My computer is running really slow and I'm not sure if it is malware on a dying hard drive. Google chrome is unusable. I have to use firefox. Start up takes a long time and sometime the log in screen doesn't appear. I also got a "Restart to repair drive errors" yesterday. Window defender say "intel dynamic platform and thermal framework manager has a driver problem"
Here are the FRST scan reports as requested:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 3-07-2019
Ran by Emurock (administrator) on STEVE (Hewlett-Packard HP Pavilion Notebook) (04-07-2019 22:38:30)
Running from C:\Users\Emurock\Desktop
Loaded Profiles: Emurock (Available Profiles: Emurock & defaultuser1)
Platform: Windows 10 Home Version 1803 17134.829 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
() [File not signed] C:\Program Files\WindowsApps\AudibleInc.AudibleforWindowsPhone_10.5.54.0_x64__xns73kv1ymhp2\AudibleRT.WindowsPhone.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19041.16510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\TrayTipAgentE.exe
(CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Cyberlink\YouCam\YouCamService.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\75.4.141\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\75.4.141\QtWebEngineProcess.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel® pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel® Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel® Wireless Display -> Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Emurock\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.48.51.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Softex Inc.) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.17.3.50\NortonSecurity.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.17.3.50\NortonSecurity.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.17.3.50\nsWscSvc.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Windscribe Limited -> Windscribe Limited) C:\Program Files (x86)\Windscribe\Windscribe.exe
(Windscribe Limited -> Windscribe Limited) C:\Program Files (x86)\Windscribe\WindscribeService.exe
(Windscribe Limited -> Windscribe Limited) C:\Program Files (x86)\Windscribe\wsappcontrol.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8459480 2015-03-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [653576 2015-06-28] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [5580608 2019-06-24] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [EaseUS EPM Tray Agent] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\TrayTipAgentE.exe [255072 2014-11-18] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-384623095-3799959169-1529214809-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3148576 2019-06-18] (Valve -> Valve Corporation)
HKU\S-1-5-21-384623095-3799959169-1529214809-1001\...\Run: [GoogleChromeAutoLaunch_DAC040A48BAD94831ACF1B46AFDBF9B9] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1555952 2019-06-18] (Google LLC -> Google LLC)
HKU\S-1-5-21-384623095-3799959169-1529214809-1001\...\Run: [Windscribe] => C:\Program Files (x86)\Windscribe\Windscribe.exe [10106544 2019-01-19] (Windscribe Limited -> Windscribe Limited)
HKU\S-1-5-21-384623095-3799959169-1529214809-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3114256 2019-06-29] (Electronic Arts, Inc. -> Electronic Arts)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-20] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> c:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2015-02-11] (CyberLink Corp. -> CyberLink)
HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2015-03-05] (Softex Inc..) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2015-03-05] (Softex Inc..) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2019-06-19]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine\Vpn.exe (AVAST Software s.r.o. -> AVAST Software)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {006656F5-539A-4985-9CE7-F70D3DD0DC43} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {02296781-EA85-4A69-9063-15245A917544} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.17.3.50\WSCStub.exe [2225296 2019-06-20] (Symantec Corporation -> Symantec Corporation)
Task: {070314DB-04F0-4955-8123-6317BA1CAF27} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {0CA7691D-91C5-414B-9813-A6ED5F78167C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {17C2033B-5FE9-467E-8AEF-1C068A0C9F53} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [654712 2019-06-05] (HP Inc. -> HP Inc.)
Task: {1E2C9A91-8CD4-40AB-AA5D-E5711BAD4FB9} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {213CCE96-786B-4EBD-AA98-8F7953826195} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {21F1A020-3F0E-4E3E-B0A3-D2328F4F01FE} - System32\Tasks\HPCeeScheduleForEmurock => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [96568 2015-06-15] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {22FDED36-949D-48C1-A991-77E6C99B16A5} - System32\Tasks\Norton 360\Norton 360 Error Analyzer => C:\Program Files\Norton Security\Engine\22.17.3.50\SymErr.exe [101392 2019-06-20] (Symantec Corporation -> Symantec Corporation)
Task: {2F30DABE-4C66-4F00-8C1A-838EB155FFA7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [654712 2019-06-05] (HP Inc. -> HP Inc.)
Task: {32BD4982-A9EF-4364-9FD3-67A1E8B23826} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1073528 2019-04-02] (HP Inc. -> HP Inc.)
Task: {32D5CD2E-CD3A-4761-97EA-759CD399C5FD} - System32\Tasks\{99130FBC-3E52-4890-B3EB-5B7AAEB49639} => C:\WINDOWS\system32\pcalua.exe -a E:\DIAG.EXE -d E:\
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3E6D89C9-DFF4-4363-BE33-7DC44760B494} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {3EE30319-A82D-4F2A-B2F2-6D03344004D0} - System32\Tasks\Avast SecureLine => C:\Program Files\AVAST Software\SecureLine\SecureLine.exe [3438680 2016-05-23] (AVAST Software a.s. -> AVAST Software)
Task: {503065E3-7EE7-4005-82E7-B5C93F021EC5} - System32\Tasks\Start SimplePass => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [4716280 2015-01-30] (Softex Incorporated -> Hewlett-Packard)
Task: {5A3B3E10-DE02-45EF-A508-99C7AB29467D} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-01] (Dropbox, Inc -> Dropbox, Inc.)
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [33280 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
Task: {5E617D5B-B9E3-44CB-BB49-31F8D7DA0B08} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_pepper.exe [1452600 2019-06-22] (Adobe Inc. -> Adobe)
Task: {5EAD179F-F389-4C87-BE8F-243222585F98} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136056 2019-01-02] (HP Inc. -> HP Inc.)
Task: {694B11D5-A9A7-480C-9F91-56C377411DB6} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-01] (Dropbox, Inc -> Dropbox, Inc.)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {6EA2547C-38DC-4472-9A16-0B9E002F9B3B} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [484208 2015-01-15] (Dropbox, Inc -> )
Task: {744E26B2-9DA2-4035-A55E-13845A13D489} - System32\Tasks\Norton 360\Norton 360 Autofix => C:\Program Files\Norton Security\Engine\22.17.3.50\SymErr.exe [101392 2019-06-20] (Symantec Corporation -> Symantec Corporation)
Task: {79A5D302-8E02-4046-A728-28806829F06F} - System32\Tasks\Norton 360\Norton 360 Error Processor => C:\Program Files\Norton Security\Engine\22.17.3.50\SymErr.exe [101392 2019-06-20] (Symantec Corporation -> Symantec Corporation)
Task: {851A9F3A-0BD2-4CBE-9FA7-9F1CDFCB2EA6} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1354552 2014-05-19] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {87BAD914-AA99-420A-BF8C-586E2AFF89F8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {9EB382F1-AD2D-4FC8-AA2A-C88DEEB5BD30} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [237432 2019-04-29] (HP Inc. -> HP Inc.)
Task: {9FC69B07-293A-4EE4-AABB-FD9C673A1EDC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {A25D2A3B-2DD7-48E0-8821-08AC49FDD321} - System32\Tasks\Start OPBHOBrokerDesktop => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [506104 2015-01-30] (Softex Incorporated -> Hewlett-Packard)
Task: {ADE23AFD-C6D0-4378-877B-1E3B02EA7FA2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {AE8BC2BE-D645-41F8-AB95-ECC80B769EA1} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-06-22] (Adobe Inc. -> Adobe)
Task: {B40A21EB-5F27-4BD8-ABD6-DEA3B63978C6} - System32\Tasks\Avast SecureLine VPN Update => c:\program files\avast software\secureline\vpnupdate.exe [1392008 2019-07-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {B84DFBD3-661F-47D2-8249-FB3B5936BDCB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {B93190D5-0D49-4851-9CA2-1801366B4B93} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_Plugin.exe [1457208 2019-06-12] (Adobe Inc. -> Adobe)
Task: {BEB15D4D-D81A-4936-81EC-57CFA1166CF3} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe
Task: {C3A25075-45BD-4D13-BA12-C0312CE91811} - System32\Tasks\YCMServiceAgent => c:\Program Files (x86)\Cyberlink\YouCam\YouCamService.exe [267224 2015-02-11] (CyberLink Corp. -> CyberLink Corp.)
Task: {C60D3706-5323-4D2D-9C99-FE035A04EA03} - \WPD\SqmUpload_S-1-5-21-384623095-3799959169-1529214809-1001 -> No File <==== ATTENTION
Task: {C8F18A6B-9D2B-43D3-8731-C2CC92ECE7C5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Restart => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {CB045B7C-325D-40D0-A13D-EC403B96253E} - System32\Tasks\Start OPBHOBroker => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [506104 2015-01-30] (Softex Incorporated -> Hewlett-Packard)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {DB7AF872-8607-4E32-B539-AE0F47C354E8} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {E9CDF3F3-0C96-415F-8EAB-2FFDD2FB35E3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1073528 2019-04-02] (HP Inc. -> HP Inc.)
Task: {EA2103F6-D6BB-4A89-850D-63876BEB494C} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360\Upgrade.exe [2225296 2019-06-20] (Symantec Corporation -> Symantec Corporation)
Task: {FA489C1A-5C5E-4D78-A311-B3D3976DFC9C} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2016-11-07] (HP Inc. -> HP Inc.)
Task: {FFDF8C5B-00D9-48FB-9EA3-088A44DFE837} - \Optimize Start Menu Cache Files-S-1-5-21-384623095-3799959169-1529214809-1001 -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForEmurock.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 185.236.200.18 us-west-005.whiskergalaxy.com #added by Windscribe, do not modify.
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{2c2de15d-2473-4845-adc7-41fec9a21a81}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{4c81a756-2bac-4f75-9f9c-47b9f71dd20f}: [DhcpNameServer] 172.18.10.1
Tcpip\..\Interfaces\{567ce079-df58-4fcd-822b-e3ee610d7ebd}: [DhcpNameServer] 172.18.13.1
Tcpip\..\Interfaces\{bc97a955-b5f8-437a-95c2-55fb45c065a4}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{bc97a955-b5f8-437a-95c2-55fb45c065a4}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{bd65d49a-262e-4287-b6a4-2a18dd115926}: [DhcpNameServer] 172.18.11.1
Tcpip\..\Interfaces\{c232652c-40d5-40cd-97df-143c0c50445b}: [DhcpNameServer] 172.18.12.1
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp13.msn.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp13.msn.com
HKU\S-1-5-21-384623095-3799959169-1529214809-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp13.msn.com/
HKU\S-1-5-21-384623095-3799959169-1529214809-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp13.msn.com
SearchScopes: HKLM-x32 -> {565494A1-0719-4E63-B309-89EC5A876116} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-384623095-3799959169-1529214809-1001 -> {565494A1-0719-4E63-B309-89EC5A876116} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-384623095-3799959169-1529214809-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NGC&chn=retail&geo=GB&ver=22.16.2.22&locale=en_GB&guid=7391C005-C5F8-4042-8199-6E3E75DA9C94&doi=2016-09-01&gct=kwd&qsrc=2869
BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.17.3.50\coIEPlg.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (Hewlett-Packard Company -> HP Inc.)
