-22EA-C9D2-7084F304A31B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{C1EFF2A2-DF4A-F6D1-B99C-1ED194AE9E78}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{D6F47BB4-700A-F612-0671-5F69EA311BB7}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{01FD9A26-3F61-9236-B360-BE5D043D82C0}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{3450566C-4561-0EE8-B1AB-D5C79CCE8D2C}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{379D900B-A785-6DB0-012E-434356A365B3}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{46EB68BE-8AAC-8C2B-7284-8DEDE6B5CD2A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{C14A3A5B-8A86-C239-37D7-158211778C54}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{366C4FB5-CF6E-258B-418D-E6D29549A278}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{64D4CCC3-63DF-252D-D29D-03491670225D}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{7A6E431B-CF43-EC3E-FD7E-0A0AAB1B25FC}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{A50C89BC-8D8E-8828-824A-7171F6D583D5}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{FCE8438C-3272-D63F-479F-670F082B294B}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{0B5633F0-C415-2F08-671E-4C9E2FAACD45}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{25D1751E-7CA2-5F6D-0125-0A16E47AF9FE}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{89A1F076-19B8-A2B1-D5A3-E8247EFAF157}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{8DF90937-B869-9F76-5D45-5A8BDA0A33B6}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{B10089DE-934F-6E0F-683A-B788F89348DF}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Chrome Remote Desktop Host (HKLM-x32\...\{786E64DA-CDC1-432B-BCAB-5912C73A72E9}) (Version: 74.0.3729.56 - Google Inc.)
ChromecastApp (HKU\S-1-5-21-1932689280-4281254901-3544119085-1001\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
DJI Assistant 2 version V1.2.4 (HKLM-x32\...\{D939E096-78F1-4A32-A711-C1AD3F3D082A}_is1) (Version: V1.2.4 - DJI)
DJI Flight Simulator 2.1.0.3 (HKLM-x32\...\DJI Flight Simulator) (Version: 2.1.0.3 - DJI)
Eco Driver Pack (HKLM-x32\...\Samsung Eco Driver Pack) (Version: 2.01.10.00 (5/28/2015) - Samsung Electronics Co., Ltd.)
Elevated Installer (HKLM-x32\...\{0BF90608-2F95-4C7C-9A85-E90E0CAF4FE9}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
FLIR Report Studio x64 (HKLM\...\{B7EFDA8C-EA87-4815-B2D8-8D45AF25C7B9}) (Version: 1.4.18039.1001 - FLIR SYSTEMS) Hidden
FLIR Streaming Drivers x86 (HKLM-x32\...\{6BF23A5E-1B03-4A56-ABDF-67CC433F7F38}) (Version: 1.14.0.0 - FLIR Systems) Hidden
Flir Template Editor (HKLM\...\{AFEB7372-A63D-4076-8455-45F100CC57E9}) (Version: 1.4.18039.1001 - FLIR Systems) Hidden
FLIR Tools (HKLM-x32\...\{843EC6A6-9E1C-4FDA-82F7-C2690419D9F6}) (Version: 6.4.18039.1003 - FLIR Systems) Hidden
FLIR Tools (HKLM-x32\...\{8a1289f2-3c25-453f-ac80-8085db4f3cde}) (Version: 6.4.18039.1003 - FLIR Systems)
FLIR Tools English Documentation (HKLM-x32\...\{487E3E97-0C04-426C-A683-505F83754D6A}) (Version: 6.4.18039.1003 - FLIR Systems) Hidden
Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{95D0EADA-5123-41C0-931A-F37946BC0E8E}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{eab4691c-4022-41cd-8d39-c3097ba62d4b}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.90 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Magic ISO Maker v5.4 (build 0245) (HKLM-x32\...\Magic ISO Maker v5.4 (build 0245)) (Version: - )
Malwarebytes version 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Mediatek RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.38.101 - MediatekWiFi)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.5067.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1932689280-4281254901-3544119085-1001\...\OneDriveSetup.exe) (Version: 19.086.0502.0006 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
mp3Tag Pro 11 (HKLM-x32\...\mp3Tag Pro_is1) (Version: - ManiacTools.com)
Office 15 Click-to-Run Extensibility Component (HKLM\...\{90150000-008C-0000-1000-0000000FF1CE}) (Version: 15.0.5067.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-007E-0000-1000-0000000FF1CE}) (Version: 15.0.5067.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM\...\{90150000-008C-0409-1000-0000000FF1CE}) (Version: 15.0.5067.1000 - Microsoft Corporation) Hidden
Pleora Redistributable (x64) (HKLM\...\{D9899F92-1568-428E-92CC-7A9C00A64C87}) (Version: 6.1.6 - FLIR Systems Inc., ATS-US)
Quicken 2017 (HKLM-x32\...\{E5AE4F66-CDA1-432A-A69E-C685D454ABDA}) (Version: 26.1.19.1 - Quicken)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 2.0.0.78 - Samsung Electronics Co., Ltd.)
