Hello, I am helping my sister and brother-in-law with their computer. The computer is more than a few years old with a HDD so I am migrating everything over to a Solid State Drive as a first upgrade step.
When I got the computer and turned it on, it took about 5 minutes to fully boot up because of all the programs running in the background. I used CCleaner to scan and then to look at the startup programs and disable the unneeded ones. I then opened Malwarebytes but it would not go through the pre-scan stuff so I used MBAM-Clean to remove the old version and get the new one. Now when I open MBAM it won't start (doesn't show in Task Manager applications even though it shows in processes and services).
So I need help getting it clean so it can go over to the SSD with a minimum of junk.
FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-07-2019
Ran by the Hoff (administrator) on THEHOFF-PC (02-08-2019 19:27:49)
Running from C:\Users\the Hoff\Desktop
Loaded Profiles: the Hoff (Available Profiles: the Hoff)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Actual Tools -> Actual Tools) [File not signed] C:\Program Files (x86)\[]TOOLS[]\Actual Multiple Monitors\ActualMultipleMonitorsCenter.exe
(Actual Tools -> Actual Tools) C:\Program Files (x86)\[]TOOLS[]\Actual Multiple Monitors\ActualMultipleMonitorsCenter64.exe
(Actual Tools -> Actual Tools) C:\Program Files (x86)\[]TOOLS[]\Actual Multiple Monitors\ActualMultipleMonitorsShellCenter64.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Amazon Services LLC -> Amazon Services LLC) C:\Users\the Hoff\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\[]TOOLS[]\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\[]TOOLS[]\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\[]TOOLS[]\Avast\AvastUI.exe
(Box, Inc. -> Box, Inc.) C:\Program Files\Box\Box\Box.Desktop.UpdateService.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\windows\System32\DbxSvc.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(GoPro, Inc. -> ) C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(Logitech -> Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\windows\System32\atiesrxx.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Plex, Inc -> ) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe
(Plex, Inc -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe
(Plex, Inc -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(Plex, Inc -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(Plex, Inc -> Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Stardock Corporation) [File not signed] C:\Program Files (x86)\[]TOOLS[]\CursorFX\CursorFX.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\[]TOOLS[]\Avast\AvLaunch.exe [269192 2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-25] (Logitech Inc -> Logitech, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3472861432-3466800176-631802751-1001\...\Run: [CursorFX] => C:\Program Files (x86)\[]TOOLS[]\CursorFX\CursorFX.exe [417280 2010-03-23] (Stardock Corporation) [File not signed]
HKU\S-1-5-21-3472861432-3466800176-631802751-1001\...\Run: [Actual Multiple Monitors] => C:\Program Files (x86)\[]TOOLS[]\Actual Multiple Monitors\ActualMultipleMonitorsCenter.exe [1782576 2013-09-19] (Actual Tools -> Actual Tools) [File not signed]
HKU\S-1-5-21-3472861432-3466800176-631802751-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [24989672 2019-07-15] (Plex, Inc -> Plex, Inc.)
HKU\S-1-5-21-3472861432-3466800176-631802751-1001\...\Run: [GoogleChromeAutoLaunch_421738EA55700933B3FAC1540D8F5C6F] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1555952 2019-07-12] (Google LLC -> Google LLC)
HKU\S-1-5-21-3472861432-3466800176-631802751-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-3472861432-3466800176-631802751-1001\...\Policies\Explorer: [NoLogOff] 0
HKU\S-1-5-21-3472861432-3466800176-631802751-1001\...\MountPoints2: {177d581c-6911-11e1-b881-bcaec54f1b9f} - E:\TL-Bootstrap.exe
HKU\S-1-5-21-3472861432-3466800176-631802751-1001\...\MountPoints2: {1f7655c1-33c8-11e5-8de9-bcaec54f1b9f} - F:\VerizonWirelessUpgradeAssistantSetup.exe -a
HKU\S-1-5-21-3472861432-3466800176-631802751-1001\...\MountPoints2: {20838ec2-465e-11e7-910d-bcaec54f1b9f} - E:\VerizonWirelessUpgradeAssistantSetup.exe
HKU\S-1-5-21-3472861432-3466800176-631802751-1001\...\MountPoints2: {65f4fc7e-5707-11e0-a635-bcaec54f1b9f} - E:\LaunchU3.exe -a
HKU\S-1-5-21-3472861432-3466800176-631802751-1001\...\MountPoints2: {73d43358-0978-11e5-8599-bcaec54f1b9f} - E:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-3472861432-3466800176-631802751-1001\...\MountPoints2: {90c3ab84-df7e-11e6-9f04-bcaec54f1b9f} - E:\VerizonWirelessUpgradeAssistantSetup.exe
HKU\S-1-5-21-3472861432-3466800176-631802751-1001\...\MountPoints2: {90c3abbe-df7e-11e6-9f04-bcaec54f1b9f} - E:\VerizonWirelessUpgradeAssistantSetup.exe
HKU\S-1-5-21-3472861432-3466800176-631802751-1001\...\MountPoints2: {912af8cb-85b2-11e3-8d84-bcaec54f1b9f} - N:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-3472861432-3466800176-631802751-1001\...\MountPoints2: {d0b5e87b-7d42-11e2-9f15-bcaec54f1b9f} - E:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-3472861432-3466800176-631802751-1001\...\MountPoints2: {d0b5e897-7d42-11e2-9f15-bcaec54f1b9f} - F:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-3472861432-3466800176-631802751-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Bubbles.scr [899584 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [24989672 2019-07-15] (Plex, Inc -> Plex, Inc.)
HKLM\...\Drivers32: [vidc.i420] => C:\windows\system32\lvcod64.dll [175392 2012-09-21] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [VIDC.CFHD] => C:\windows\system32\CFHD.dll [1334784 2016-05-12] (CineForm Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-09-21] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [VIDC.CFHD] => C:\Windows\SysWOW64\CFHD.dll [1119744 2016-05-12] (CineForm Inc.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-16] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] -> C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.CredentialProvider.dll [2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
Lsa: [Notification Packages] scecli "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {12A83DF3-8D6F-40A3-AFA4-6E482BCE9251} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2108624 2013-05-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {1678C4F8-485F-493A-A5B5-C07709444E6F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {184FC201-EE9F-4ACB-A34E-F93250F8FD28} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {1D80650F-D4ED-47BB-A6CE-09F59B260EEC} - System32\Tasks\GoogleUpdateTaskMachineCore1d1e91e1a557402 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {2D167A0F-365F-4DC0-929A-CFE3DB1467C5} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {310475E1-2368-4C8F-B0C0-F8FFBA7A0F0B} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {37C24772-6096-4852-9F2F-9BD112FA9BEB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {3E75F997-9576-46F1-9FD6-B72B45C280DB} - System32\Tasks\AdobeAAMUpdater-1.0-theHoff-PC-the Hoff => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {61D5FAE9-2E2B-44D5-9798-B660CA7647A1} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe
Task: {6CA54804-74C3-4865-AE4C-E14A575CAE65} - System32\Tasks\G2MUpdateTask-S-1-5-21-3472861432-3466800176-631802751-1001 => C:\Program Files (x86)\Citrix\GoToMeeting\4962\g2mupdate.exe [41536 2016-05-18] (Citrix Online -> Citrix Online, a division of Citrix Systems, Inc.)