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.17.3.50\coIEPlg.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-12-17] (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (Hewlett-Packard Company -> HP Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.17.3.50\coIEPlg.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.17.3.50\coIEPlg.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
FireFox:
========
FF DefaultProfile: a6goelee.default-1499629060257
FF ProfilePath: C:\Users\Emurock\AppData\Roaming\Mozilla\Firefox\Profiles\a6goelee.default-1499629060257 [2019-07-04]
FF Extension: (ETP Search Volume Study) - C:\Users\Emurock\AppData\Roaming\Mozilla\Firefox\Profiles\a6goelee.default-1499629060257\Extensions\[email protected] [2019-07-02]
FF Extension: (AdBlock) - C:\Users\Emurock\AppData\Roaming\Mozilla\Firefox\Profiles\a6goelee.default-1499629060257\Extensions\[email protected] [2019-06-22]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt
FF Extension: (HP SimplePass) - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt [2015-04-29] [Legacy] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_207.dll [2019-06-12] (Adobe Inc. -> )
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_207.dll [2019-06-12] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-05] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-11-10] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-11-10] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] (WildTangent Inc -> )
FF Plugin HKU\.DEFAULT: @hola.org/FlashPlayer -> C:\Users\Emurock\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [2016-04-05] (Adobe Systems Incorporated -> )
FF Plugin HKU\.DEFAULT: @hola.org/vlc -> C:\Users\Emurock\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [2016-04-05] (Hola) [File not signed]
FF Plugin HKU\S-1-5-21-384623095-3799959169-1529214809-1001: @hola.org/FlashPlayer -> C:\Users\Emurock\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [2016-04-05] (Adobe Systems Incorporated -> )
FF Plugin HKU\S-1-5-21-384623095-3799959169-1529214809-1001: @hola.org/vlc -> C:\Users\Emurock\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [2016-04-05] (Hola) [File not signed]
Chrome:
=======
CHR Profile: C:\Users\Emurock\AppData\Local\Google\Chrome\User Data\Default [2019-07-04]
CHR Extension: (Slides) - C:\Users\Emurock\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Norton Password Manager) - C:\Users\Emurock\AppData\Local\Google\Chrome\User Data\Default\Extensions\admmjipmmciaobhojoghlmleefbicajg [2019-06-18]
CHR Extension: (Docs) - C:\Users\Emurock\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Emurock\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-30]
CHR Extension: (YouTube) - C:\Users\Emurock\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\Emurock\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Sheets) - C:\Users\Emurock\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Norton Safe Web) - C:\Users\Emurock\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2019-06-13]
CHR Extension: (Google Docs Offline) - C:\Users\Emurock\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-29]
CHR Extension: (AdBlock) - C:\Users\Emurock\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-05-31]
CHR Extension: (Windscribe - Free VPN and Ad Blocker) - C:\Users\Emurock\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2018-11-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Emurock\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-11]
CHR Extension: (TunnelBear VPN) - C:\Users\Emurock\AppData\Local\Google\Chrome\User Data\Default\Extensions\omdakjcmkglenbhjadbccaookpfjihpa [2019-04-04]
CHR Extension: (Gmail) - C:\Users\Emurock\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-04]
CHR Extension: (Chrome Media Router) - C:\Users\Emurock\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-20]
CHR Profile: C:\Users\Emurock\AppData\Local\Google\Chrome\User Data\System Profile [2018-12-31]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-01] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-01] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-06-24] (Dropbox, Inc -> Dropbox, Inc.)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1037568 2015-03-04] (Intel® Software -> Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [347200 2015-02-09] (WildTangent Inc -> WildTangent)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [356728 2019-06-12] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [602888 2015-06-29] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [184064 2017-03-09] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373720 2017-01-13] (Intel® pGFX -> Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel® Trusted Connect Service -> Intel® Corporation)
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [395744 2015-01-14] (Intel® Wireless Display -> Intel)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [158496 2014-11-10] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [310880 2018-09-05] (Intel Corporation -> )
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.17.3.50\NortonSecurity.exe [225608 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.17.3.50\nsWscSvc.exe [933200 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [103424 2015-01-30] (Softex Inc.) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2329392 2019-06-29] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3203888 2019-06-29] (Electronic Arts, Inc. -> Electronic Arts)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [293080 2015-03-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
S2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [7343496 2019-07-03] (AVAST Software s.r.o. -> AVAST Software)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11814232 2019-06-05] (TeamViewer GmbH -> TeamViewer GmbH)
S2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe [120440 2018-09-11] (TunnelBear -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [493232 2019-01-19] (Windscribe Limited -> Windscribe Limited)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4059744 2018-09-05] (Intel Corporation -> Intel® Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [55696 2018-08-31] (HP Inc. -> HP)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.17.1.50\Definitions\BASHDefs\20190702.004\BHDrvx64.sys [1935880 2019-06-19] (Symantec Corporation -> Symantec Corporation)
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\ccSetx64.sys [192704 2019-06-20] (Symantec Corporation -> Symantec Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [38720 2015-03-04] (Intel® Software -> Intel Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [515592 2019-06-06] (Symantec Corporation -> Symantec Corporation)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [33448 2016-12-07] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R3 EraserUtilDrv11822; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11822.sys [153096 2019-07-04] (Symantec Corporation -> Symantec Corporation)
S3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [216360 2015-03-04] (Intel® Software -> Intel Corporation)
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2016-07-11] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [42384 2018-08-31] (HP Inc. -> HP)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230656 2017-03-09] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.17.1.50\Definitions\IPSDefs\20190703.061\IDSvia64.sys [1441800 2019-05-10] (Symantec Corporation -> Symantec Corporation)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [79528 2014-12-22] (Intel® Software -> Intel Corporation)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [129312 2014-11-10] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 NETwNb64; C:\WINDOWS\system32\DRIVERS\Netwbw02.sys [3595472 2018-10-12] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [33448 2015-02-13] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [55384 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\SRTSP64.SYS [864776 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\SRTSPX64.SYS [49672 2019-06-20] (Symantec Corporation -> Symantec Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\SYMEFASI64.SYS [1998552 2019-06-20] (Symantec Corporation -> Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\SymELAM.sys [25744 2019-06-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [99848 2019-05-10] (Symantec Corporation -> Symantec Corporation)
S4 SymEvnt; C:\Program Files\Norton Security\NortonData\22.17.1.50\SymPlatform\SymEvnt.sys [712200 2019-06-07] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\Ironx64.SYS [315912 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\symnets.sys [573448 2019-06-20] (Symantec Corporation -> Symantec Corporation)
R3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2016-09-21] (TunnelBear, Inc. -> The OpenVPN Project)
R3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-07-13] (Windscribe Limited -> The OpenVPN Project)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [212056 2015-01-14] (Intel® Wireless Display -> Windows ® Win 7 DDK provider)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [22016 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)
S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1611030.032\wpCtrlDrv.sys [1012120 2019-06-20] (Symantec Corporation -> Symantec Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-04 22:38 - 2019-07-04 22:42 - 000044070 _____ C:\Users\Emurock\Desktop\FRST.txt
2019-07-04 22:37 - 2019-07-04 22:38 - 000000000 ____D C:\FRST
2019-07-04 22:33 - 2019-07-04 22:34 - 002420224 _____ (Farbar) C:\Users\Emurock\Desktop\FRST64.exe
2019-07-04 21:02 - 2019-07-04 21:02 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2019-07-04 02:52 - 2019-07-04 02:52 - 000000000 _____ C:\WINDOWS\system32\Drivers\etc\hosts.tmp
2019-07-04 01:50 - 2019-07-04 01:51 - 001398296 _____ C:\Users\Emurock\Documents\bookmarks_04_07_2019.html
2019-07-03 23:57 - 2019-07-03 23:57 - 000000000 ____D C:\Users\Emurock\AppData\Roaming\Google
2019-07-03 23:47 - 2019-07-03 23:47 - 000000000 __SHD C:\found.000
2019-07-03 01:04 - 2019-07-03 01:04 - 000000000 ___HD C:\OneDriveTemp
2019-07-02 22:18 - 2019-07-02 22:18 - 000000080 ___SH C:\bootTel.dat
2019-07-02 04:07 - 2019-07-04 20:50 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton 360
2019-07-02 03:51 - 2019-07-02 03:51 - 000003376 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2019-07-02 03:50 - 2019-07-02 04:09 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2019-07-01 23:26 - 2019-07-01 23:26 - 000000000 ____D C:\Users\Emurock\AppData\Local\2K
2019-06-30 00:15 - 2019-06-30 00:16 - 000000000 ____D C:\Users\Emurock\Downloads\Chernobyl
2019-06-29 23:52 - 2019-06-30 00:20 - 000000000 ____D C:\Users\Emurock\Downloads\other stuff
2019-06-29 23:06 - 2019-06-29 23:06 - 000090237 _____ C:\Users\Emurock\Documents\CAANZ - Payment_PMTAU645732[5907] Jun 2019.pdf
2019-06-24 22:01 - 2019-06-24 22:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-06-24 13:12 - 2019-06-24 13:12 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2019-06-24 13:12 - 2019-06-24 13:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2019-06-24 13:12 - 2019-06-24 13:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2019-06-24 13:12 - 2019-06-24 13:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2019-06-22 01:10 - 2019-06-29 22:00 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-06-19 22:10 - 2019-06-19 22:10 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2019-06-18 20:04 - 2019-07-04 00:12 - 000004294 _____ C:\WINDOWS\System32\Tasks\Avast SecureLine VPN Update
2019-06-17 23:08 - 2019-06-17 23:08 - 000131396 _____ C:\Users\Emurock\Documents\Bethesda Softworks LLC. Online Store - Order Completed - Fallout76.pdf
2019-06-17 01:56 - 2019-06-17 01:56 - 004982794 _____ C:\Users\Emurock\Downloads\belgrade.pdf
2019-06-13 21:12 - 2019-06-13 21:12 - 000000021 _____ C:\Users\Emurock\Downloads\Bean_Counters.ocdf
2019-06-13 21:12 - 2019-06-13 21:12 - 000000000 ____D C:\ProgramData\IsolatedStorage
2019-06-13 21:10 - 2019-06-13 21:12 - 000000000 ____D C:\Users\Emurock\Documents\Media
2019-06-13 21:10 - 2019-06-13 21:10 - 000002805 _____ C:\Users\Public\Desktop\RBDigital Media Manager.lnk
2019-06-13 21:10 - 2019-06-13 21:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recorded Books
2019-06-13 21:10 - 2019-06-13 21:10 - 000000000 ____D C:\Program Files (x86)\OneClickDigital
2019-06-13 21:07 - 2019-06-13 21:07 - 009858408 _____ (Recorded Books) C:\Users\Emurock\Downloads\OneClickdigital Media Manager Installer.exe