Samsung Printer Center (HKLM-x32\...\Samsung Printer Center) (Version: 1.0.0.12 - Samsung Electronics Co., Ltd.)
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.2.5 - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.26 - Samsung Electronics Co., Ltd.) Hidden
Scanner Mouse (HKLM-x32\...\{CFD2012A-F465-4957-98D2-9C8C821C749E}) (Version: 2.2.1 - Dacuda)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
Sling (HKLM-x32\...\{A0C306FE-01A5-4B94-A037-EF5403F8CE41}) (Version: 5.0.174 - Echostar)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.)
SS0ption (HKLM-x32\...\SS0ption) (Version: 2.0.3.6 - SoftwareX Corp)
Stylish Driver Pack (HKLM-x32\...\Samsung Stylish UI Pack) (Version: 1.01.74.00 (2/9/2015) - Samsung Electronics Co., Ltd.)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.12 - Samsung Electronics CO., LTD.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation)
Usenet.nl (HKLM-x32\...\Usenet.nl_is1) (Version: - )
View User's Guide (HKLM-x32\...\View User Guide) (Version: 4.0.0.6 - )
Visual MP3 Splitter & Joiner 8.2 (HKLM-x32\...\Visual MP3 Splitter & Joiner_is1) (Version: - ManiacTools.com)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VueScan x32 (HKLM-x32\...\VueScan x32) (Version: - )
VueScan x64 (HKLM\...\VueScan x64) (Version: - Hamrick Software)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - )
WinZip (HKLM-x32\...\WinZip) (Version: 8.1 (4331) - WinZip Computing, Inc.)
Zoom (HKU\S-1-5-21-1932689280-4281254901-3544119085-1001\...\ZoomUMX) (Version: 3.5 - Zoom Video Communications, Inc.)
Packages:
=========
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.140.300.0_x86__kgqvnymyfvs32 [2019-05-28] (king.com)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-05-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1611.2.0_x64__8wekyb3d8bbwe [2017-03-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1611.2.0_x86__8wekyb3d8bbwe [2017-03-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-08] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.30.10924.0_x64__8wekyb3d8bbwe [2019-04-04] (Microsoft Corporation) [MS Ad]
Microsoft Phone -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x64__8wekyb3d8bbwe [2018-09-08] (Microsoft Corporation)
Microsoft Phone Companion -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-02-13] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.3.4032.0_x86__8wekyb3d8bbwe [2019-04-10] (Microsoft Studios) [MS Ad]
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.29.10701.0_x64__8wekyb3d8bbwe [2019-03-21] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.28.3242.0_x64__8wekyb3d8bbwe [2018-12-14] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2016-07-20] (Samsung Electronics Co. Ltd.)
Sling TV -> C:\Program Files\WindowsApps\SlingTVLLC.SlingTV_7.0.8.0_x86__vgszm6stshdqy [2019-01-10] (Sling TV LLC)
Wi-Fi HotSpot Pro -> C:\Program Files\WindowsApps\17312MehtaMiraj.Wi-FiHotSpotPro_1.0.0.1_neutral__nz7hw4131k7d4 [2015-06-11] (Mehta Miraj)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1932689280-4281254901-3544119085-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [SkyDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}0
CustomCLSID: HKU\S-1-5-21-1932689280-4281254901-3544119085-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1932689280-4281254901-3544119085-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1932689280-4281254901-3544119085-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1932689280-4281254901-3544119085-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1932689280-4281254901-3544119085-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1932689280-4281254901-3544119085-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1932689280-4281254901-3544119085-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1932689280-4281254901-3544119085-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1932689280-4281254901-3544119085-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1932689280-4281254901-3544119085-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1932689280-4281254901-3544119085-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1932689280-4281254901-3544119085-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1932689280-4281254901-3544119085-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1932689280-4281254901-3544119085-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1932689280-4281254901-3544119085-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1932689280-4281254901-3544119085-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1932689280-4281254901-3544119085-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2018-03-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2018-03-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2018-03-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2018-03-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2018-03-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2018-03-13] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1-x32: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Temp\MagicISO\misosh.dll [2006-06-05] (MagicISO, Inc.) [File not signed]
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2003-05-15] () [File not signed]