Task: {6F8D1709-4239-45F2-8549-499C72076BF8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-02] (Dropbox, Inc -> Dropbox, Inc.)
Task: {7041E7E3-8E1F-457F-996F-BDF1EE220248} - System32\Tasks\GoogleUpdateTaskMachineUA1d1e91e1aea8a41 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {7220FC43-43BD-4A4D-9C9E-03D115747650} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-08-02] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {81759849-BAC2-4560-B379-F29B7FEF9FF4} - System32\Tasks\G2MUploadTask-S-1-5-21-3472861432-3466800176-631802751-1001 => C:\Program Files (x86)\Citrix\GoToMeeting\4962\g2mupload.exe [41536 2016-05-18] (Citrix Online -> Citrix Online, a division of Citrix Systems, Inc.)
Task: {82A7B415-81BF-41CF-B6C4-754E25DFD0FD} - System32\Tasks\Amazon Music Helper => C:\Users\the Hoff\AppData\Local\Amazon Music\Amazon Music Helper.exe [3694056 2017-03-28] (Amazon Services LLC -> Amazon Services LLC)
Task: {8831782A-BD51-45B3-A77F-B9DEF42FA4B0} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {99BF1AB0-AF5C-47C5-9E0D-217DE75D449E} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1491664 2013-05-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {AA84109C-B609-49BC-BA4A-0EB05A8A999F} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3472861432-3466800176-631802751-1001UA => C:\Users\the Hoff\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc -> Dropbox, Inc.)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {AFA8001A-F4D1-481F-845A-C6F7E12B49E6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B527F042-33F2-4252-8A9B-3D7149FAAE8A} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2108624 2013-05-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {C07B0ED4-21B5-4B66-9E4C-E9583ECC7ED0} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1491664 2013-05-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {C07FDEDB-3165-425C-8FF4-1A0BC19B1F8B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2047368 2019-07-30] (AVAST Software s.r.o. -> AVAST Software)
Task: {C717FCAF-4112-4596-9E84-F300775F73F5} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {D7DB9198-81B0-429C-BF2C-8FDA5FE6E823} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3472861432-3466800176-631802751-1001Core => C:\Users\the Hoff\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc -> Dropbox, Inc.)
Task: {DB3D67B2-0E62-4F9E-A346-DF36215A1E9E} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4639280 2018-12-02] (McAfee, Inc. -> McAfee, Inc.)
Task: {E1C6D5C0-EC7A-41F9-B338-164B9AB74347} - System32\Tasks\Avast Emergency Update => C:\Program Files\[]TOOLS[]\Avast\AvEmUpdate.exe [3940232 2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
Task: {ECD1D176-4038-492A-9691-1FE2394AF83F} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-02] (Dropbox, Inc -> Dropbox, Inc.)
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: {FEEB1477-41C9-42C2-81F5-E385530E8CFC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {FEEBFBA3-7517-48F0-9623-3922637009F1} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2179792 2013-05-13] (Microsoft Corporation -> Microsoft)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3472861432-3466800176-631802751-1001Core.job => C:\Users\the Hoff\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3472861432-3466800176-631802751-1001UA.job => C:\Users\the Hoff\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\G2MUpdateTask-S-1-5-21-3472861432-3466800176-631802751-1001.job => C:\Users\the Hoff\AppData\Local\GoToMeeting\12022\g2mupdate.exe
Task: C:\windows\Tasks\G2MUploadTask-S-1-5-21-3472861432-3466800176-631802751-1001.job => C:\Users\the Hoff\AppData\Local\GoToMeeting\12022\g2mupload.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B0B045C6-0DBA-4926-8B56-159FF565315A}: [DhcpNameServer] 192.168.1.1
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,192.168.0.2,1]
Internet Explorer:
==================
HKU\S-1-5-21-3472861432-3466800176-631802751-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://nmd.msn.com/
HKU\S-1-5-21-3472861432-3466800176-631802751-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://nmd.msn.com
SearchScopes: HKLM -> {5807584B-75B6-465D-88B0-3C4AC684276C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {B01640CD-4AE7-4121-9097-F4E61054E570} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3472861432-3466800176-631802751-1001 -> {B01640CD-4AE7-4121-9097-F4E61054E570} URL = hxxp://www.bing.com/search?FORM=MNMTDF&PC=MANM&q={searchTerms}&src=IE-SearchBox
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (Canon Inc. -> CANON INC.)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-29] (Oracle America, Inc. -> Oracle Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-25] (Logitech Inc -> Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-29] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-01-29] (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-25] (Logitech Inc -> Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
DPF: HKLM-x32 {BEA7310D-06C4-4339-A784-DC3804819809} hxxp://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 7b7ioxbj.Mandy
FF ProfilePath: C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\nscrosro.default-1450112767985 [not found] <==== ATTENTION
FF ProfilePath: C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7fhx2nxa.default [not found] <==== ATTENTION
FF ProfilePath: C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7b7ioxbj.Mandy [2019-08-02]
FF Extension: (Cookie Restrictions Strict List Study) - C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7b7ioxbj.Mandy\Extensions\[email protected] [2019-06-29]
FF Extension: (uBlock Origin) - C:\Users\the Hoff\AppData\Roaming\Mozilla\Firefox\Profiles\7b7ioxbj.Mandy\Extensions\[email protected] [2019-08-02]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2018-03-19] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll [2017-08-02] (Adobe Systems Incorporated -> )
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\[]TOOLS[]\PDF-XChange\npPDFXCviewNPPlugin.dll [2011-02-15] (Tracker Software Products Ltd -> Tracker Software Products Ltd.)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-29] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-08-02] (Adobe Systems Incorporated -> )
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\[]TOOLS[]\PDF-XChange\Win32\npPDFXCviewNPPlugin.dll [2011-02-15] (Tracker Software Products Ltd -> Tracker Software Products Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google Inc -> Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=1.1.7 -> C:\Program Files (x86)\[]TOOLS[]\VLC\npvlc.dll [2011-01-30] (the VideoLAN Team) [File not signed]
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-3472861432-3466800176-631802751-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\the Hoff\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2019-07-29] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF Plugin HKU\S-1-5-21-3472861432-3466800176-631802751-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll [2012-10-24] (Amazon.com, Inc.) [File not signed]