2019-06-13 00:26 - 2019-06-07 12:04 - 021388752 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-06-13 00:26 - 2019-06-07 06:57 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-06-13 00:26 - 2019-06-07 06:46 - 006569344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-06-13 00:26 - 2019-06-07 06:38 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-06-13 00:26 - 2019-06-07 06:37 - 022019584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-06-13 00:26 - 2019-06-07 06:27 - 022718976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-06-13 00:26 - 2019-05-17 07:19 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-06-13 00:26 - 2019-05-17 06:31 - 004937216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-06-13 00:25 - 2019-06-07 11:45 - 012756480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-06-13 00:25 - 2019-06-07 11:42 - 003613696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-06-13 00:25 - 2019-06-07 11:19 - 020383832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-06-13 00:25 - 2019-06-07 11:07 - 011942400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-06-13 00:25 - 2019-06-07 11:04 - 002881536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-06-13 00:25 - 2019-06-07 07:01 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-06-13 00:25 - 2019-06-07 06:58 - 001220112 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-06-13 00:25 - 2019-06-07 06:58 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-06-13 00:25 - 2019-06-07 06:57 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-06-13 00:25 - 2019-06-07 06:57 - 002811192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-06-13 00:25 - 2019-06-07 06:56 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-06-13 00:25 - 2019-06-07 06:46 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-06-13 00:25 - 2019-06-07 06:31 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-06-13 00:25 - 2019-06-07 06:24 - 005784064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-06-13 00:25 - 2019-06-07 06:24 - 003400704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-06-13 00:25 - 2019-06-07 06:22 - 003710976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-06-13 00:25 - 2019-06-07 06:21 - 007588864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-06-13 00:25 - 2019-06-07 06:21 - 004866048 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-06-13 00:25 - 2019-06-07 06:21 - 001778688 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-06-13 00:25 - 2019-06-07 06:19 - 003212288 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-06-13 00:25 - 2019-06-07 06:18 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-06-13 00:25 - 2019-05-17 13:27 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-06-13 00:25 - 2019-05-17 13:26 - 004393984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-06-13 00:25 - 2019-05-17 13:25 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-06-13 00:25 - 2019-05-17 13:25 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-06-13 00:25 - 2019-05-17 13:00 - 005658112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-06-13 00:25 - 2019-05-17 07:42 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-06-13 00:25 - 2019-05-17 07:42 - 002256560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-06-13 00:25 - 2019-05-17 07:42 - 001989552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-06-13 00:25 - 2019-05-17 07:42 - 001980256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-06-13 00:25 - 2019-05-17 07:42 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-06-13 00:25 - 2019-05-17 07:30 - 013878784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-06-13 00:25 - 2019-05-17 07:26 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-06-13 00:25 - 2019-05-17 07:19 - 001630720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-06-13 00:25 - 2019-05-17 07:07 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-06-13 00:25 - 2019-05-17 07:07 - 002768960 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-06-13 00:25 - 2019-05-17 07:07 - 002571640 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-06-13 00:25 - 2019-05-17 07:07 - 002467320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-06-13 00:25 - 2019-05-17 06:44 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-06-13 00:25 - 2019-05-17 06:38 - 004709376 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-06-13 00:25 - 2019-05-17 06:37 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-06-13 00:25 - 2019-05-17 06:34 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-06-13 00:25 - 2019-05-17 06:33 - 003091456 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-06-13 00:25 - 2019-05-17 06:33 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-06-13 00:25 - 2019-05-17 06:33 - 002370560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-06-13 00:25 - 2019-05-17 06:31 - 003376640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-06-13 00:25 - 2019-05-17 06:31 - 003293184 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-06-13 00:25 - 2019-05-17 06:31 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-06-13 00:25 - 2019-05-17 06:31 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-06-13 00:25 - 2019-05-17 06:31 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-06-13 00:24 - 2019-06-07 12:04 - 001633136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-06-13 00:24 - 2019-06-07 11:47 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-06-13 00:24 - 2019-06-07 11:41 - 004055552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-06-13 00:24 - 2019-06-07 11:40 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-06-13 00:24 - 2019-06-07 11:40 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-06-13 00:24 - 2019-06-07 11:23 - 001453920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-06-13 00:24 - 2019-06-07 11:10 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-06-13 00:24 - 2019-06-07 11:04 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-06-13 00:24 - 2019-06-07 11:04 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-06-13 00:24 - 2019-06-07 07:07 - 000707384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-06-13 00:24 - 2019-06-07 06:58 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-06-13 00:24 - 2019-06-07 06:58 - 000422416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2019-06-13 00:24 - 2019-06-07 06:58 - 000135176 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-06-13 00:24 - 2019-06-07 06:58 - 000076304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-06-13 00:24 - 2019-06-07 06:57 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-06-13 00:24 - 2019-06-07 06:57 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-06-13 00:24 - 2019-06-07 06:57 - 001209696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-06-13 00:24 - 2019-06-07 06:57 - 000792888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-06-13 00:24 - 2019-06-07 06:57 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-06-13 00:24 - 2019-06-07 06:57 - 000594024 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-06-13 00:24 - 2019-06-07 06:57 - 000494304 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-06-13 00:24 - 2019-06-07 06:57 - 000435000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-06-13 00:24 - 2019-06-07 06:57 - 000413720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-06-13 00:24 - 2019-06-07 06:57 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-06-13 00:24 - 2019-06-07 06:57 - 000383504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-06-13 00:24 - 2019-06-07 06:57 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-06-13 00:24 - 2019-06-07 06:57 - 000148280 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-06-13 00:24 - 2019-06-07 06:57 - 000137448 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2019-06-13 00:24 - 2019-06-07 06:56 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-06-13 00:24 - 2019-06-07 06:47 - 000380432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-06-13 00:24 - 2019-06-07 06:47 - 000097272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2019-06-13 00:24 - 2019-06-07 06:46 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-06-13 00:24 - 2019-06-07 06:46 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-06-13 00:24 - 2019-06-07 06:46 - 000581048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-06-13 00:24 - 2019-06-07 06:46 - 000357072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-06-13 00:24 - 2019-06-07 06:46 - 000128792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-06-13 00:24 - 2019-06-07 06:23 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-06-13 00:24 - 2019-06-07 06:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-06-13 00:24 - 2019-06-07 06:22 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-06-13 00:24 - 2019-06-07 06:22 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-06-13 00:24 - 2019-06-07 06:21 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-06-13 00:24 - 2019-06-07 06:21 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-06-13 00:24 - 2019-06-07 06:20 - 002610688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-06-13 00:24 - 2019-06-07 06:20 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-06-13 00:24 - 2019-06-07 06:20 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-06-13 00:24 - 2019-06-07 06:19 - 002175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-06-13 00:24 - 2019-06-07 06:19 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-06-13 00:24 - 2019-06-07 06:19 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-06-13 00:24 - 2019-06-07 06:19 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-06-13 00:24 - 2019-06-07 06:19 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2019-06-13 00:24 - 2019-06-07 06:18 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-06-13 00:24 - 2019-06-07 06:18 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-06-13 00:24 - 2019-06-07 06:17 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-06-13 00:24 - 2019-06-07 06:17 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-06-13 00:24 - 2019-06-07 06:17 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-06-13 00:24 - 2019-06-07 06:16 - 001102336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-06-13 00:24 - 2019-06-07 06:16 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-06-13 00:24 - 2019-06-07 06:16 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-06-13 00:24 - 2019-06-07 06:16 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2019-06-13 00:24 - 2019-05-18 23:12 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-06-13 00:24 - 2019-05-18 23:12 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-06-13 00:24 - 2019-05-18 23:12 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-06-13 00:24 - 2019-05-17 13:44 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-06-13 00:24 - 2019-05-17 13:40 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-06-13 00:24 - 2019-05-17 13:40 - 000280888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-06-13 00:24 - 2019-05-17 13:24 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rndismp6.sys
2019-06-13 00:24 - 2019-05-17 13:22 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-06-13 00:24 - 2019-05-17 13:22 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2019-06-13 00:24 - 2019-05-17 13:21 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-06-13 00:24 - 2019-05-17 13:21 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-06-13 00:24 - 2019-05-17 13:21 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3gpui.dll
2019-06-13 00:24 - 2019-05-17 13:21 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2019-06-13 00:24 - 2019-05-17 13:20 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-06-13 00:24 - 2019-05-17 13:19 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-06-13 00:24 - 2019-05-17 13:07 - 002206424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2019-06-13 00:24 - 2019-05-17 12:58 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-06-13 00:24 - 2019-05-17 12:56 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2019-06-13 00:24 - 2019-05-17 12:56 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3gpui.dll
2019-06-13 00:24 - 2019-05-17 12:55 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-06-13 00:24 - 2019-05-17 12:55 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-06-13 00:24 - 2019-05-17 12:54 - 002016768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-06-13 00:24 - 2019-05-17 10:33 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-06-13 00:24 - 2019-05-17 08:07 - 000105272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-06-13 00:24 - 2019-05-17 07:44 - 000829960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2019-06-13 00:24 - 2019-05-17 07:44 - 000550520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-06-13 00:24 - 2019-05-17 07:43 - 000297688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2019-06-13 00:24 - 2019-05-17 07:42 - 001380096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-06-13 00:24 - 2019-05-17 07:42 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-06-13 00:24 - 2019-05-17 07:42 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-06-13 00:24 - 2019-05-17 07:42 - 000125504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-06-13 00:24 - 2019-05-17 07:21 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-06-13 00:24 - 2019-05-17 07:20 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-06-13 00:24 - 2019-05-17 07:19 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2019-06-13 00:24 - 2019-05-17 07:19 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2019-06-13 00:24 - 2019-05-17 07:19 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-06-13 00:24 - 2019-05-17 07:18 - 002796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-06-13 00:24 - 2019-05-17 07:18 - 001006592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-06-13 00:24 - 2019-05-17 07:08 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-06-13 00:24 - 2019-05-17 07:08 - 000723432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-06-13 00:24 - 2019-05-17 07:08 - 000491200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-06-13 00:24 - 2019-05-17 07:08 - 000401328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2019-06-13 00:24 - 2019-05-17 07:07 - 001459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-06-13 00:24 - 2019-05-17 07:07 - 001288712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-06-13 00:24 - 2019-05-17 07:07 - 001260272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-06-13 00:24 - 2019-05-17 07:07 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2019-06-13 00:24 - 2019-05-17 07:07 - 000275768 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-06-13 00:24 - 2019-05-17 07:07 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-06-13 00:24 - 2019-05-17 07:06 - 001943136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-06-13 00:24 - 2019-05-17 07:06 - 001784696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-06-13 00:24 - 2019-05-17 07:06 - 001140992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-06-13 00:24 - 2019-05-17 07:06 - 001098056 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-06-13 00:24 - 2019-05-17 07:06 - 000983424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-06-13 00:24 - 2019-05-17 07:06 - 000151888 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-06-13 00:24 - 2019-05-17 06:36 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-06-13 00:24 - 2019-05-17 06:36 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-06-13 00:24 - 2019-05-17 06:35 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-06-13 00:24 - 2019-05-17 06:35 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2019-06-13 