ContextMenuHandlers1-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\WZSHLSTB.DLL [2001-11-27] (WinZip Computing, Inc.) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4-x32: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Temp\MagicISO\misosh.dll [2006-06-05] (MagicISO, Inc.) [File not signed]
ContextMenuHandlers4-x32: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2003-05-15] () [File not signed]
ContextMenuHandlers4-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\WZSHLSTB.DLL [2001-11-27] (WinZip Computing, Inc.) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-09-22] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6-x32: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Temp\MagicISO\misosh.dll [2006-06-05] (MagicISO, Inc.) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6-x32: [SxContextMenuPro] -> {AE0FB986-4A9D-45B5-B434-112DB79BF518} => C:\Program Files (x86)\mp3Tag Pro 8\tag_menu.dll [2008-12-23] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2003-05-15] () [File not signed]
ContextMenuHandlers6-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\WZSHLSTB.DLL [2001-11-27] (WinZip Computing, Inc.) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\User\AppData\Local\Microsoft\Windows\RoamingTiles\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe!FreeCell.lnk -> hxxp://schemas.microsoft.com/2003/10/Serialization/Arrays"><a:KeyValueOfstringstring><a:Key>gameType</a:Key><a:Value>FreeCell</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>forceStartFUE</a:Key><a:Value>False</a:Value></a:KeyValueOfstringstring></Arguments><DestinationType>Arkadium.Solitaire.MvvmStructure.View.Pages.PreloadGamePage</DestinationType></NavigationSettings
Shortcut: C:\Users\User\AppData\Local\Microsoft\Windows\RoamingTiles\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe!TriPeaks.lnk -> hxxp://schemas.microsoft.com/2003/10/Serialization/Arrays"><a:KeyValueOfstringstring><a:Key>gameType</a:Key><a:Value>TriPeaks</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>forceStartFUE</a:Key><a:Value>False</a:Value></a:KeyValueOfstringstring></Arguments><DestinationType>Arkadium.Solitaire.MvvmStructure.View.Pages.PreloadGamePage</DestinationType></NavigationSettings
Shortcut: C:\Users\User\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\FreeCell.lnk -> hxxp://schemas.microsoft.com/2003/10/Serialization/Arrays"><a:KeyValueOfstringstring><a:Key>gameType</a:Key><a:Value>FreeCell</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>forceStartFUE</a:Key><a:Value>False</a:Value></a:KeyValueOfstringstring></Arguments><DestinationType>Arkadium.Solitaire.MvvmStructure.View.Pages.PreloadGamePage</DestinationType></NavigationSettings
Shortcut: C:\Users\User\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\TriPeaks.lnk -> hxxp://schemas.microsoft.com/2003/10/Serialization/Arrays"><a:KeyValueOfstringstring><a:Key>gameType</a:Key><a:Value>TriPeaks</a:Value></a:KeyValueOfstringstring><a:KeyValueOfstringstring><a:Key>forceStartFUE</a:Key><a:Value>False</a:Value></a:KeyValueOfstringstring></Arguments><DestinationType>Arkadium.Solitaire.MvvmStructure.View.Pages.PreloadGamePage</DestinationType></NavigationSettings
ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl
==================== Loaded Modules (Whitelisted) ==============
2017-04-18 05:45 - 2017-04-18 05:45 - 000808960 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.Core.dll
2017-04-18 05:45 - 2017-04-18 05:45 - 001227264 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.Core.dll
2018-10-24 15:16 - 2018-10-24 15:16 - 000073216 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\FixBootSector.dll
2017-05-08 10:35 - 2017-05-08 10:35 - 000325632 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\GpsImgWrapper.dll
2017-04-09 23:49 - 2017-04-09 23:49 - 067109376 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libcef.dll
2017-04-09 23:49 - 2017-04-09 23:49 - 000079360 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libegl.dll
2017-04-09 23:49 - 2017-04-09 23:49 - 002246144 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libglesv2.dll
2013-07-24 16:01 - 2013-07-24 16:01 - 000033792 _____ () [File not signed] C:\Program Files (x86)\Scanner Mouse\DLL_OvtApi.dll
2013-06-18 13:37 - 2013-06-18 13:37 - 000027648 _____ () [File not signed] C:\Program Files (x86)\Scanner Mouse\DXCore.dll
2013-06-18 13:37 - 2013-06-18 13:37 - 001927680 _____ () [File not signed] C:\Program Files (x86)\Scanner Mouse\isam.dll
2013-06-18 13:37 - 2013-06-18 13:37 - 000153088 _____ () [File not signed] C:\Program Files (x86)\Scanner Mouse\libsvm.dll
2013-06-18 13:37 - 2013-06-18 13:37 - 000028160 _____ () [File not signed] C:\Program Files (x86)\Scanner Mouse\OVBaseIF.dll
2013-10-23 16:09 - 2013-10-23 16:09 - 001991168 _____ () [File not signed] C:\Program Files (x86)\Scanner Mouse\Scanner Mouse Monitoring.exe
2013-06-18 13:37 - 2013-06-18 13:37 - 000019968 _____ () [File not signed] C:\Program Files (x86)\Scanner Mouse\SCCBCore.dll
2013-10-23 16:05 - 2013-10-23 16:05 - 000096256 _____ () [File not signed] C:\Program Files (x86)\Scanner Mouse\XLogger.dll
2013-10-23 16:07 - 2013-10-23 16:07 - 001823232 _____ () [File not signed] C:\Program Files (x86)\Scanner Mouse\XOcr.dll
2013-10-23 16:08 - 2013-10-23 16:08 - 000064000 _____ () [File not signed] C:\Program Files (x86)\Scanner Mouse\XRegister.dll