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxps://norwex.biz/en_US/consultant/login","hxxp://google.com/"
CHR DefaultSearchKeyword: Default -> lp
CHR Profile: C:\Users\the Hoff\AppData\Local\Google\Chrome\User Data\Default [2019-08-02]
CHR Extension: (Google Drive) - C:\Users\the Hoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-11-09]
CHR Extension: (ShowPassword) - C:\Users\the Hoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiclfnbhommljbjcoelobnnnibemabl [2017-12-12]
CHR Extension: (uBlock Origin) - C:\Users\the Hoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-07-28]
CHR Extension: (Adobe Acrobat) - C:\Users\the Hoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-06-12]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\the Hoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2016-09-13]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\the Hoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-06-08]
CHR Extension: (Hangouts Notifications) - C:\Users\the Hoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbpmaadfebbedknhmeeijeicldjlegee [2018-11-16]
CHR Extension: (Google Docs Offline) - C:\Users\the Hoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-30]
CHR Extension: (AdBlock) - C:\Users\the Hoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-08-01]
CHR Extension: (Avast Online Security) - C:\Users\the Hoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-16]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\the Hoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2019-07-28]
CHR Extension: (Weather) - C:\Users\the Hoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\iolcbmjhmpdheggkocibajddahbeiglb [2019-06-08]
CHR Extension: (Google Forms) - C:\Users\the Hoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhknlonaankphkkbnmjdlpehkinifeeg [2017-03-29]
CHR Extension: (Power Zoom - Zoom Images with a Mouse Hover) - C:\Users\the Hoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlioidldolgbmanndggdnldambdlglgj [2016-01-06]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\the Hoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-08-19]
CHR Extension: (Boomerang for Gmail) - C:\Users\the Hoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll [2018-09-20]
CHR Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\the Hoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2019-06-27]
CHR Extension: (Google Hangouts) - C:\Users\the Hoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2019-05-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\the Hoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-11]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\the Hoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2019-06-20]
CHR Extension: (Chrome Media Router) - C:\Users\the Hoff\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-27]
CHR HKU\S-1-5-21-3472861432-3466800176-631802751-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\THEHOF~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-09-10]
CHR HKU\S-1-5-21-3472861432-3466800176-631802751-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3472861432-3466800176-631802751-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\[]TOOLS[]\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AMD External Events Utility; C:\windows\system32\atiesrxx.exe [238080 2013-04-29] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-30] (Advanced Micro Devices, Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\[]TOOLS[]\Avast\aswidsagent.exe [6797008 2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\[]TOOLS[]\Avast\AvastSvc.exe [414976 2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
R2 BoxUpdateSvc; C:\Program Files\Box\Box\Box.Desktop.UpdateService.exe [53056 2018-08-17] (Box, Inc. -> Box, Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-02] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-02] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\windows\system32\DbxSvc.exe [51024 2019-07-30] (Dropbox, Inc -> Dropbox, Inc.)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [37808 2016-05-12] (GoPro, Inc. -> )
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-10-19] (Logitech Inc -> Logitech Inc.)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [2128872 2019-07-15] (Plex, Inc -> Plex, Inc.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-15] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S2 TrueKey; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe [421432 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
R2 TrueKeyScheduler; C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe [421432 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
R2 TrueKeyServiceHelper; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe [194168 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Windows -> Microsoft Corporation)
S3 AvastVBoxSvc; C:\Program Files\[]TOOLS[]\Avast\ng\vbox\AvastVBoxSVC.exe [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdiox64; C:\windows\System32\DRIVERS\amdiox64.sys [46136 2010-02-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 amdkmdag; C:\windows\System32\DRIVERS\atikmdag.sys [11922944 2013-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\windows\System32\DRIVERS\atikmpag.sys [359936 2013-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [37320 2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [209256 2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [263224 2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [206056 2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [61688 2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42504 2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [168896 2019-07-31] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [112520 2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [88160 2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [1030784 2019-07-31] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [477288 2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [225816 2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [387896 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\windows\System32\drivers\AtihdW76.sys [96896 2012-05-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 atikmdag; C:\windows\System32\DRIVERS\atikmdag.sys [11922944 2013-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R1 cbfs6; C:\windows\system32\drivers\cbfs6.sys [460992 2016-09-21] (EldoS Corporation -> /n software, Inc.)
S3 dg_ssudbus; C:\windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\windows\System32\drivers\LGJoyXlCore.sys [67736 2017-10-19] (Logitech Inc -> Logitech Inc.)
R3 MTsensor; C:\windows\system32\DRIVERS\ASACPI.sys [15680 2006-11-01] (ASUSTeK Computer Inc. -> )
R2 NPF; C:\windows\system32\drivers\npf.sys [35344 2015-12-03] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
S3 ssudmdm; C:\windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Apple, Inc.) [File not signed]
R3 VIAHdAudAddService; C:\windows\System32\drivers\viahduaa.sys [1222144 2009-07-10] (Microsoft Windows Hardware Compatibility Publisher -> VIA Technologies, Inc.)