00:24 - 2019-05-17 06:35 - 000322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-06-13 00:24 - 2019-05-17 06:34 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-06-13 00:24 - 2019-05-17 06:34 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-06-13 00:24 - 2019-05-17 06:34 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-06-13 00:24 - 2019-05-17 06:34 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-06-13 00:24 - 2019-05-17 06:33 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-06-13 00:24 - 2019-05-17 06:33 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-06-13 00:24 - 2019-05-17 06:33 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-06-13 00:24 - 2019-05-17 06:32 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2019-06-13 00:24 - 2019-05-17 06:32 - 000815104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-06-13 00:24 - 2019-05-17 06:31 - 001383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-06-13 00:24 - 2019-05-17 06:31 - 001211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-06-13 00:24 - 2019-05-17 06:31 - 001027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2019-06-13 00:24 - 2019-05-17 06:31 - 000620032 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-06-13 00:24 - 2019-05-17 06:31 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-06-13 00:24 - 2019-05-17 06:30 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-06-13 00:24 - 2019-05-17 06:30 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-06-13 00:24 - 2019-05-17 06:30 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2019-06-13 00:23 - 2019-06-07 11:48 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-06-13 00:23 - 2019-06-07 06:24 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-06-13 00:23 - 2019-06-07 06:23 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-06-13 00:23 - 2019-06-07 06:22 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2019-06-13 00:23 - 2019-06-07 06:22 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2019-06-13 00:23 - 2019-06-07 06:21 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-06-13 00:23 - 2019-06-07 06:20 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-06-13 00:23 - 2019-06-07 05:00 - 000001308 _____ C:\WINDOWS\system32\tcbres.wim
2019-06-13 00:23 - 2019-05-18 23:12 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-06-13 00:23 - 2019-05-17 13:25 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe
2019-06-13 00:23 - 2019-05-17 13:24 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-06-13 00:23 - 2019-05-17 13:23 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2019-06-13 00:23 - 2019-05-17 13:21 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2019-06-13 00:23 - 2019-05-17 12:55 - 000470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2019-06-13 00:23 - 2019-05-17 12:54 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2019-06-13 00:23 - 2019-05-17 09:52 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-06-13 00:23 - 2019-05-17 07:23 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-06-13 00:23 - 2019-05-17 07:23 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-06-13 00:23 - 2019-05-17 07:23 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-06-13 00:23 - 2019-05-17 07:22 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2019-06-13 00:23 - 2019-05-17 07:22 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2019-06-13 00:23 - 2019-05-17 07:21 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2019-06-13 00:23 - 2019-05-17 07:21 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2019-06-13 00:23 - 2019-05-17 07:20 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-06-13 00:23 - 2019-05-17 07:19 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-06-13 00:23 - 2019-05-17 07:18 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-06-13 00:23 - 2019-05-17 06:37 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2019-06-13 00:23 - 2019-05-17 06:37 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2019-06-13 00:23 - 2019-05-17 06:36 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-06-13 00:23 - 2019-05-17 06:36 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-06-13 00:23 - 2019-05-17 06:36 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-06-13 00:23 - 2019-05-17 06:36 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-06-13 00:23 - 2019-05-17 06:36 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-06-13 00:23 - 2019-05-17 06:34 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2019-06-13 00:23 - 2019-05-17 06:34 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2019-06-13 00:23 - 2019-05-17 06:34 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2019-06-13 00:23 - 2019-05-17 06:33 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2019-06-12 03:13 - 2019-06-12 03:13 - 004650040 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2019-06-11 22:35 - 2019-06-11 22:36 - 000000000 ____D C:\Users\Emurock\AppData\Local\Fallout76
2019-06-11 22:22 - 2019-02-13 06:47 - 001909560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-06-11 00:00 - 2019-07-01 19:50 - 000000000 ____D C:\Users\Emurock\AppData\Local\Bethesda.net Launcher
2019-06-10 23:58 - 2019-07-01 19:50 - 000000000 ____D C:\Program Files (x86)\Bethesda.net Launcher
2019-06-10 23:58 - 2019-06-10 23:58 - 000001228 _____ C:\Users\Public\Desktop\Bethesda.net Launcher.lnk
2019-06-10 23:58 - 2019-06-10 23:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda.net Launcher
2019-06-10 23:57 - 2019-06-10 23:58 - 008797576 _____ (Bethesda Softworks ) C:\Users\Emurock\Downloads\BethesdaNetLauncher_Setup.exe
2019-06-06 21:48 - 2019-06-06 21:48 - 000000000 ____D C:\ProgramData\Apple Computer
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-04 21:04 - 2018-05-24 01:12 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-07-04 21:01 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-04 01:50 - 2018-05-24 01:32 - 000004150 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E5F7BF5C-130D-4F48-8A31-D7EC5140E3AC}
2019-07-04 00:32 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-07-04 00:32 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-07-04 00:23 - 2015-08-29 20:04 - 000000000 ____D C:\Users\Emurock\Documents\Youcam
2019-07-04 00:18 - 2015-08-29 20:04 - 000000000 ___RD C:\Users\Emurock\OneDrive
2019-07-04 00:08 - 2017-11-29 02:32 - 000000000 ____D C:\Users\Emurock\AppData\LocalLow\Mozilla
2019-07-04 00:07 - 2015-09-06 19:17 - 000000000 ____D C:\Program Files (x86)\Steam
2019-07-03 23:54 - 2015-09-06 03:43 - 000000000 ____D C:\ProgramData\Origin
2019-07-03 23:52 - 2017-05-10 04:37 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-07-03 23:52 - 2015-08-29 19:58 - 000000000 __SHD C:\Users\Emurock\IntelGraphicsProfiles
2019-07-03 23:51 - 2017-07-15 18:00 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-07-03 23:50 - 2019-05-19 23:39 - 000000352 _____ C:\WINDOWS\Tasks\HPCeeScheduleForEmurock.job
2019-07-03 23:50 - 2018-05-24 01:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-07-03 01:03 - 2018-05-24 01:31 - 000003362 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-384623095-3799959169-1529214809-1001
2019-07-03 01:03 - 2018-05-24 01:19 - 000002412 _____ C:\Users\Emurock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-07-02 22:45 - 2019-05-19 23:39 - 000003252 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForEmurock
2019-07-02 22:20 - 2018-05-24 01:19 - 000000000 ____D C:\Users\Emurock
2019-07-02 21:40 - 2015-08-29 20:11 - 000000000 ____D C:\Program Files\Common Files\AV
2019-07-02 21:22 - 2019-04-04 23:05 - 000000000 ____D C:\Users\Emurock\AppData\Roaming\Origin
2019-07-02 21:22 - 2015-09-06 03:47 - 000000000 ____D C:\Program Files (x86)\Origin Games
2019-07-02 04:09 - 2019-05-10 21:25 - 000002415 _____ C:\Users\Public\Desktop\Norton Security.lnk
2019-07-02 03:51 - 2019-05-10 21:23 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64
2019-07-02 03:50 - 2016-10-11 21:55 - 000000000 ____D C:\Program Files (x86)\TunnelBear
2019-07-02 03:46 - 2018-04-11 22:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-07-02 03:45 - 2015-07-09 16:15 - 000000000 ____D C:\ProgramData\AVAST Software
2019-07-01 00:36 - 2016-03-21 22:41 - 000000000 ____D C:\Users\Emurock\AppData\Local\ElevatedDiagnostics
2019-06-30 19:03 - 2019-04-04 23:08 - 000000000 ____D C:\Program Files (x86)\Origin
2019-06-30 17:50 - 2016-02-12 01:45 - 000000000 ____D C:\Users\Emurock\AppData\Local\Ubisoft Game Launcher
2019-06-30 02:49 - 2018-05-24 01:19 - 000000000 ____D C:\Users\defaultuser1
2019-06-30 00:25 - 2017-07-15 18:15 - 000000000 ____D C:\Users\Emurock\Downloads\Movie Store
2019-06-30 00:21 - 2016-05-01 06:21 - 000000000 ____D C:\Users\Emurock\AppData\Roaming\vlc
2019-06-30 00:15 - 2017-10-29 01:36 - 000000000 ____D C:\Users\Emurock\Downloads\TV
2019-06-29 22:07 - 2018-04-11 22:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-06-29 22:00 - 2015-08-30 17:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-06-28 01:37 - 2015-08-30 13:07 - 000000000 ____D C:\Users\Emurock\AppData\Local\CrashDumps
2019-06-27 22:38 - 2016-02-09 21:33 - 000000000 ____D C:\Users\Emurock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-06-24 22:03 - 2015-07-09 16:07 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-06-24 01:19 - 2018-11-16 04:28 - 000000000 ____D C:\Program Files\rempl
2019-06-23 00:43 - 2015-08-30 17:39 - 000001235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-06-22 01:01 - 2016-03-27 02:27 - 000000000 ____D C:\Users\Emurock\AppData\Local\Adobe
2019-06-22 01:00 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-06-22 01:00 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-06-20 20:03 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-06-20 00:12 - 2015-08-30 02:13 - 000002325 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-06-20 00:12 - 2015-08-30 02:13 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-19 23:27 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-06-19 22:17 - 2015-07-09 15:43 - 000000000 ____D C:\ProgramData\Intel
2019-06-19 22:17 - 2015-04-29 02:14 - 000000000 ____D C:\ProgramData\Package Cache
2019-06-19 22:14 - 2018-05-24 01:18 - 000933368 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-06-19 22:14 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-06-19 22:13 - 2017-05-10 04:36 - 000000000 ____D C:\Program Files\Intel
2019-06-19 22:10 - 2015-07-09 15:38 - 000000000 ____D C:\Intel
2019-06-19 20:19 - 2017-05-08 22:01 - 000000000 ____D C:\Program Files\UNP
2019-06-13 20:49 - 2019-04-05 23:34 - 000000000 ____D C:\Users\Emurock\Documents\Holiday 2019
2019-06-13 03:23 - 2015-09-16 20:33 - 000000000 ___RD C:\Users\Emurock\3D Objects
2019-06-13 03:23 - 2015-08-29 18:50 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-06-13 03:20 - 2018-05-24 01:12 - 000298168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-06-13 03:16 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-06-13 03:16 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-06-13 03:16 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\Provisioning
2019-06-13 03:16 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-06-13 02:10 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-06-13 00:59 - 2018-08-12 14:21 - 000000000 ____D C:\Users\Emurock\AppData\Local\D3DSCache
2019-06-12 03:13 - 2018-05-24 01:31 - 000004584 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-06-12 02:13 - 2018-05-24 01:31 - 000004572 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-06-12 01:57 - 2018-11-08 11:30 - 000001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk
2019-06-12 01:57 - 2018-11-08 11:30 - 000001035 _____ C:\Users\Public\Desktop\TeamViewer 14.lnk
2019-06-12 01:13 - 2015-08-30 00:24 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-06-12 00:37 - 2015-08-30 00:24 - 135349160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-06-11 22:35 - 2016-02-09 21:56 - 000000000 ____D C:\Users\Emurock\Documents\My Games
2019-06-11 00:56 - 2018-07-10 07:47 - 000000000 ____D C:\ProgramData\Packages
2019-06-11 00:56 - 2018-05-24 03:56 - 000000000 ____D C:\Users\Emurock\AppData\Local\PlaceholderTileLogoFolder
2019-06-11 00:56 - 2017-12-31 03:09 - 000000000 ____D C:\Users\Emurock\AppData\Local\Packages
2019-06-11 00:21 - 2016-10-11 22:39 - 000000000 ____D C:\Users\Emurock\AppData\Roaming\qBittorrent
2019-06-06 21:48 - 2015-07-09 15:55 - 000000000 ____D C:\ProgramData\Apple
2019-06-06 00:11 - 2018-09-24 02:31 - 000000000 ____D C:\Users\Emurock\AppData\Roaming\Telegram Desktop
==================== Files in the root of some directories ================
2016-02-07 23:33 - 2016-02-07 23:33 - 000000095 _____ () C:\Users\Emurock\AppData\Local\fusioncache.dat
2018-10-28 17:21 - 2018-10-28 17:21 - 000000001 _____ () C:\Users\Emurock\AppData\Local\llftool.4.40.agreement
2016-04-06 23:34 - 2016-04-06 23:34 - 000007599 _____ () C:\Users\Emurock\AppData\Local\Resmon.ResmonCfg
2015-10-26 10:06 - 2015-10-26 10:06 - 000000000 _____ () C:\Users\Emurock\AppData\Local\{BF589D7C-16AC-4D16-AF88-8CB3B13EFAC9}
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 3-07-2019
Ran by Emurock (04-07-2019 22:44:03)
Running from C:\Users\Emurock\Desktop
Windows 10 Home Version 1803 17134.829 (X64) (2018-05-24 00:55:59)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-384623095-3799959169-1529214809-500 - Administrator - Disabled)
ASPNET (S-1-5-21-384623095-3799959169-1529214809-1004 - Limited - Enabled)
DefaultAccount (S-1-5-21-384623095-3799959169-1529214809-503 - Limited - Disabled)
defaultuser1 (S-1-5-21-384623095-3799959169-1529214809-1006 - Limited - Enabled) => C:\Users\defaultuser1
Emurock (S-1-5-21-384623095-3799959169-1529214809-1001 - Administrator - Enabled) => C:\Users\Emurock
Guest (S-1-5-21-384623095-3799959169-1529214809-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-384623095-3799959169-1529214809-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-384623095-3799959169-1529214809-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton 360 (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.207 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.207 - Adobe)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.)