2013-10-23 16:08 - 2013-10-23 16:08 - 001234944 _____ () [File not signed] C:\Program Files (x86)\Scanner Mouse\XSkin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000191488 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2014-09-08 13:38 - 2014-09-08 13:38 - 000051200 _____ () [File not signed] C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2015-07-01 16:03 - 2015-07-01 16:03 - 000348160 _____ () [File not signed] C:\Users\User\AppData\Local\Scanner Mouse\extensions\Evernote\Evernote.dll
2015-07-01 16:03 - 2015-07-01 16:03 - 000359936 _____ () [File not signed] C:\Users\User\AppData\Local\Scanner Mouse\extensions\GoogleTranslate\GoogleTranslate.dll
2015-07-01 16:03 - 2015-07-01 16:03 - 000179712 _____ () [File not signed] C:\Users\User\AppData\Local\Scanner Mouse\extensions\ShareFacebook\SharePlugin.dll
2015-07-01 16:03 - 2015-07-01 16:03 - 000179712 _____ () [File not signed] C:\Users\User\AppData\Local\Scanner Mouse\extensions\ShareFlickr\SharePlugin.dll
2015-07-01 16:03 - 2015-07-01 16:03 - 000179712 _____ () [File not signed] C:\Users\User\AppData\Local\Scanner Mouse\extensions\ShareTwitter\SharePlugin.dll
2015-07-01 16:03 - 2015-07-01 16:03 - 000101888 _____ () [File not signed] C:\Users\User\AppData\Local\Scanner Mouse\extensions\WinMail\WinMail.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 000732160 _____ (ABBYY Software Ltd.) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\barcode.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 000120832 _____ (ABBYY Software Ltd.) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\documentanalysis.barcodesfinder.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 000216064 _____ (ABBYY Software Ltd.) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\DocumentAnalysis.Objects.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 001259520 _____ (ABBYY Software Ltd.) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\documentanalysis.objectsextraction.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 000610304 _____ (ABBYY Software Ltd.) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\documentanalysis.pageservices.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 002971136 _____ (ABBYY Software Ltd.) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\documentanalysis.segmentation.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 000355328 _____ (ABBYY Software Ltd.) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\documentprocessing.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 000064000 _____ (ABBYY Software Ltd.) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\image.codec.abbyylossless.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 000048640 _____ (ABBYY Software Ltd.) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\image.codec.ccitt.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 000323072 _____ (ABBYY Software Ltd.) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\image.codec.jbig2.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 000148480 _____ (ABBYY Software Ltd.) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\image.codec.jpeg.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 000035840 _____ (ABBYY Software Ltd.) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\image.codec.lzw.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 000022528 _____ (ABBYY Software Ltd.) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\image.codec.packbits.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 000065536 _____ (ABBYY Software Ltd.) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\image.codec.zip.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 000131584 _____ (ABBYY Software Ltd.) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\image.format.bmp.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 000093696 _____ (ABBYY Software Ltd.) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\image.format.djvu.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 000115712 _____ (ABBYY Software Ltd.) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\image.format.gif.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 000044544 _____ (ABBYY Software Ltd.) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\image.format.jbig2.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 000182784 _____ (ABBYY Software Ltd.) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\image.format.jpeg.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 000296960 _____ (ABBYY Software Ltd.) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\image.format.jpeg2k.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 000147456 _____ (ABBYY Software Ltd.) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\image.format.pcx.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 001145344 _____ (ABBYY Software Ltd.) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\image.format.pdf.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 000245760 _____ (ABBYY Software Ltd.) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\image.format.png.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 000369152 _____ (ABBYY Software Ltd.) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\image.format.tiff.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 000483840 _____ (ABBYY Software Ltd.) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\image.format.wdp.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 000112128 _____ (ABBYY Software Ltd.) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\image.format.wic.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 001559040 _____ (ABBYY Software Ltd.) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\image.helper.djvu.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 003460608 _____ (ABBYY Software Ltd.) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\image.services.core.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 004498944 _____ (ABBYY Software Ltd.) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\LangInfo.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 003189248 _____ (ABBYY Software Ltd.) [File not signed] C:\Program Files (x86)\Scanner Mouse\extensions\Abbyy\LangInfoUnicode.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 000721408 _____ (ABBYY Software Ltd.) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\morphology.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 000705536 _____ (ABBYY Software Ltd.) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\nlcmorphology.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 000364544 _____ (ABBYY Software Ltd.) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\recognizer.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 027835904 _____ (ABBYY Software Ltd.) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\recpage.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 000120320 _____ (ABBYY Software Ltd.) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\regexp.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 000067584 _____ (ABBYY Software Ltd.) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\splrt.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 001475584 _____ (ABBYY Software Ltd.) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\synthesis.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 001280000 _____ (ABBYY Software Ltd.) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\textlayout.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 000153088 _____ (ABBYY) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\AbbyyZlib.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 001345024 _____ (ABBYY) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\Awl.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 000155136 _____ (ABBYY) [File not signed] c:\program files (x86)\scanner mouse\extensions\abbyy\FineNet.dll
2015-07-01 16:02 - 2015-07-01 16:02 - 000509952 _____ (ABBYY) [File not signed] C:\Program Files (x86)\Scanner Mouse\extensions\Abbyy\FineObj.dll
2018-10-24 15:16 - 2018-10-24 15:16 - 001976832 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Garmin\Express\XercesLib.dll
2015-06-28 11:47 - 2009-05-01 10:51 - 001069056 _____ (Cisco Systems, Inc.) [File not signed] C:\Program Files (x86)\MediatekWiFi\Common\CiscoEapFast.dll
2012-11-26 01:51 - 2012-11-26 01:51 - 000027136 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Scanner Mouse\plugins\imageformats\qgif4.dll
2012-11-26 01:51 - 2012-11-26 01:51 - 000029184 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Scanner Mouse\plugins\imageformats\qico4.dll
2012-11-26 01:51 - 2012-11-26 01:51 - 000197632 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Scanner Mouse\plugins\imageformats\qjpeg4.dll
2012-11-26 01:51 - 2012-11-26 01:51 - 000221184 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Scanner Mouse\plugins\imageformats\qmng4.dll
2012-11-26 01:51 - 2012-11-26 01:51 - 000022528 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Scanner Mouse\plugins\imageformats\qsvg4.dll
2012-11-26 01:51 - 2012-11-26 01:51 - 000285696 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Scanner Mouse\plugins\imageformats\qtiff4.dll
2012-12-11 11:37 - 2012-12-11 11:37 - 002559488 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Scanner Mouse\QtCore4.dll
2012-11-25 23:54 - 2012-11-25 23:54 - 008354816 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Scanner Mouse\QtGui4.dll
2012-11-25 23:46 - 2012-11-25 23:46 - 001024000 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Scanner Mouse\QtNetwork4.dll
2012-11-25 23:57 - 2012-11-25 23:57 - 000765440 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Scanner Mouse\QtOpenGL4.dll
2012-11-26 00:01 - 2012-11-26 00:01 - 000278016 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Scanner Mouse\QtSvg4.dll
2012-11-26 01:46 - 2012-11-26 01:46 - 012747264 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Scanner Mouse\QtWebKit4.dll
2012-11-25 23:46 - 2012-11-25 23:46 - 000342016 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Scanner Mouse\QtXml4.dll
2018-10-24 15:17 - 2018-10-24 15:17 - 000234496 _____ (Dynastream Innovations Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\ANT_WrappedLib.dll
2018-10-24 15:16 - 2018-10-24 15:16 - 002711552 _____ (Garmin International) [File not signed] C:\Program Files (x86)\Garmin\Express\legacyio.dll
2017-05-08 10:35 - 2017-05-08 10:35 - 000343552 _____ (Garmin International, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\IMG_GPSMAP.dll
2018-10-24 15:16 - 2018-10-24 15:16 - 000425472 _____ (Garmin) [File not signed] C:\Program Files (x86)\Garmin\Express\XMLdll.dll