S3 WDC_SAM; C:\windows\System32\DRIVERS\wdcsam64.sys [14464 2008-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 RTHDMIAzAudService; system32\drivers\RtHDMIVX.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-08-02 19:27 - 2019-08-02 19:29 - 000039701 _____ C:\Users\the Hoff\Desktop\FRST.txt
2019-08-02 19:24 - 2019-08-02 19:24 - 002096128 _____ (Farbar) C:\Users\the Hoff\Desktop\FRST64.exe
2019-08-02 18:45 - 2019-08-02 18:45 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-08-02 18:45 - 2019-08-02 18:45 - 000000000 ____D C:\Program Files\Malwarebytes
2019-08-02 18:45 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\windows\system32\Drivers\mbae64.sys
2019-08-02 18:30 - 2019-08-02 18:31 - 000858912 _____ (Malwarebytes) C:\Users\the Hoff\Downloads\mb-clean-3.1.0.1035.exe
2019-08-02 18:11 - 2019-08-02 18:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-08-01 17:46 - 2019-08-01 17:46 - 020891464 _____ (Piriform Software Ltd) C:\Users\the Hoff\Downloads\ccsetup560.exe
2019-07-30 15:18 - 2019-07-30 15:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-07-30 05:19 - 2019-07-30 05:19 - 000051024 _____ (Dropbox, Inc.) C:\windows\system32\DbxSvc.exe
2019-07-30 05:19 - 2019-07-30 05:19 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-stable.sys
2019-07-30 05:19 - 2019-07-30 05:19 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-dev.sys
2019-07-30 05:19 - 2019-07-30 05:19 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-canary.sys
2019-07-29 10:36 - 2019-07-29 10:36 - 000000000 ____D C:\Users\the Hoff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2019-07-25 02:15 - 2019-07-25 02:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2019-07-24 04:59 - 2019-07-13 01:14 - 000334848 _____ (Microsoft Corporation) C:\windows\system32\sipnotify.exe
2019-07-15 20:43 - 2019-07-31 08:43 - 000168896 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2019-07-15 20:43 - 2019-07-15 20:43 - 000225816 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2019-07-15 20:43 - 2019-07-15 20:42 - 000363400 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2019-07-11 20:24 - 2019-07-11 20:24 - 000000000 _____ C:\windows\system32\last.dump
2019-07-09 13:55 - 2019-06-27 22:24 - 000887808 _____ (Microsoft Corporation) C:\windows\system32\wlansvc.dll
2019-07-09 13:55 - 2019-06-20 19:44 - 003229696 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2019-07-09 13:55 - 2019-06-20 18:41 - 001251840 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2019-07-09 13:55 - 2019-06-20 02:11 - 000396896 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2019-07-09 13:55 - 2019-06-20 01:15 - 000348976 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2019-07-09 13:55 - 2019-06-18 20:06 - 004927488 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2019-07-09 13:55 - 2019-06-18 18:07 - 005785600 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2019-07-09 13:55 - 2019-06-17 23:41 - 001649664 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2019-07-09 13:55 - 2019-06-17 21:34 - 025730560 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2019-07-09 13:55 - 2019-06-17 21:21 - 002724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2019-07-09 13:55 - 2019-06-17 21:21 - 000004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2019-07-09 13:55 - 2019-06-17 21:09 - 002903552 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2019-07-09 13:55 - 2019-06-17 21:08 - 000066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2019-07-09 13:55 - 2019-06-17 21:07 - 000578560 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2019-07-09 13:55 - 2019-06-17 21:07 - 000417280 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2019-07-09 13:55 - 2019-06-17 21:07 - 000088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2019-07-09 13:55 - 2019-06-17 21:07 - 000048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2019-07-09 13:55 - 2019-06-17 21:00 - 000054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2019-07-09 13:55 - 2019-06-17 20:59 - 005775872 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2019-07-09 13:55 - 2019-06-17 20:59 - 000034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2019-07-09 13:55 - 2019-06-17 20:57 - 000615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2019-07-09 13:55 - 2019-06-17 20:56 - 020274688 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2019-07-09 13:55 - 2019-06-17 20:56 - 000790528 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2019-07-09 13:55 - 2019-06-17 20:56 - 000144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2019-07-09 13:55 - 2019-06-17 20:56 - 000116224 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2019-07-09 13:55 - 2019-06-17 20:55 - 000814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2019-07-09 13:55 - 2019-06-17 20:51 - 002724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2019-07-09 13:55 - 2019-06-17 20:48 - 000969216 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2019-07-09 13:55 - 2019-06-17 20:45 - 000489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2019-07-09 13:55 - 2019-06-17 20:39 - 000496128 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2019-07-09 13:55 - 2019-06-17 20:39 - 000077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2019-07-09 13:55 - 2019-06-17 20:39 - 000062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2019-07-09 13:55 - 2019-06-17 20:38 - 000341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2019-07-09 13:55 - 2019-06-17 20:38 - 000107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2019-07-09 13:55 - 2019-06-17 20:38 - 000087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2019-07-09 13:55 - 2019-06-17 20:38 - 000047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2019-07-09 13:55 - 2019-06-17 20:37 - 000064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2019-07-09 13:55 - 2019-06-17 20:35 - 002297344 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2019-07-09 13:55 - 2019-06-17 20:35 - 000199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2019-07-09 13:55 - 2019-06-17 20:34 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2019-07-09 13:55 - 2019-06-17 20:32 - 000315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2019-07-09 13:55 - 2019-06-17 20:32 - 000047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2019-07-09 13:55 - 2019-06-17 20:32 - 000030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2019-07-09 13:55 - 2019-06-17 20:30 - 000476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2019-07-09 13:55 - 2019-06-17 20:30 - 000152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2019-07-09 13:55 - 2019-06-17 20:29 - 000663040 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2019-07-09 13:55 - 2019-06-17 20:29 - 000620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2019-07-09 13:55 - 2019-06-17 20:29 - 000115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2019-07-09 13:55 - 2019-06-17 20:21 - 000416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2019-07-09 13:55 - 2019-06-17 20:21 - 000262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2019-07-09 13:55 - 2019-06-17 20:20 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2019-07-09 13:55 - 2019-06-17 20:20 - 000728064 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2019-07-09 13:55 - 2019-06-17 20:19 - 015311872 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2019-07-09 13:55 - 2019-06-17 20:17 - 002136064 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2019-07-09 13:55 - 2019-06-17 20:17 - 001359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2019-07-09 13:55 - 2019-06-17 20:16 - 000091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2019-07-09 13:55 - 2019-06-17 20:16 - 000073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2019-07-09 13:55 - 2019-06-17 20:16 - 000060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-07-09 13:55 - 2019-06-17 20:13 - 000168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2019-07-09 13:55 - 2019-06-17 20:13 - 000076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2019-07-09 13:55 - 2019-06-17 20:11 - 000279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2019-07-09 13:55 - 2019-06-17 20:10 - 000130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2019-07-09 13:55 - 2019-06-17 20:07 - 004494336 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2019-07-09 13:55 - 2019-06-17 20:06 - 004858880 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2019-07-09 13:55 - 2019-06-17 20:04 - 000230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2019-07-09 13:55 - 2019-06-17 20:03 - 013706752 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2019-07-09 13:55 - 2019-06-17 20:03 - 002060288 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2019-07-09 