Anno 1602 (HKLM-x32\...\Uplay Install 2990) (Version: - Ubisoft)
Anno 1800 (HKLM-x32\...\Uplay Install 4553) (Version: - Ubisoft)
Anno 2070 (HKLM-x32\...\Uplay Install 22) (Version: - Ubisoft)
Anno 2205 (HKLM-x32\...\Uplay Install 1253) (Version: - Ubisoft)
Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.220.2 - AVAST Software)
Bejeweled 3 (HKLM-x32\...\WTA-6cc9e3bc-d557-4b25-822b-d657da54ba47) (Version: 3.0.2.59 - WildTangent) Hidden
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.47.11 - Bethesda Softworks)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot (HKLM-x32\...\WTA-86c253ea-9232-43e1-97a6-922a1a93597f) (Version: 3.0.2.59 - WildTangent) Hidden
Building the Great Wall of China Collector's Edition (HKLM-x32\...\WTA-8cfff629-81d2-4a15-8d7c-ac660951f20e) (Version: 3.0.2.48 - WildTangent) Hidden
Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ Red Alert™ 3 (HKLM-x32\...\{296D8550-CB06-48E4-9A8B-E5034FB64715}) (Version: 1.12.0.0 - Electronic Arts)
Crazy Chicken Soccer (HKLM-x32\...\WTA-517f8fc4-058e-4c9a-aebb-462b1e0fe8da) (Version: 2.2.0.110 - WildTangent) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.9.4928 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.4.6303 - CyberLink Corp.) Hidden
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.4.6303 - CyberLink Corp.)
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.6.5104 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.9.5009 - CyberLink Corp.)
CyberLink PowerBackup 2.6 (HKLM-x32\...\InstallShield_{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.6.2.1307 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.3.3812 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.3.3812 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.6.5011 - CyberLink Corp.)
Delicious: Emily's Wonder Wedding Premium Edition (HKLM-x32\...\WTA-efa14f46-e50c-49c7-ab6b-9c18b0214f2e) (Version: 3.0.2.59 - WildTangent) Hidden
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Doomsday (HKLM-x32\...\{69464949-AD9C-4C98-933F-C32FFC86F3C8}) (Version: - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 75.4.141 - Dropbox, Inc.)
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.3.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
EaseUS Partition Master 12.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Entropia Universe (HKLM-x32\...\Entropia Universe) (Version: 15.7.5.133304 - MindArk PE AB)
Evernote v. 5.8.1 (HKLM-x32\...\{4FD2D1C8-8636-11E4-9D21-00163E98E7D6}) (Version: 5.8.1.6061 - Evernote Corp.)
Fallout 76 (HKLM-x32\...\Fallout 76) (Version: - Bethesda Softworks)
Foxit PhantomPDF (HKLM-x32\...\{4E32271C-B55A-4CDF-8DB7-88FD1C45927C}) (Version: 7.0.310.226 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Hard Disk Low Level Format Tool 4.40 (HKLM-x32\...\Hard Disk Low Level Format Tool_is1) (Version: - HDDGURU)
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP CoolSense (HKLM-x32\...\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}) (Version: 2.20.41 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{915AE95A-9009-41DB-9D9D-D57E17AAB48F}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7960.5089 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.39 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.8.24.33 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.11.24.11 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{8B4EE87E-6D40-4C91-B5E8-0DC77DC412F1}) (Version: 1.4.1 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.01.39 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.39 - Softex Inc.) Hidden
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1018 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{e3d22965-5c2d-48c8-acec-c2ba2d50b275}) (Version: 10.0.22 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.0.10100.71 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.31.1000 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.5.0.1056 - Intel Corporation)
Intel® WiDi (HKLM\...\{AACB7B6F-5057-4612-B026-FE2A3D69F30B}) (Version: 5.1.28.0 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{4A95F6FA-1263-43D2-9926-5D6F7F359E92}) (Version: 17.1.1434.02 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
Jade Empire (HKLM-x32\...\{EEAA7AC3-F651-4842-86E0-4C755181388B}) (Version: 1.0.1.2 - Electronic Arts)
Jewel Match 3 (HKLM-x32\...\WTA-eb0e6f16-266f-4e68-91b5-f545518f18a7) (Version: 3.0.2.59 - WildTangent) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.1005 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-384623095-3799959169-1529214809-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 67.0.4 (x64 en-GB) (HKLM\...\Mozilla Firefox 67.0.4 (x64 en-GB)) (Version: 67.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 67.0.4.7109 - Mozilla)
Mozilla Thunderbird 52.5.0 (x86 en-GB) (HKLM-x32\...\Mozilla Thunderbird 52.5.0 (x86 en-GB)) (Version: 52.5.0 - Mozilla)
Norton 360 (HKLM-x32\...\NGC) (Version: 22.17.3.50 - Symantec Corporation)
OneClickdigital Media Manager (HKLM-x32\...\{D27E3096-E1C7-4BF1-923B-13E522646EBF}) (Version: 80.0.0.0 - Recorded Books)
Origin (HKLM-x32\...\Origin) (Version: 10.5.41.27263 - Electronic Arts, Inc.)
Polar Bowler 1st Frame (HKLM-x32\...\WTA-7dcb96f3-d868-4737-9e51-57255b0097f9) (Version: 3.0.2.59 - WildTangent) Hidden
qBittorrent 3.3.7 (HKLM-x32\...\qBittorrent) (Version: 3.3.7 - The qBittorrent project)
Ranch Rush 2 - Premium Edition (HKLM-x32\...\WTA-29c11dfd-71b5-4d15-b84e-2f0ef1978ed4) (Version: 2.2.0.98 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.370.68 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.37.1119.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7457 - Realtek Semiconductor Corp.)