2013-06-18 13:37 - 2013-06-18 13:37 - 000352256 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Scanner Mouse\ijl15.dll
2013-08-27 15:32 - 2013-08-27 15:32 - 000747520 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
2015-06-28 11:48 - 2014-08-01 10:42 - 015611024 _____ (MEDIATEK INC. -> Mediatek Inc.) [File not signed] C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe
2015-01-05 06:13 - 2015-01-05 06:13 - 000123904 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Easy Printer Manager\SmartScreenPrint\CDAKEYMonitor64.dll
2018-10-24 15:16 - 2018-10-24 15:16 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\DSI_SiUSBXp_3_1.DLL
2017-04-18 05:45 - 2017-04-18 05:45 - 000008192 _____ (The CefSharp Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe
2017-04-09 23:49 - 2017-04-09 23:49 - 000434176 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\chrome_elf.dll
2013-06-18 13:37 - 2013-06-18 13:37 - 001299456 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Scanner Mouse\LIBEAY32.dll
2013-06-18 13:37 - 2013-06-18 13:37 - 000266240 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Scanner Mouse\ssleay32.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1932689280-4281254901-3544119085-1001\...\sharepoint.com -> hxxps://safebuilt-files.sharepoint.com
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 07:25 - 2015-02-04 18:08 - 000000979 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
2015-06-28 12:05 - 2017-09-28 19:32 - 000000435 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 User-PC.mshome.net # 2022 9 3 28 1 32 13 448
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Pleora;C:\Program Files\Common Files\Pleora\eBUS SDK;C:\Program Files (x86)\Common Files\Pleora;C:\Program Files (x86)\Common Files\Pleora\eBUS SDK;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1932689280-4281254901-3544119085-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\Services: AdaptiveSleepService => 2
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKU\S-1-5-21-1932689280-4281254901-3544119085-1001\...\StartupApproved\Run: => "OutfoxTV"
HKU\S-1-5-21-1932689280-4281254901-3544119085-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-1932689280-4281254901-3544119085-1001\...\StartupApproved\Run: => "OfficeSyncProcess"
HKU\S-1-5-21-1932689280-4281254901-3544119085-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-1932689280-4281254901-3544119085-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_BCEA24321E5E4F1401136BBEDFB545FE"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{CCA615FB-2189-42C1-B665-C09265AA309B}C:\programdata\sling\sling.exe] => (Allow) C:\programdata\sling\sling.exe () [File not signed]
FirewallRules: [TCP Query User{6767891F-B9D6-4EDD-8FBB-4E82AFA0EA41}C:\programdata\sling\sling.exe] => (Allow) C:\programdata\sling\sling.exe () [File not signed]
FirewallRules: [{927247ED-2C10-4794-B4A0-12B9F73105B0}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{43AE19D3-4C73-4899-810A-3353362B1151}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2E00ECD9-C191-443D-B531-A06E1ACB4D6D}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B2465CAF-7F64-4525-9F4E-D66C40F2E659}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0DB66829-2440-4F36-BC34-F6A9E7914E9A}] => (Allow) C:\Program Files (x86)\MediatekWiFi\Common\ApUI.exe (MEDIATEK INC. -> Mediatek Inc.) [File not signed]
FirewallRules: [{CB81070D-C874-42DF-827F-30706D1FC4EC}] => (Allow) C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe (MEDIATEK INC. -> Mediatek Inc.) [File not signed]
FirewallRules: [{80FDDDEB-980C-4E6D-975C-B460CBC0B4C1}] => (Allow) C:\Program Files (x86)\MediatekWiFi\Common\RaMediaServer.exe (Ralink) [File not signed]
FirewallRules: [{E8A5ABC8-0727-4C1F-868B-D5AB99C3F866}] => (Allow) C:\Program Files (x86)\MediatekWiFi\Common\RaMediaServer.exe (Ralink) [File not signed]
FirewallRules: [UDP Query User{F839F587-3A4A-4D89-9E9F-B1DD960B2560}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe No File
FirewallRules: [TCP Query User{08656AE4-AB01-4A22-890C-EA578360C5AB}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe No File
FirewallRules: [UDP Query User{D1CB9E86-5099-40E7-B4DB-AB18FCDD9EB0}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{4D02E63E-83F4-43A0-B233-352D6C7BA20D}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B92EE11F-7CAE-4AED-B373-EC8475C91DFD}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{8F535720-0C9E-468B-BC02-5BB2F27FA0BD}C:\temp\parallel password recovery\run_server.exe] => (Allow) C:\temp\parallel password recovery\run_server.exe No File
FirewallRules: [UDP Query User{A794A450-AE0A-4BB7-85C4-FA9711505B1A}C:\temp\parallel password recovery\run_server.exe] => (Allow) C:\temp\parallel password recovery\run_server.exe No File
FirewallRules: [{38B6D236-418A-45A1-82A7-7C9AE7D38D7B}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{40C4A31E-3F1B-49C7-8DAA-89D34C255510}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EasyPrinterManagerV2.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{0D6D2DFF-7F08-4ED1-9D3B-064E739A0498}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe (Samsung Electronics CO., LTD. -> Samsung Electronics)