13:55 - 2019-06-17 20:03 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2019-07-09 13:55 - 2019-06-17 20:02 - 001155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2019-07-09 13:55 - 2019-06-17 19:55 - 001557504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2019-07-09 13:55 - 2019-06-17 19:44 - 004386304 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2019-07-09 13:55 - 2019-06-17 19:43 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2019-07-09 13:55 - 2019-06-17 19:41 - 001323008 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2019-07-09 13:55 - 2019-06-17 19:39 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2019-07-09 13:55 - 2019-06-12 20:25 - 000160488 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2019-07-09 13:55 - 2019-06-12 20:21 - 000732160 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2019-07-09 13:55 - 2019-06-12 08:23 - 004057320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2019-07-09 13:55 - 2019-06-12 08:23 - 003964136 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2019-07-09 13:55 - 2019-06-12 08:10 - 005550824 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2019-07-09 13:55 - 2019-06-12 08:06 - 000680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2019-07-09 13:55 - 2019-06-12 07:49 - 000205312 _____ (Microsoft Corporation) C:\windows\SysWOW64\Dism.exe
2019-07-09 13:55 - 2019-06-12 07:37 - 000274944 _____ (Microsoft Corporation) C:\windows\system32\Dism.exe
2019-07-09 13:55 - 2019-06-10 19:59 - 002863104 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2019-07-09 13:55 - 2019-06-10 19:59 - 001712640 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2019-07-09 13:55 - 2019-06-10 19:59 - 000801792 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2019-07-09 13:55 - 2019-06-10 19:59 - 000634368 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2019-07-09 13:55 - 2019-06-10 19:59 - 000501760 _____ (Microsoft Corporation) C:\windows\system32\centel.dll
2019-07-09 13:55 - 2019-06-10 19:59 - 000456192 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2019-07-09 13:55 - 2019-06-10 19:59 - 000315904 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2019-07-09 13:55 - 2019-06-10 19:59 - 000257024 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2019-07-09 13:55 - 2019-06-07 08:08 - 000516096 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2019-07-09 13:54 - 2019-06-27 22:24 - 000448512 _____ (Microsoft Corporation) C:\windows\system32\wlansec.dll
2019-07-09 13:54 - 2019-06-27 22:24 - 000414208 _____ (Microsoft Corporation) C:\windows\system32\wlanmsm.dll
2019-07-09 13:54 - 2019-06-27 22:24 - 000118784 _____ (Microsoft Corporation) C:\windows\system32\wlanhlp.dll
2019-07-09 13:54 - 2019-06-27 22:24 - 000113664 _____ (Microsoft Corporation) C:\windows\system32\wlanapi.dll
2019-07-09 13:54 - 2019-06-27 22:23 - 000428032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlanmsm.dll
2019-07-09 13:54 - 2019-06-27 22:23 - 000392704 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlansec.dll
2019-07-09 13:54 - 2019-06-27 22:23 - 000083968 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlanhlp.dll
2019-07-09 13:54 - 2019-06-27 22:23 - 000080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlanapi.dll
2019-07-09 13:54 - 2019-06-20 20:09 - 000806400 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2019-07-09 13:54 - 2019-06-20 20:05 - 000628224 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2019-07-09 13:54 - 2019-06-18 20:06 - 000269824 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2019-07-09 13:54 - 2019-06-12 08:22 - 001314104 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2019-07-09 13:54 - 2019-06-12 08:21 - 012574208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2019-07-09 13:54 - 2019-06-12 08:21 - 011411968 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2019-07-09 13:54 - 2019-06-12 08:21 - 001114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2019-07-09 13:54 - 2019-06-12 08:21 - 000666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2019-07-09 13:54 - 2019-06-12 08:21 - 000617984 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmdrmsdk.dll
2019-07-09 13:54 - 2019-06-12 08:21 - 000275968 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2019-07-09 13:54 - 2019-06-12 08:21 - 000179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2019-07-09 13:54 - 2019-06-12 08:21 - 000172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2019-07-09 13:54 - 2019-06-12 08:21 - 000096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2019-07-09 13:54 - 2019-06-12 08:21 - 000082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll
2019-07-09 13:54 - 2019-06-12 08:21 - 000005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2019-07-09 13:54 - 2019-06-12 08:20 - 003207168 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2019-07-09 13:54 - 2019-06-12 08:20 - 001329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2019-07-09 13:54 - 2019-06-12 08:20 - 000988160 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmv2clt.dll
2019-07-09 13:54 - 2019-06-12 08:20 - 000555520 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2019-07-09 13:54 - 2019-06-12 08:20 - 000519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2019-07-09 13:54 - 2019-06-12 08:20 - 000504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscp.dll
2019-07-09 13:54 - 2019-06-12 08:20 - 000489984 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2019-07-09 13:54 - 2019-06-12 08:20 - 000442368 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2019-07-09 13:54 - 2019-06-12 08:20 - 000406016 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmmgrtn.dll
2019-07-09 13:54 - 2019-06-12 08:20 - 000354816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2019-07-09 13:54 - 2019-06-12 08:20 - 000265216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msnetobj.dll
2019-07-09 13:54 - 2019-06-12 08:20 - 000261632 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2019-07-09 13:54 - 2019-06-12 08:20 - 000254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2019-07-09 13:54 - 2019-06-12 08:20 - 000223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2019-07-09 13:54 - 2019-06-12 08:20 - 000146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2019-07-09 13:54 - 2019-06-12 08:20 - 000141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2019-07-09 13:54 - 2019-06-12 08:20 - 000103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2019-07-09 13:54 - 2019-06-12 08:20 - 000070144 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2019-07-09 13:54 - 2019-06-12 08:20 - 000060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2019-07-09 13:54 - 2019-06-12 08:20 - 000046592 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssign32.dll
2019-07-09 13:54 - 2019-06-12 08:20 - 000043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2019-07-09 13:54 - 2019-06-12 08:20 - 000022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2019-07-09 13:54 - 2019-06-12 08:20 - 000002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 001177088 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 001005056 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptui.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 000744960 _____ (Microsoft Corporation) C:\windows\SysWOW64\blackbox.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 000690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 000644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 000373248 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 000342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 000195072 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 000146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 000106496 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 000080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsp.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 000050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 000017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 000006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 000005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 000004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:19 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:15 - 000631680 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2019-07-09 13:54 - 2019-06-12 08:11 - 000708328 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2019-07-09 13:54 - 2019-06-12 08:11 - 000262376 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2019-07-09 13:54 - 2019-06-12 08:11 - 000153832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2019-07-09 13:54 - 2019-06-12 08:11 - 000094440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2019-07-09 13:54 - 2019-06-12 08:10 - 000095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2019-07-09 13:54 - 2019-06-12 08:09 - 001664352 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2019-07-09 13:54 - 2019-06-12 08:08 - 014637568 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2019-07-09 13:54 - 2019-06-12 08:08 - 012574720 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2019-07-09 13:54 - 2019-06-12 08:08 - 000782848 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