Runefall (HKLM-x32\...\WTA-87623d03-6680-442b-bb46-204b297e2e19) (Version: 3.0.2.126 - WildTangent) Hidden
Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version: - 2K Games, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.3.4730 - TeamViewer)
Telegram Desktop version 1.5.15 (HKU\S-1-5-21-384623095-3799959169-1529214809-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.5.15 - Telegram Messenger LLP)
THE SETTLERS - Heritage of Kings (HKLM-x32\...\{8FDC1610-3FB5-4EF2-A0D0-CEDC3A525A25}) (Version: 1.00.0000 - Blue Byte)
Trinklit Supreme (HKLM-x32\...\WTA-f83c1e53-d6ab-44be-adc7-b8f13daafe30) (Version: 2.2.0.98 - WildTangent) Hidden
TunnelBear (HKLM-x32\...\{0d6e112b-ecd9-4b6a-92ed-6e708fb7de2f}) (Version: 3.6.3.0 - TunnelBear)
TunnelBear (HKLM-x32\...\{95EAEB10-FF80-47E1-BAF7-4B46C4D6A46C}) (Version: 3.6.3.0 - TunnelBear) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
Updated Unofficial Fallout 3 Patch v2.3.2 (HKLM-x32\...\Updated Unofficial Fallout 3 Patch_is1) (Version: 2.3.2 - )
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
Wedding Dash (HKLM-x32\...\WTA-98e721b1-7634-44f3-a047-a9fc9cd15317) (Version: 2.2.0.95 - WildTangent) Hidden
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App for HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.11.14 - WildTangent) Hidden
Windscribe (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.83 Build 20 - Windscribe Limited)
Wizards & Warriors (HKLM-x32\...\Wizards & Warriors) (Version: - )
World of Warships (HKU\S-1-5-21-384623095-3799959169-1529214809-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net)
Youda Jewel Shop (HKLM-x32\...\WTA-70462bb6-4383-4762-ab9d-4d4cea2fbffe) (Version: 3.0.2.51 - WildTangent) Hidden
Packages:
=========
- Games App - -> C:\Program Files\WindowsApps\WildTangentGames.-GamesApp-_1.0.3.28_x86__qt5r5pa5dyg8m [2015-08-29] (WildTangent Games)
Audiobooks from Audible -> C:\Program Files\WindowsApps\AudibleInc.AudibleforWindowsPhone_10.5.54.0_x64__xns73kv1ymhp2 [2019-06-25] (Audible Inc)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1541.3.0_x86__kgqvnymyfvs32 [2019-07-04] (king.com)
Getting Started with Windows 8 -> C:\Program Files\WindowsApps\AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6 [2015-08-29] (Hewlett-Packard Company)
HP Connected Music -> C:\Program Files\WindowsApps\AD2F1837.HPConnectedMusic_1.5.0.253_x86__v10z8vjag6ke6 [2015-10-31] (Hewlett-Packard Company)
HP Registration -> C:\Program Files\WindowsApps\AD2F1837.HPRegistration_1.2.1.166_neutral__v10z8vjag6ke6 [2015-07-09] (Hewlett-Packard Company)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa [2019-06-06] (Apple Inc.)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-05-30] (Microsoft Corporation) [MS Ad]
McAfee® Central for HP -> C:\Program Files\WindowsApps\2703103D.McAfeeCentral_5.0.177.1_x64__4ehj4w4frejdr [2018-04-02] (.-McAfee Inc-.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1807.4.0_x64__8wekyb3d8bbwe [2018-07-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1807.7.0_x64__8wekyb3d8bbwe [2018-07-27] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1807.9.0_x64__8wekyb3d8bbwe [2018-08-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2018-09-23] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_3.9.4100.0_x64__8wekyb3d8bbwe [2019-04-20] (Microsoft Studios) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11723.0_x64__8wekyb3d8bbwe [2019-06-27] (Microsoft Corporation) [MS Ad]
Microsoft Phone -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x64__8wekyb3d8bbwe [2018-09-08] (Microsoft Corporation)
Microsoft Phone Companion -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-02-12] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-15] (Microsoft Studios) [MS Ad]
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-08-29] (Microsoft Corporation) [MS Ad]
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-08-29] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.29.10701.0_x64__8wekyb3d8bbwe [2019-03-21] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.28.3242.0_x64__8wekyb3d8bbwe [2018-12-14] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-08-29] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
mysms - Text from Computer, Messaging -> C:\Program Files\WindowsApps\UptoElevenDigitalSolution.mysms-Textanywhere_3.2.0.0_x64__c9d6r4qvva5x8 [2019-01-31] (Up to Eleven Digital Solutions GmbH)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.93.478.0_x64__mcm4njqhnhss8 [2019-06-27] (Netflix, Inc.)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_6.15.61.0_x64__kx24dqmazqk8j [2019-07-01] (Random Salad Games LLC) [MS Ad]
Snapfish -> C:\Program Files\WindowsApps\AD2F1837.HPConnectedPhotopoweredbySnapfish_6.1.736.0_x86__v10z8vjag6ke6 [2018-08-04] (Snapfish)
The Weather Channel for HP -> C:\Program Files\WindowsApps\Weather.TheWeatherChannelforHP_2015.1108.1.0_x64__t3yemqpq4kp7p [2015-11-09] (The Weather Channel.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.5.14.0_x64__8wekyb3d8bbwe [2019-07-03] (Microsoft Corporation)
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.5.10.0_x64__qj0v5chwq8f2g [2016-12-01] (TripAdvisor LLC)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-384623095-3799959169-1529214809-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
CustomCLSID: HKU\S-1-5-21-384623095-3799959169-1529214809-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Emurock\Dropbox [2016-09-01 04:55]
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-02-09] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2015-03-03] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.3.50\NavShExt.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-02-09] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.3.50\NavShExt.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-01-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.3.50\NavShExt.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --disk-cache-size=1000000000
==================== Loaded Modules (Whitelisted) ==============
2015-01-30 19:16 - 2015-01-30 19:16 - 000864768 _____ (%CFullName%) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OpBHO64.dll
2017-05-27 15:48 - 2014-02-13 15:27 - 000113166 _____ () [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\zlib1.dll
2019-01-12 20:05 - 2018-07-06 18:22 - 001603072 _____ () [File not signed] C:\Program Files (x86)\Windscribe\libGLESv2.dll
2019-01-12 20:05 - 2018-07-06 18:22 - 000071168 _____ () [File not signed] C:\Program Files (x86)\Windscribe\zlib1.dll
2015-01-30 19:07 - 2015-01-30 19:07 - 002169344 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2015-01-30 19:05 - 2015-01-30 19:05 - 000021504 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2015-01-30 19:09 - 2015-01-30 19:09 - 000065024 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2015-01-30 19:05 - 2015-01-30 19:05 - 000055296 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2015-01-30 19:05 - 2015-01-30 19:05 - 000035840 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2019-06-25 23:06 - 2019-06-25 23:06 - 041113088 _____ () [File not signed] C:\Program Files\WindowsApps\AudibleInc.AudibleforWindowsPhone_10.5.54.0_x64__xns73kv1ymhp2\AudibleRT.WindowsPhone.dll
2019-06-25 23:06 - 2019-06-25 23:06 - 000019968 _____ () [File not signed] C:\Program Files\WindowsApps\AudibleInc.AudibleforWindowsPhone_10.5.54.0_x64__xns73kv1ymhp2\AudibleRT.WindowsPhone.exe
2019-06-22 00:15 - 2019-06-22 00:15 - 000052224 _____ () [File not signed] C:\Program Files\WindowsApps\AudibleInc.AudibleforWindowsPhone_10.5.54.0_x64__xns73kv1ymhp2\AudibleSystemFileWrapperRT.dll
2019-02-20 10:12 - 2019-02-20 10:12 - 001123840 _____ () [File not signed] C:\Program Files\WindowsApps\AudibleInc.AudibleforWindowsPhone_10.5.54.0_x64__xns73kv1ymhp2\e_sqlite3.dll
2017-05-27 15:48 - 2014-02-13 15:27 - 000275528 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\libcurl.dll
2017-05-27 15:48 - 2014-02-13 15:27 - 000222792 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\traynet.dll
2017-05-27 15:48 - 2014-11-18 14:44 - 000255072 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\TrayTipAgentE.exe
2017-05-27 15:48 - 2014-02-13 15:27 - 000249928 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\uexper.dll
2015-01-30 19:06 - 2015-01-30 19:06 - 000715264 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\storeng.dll
2015-01-30 19:07 - 2015-01-30 19:07 - 001134080 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\userdata.dll
2010-11-18 21:08 - 2010-11-18 21:08 - 000086016 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2018-05-24 01:24 - 2018-05-24 01:24 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2018-05-24 01:24 - 2018-05-24 01:24 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL
2015-01-30 19:11 - 2015-01-30 19:11 - 000103424 _____ (Softex Inc.) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
2015-01-30 19:16 - 2015-01-30 19:16 - 000746064 _____ (Softex Incorporated -> ) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2015-01-30 19:16 - 2015-01-30 19:16 - 000431696 _____ (Softex Incorporated -> ) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2015-01-30 19:16 - 2015-01-30 19:16 - 000760912 _____ (Softex Incorporated -> Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\hdddrv.dll
2015-01-30 19:16 - 2015-01-30 19:16 - 001384528 _____ (Softex Incorporated -> Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\Wbf.dll
2019-01-12 20:05 - 2018-07-06 18:22 - 000058368 _____ (The c-ares library, hxxps://c-ares.haxx.se/) [File not signed] C:\Program Files (x86)\Windscribe\cares.dll
2019-01-12 20:05 - 2018-09-14 00:56 - 000350208 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Program Files (x86)\Windscribe\libcurl.dll
2019-06-13 03:33 - 2019-06-29 22:09 - 000002560 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icudt58.dll
2019-06-13 03:33 - 2019-06-29 22:09 - 001252864 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icuuc58.dll
2019-06-13 03:34 - 2019-06-29 22:09 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-06-13 03:35 - 2019-06-29 22:09 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\SSLEAY32.dll
2019-01-12 20:05 - 2018-07-06 18:22 - 001212928 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Windscribe\LIBEAY32.dll
2019-01-12 20:05 - 2018-07-06 18:22 - 000276480 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Windscribe\SSLEAY32.dll
2019-06-13 03:35 - 2019-06-29 22:09 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-06-13 03:35 - 2019-06-29 22:09 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-06-13 03:35 - 2019-06-29 22:09 - 000709120 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Multimedia.dll
2019-06-13 03:35 - 2019-06-29 22:09 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-06-13 03:35 - 2019-06-29 22:09 - 000207360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Positioning.dll
2019-06-13 03:35 - 2019-06-29 22:09 - 000310272 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5PrintSupport.dll
2019-06-13 03:35 - 2019-06-29 22:09 - 003513344 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Qml.dll
2019-06-13 03:35 - 2019-06-29 22:09 - 003390976 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Quick.dll
2019-06-13 03:35 - 2019-06-29 22:09 - 000068096 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5QuickWidgets.dll
2019-06-13 03:35 - 2019-06-29 22:09 - 000045568 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5TextToSpeech.dll
2019-06-13 03:35 - 2019-06-29 22:09 - 000116224 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebChannel.dll
2019-06-13 03:35 - 2019-06-29 22:09 - 054064128 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineCore.dll
2019-06-13 03:35 - 2019-06-29 22:09 - 000211456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineWidgets.dll
2019-06-13 03:35 - 2019-06-29 22:09 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2019-06-13 03:35 - 2019-06-29 22:09 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-06-13 03:35 - 2019-06-29 22:09 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2019-02-28 10:34 - 2018-07-06 18:22 - 000024576 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Windscribe\imageformats\qgif.dll
2019-02-28 10:34 - 2018-07-06 18:22 - 000025088 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Windscribe\imageformats\qico.dll
2019-02-28 10:34 - 2018-07-06 18:22 - 000986624 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Windscribe\platforms\qwindows.dll
2019-01-12 20:05 - 2018-07-06 18:22 - 004694016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Windscribe\Qt5Core.dll
2019-01-12 20:05 - 2018-07-06 18:22 - 003677184 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Windscribe\Qt5Gui.dll
2019-01-12 20:05 - 2018-07-06 18:22 - 000856064 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Windscribe\Qt5Network.dll
2019-01-12 20:05 - 2018-07-06 18:22 - 004483072 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Windscribe\Qt5Widgets.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-384623095-3799959169-1529214809-1001\...\hola.org -> hxxp://hola.org
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-07-03 03:34 - 2019-07-04 02:52 - 000000911 _____ C:\WINDOWS\system32\drivers\etc\hosts
185.236.200.18 us-west-005.whiskergalaxy.com #added by Windscribe, do not modify.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Hewlett-Packard\SimplePass\;c:\Program Files\Intel\WiFi\bin\;c:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-384623095-3799959169-1529214809-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Hewlett-Packard Backgrounds\backgroundDefault.jpg
DNS Servers: 208.67.222.222 - 208.67.220.220