FirewallRules: [{98DC9343-0E70-4DC3-9A1B-1071C1F21650}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2AlertList.exe (Samsung Electronics CO., LTD. -> Samsung Electronics)
FirewallRules: [{9C6AAB6F-4EA6-44AC-A254-E6ECF4F5927E}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2Migrator.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{4CE28300-654C-4A12-A726-5A4680767457}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{EDC18D06-DB72-4B37-869F-DAE41088EBA0}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{EF9A55E8-B4CE-47C7-B411-CFFEB21DA140}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{D4474D29-632E-4969-92A8-4EB565EA25B2}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{016CE866-FC44-4962-B651-039FC6AA1E13}] => (Allow) C:\Users\User\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{719E1A3A-8688-4C70-8BC8-36DCDA95CDF1}] => (Allow) C:\Users\User\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{2F01C4E9-7834-47D5-9DF9-5A14AC21D043}] => (Allow) C:\Users\User\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E2A81010-4949-44EA-BADF-612D6527ADB0}] => (Allow) C:\Users\User\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{3A032663-2B50-4E87-8B18-3823DA26E929}] => (Allow) C:\Users\User\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{990B7CA3-92E5-4A95-A01F-E7BD91CFF687}] => (Allow) C:\Users\User\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{4F05E9B2-1BEB-4FD1-B16B-54F1F52DC4C4}C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe] => (Allow) C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [UDP Query User{A443DD5B-74FB-48C9-BD2D-A00D37FB5EFD}C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe] => (Allow) C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [TCP Query User{186A9EC7-EE92-4DD1-AE52-DD7A60DDF36B}C:\dfs\dfs_shop\djiarena\binaries\win64\djiarena-win64-shipping.exe] => (Allow) C:\dfs\dfs_shop\djiarena\binaries\win64\djiarena-win64-shipping.exe (DJI) [File not signed]
FirewallRules: [UDP Query User{CD2683C2-C3DB-4A30-B62B-115430264ED1}C:\dfs\dfs_shop\djiarena\binaries\win64\djiarena-win64-shipping.exe] => (Allow) C:\dfs\dfs_shop\djiarena\binaries\win64\djiarena-win64-shipping.exe (DJI) [File not signed]
FirewallRules: [TCP Query User{9FF22511-F08E-420B-9879-3B5B5BE14353}C:\program files (x86)\dji product\dji assistant 2\assistant\root.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2\assistant\root.exe (SZ DJI Technology Co., Ltd -> DJI) [File not signed]
FirewallRules: [UDP Query User{A4CAB980-0ED8-4429-B7A4-BD44DAB0D8C5}C:\program files (x86)\dji product\dji assistant 2\assistant\root.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2\assistant\root.exe (SZ DJI Technology Co., Ltd -> DJI) [File not signed]
FirewallRules: [TCP Query User{09C08ECB-114B-4E6A-8516-AC97721FE537}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe No File
FirewallRules: [UDP Query User{F2DF69E4-9487-4CCE-B5D1-99EE4430CF12}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe No File
FirewallRules: [TCP Query User{1B80E82B-0F9B-47D1-A9B4-E58A4301609E}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe No File
FirewallRules: [UDP Query User{890E4D2A-DB9A-4DD0-AEB5-165BF8400A1A}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe No File
FirewallRules: [TCP Query User{F5CAD0FC-9E62-40D3-BA83-0238FFB14EB4}C:\program files (x86)\dji product\dji assistant 2\assistant\visionstarter.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2\assistant\visionstarter.exe (SZ DJI Technology Co., Ltd -> ) [File not signed]
FirewallRules: [UDP Query User{ECB5D1EA-D8B2-4523-B3BD-7B44F9AC6D72}C:\program files (x86)\dji product\dji assistant 2\assistant\visionstarter.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2\assistant\visionstarter.exe (SZ DJI Technology Co., Ltd -> ) [File not signed]
FirewallRules: [{3ECCBE60-055D-441C-9828-D44A7B61CF2D}] => (Block) C:\program files (x86)\dji product\dji assistant 2\assistant\visionstarter.exe (SZ DJI Technology Co., Ltd -> ) [File not signed]
FirewallRules: [{5CFE17BC-B7B3-478D-85B5-445F2404986F}] => (Block) C:\program files (x86)\dji product\dji assistant 2\assistant\visionstarter.exe (SZ DJI Technology Co., Ltd -> ) [File not signed]
FirewallRules: [{98196D48-7711-4F4D-9614-D4C84B554BF5}] => (Allow) C:\Program Files\VueScan\vuescan.exe (Hamrick Software -> Hamrick Software)
FirewallRules: [{2D16830F-75EC-43DE-9727-BBEF5E662348}] => (Allow) C:\Program Files\VueScan\vuescan.exe (Hamrick Software -> Hamrick Software)
FirewallRules: [{DE83882B-FD10-4839-99B9-076B35217355}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\74.0.3729.56\remoting_host.exe (Google LLC -> Google Inc.)
FirewallRules: [{DE9D677D-76B0-4316-877B-6B38C317677B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{698A29CA-D656-4A0E-B8F9-C2AB7A003868}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{18C591A3-92FF-4914-85A1-083907CD364A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C2ABA271-EF10-4598-91DB-6E1E2626A43D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DFDD7EF7-B94A-4701-8962-88375870BCCE}] => (Allow) C:\Program Files\Pleora Technologies Inc\Binaries\Coyote64.exe (Pleora Technologies Inc) [File not signed]
FirewallRules: [{687E4334-6395-47ED-8B23-014E6C569664}] => (Allow) C:\Program Files\Pleora Technologies Inc\Binaries\eBUSPlayer64.exe (Pleora Technologies Inc -> Pleora Technologies Inc.)