2019-07-09 13:54 - 2019-06-12 08:08 - 000503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2019-07-09 13:54 - 2019-06-12 08:08 - 000361984 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2019-07-09 13:54 - 2019-06-12 08:08 - 000243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2019-07-09 13:54 - 2019-06-12 08:08 - 000236032 _____ (Microsoft Corporation) C:\windows\system32\srvsvc.dll
2019-07-09 13:54 - 2019-06-12 08:08 - 000229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2019-07-09 13:54 - 2019-06-12 08:08 - 000215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2019-07-09 13:54 - 2019-06-12 08:08 - 000210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2019-07-09 13:54 - 2019-06-12 08:08 - 000135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2019-07-09 13:54 - 2019-06-12 08:08 - 000094208 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2019-07-09 13:54 - 2019-06-12 08:08 - 000050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2019-07-09 13:54 - 2019-06-12 08:08 - 000028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2019-07-09 13:54 - 2019-06-12 08:08 - 000013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2019-07-09 13:54 - 2019-06-12 08:08 - 000013312 _____ (Microsoft Corporation) C:\windows\system32\sscore.dll
2019-07-09 13:54 - 2019-06-12 08:08 - 000005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2019-07-09 13:54 - 2019-06-12 08:08 - 000005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 004120576 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 001574400 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 001484800 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 001472512 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 001211392 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 001202176 _____ (Microsoft Corporation) C:\windows\system32\drmv2clt.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 001162752 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 001068544 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 000733184 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 000641024 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 000632320 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 000499712 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 000497664 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 000463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 000433152 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 000408576 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 000371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 000345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 000325632 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 000317440 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 000312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 000284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 000206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 000190976 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 000190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 000187904 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 000146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 000141824 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 000081920 _____ (Microsoft Corporation) C:\windows\system32\cryptsp.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 000063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\mssign32.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 000044032 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 000043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 000037376 _____ (Microsoft Corporation) C:\windows\system32\pcadm.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 000028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 000022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 000016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 000011264 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 000009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 000008704 _____ (Microsoft Corporation) C:\windows\system32\pcaevts.dll
2019-07-09 13:54 - 2019-06-12 08:07 - 000002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000842240 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000438784 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000295936 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000123904 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2019-07-09 13:54 - 2019-06-12 08:06 - 000004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:06 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 08:05 - 000050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2019-07-09 13:54 - 2019-06-12 08:04 - 000023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2019-07-09 13:54 - 2019-06-12 08:01 - 000663552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2019-07-09 13:54 - 2019-06-12 07:55 - 000009728 _____ (Microsoft Corporation) C:\windows\SysWOW64\sscore.dll
2019-07-09 13:54 - 2019-06-12 07:54 - 000050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2019-07-09 13:54 - 2019-06-12 07:50 - 000055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2019-07-09 13:54 - 2019-06-12 07:49 - 000125952 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2019-07-09 13:54 - 2019-06-12 07:49 - 000024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2019-07-09 13:54 - 2019-06-12 07:48 - 000025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2019-07-09 13:54 - 2019-06-12 07:48 - 000014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2019-07-09 13:54 - 2019-06-12 07:48 - 000007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2019-07-09 13:54 - 2019-06-12 07:48 - 000002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2019-07-09 13:54 - 2019-06-12 07:47 - 000036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2019-07-09 13:54 - 2019-06-12 07:46 - 000006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 07:46 - 000004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 07:46 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 07:46 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-07-09 13:54 - 2019-06-12 07:42 - 000148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2019-07-09 13:54 - 2019-06-12 07:42 - 000064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2019-07-09 13:54 - 2019-06-12 07:42 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2019-07-09 13:54 - 2019-06-12 07:42 - 000017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2019-07-09 13:54 - 2019-06-12 07:39 - 000338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2019-07-09 13:54 - 2019-06-12 07:39 - 000129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\videoprt.sys
2019-07-09 13:54 - 2019-06-12 07:38 - 000296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2019-07-09 13:54 - 2019-06-12 07:37 - 000011264 _____ (Microsoft Corporation) C:\windows\system32\pcawrk.exe
2019-07-09 13:54 - 2019-06-12 07:37 - 000009728 _____ (Microsoft Corporation) C:\windows\system32\pcalua.exe
2019-07-09 13:54 - 2019-06-12 07:36 - 000464384 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2019-07-09 13:54 - 2019-06-12 07:36 - 000406016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2019-07-09 13:54 - 2019-06-12 07:36 - 000291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2019-07-09 13:54 - 2019-06-12 07:36 - 000169472 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2019-07-09 13:54 - 2019-06-12 07:36 - 000160768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2019-07-09 13:54 - 2019-06-12 07:36 - 000129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2019-07-09 13:54 - 2019-06-12 07:35 - 000112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2019-07-09 13:54 - 2019-06-12 07:35 - 000064512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdk8.sys
2019-07-09 13:54 - 2019-06-12 07:35 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelppm.sys
2019-07-09 13:54 - 2019-06-12 07:35 - 000060928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\processr.sys
2019-07-09 13:54 - 2019-06-12 07:35 - 000060928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdppm.sys
2019-07-09 13:54 - 2019-06-12 07:35 - 000044544 _____ (Microsoft Corporation) C:\windows\system32\Drivers\npfs.sys