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\StartupFolder: => "Avast SecureLine VPN.lnk"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{EB489626-C593-407A-894A-509ECBE0D5BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{9BB3799B-4641-49EF-904B-DD2278006E22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{3A4D0311-41B7-477B-ADEE-84CBA84C3464}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{B5F8388C-62BB-41E3-87F3-EDCA33153B7E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{C953CBC7-904F-4D60-8FB4-77111DE96D4C}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{49062E71-F935-4C83-A20C-95BCCE496307}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{0A1892D9-36AA-4EEF-B1DC-CF07C0434B6B}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe (Kalloc Studios, Inc. -> Kalloc Studios) [File not signed]
FirewallRules: [{D7D80ADB-F211-4D98-AD65-F0D7DE74E72B}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe (Kalloc Studios, Inc. -> Kalloc Studios) [File not signed]
FirewallRules: [{5FD21843-F87A-4047-886A-A04ED1C63AC0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe No File
FirewallRules: [{E644F4F4-B7E2-474C-B4E4-FCA6075D8BD6}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe No File
FirewallRules: [{DE2DF5E8-9721-413D-A0CA-A14019599EBD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{AC4D2DCA-0230-4D89-96C3-1CD1ECE8A053}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C7471B1C-9F81-4EB5-82D8-10A7767A0E6D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C5677116-C350-4E5B-93C2-EC12D7A9AAF9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7BFFA15B-9DDD-4DA6-8299-1C7C446545F4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4A2B9C21-493A-451E-A697-35AC7E1B5A0A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B2B8D968-9FF4-4AAF-9917-ECCFBDAC3D8C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2BFAB72B-85B7-4CEC-A6E8-CB1B4163598E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{330BBDFD-AAAB-484C-A250-06EA41D117F1}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPSOCKSVC.exe No File
FirewallRules: [{D40DAB77-11AC-4F4A-BD3A-C808D7912590}] => (Allow) c:\Program Files\CyberLink\PowerDirector12\PDR10.EXE No File
FirewallRules: [{C657C390-99A2-4496-A9A3-3B8D6A523F6F}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{00F682F7-AF86-4F98-9F47-D84898715D48}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe No File
FirewallRules: [{3AAA5635-7D5E-4E36-9850-9C4C5AD0BB08}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel® Wireless Display -> Intel)
FirewallRules: [{21263E7A-9CB3-4AB5-B3FC-4D04022A1822}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{2C7798A8-65C3-4B70-966B-54CBD4B3C5B9}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe No File
FirewallRules: [{D9757A0F-EF89-4ACA-9654-86D9B74D30B8}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{00E32EA4-FDC5-427E-9B31-9EB467BBEB1A}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe No File
FirewallRules: [{CF70C960-E33A-49EB-BA23-354A7762970E}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{1A4A7B88-D791-4792-8E24-1D2F00911E5B}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{7CC51038-D028-4867-8068-87B531A6FA41}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe No File
FirewallRules: [{D37B3ECE-A449-4F0A-A8F0-38DC9AACF69C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV\Civilization4.exe (Firaxis Games) [File not signed]
FirewallRules: [{2A04753F-D755-446D-B693-9A2BEBADA3DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV\Civilization4.exe (Firaxis Games) [File not signed]
FirewallRules: [{A4C547DD-C1E1-4B1B-951F-E9C4DC11EE7D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV Beyond the Sword\Beyond the Sword\Civ4BeyondSword.exe (Firaxis Games) [File not signed]
FirewallRules: [{06D75616-8090-4B63-8025-C001597FE3FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV Beyond the Sword\Beyond the Sword\Civ4BeyondSword.exe (Firaxis Games) [File not signed]
FirewallRules: [{41145BD3-2C44-4254-89B6-E86EDD997AA1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV Warlords\Warlords\Civ4Warlords.exe (Firaxis Games) [File not signed]
FirewallRules: [{4B839FC7-BC1D-447C-A952-99BC75F8284E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV Warlords\Warlords\Civ4Warlords.exe (Firaxis Games) [File not signed]
FirewallRules: [{BFFC7706-8287-4223-9E57-39A1BD287FF2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV Warlords\Warlords\Civ4Warlords_PitBoss.exe (Firaxis Games) [File not signed]
FirewallRules: [{64CCC86C-9F78-40F0-8028-42575F9EB9EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV Warlords\Warlords\Civ4Warlords_PitBoss.exe (Firaxis Games) [File not signed]
FirewallRules: [{DEEB8320-E560-4702-A1B3-60C77CCFCC54}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Civilization IV Colonization\Colonization.exe (Firaxis Games) [File not signed]
FirewallRules: [{DA855C52-5CD1-40C0-871A-BF6245BCBB10}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Civilization IV Colonization\Colonization.exe (Firaxis Games) [File not signed]
FirewallRules: [{088EA805-0191-4EA3-8DDA-48D51B89D375}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Supreme Commander\bin\SupremeCommander.exe (Gas Powered Games) [File not signed]
FirewallRules: [{5B132D75-E20C-4625-91E7-82D1AB71C9C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Supreme Commander\bin\SupremeCommander.exe (Gas Powered Games) [File not signed]
FirewallRules: [{4DFA03BD-92B6-43C2-9D97-439526BB2449}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetbase\Planetbase.exe (Unity Technologies SF -> ) [File not signed]
FirewallRules: [{31789E7F-4058-4E8F-97A0-A24A97636320}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planetbase\Planetbase.exe (Unity Technologies SF -> ) [File not signed]
FirewallRules: [{4442DA36-6AB1-4DCE-8DA3-FA93E0E0D193}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Banished\Application-steam-x64.exe () [File not signed]
FirewallRules: [{C62883B6-D2A5-4C11-810E-388B9A467A45}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Banished\Application-steam-x64.exe () [File not signed]
FirewallRules: [{7C40E190-E914-457E-86E1-BDED3D2A8B75}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Victoria 2\victoria2.exe () [File not signed]
FirewallRules: [{C1E162C6-ED52-40A2-96AB-0A8E2CA515F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Victoria 2\victoria2.exe () [File not signed]
FirewallRules: [{A8B7C200-2F31-40B4-A922-9CB4FF0899CF}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Anno 2070\Anno5.exe (Related Designs Software -> Related Designs) [File not signed]
FirewallRules: [{220F5376-5832-4886-8F48-FECDF3569A55}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Anno 2070\Anno5.exe (Related Designs Software -> Related Designs) [File not signed]
FirewallRules: [{FE4B42E1-77C7-4217-986D-D4111485E59D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe (Firaxis Games) [File not signed]
FirewallRules: [{5E62761D-BBB2-4046-89C9-DDF53649797D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe (Firaxis Games) [File not signed]
FirewallRules: [{98435704-3BAC-4ABB-96A8-A2A8752FC8F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Command and Conquer 3 Tiberium Wars\CNC3.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{CE135E49-4DA4-437B-9825-09848481A054}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Command and Conquer 3 Tiberium Wars\CNC3.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{DF214FEF-B954-4200-BC2B-D78519138B59}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Twilight Struggle\TwilightStruggle.exe () [File not signed]
FirewallRules: [{F91D3A8D-18B1-47F8-AA5A-84B87AEB8CA8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Twilight Struggle\TwilightStruggle.exe () [File not signed]
FirewallRules: [{F1B95BC1-7AE7-4EB7-B283-6F31C56D5142}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Make America Great Again The Trump Presidency\MAGA.exe (Maverick Gaming) [File not signed]
FirewallRules: [{DF69DBB1-3FBB-4860-B244-72C0770309FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Make America Great Again The Trump Presidency\MAGA.exe (Maverick Gaming) [File not signed]
FirewallRules: [{BC2E6F45-94B9-430A-BA74-A6BA6F72833A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crisis in the Kremlin\Crisis_x64.exe No File
FirewallRules: [{D4164EC8-BBA3-4932-A0BC-2EB393938692}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crisis in the Kremlin\Crisis_x64.exe No File
FirewallRules: [{879C012B-90CD-4635-9C5E-B3A53825B859}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Buzz Aldrin's Space Program Manager\autorun.exe (Slitherine Ltd. -> Slitherine Publishing Ltd.)
FirewallRules: [{8F798835-7BF5-427D-B687-67541996E552}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Buzz Aldrin's Space Program Manager\autorun.exe (Slitherine Ltd. -> Slitherine Publishing Ltd.)
FirewallRules: [{A729CEDC-286A-4B60-91B5-A6CD087D916C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tropico 5\Tropico5Steam.exe (Haemimont Games) [File not signed]
FirewallRules: [{C3F94545-5B59-432E-8C80-7FE9AA0D941A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tropico 5\Tropico5Steam.exe (Haemimont Games) [File not signed]
FirewallRules: [{612A7D8B-95E4-4718-8356-D039A7ACA3DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kerbal Space Program\KSP.exe No File
FirewallRules: [{388BB834-7308-4968-BECC-64CFEFCE570B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kerbal Space Program\KSP.exe No File
FirewallRules: [{66583D1F-26D3-4292-AF13-76A6962170DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kerbal Space Program\KSP_x64.exe (Take-Two Interactive Software, Inc. -> )
FirewallRules: [{B3DBA488-89BB-4BC5-B90F-3469F5C64EEF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kerbal Space Program\KSP_x64.exe (Take-Two Interactive Software, Inc. -> )
FirewallRules: [{869B61F7-6BFA-43D5-BA7E-8CC2178EA4C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{E01F52DC-C580-443E-A739-03AADD5ABCBD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{DBCE73F1-38CF-477B-9D87-06C9D0C0CA4B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hearts of Iron IV\hoi4.exe (Paradox Interactive) [File not signed]
FirewallRules: [{7AE445E6-B2F3-4D9F-95C5-EBADF04D46AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hearts of Iron IV\hoi4.exe (Paradox Interactive) [File not signed]
FirewallRules: [{094DB8E1-E918-4B3C-B16E-F4C24FEFE5C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe () [File not signed]
FirewallRules: [{DFE83D94-0C08-4BCB-9F23-85CB3601936D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe () [File not signed]
FirewallRules: [{0392DA78-D071-43A8-B6C6-43A4BD3983C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock 2 Remastered\Build\Final\Bioshock2HD.exe (Take-Two Interactive Software) [File not signed]
FirewallRules: [{8D3A3437-7880-42FA-8A5C-9E82215B5424}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock 2 Remastered\Build\Final\Bioshock2HD.exe (Take-Two Interactive Software) [File not signed]
FirewallRules: [{C5A010C4-6977-41DA-B910-3B92218265A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe (Valve Corp. -> Irrational Games)
FirewallRules: [{8D641C50-40CB-4E62-8AE4-01274184E3F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe (Valve Corp. -> Irrational Games)
FirewallRules: [{DF673934-054E-40CA-85B7-882510F255FB}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Anno 2205\Bin\Win64\Anno2205.exe (Blue Byte GmbH -> Ubisoft)
FirewallRules: [{A13D0025-9F62-4B5B-9E6B-12252DC1D6D5}] => (Allow) C:\Games\World_of_Warships\WoWSLauncher.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{AE9D34EB-DCFD-4417-9A6A-9CBB28AA2CA9}] => (Allow) C:\Games\World_of_Warships\WoWSLauncher.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{50FEA1A0-2BFD-4392-9028-05D81B9D9EB6}] => (Allow) C:\Games\World_of_Warships\worldofwarships.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{F9C4B477-048A-4A9C-93E9-70AE21B3B212}] => (Allow) C:\Games\World_of_Warships\worldofwarships.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{FDAC8EAD-9F1E-4C9D-B8C0-92129AB2440C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe (Valve Corp. -> Firaxis Games)
FirewallRules: [{983B13E0-96D7-4EB6-ACF6-0D23D5E2C939}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe (Valve Corp. -> Firaxis Games)
FirewallRules: [{A43B0E0D-7D02-47A4-B5F1-015FB74E6847}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe (Valve Corp. -> Firaxis Games)
FirewallRules: [{6476E584-A338-419A-BF45-52F3FE32D450}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe (Valve Corp. -> Firaxis Games)
FirewallRules: [{09F2590A-242A-46A0-B258-4DD97ADE216A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe (Firaxis Games) [File not signed]
FirewallRules: [{E1674ECC-4289-47A0-8D2A-DD5A98DADC24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe (Firaxis Games) [File not signed]
FirewallRules: [{D6C7AFEF-C02E-464B-81EB-6B91F113BF6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe (Firaxis Games) [File not signed]
FirewallRules: [{ED06D19B-D174-4500-B3CF-A9C95471638A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe (Firaxis Games) [File not signed]
FirewallRules: [{EE6E1FF4-A68B-4CAD-B0C8-758B3AFF2FB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe (Bethesda Softworks -> Bethesda Softworks, Obsidian Entertainment)
FirewallRules: [{45E056D7-67F4-4A09-BB9C-1E4C6C34EA8D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe (Bethesda Softworks -> Bethesda Softworks, Obsidian Entertainment)
FirewallRules: [{6DE66C5B-1A33-4D44-81B6-0884AB5FD638}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{DEC9F99F-6CBA-4C48-9346-4296C949C122}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{BD82A567-E1B6-440E-977B-C6D0B2F62AE3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{4E31F098-0C0D-4809-ADEB-8640E3E1370A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{5BDC1E9E-0DCD-4977-9D80-1B212E2AC2E9}] => (Allow) C:\Program Files (x86)\Origin Games\Red Alert 3\RA3.exe (Electronic Arts -> Electronic Arts, Inc.)