FirewallRules: [{2DFF3183-1D1F-49B0-A940-A05529C23310}] => (Allow) C:\ProgramData\FLIR Systems\FLIR Tools\Updates\FLIR Tools Updater.exe (FLIR Systems AB -> FLIR Systems)
FirewallRules: [{CBB1182E-14DB-438E-B3E0-478566A17008}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
01-06-2019 13:37:32 Scheduled Checkpoint
10-06-2019 19:02:10 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/25/2019 05:32:28 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\Pleora Technologies Inc\Binaries\Coyote64.exe".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (04/25/2019 12:31:18 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\Pleora Technologies Inc\Binaries\Coyote64.exe".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (04/20/2019 11:51:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FLIR Tools.exe, version: 6.4.18039.1003, time stamp: 0x5a7c393f
Faulting module name: KERNELBASE.dll, version: 10.0.17134.556, time stamp: 0xadca2670
Exception code: 0xe0434352
Fault offset: 0x001118a2
Faulting process id: 0x2668
Faulting application start time: 0x01d4f7a1ac668f45
Faulting application path: C:\Program Files (x86)\FLIR Systems\FLIR Tools\bin\FLIR Tools.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 7a23c136-fccc-4bb4-b5f8-194157371758
Faulting package full name:
Faulting package-relative application ID:
Error: (04/20/2019 11:51:28 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: FLIR Tools.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Runtime.Remoting.RemotingException
Server stack trace:
at System.Runtime.Remoting.Channels.Ipc.IpcPort.Connect(String portName, Boolean secure, TokenImpersonationLevel impersonationLevel, Int32 timeout)
at System.Runtime.Remoting.Channels.Ipc.ConnectionCache.GetConnection(String portName, Boolean secure, TokenImpersonationLevel level, Int32 timeout)
at System.Runtime.Remoting.Channels.Ipc.IpcClientTransportSink.ProcessMessage(IMessage msg, ITransportHeaders requestHeaders, Stream requestStream, ITransportHeaders& responseHeaders, Stream& responseStream)
at System.Runtime.Remoting.Channels.BinaryClientFormatterSink.SyncProcessMessage(IMessage msg)
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(System.Runtime.Remoting.Proxies.MessageData ByRef, Int32)
at Flir.Tools.Configuration.InstanceProxy.ᜀ(Boolean, System.String[])
at ᜁ.ᜁ(System.String)
at ᜁ.ᜀ(System.String, System.EventHandler`1<ᜅ>)
at ᜊ.ᜃ()
Error: (04/20/2019 11:50:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FLIR Tools.exe, version: 6.4.18039.1003, time stamp: 0x5a7c393f
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x02913e21
Faulting process id: 0x1ef8
Faulting application start time: 0x01d4f7a13a9375f6
Faulting application path: C:\Program Files (x86)\FLIR Systems\FLIR Tools\bin\FLIR Tools.exe
Faulting module path: unknown
Report Id: 7ede84cb-fb90-41bb-88a9-3f82e4079e43
Faulting package full name:
Faulting package-relative application ID:
Error: (04/20/2019 11:50:05 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: FLIR Tools.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
at ᜄ.ᜀ(System.Object, ᜅ)
at ᜁ.ᜀ(System.Object, Boolean)
at System.Threading._ThreadPoolWaitOrTimerCallback.WaitOrTimerCallback_Context(System.Object, Boolean)
at System.Threading._ThreadPoolWaitOrTimerCallback.WaitOrTimerCallback_Context_f(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading._ThreadPoolWaitOrTimerCallback.PerformWaitOrTimerCallback(System.Object, Boolean)
Error: (04/20/2019 11:47:25 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\Pleora Technologies Inc\Binaries\Coyote64.exe".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (04/20/2019 11:43:07 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\Pleora Technologies Inc\Binaries\Coyote64.exe".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762" could not be found.
Please use sxstrace.exe for detailed diagnosis.
System errors:
=============
Error: (06/17/2019 08:33:51 PM) (Source: DCOM) (EventID: 10016) (User: USER-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user User-PC\User SID (S-1-5-21-1932689280-4281254901-3544119085-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/17/2019 08:07:25 PM) (Source: DCOM) (EventID: 10016) (User: USER-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user User-PC\User SID (S-1-5-21-1932689280-4281254901-3544119085-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/17/2019 04:48:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/17/2019 04:34:38 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/17/2019 04:33:23 PM) (Source: DCOM) (EventID: 10016) (User: USER-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user User-PC\User SID (S-1-5-21-1932689280-4281254901-3544119085-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/17/2019 05:46:52 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/17/2019 05:44:52 AM) (Source: DCOM) (EventID: 10016) (User: USER-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user User-PC\User SID (S-1-5-21-1932689280-4281254901-3544119085-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/16/2019 10:53:26 PM) (Source: DCOM) (EventID: 10016) (User: USER-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
and APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
to the user User-PC\User SID (S-1-5-21-1932689280-4281254901-3544119085-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
CodeIntegrity:
===================================
Date: 2019-06-17 20:37:03.265
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2019-06-17 20:37:03.262
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2019-06-17 20:22:01.624
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2019-06-17 20:22:01.622
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2019-06-17 20:20:36.426
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2019-06-17 20:20:36.424
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2019-06-17 20:20:24.498
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-06-17 20:20:24.495
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F15 10/23/2013
Motherboard: Gigabyte Technology Co., Ltd. B75M-D3H
Processor: Intel® Core i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 46%
Total physical RAM: 8137.71 MB
Available physical RAM: 4376.74 MB
Total Virtual: 9417.71 MB
Available Virtual: 4932.99 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:464.98 GB) (Free:289.12 GB) NTFS
\\?\Volume{1f47c931-c09b-11e3-824c-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.09 GB) NTFS
\\?\Volume{902576c9-0000-0000-0000-905474000000}\ () (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 902576C9)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
==================== End of Addition.txt ============================