2019-07-09 13:54 - 2019-06-12 07:35 - 000030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2019-07-09 13:54 - 2019-06-07 08:18 - 001425920 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2019-07-09 13:54 - 2019-06-07 08:18 - 000026112 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleres.dll
2019-07-09 13:54 - 2019-06-07 08:08 - 002072576 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2019-07-09 13:54 - 2019-06-07 08:08 - 000026112 _____ (Microsoft Corporation) C:\windows\system32\oleres.dll
2019-07-09 13:54 - 2019-06-07 08:07 - 000008704 _____ (Microsoft Corporation) C:\windows\system32\comcat.dll
2019-07-09 13:54 - 2019-06-07 07:55 - 000007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\comcat.dll
2019-07-09 13:54 - 2018-11-17 19:43 - 000322560 _____ (Microsoft Corporation) C:\windows\system32\aaclient.dll
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-08-02 19:28 - 2009-07-13 21:45 - 000018736 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-08-02 19:28 - 2009-07-13 21:45 - 000018736 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-08-02 19:27 - 2015-08-09 12:35 - 000000000 ____D C:\FRST
2019-08-02 19:25 - 2011-03-03 17:00 - 000000000 ____D C:\Users\the Hoff\AppData\Roaming\TeraCopy
2019-08-02 19:06 - 2016-12-06 12:26 - 000000000 ____D C:\Users\the Hoff\AppData\LocalLow\Mozilla
2019-08-02 18:54 - 2011-03-03 14:01 - 000000000 ____D C:\Users\the Hoff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\[]TOOLS[]
2019-08-02 18:45 - 2009-07-13 20:20 - 000000000 ____D C:\windows\inf
2019-08-02 18:39 - 2017-04-03 18:36 - 000000248 _____ C:\windows\Tasks\AutoKMS.job
2019-08-02 18:39 - 2016-11-02 18:58 - 000000912 _____ C:\windows\Tasks\DropboxUpdateTaskMachineUA.job
2019-08-02 18:39 - 2016-11-02 18:58 - 000000908 _____ C:\windows\Tasks\DropboxUpdateTaskMachineCore.job
2019-08-02 18:39 - 2009-07-13 22:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
2019-08-02 18:38 - 2015-12-27 19:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-08-02 18:37 - 2011-03-03 13:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\[]TOOLS[]
2019-08-02 18:37 - 2011-03-03 13:38 - 000000000 ____D C:\Program Files (x86)\[]TOOLS[]
2019-08-02 17:11 - 2013-02-06 21:37 - 000000000 ___RD C:\Users\the Hoff\Google Drive
2019-08-02 17:04 - 2015-01-14 03:28 - 000000000 ____D C:\windows\pss
2019-08-02 16:55 - 2018-09-06 05:01 - 000004128 _____ C:\windows\System32\Tasks\CCleaner Update
2019-08-02 16:52 - 2017-03-15 03:52 - 000004158 _____ C:\windows\System32\Tasks\Avast Emergency Update
2019-08-02 09:21 - 2011-03-03 12:59 - 000000000 ____D C:\Users\the Hoff
2019-08-01 17:52 - 2011-03-04 07:57 - 000000000 ____D C:\Program Files\Common Files\Apple
2019-08-01 17:51 - 2011-03-03 19:29 - 000000000 ____D C:\ProgramData\Apple
2019-08-01 08:49 - 2017-12-11 23:17 - 000000000 ___RD C:\Users\the Hoff\iCloudDrive
2019-08-01 08:48 - 2014-08-12 22:57 - 000000000 ____D C:\ProgramData\Logishrd
2019-07-31 08:43 - 2011-03-03 15:29 - 001030784 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2019-07-30 15:18 - 2016-11-02 18:58 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-07-29 12:45 - 2017-08-02 17:24 - 000003618 _____ C:\windows\System32\Tasks\McAfee Remediation (Prepare)
2019-07-29 12:45 - 2017-04-03 18:36 - 000002540 _____ C:\windows\System32\Tasks\AutoKMS
2019-07-29 12:45 - 2017-03-29 13:54 - 000001850 _____ C:\windows\System32\Tasks\Amazon Music Helper
2019-07-29 12:45 - 2016-11-02 18:58 - 000003918 _____ C:\windows\System32\Tasks\DropboxUpdateTaskMachineUA
2019-07-29 12:45 - 2016-11-02 18:58 - 000003666 _____ C:\windows\System32\Tasks\DropboxUpdateTaskMachineCore
2019-07-29 12:45 - 2016-07-28 15:19 - 000003332 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA1d1e91e1aea8a41
2019-07-29 12:45 - 2016-07-28 15:19 - 000003204 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore1d1e91e1a557402
2019-07-29 12:45 - 2015-12-03 09:13 - 000000000 ____D C:\windows\System32\Tasks\AVAST Software
2019-07-29 12:45 - 2015-08-25 21:05 - 000004476 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2019-07-29 12:45 - 2015-05-29 22:48 - 000002800 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2019-07-29 10:36 - 2017-05-21 22:41 - 000000000 ____D C:\Users\the Hoff\AppData\Roaming\Zoom
2019-07-25 08:43 - 2013-03-05 09:44 - 000387896 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2019-07-25 02:16 - 2014-12-26 18:03 - 000000000 ____D C:\ProgramData\Package Cache
2019-07-22 11:16 - 2011-03-04 13:47 - 000000000 ____D C:\Users\the Hoff\AppData\Local\CrashDumps
2019-07-19 15:43 - 2009-07-13 22:09 - 000000000 ____D C:\windows\System32\Tasks\WPD
2019-07-16 16:22 - 2012-03-08 18:40 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-07-15 20:42 - 2019-01-14 08:44 - 000263224 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsdriver.sys
2019-07-15 20:42 - 2019-01-05 08:44 - 000206056 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsh.sys
2019-07-15 20:42 - 2019-01-05 08:44 - 000061688 _____ (AVAST Software) C:\windows\system32\Drivers\aswbuniv.sys
2019-07-15 20:42 - 2019-01-05 08:44 - 000037320 _____ (AVAST Software) C:\windows\system32\Drivers\aswArDisk.sys
2019-07-15 20:42 - 2018-10-19 12:35 - 000042504 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2019-07-15 20:42 - 2017-11-16 04:46 - 000209256 _____ (AVAST Software) C:\windows\system32\Drivers\aswArPot.sys
2019-07-15 20:42 - 2013-03-05 09:44 - 000088160 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2019-07-15 20:42 - 2012-02-24 06:42 - 000112520 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2019-07-15 20:42 - 2011-03-03 15:29 - 000477288 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2019-07-10 05:26 - 2009-07-13 20:20 - 000000000 ____D C:\windows\rescache
2019-07-10 04:19 - 2009-07-13 22:13 - 000786578 _____ C:\windows\system32\PerfStringBackup.INI
2019-07-10 04:11 - 2009-07-13 21:45 - 000421128 _____ C:\windows\system32\FNTCACHE.DAT
2019-07-10 04:03 - 2014-12-10 04:51 - 000000000 ____D C:\windows\system32\appraiser
2019-07-10 04:03 - 2014-05-07 03:01 - 000000000 ___SD C:\windows\system32\CompatTel
2019-07-10 04:03 - 2009-07-13 20:20 - 000000000 ____D C:\windows\SysWOW64\Dism
2019-07-10 04:03 - 2009-07-13 20:20 - 000000000 ____D C:\windows\system32\Dism
2019-07-10 03:40 - 2011-03-05 22:19 - 000778700 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2019-07-10 03:35 - 2009-07-13 19:34 - 000000478 _____ C:\windows\win.ini
2019-07-10 03:15 - 2013-08-14 03:03 - 000000000 ____D C:\windows\system32\MRT
2019-07-10 03:03 - 2011-03-04 06:43 - 136618864 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2019-07-08 10:42 - 2011-03-04 11:14 - 000000000 ___RD C:\Users\the Hoff\Dropbox
2019-07-05 15:22 - 2018-09-14 14:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
==================== Files in the root of some directories ================
2011-08-12 21:20 - 2017-06-29 11:37 - 000045056 _____ () C:\Users\the Hoff\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-08-01 09:16
==================== End of FRST.txt ============================
Addition.txt
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-07-2019
Ran by the Hoff (02-08-2019 19:29:44)
Running from C:\Users\the Hoff\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-03-03 19:59:38)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3472861432-3466800176-631802751-500 - Administrator - Disabled)
Guest (S-1-5-21-3472861432-3466800176-631802751-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3472861432-3466800176-631802751-1006 - Limited - Enabled)
the Hoff (S-1-5-21-3472861432-3466800176-631802751-1001 - Administrator - Enabled) => C:\Users\the Hoff
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Actual Multiple Monitors 8.0 (HKLM-x32\...\Actual Multiple Monitors_is1) (Version: 8.0 - Actual Tools)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Adobe Photoshop Elements 10 (HKLM-x32\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop.com Inspiration Browser (HKLM-x32\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.07 - Adobe Systems Incorporated)
Amazon MP3 Downloader 1.0.17 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-3472861432-3466800176-631802751-1001\...\Amazon Amazon Music) (Version: 5.4.0.1779 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
Auslogics Disk Defrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: version 3.1 - Auslogics Software Pty Ltd)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.6.2383 - AVAST Software)
Backup and Sync from Google (HKLM\...\{768C0072-2FD2-4934-9824-B2A1E81AEA5D}) (Version: 3.45.5545.5747 - Google, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Box (HKLM\...\{70BE6D52-C4F9-4C00-842E-9966AC42B8E9}) (Version: 1.17.120 - Box, Inc.)