FirewallRules: [{E2744AA3-8E14-4118-9B9E-758B55967D94}] => (Allow) C:\Program Files (x86)\Origin Games\Red Alert 3\RA3.exe (Electronic Arts -> Electronic Arts, Inc.)
FirewallRules: [{96C0A9A8-0D3A-4DB8-AED6-159A199A16F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crisis in the Kremlin\CrisisintheKremlin.exe () [File not signed]
FirewallRules: [{3B21D756-85E7-46CA-95A6-98C976919D3B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crisis in the Kremlin\CrisisintheKremlin.exe () [File not signed]
FirewallRules: [{C122FCCE-195E-40EB-A63E-934C38CB8D59}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [{00C40C09-DAC3-403C-8D17-C0A70624BA2C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [TCP Query User{2777AB1F-389F-4CB3-BAF4-A71DAD46D5B7}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited)
FirewallRules: [UDP Query User{29655071-7187-4F72-9F47-46B13E943712}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe (Windscribe Limited -> Windscribe Limited)
FirewallRules: [{A93CBDFB-C0FB-4A52-AFAF-B9E8420FCEF1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [{E5F170DE-D742-49B8-B6B3-123253FA6080}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [{9A0CE1A3-1810-4950-AA42-2819CF9E6E32}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Surviving Mars\MarsSteam.exe (Haemimont Games AD -> Haemimont Games)
FirewallRules: [{5AE317DA-B12F-4FCB-A40E-C678BC07C49C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Surviving Mars\MarsSteam.exe (Haemimont Games AD -> Haemimont Games)
FirewallRules: [{3DF7AA5C-9C11-4F20-8ECA-77DFC28AF355}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\STALKER Clear Sky\bin\xrEngine.exe (GSC Game World -> )
FirewallRules: [{052DBC4A-1719-4A50-BE87-9222D247153B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\STALKER Clear Sky\bin\xrEngine.exe (GSC Game World -> )
FirewallRules: [{6E684C7C-2A3A-4C77-BBEE-29290EDCD9BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stalker Call of Pripyat\bin\xrEngine.exe (GSC Game World -> GSC Game World)
FirewallRules: [{B72C83D9-F4FD-4645-AACF-4CD235562A3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stalker Call of Pripyat\bin\xrEngine.exe (GSC Game World -> GSC Game World)
FirewallRules: [{63C4DEF6-7FA7-4F7F-98F2-6515ED0DD576}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\STALKER Shadow of Chernobyl\bin\XR_3DA.exe (GSC Game World -> )
FirewallRules: [{0965CD69-27DE-488C-BD8C-F377241DD5A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\STALKER Shadow of Chernobyl\bin\XR_3DA.exe (GSC Game World -> )
FirewallRules: [{322C483D-D845-4540-A91B-72A581C315D2}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7C5DFF50-0FE5-4123-A64D-938A9A15D657}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{914DBB8F-6B38-4CDF-83E4-A49470548C21}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2123863F-37F9-498E-9874-945772C7C8D2}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EFD8567C-E790-4585-A57E-B924CF5216CC}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2DED9DC5-395C-437E-B86B-C6599CFB9961}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{42073C62-7ECB-497B-8B3F-045E098A35D8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A1C3CED9-2193-48C9-AC73-E4E7C350454E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8825E2EA-8E7A-4478-ACC9-75A10C8A3B65}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{D07DA6BC-78AD-4FC0-BCB5-166263C50690}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{C9C6AB4F-8D13-42AE-A2A7-22F3EE606492}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{5EACB6EB-BC5E-4875-9F76-FCD7D59968A7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{FACBD7E7-8A8E-45EE-9EDC-DBD8E822DAFB}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{19BDCB6E-7944-4144-81B0-38D202416266}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8B680AA5-CD7C-487A-B36A-5C0F131658F8}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{197F44A6-EA6C-4752-AF6B-0225EEC37D5A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SovietRepublic\SETUPAPPLICATION SOVIET.exe (3DIVISION) [File not signed]
FirewallRules: [{420D6E25-DB1D-49BD-A960-F10C27559102}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SovietRepublic\SETUPAPPLICATION SOVIET.exe (3DIVISION) [File not signed]
FirewallRules: [{97D02946-87C0-4F0F-8F4F-60DB44120296}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [{37294DA5-52F9-4054-AE35-48A7F01DD6B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe () [File not signed]
==================== Restore Points =========================
30-06-2019 01:23:36 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
Name: Intel® Dynamic Platform and Thermal Framework Manager
Description: Intel® Dynamic Platform and Thermal Framework Manager
Class Guid: {c3077fcd-9c3c-482f-9317-460712f23efd}
Manufacturer: Intel
Service: esif_lf
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/04/2019 07:53:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program HxOutlook.exe version 16.0.11629.20168 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 688
Start Time: 01d53299963f8c61
Termination Time: 4294967295
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe\HxOutlook.exe
Report Id: 74f2b239-29b8-46a3-b4d2-a51b4f584d8a
Faulting package full name: microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: microsoft.windowslive.mail
Error: (07/04/2019 02:52:45 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={FEC58892-B320-4345-83D9-0D8507B9242F}: The user SYSTEM dialed a connection named Windscribe IKEv2 which has failed. The error code returned on failure is 809.
Error: (07/04/2019 02:52:39 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: STEVE)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0
Error: (07/04/2019 02:52:39 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: STEVE)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0
Error: (07/04/2019 02:52:39 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: STEVE)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0
Error: (07/04/2019 02:52:39 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: STEVE)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=254, authorId=311, vendorId=14122, vendorType=1
Error: (07/04/2019 02:52:33 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={B5961A0D-95AB-4A33-9D6E-38EDD894F1B2}: The user SYSTEM dialed a connection named Windscribe IKEv2 which has failed. The error code returned on failure is 809.
Error: (07/04/2019 02:52:27 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: STEVE)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0
System errors:
=============
Error: (07/04/2019 10:48:17 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (07/04/2019 10:48:13 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (07/04/2019 10:48:08 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (07/04/2019 10:48:04 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (07/04/2019 10:48:00 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (07/04/2019 10:47:56 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (07/04/2019 10:47:52 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (07/04/2019 10:44:54 PM) (Source: DCOM) (EventID: 10001) (User: STEVE)
Description: Unable to start a DCOM Server: AD2F1837.HPFileViewer_4.4.32.190_x64__v10z8vjag6ke6!App.AppXvn8aca4b4h02834nb34mvr3bw63p95kb.mca as Unavailable/Unavailable. The error:
"5"
Happened while starting this command:
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXme8jgcj6dvexvw9y7b5eaqqjt3njg6kr.mca
CodeIntegrity:
===================================
Date: 2019-06-28 02:01:37.726
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\Norton Security\Engine\22.17.2.47\BuShell.dll that did not meet the Microsoft signing level requirements.
Date: 2019-06-28 02:01:37.687
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\Norton Security\Engine\22.17.2.47\BuShell.dll that did not meet the Microsoft signing level requirements.
Date: 2019-06-28 02:01:37.497
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\Norton Security\Engine\22.17.2.47\BuShell.dll that did not meet the Microsoft signing level requirements.
Date: 2019-06-28 02:01:35.377
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll that did not meet the Microsoft signing level requirements.
Date: 2019-06-28 02:01:35.360
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll that did not meet the Microsoft signing level requirements.
Date: 2019-06-28 02:01:35.328
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll that did not meet the Microsoft signing level requirements.
Date: 2019-06-28 02:01:35.301
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll that did not meet the Microsoft signing level requirements.
Date: 2019-06-28 02:01:35.277
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Insyde F.21 06/05/2015
Motherboard: Hewlett-Packard 8093
Processor: Intel® Core i3-5010U CPU @ 2.10GHz
Percentage of memory in use: 87%
Total physical RAM: 8114.27 MB
Available physical RAM: 1054.77 MB
Total Virtual: 14258.27 MB
Available Virtual: 2883.98 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:906.87 GB) (Free:198.28 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:22.64 GB) (Free:2.54 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{2b606012-bf81-4d55-b768-3d1c58325c22}\ (WINRE) (Fixed) (Total:0.63 GB) (Free:0.36 GB) NTFS
\\?\Volume{479ab04d-a223-4bc5-bf40-e6c1afd2c9ee}\ () (Fixed) (Total:0.99 GB) (Free:0.4 GB) NTFS
\\?\Volume{3988f7ad-b0b5-4da9-9a9d-346c2fea2f0f}\ () (Fixed) (Total:0.25 GB) (Free:0.15 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 2E78474F)
Partition: GPT.
==================== End of Addition.txt ============================