calibre (HKLM-x32\...\{1AB14879-AF77-44C2-82A3-5A90C8102C06}) (Version: 3.42.0 - Kovid Goyal)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - )
Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)
Canon MX920 series On-screen Manual (HKLM-x32\...\Canon MX920 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon MX920 series User Registration (HKLM-x32\...\Canon MX920 series User Registration) (Version: - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.60 - Piriform)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: - Elaborate Bytes)
CursorFX (HKLM-x32\...\{C1080852-065E-4991-9260-F3756E3CC182}) (Version: 2.00 - Stardock Corporation) Hidden
CursorFX (HKLM-x32\...\CursorFX) (Version: - Stardock Corporation)
dBpoweramp [Calculate Audio CRC] Codec (HKLM-x32\...\dBpoweramp [Calculate Audio CRC] Codec) (Version: - )
dBpoweramp [Multi Encoder] Codec (HKLM-x32\...\dBpoweramp [Multi Encoder] Codec) (Version: Release 2 - Illustrate)
dBpoweramp [ReplayGain] Codec (HKLM-x32\...\dBpoweramp [ReplayGain] Codec) (Version: - )
dBpoweramp AAC Encoder (HKLM-x32\...\dBpoweramp AAC Encoder) (Version: - )
dBpoweramp CLI Encoder (HKLM-x32\...\dBpoweramp CLI Encoder) (Version: - )
dBpoweramp Dalet Codec (HKLM-x32\...\dBpoweramp Dalet Codec) (Version: - )
dBpoweramp FLAC Codec (HKLM-x32\...\dBpoweramp FLAC Codec) (Version: - )
dBpoweramp m4a Codec (HKLM-x32\...\dBpoweramp m4a Codec) (Version: Release 7 - Illustrate)
dBpoweramp m4a Utilities (HKLM-x32\...\dBpoweramp m4a Utilities) (Version: - )
dBpoweramp Monkeys Audio Codec (HKLM-x32\...\dBpoweramp Monkeys Audio Codec) (Version: - )
dBpoweramp Mp2 and BwfMp2 codec (HKLM-x32\...\dBpoweramp Mp2 and BwfMp2 codec) (Version: - )
dBpoweramp mp3 (Fraunhofer IIS) Codec (HKLM-x32\...\dBpoweramp mp3 (Fraunhofer IIS) Codec) (Version: Release 2 (v4.0.3) - Illustrate)
dBpoweramp Music Converter (HKLM-x32\...\dBpoweramp Music Converter) (Version: Release 13.1 - Illustrate)
dBpoweramp Ogg Vorbis Codec (HKLM-x32\...\dBpoweramp Ogg Vorbis Codec) (Version: - )
dBpoweramp Real Audio (Helix) Encoder (HKLM-x32\...\dBpoweramp Real Audio (Helix) Encoder) (Version: - )
dBPoweramp tooLame MP2 codec (HKLM-x32\...\dBPoweramp tooLame MP2 codec) (Version: - )
dBpoweramp Wave64 Codec (HKLM-x32\...\dBpoweramp Wave64 Codec) (Version: - )
dBpoweramp WavPack Codec (HKLM-x32\...\dBpoweramp WavPack Codec) (Version: - )
dBpoweramp Windows Media Audio 10 Codec (HKLM-x32\...\dBpoweramp Windows Media Audio 10 Codec) (Version: Release 5 - Illustrate)
Dropbox (HKLM-x32\...\Dropbox) (Version: 78.4.119 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
DVDFab 8.0.6.1 (18/12/2010) (HKLM-x32\...\DVDFab 8_is1) (Version: - Fengtao Software Inc.)
Elements 10 Organizer (HKLM-x32\...\{22D3A614-482C-444A-932C-9DA1B8ECDFD2}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Evernote v. 5.8.3 (HKLM-x32\...\{404B3FB8-A820-11E4-83FC-00163E98E7D6}) (Version: 5.8.3.6507 - Evernote Corp.)
GetDiz 4.5 (HKLM-x32\...\GetDiz 4.5) (Version: 4.5 - Outertech)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GoPro (HKLM\...\{1E92618C-EB66-4C4C-9F45-93EC6EF53273}) (Version: 0.1.2733 - GoPro, Inc.) Hidden
GoPro for Desktop (HKLM-x32\...\{88734dc7-c200-4ad3-b29f-bb5e436cb30f}) (Version: 1.4.0.2733 - GoPro, Inc.)
GoPro Studio (HKLM-x32\...\{99502BF0-655A-425D-8754-9EEC557D3D73}) (Version: 5.9.2733 - GoPro, Inc.) Hidden
GoTo Opener (HKLM-x32\...\{351B54B2-1AFC-42A7-A8C0-9E05C26F0D1E}) (Version: 1.0.470 - LogMeIn, Inc.)
GoToMeeting 8.39.5.12022 (HKU\S-1-5-21-3472861432-3466800176-631802751-1001\...\GoToMeeting) (Version: 8.39.5.12022 - LogMeIn, Inc.)
HandBrake 0.10.0 (HKLM-x32\...\HandBrake) (Version: 0.10.0 - )
iCloud (HKLM\...\{FF99A618-BCA5-4658-B9FF-CCF57C177610}) (Version: 7.1.0.34 - Apple Inc.)
Innova OBD PC-Link (HKLM-x32\...\{2DB69B0F-6B08-43DF-8FF7-34575BB5E3C5}) (Version: 2.3.9 - Innova Electronics)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{D9D08A8F-5A03-486A-AD4D-3A438D521F8B}) (Version: 12.9.3.3 - Apple Inc.)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java SE Development Kit 8 Update 31 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180310}) (Version: 8.0.310.13 - Oracle Corporation)
JumpStart Languages (HKLM-x32\...\JumpStart Languages) (Version: - )
Junk Mail filter update (HKLM-x32\...\{8E5233E1-7495-44FB-8DEB-4BE906D59619}) (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Kits Configuration Installer (HKLM-x32\...\{E14DDED2-919B-FCCB-84AC-5ABB6D182D46}) (Version: 8.59.25584 - Microsoft) Hidden
Linksys Connect (HKLM-x32\...\Linksys Connect) (Version: 1.5.14261.0 - Linksys LLC)
Logitech Gaming Software 8.96 (HKLM\...\Logitech Gaming Software) (Version: 8.96.88 - Logitech Inc.)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
McAfee True Key (HKLM\...\TrueKey) (Version: 5.3.138.1 - McAfee, LLC)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Standard 2010 (HKLM-x32\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}) (Version: 6.4.0 - Motorola Mobility LLC)
Mozilla Firefox 68.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 68.0.1 (x64 en-US)) (Version: 68.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 68.0.1.7137 - Mozilla)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OverDrive for Windows (HKLM-x32\...\{FF27E73D-C30A-4F32-B2D7-22069F01DDB9}) (Version: 3.6.0 - OverDrive, Inc.)
PDF-XChange Viewer (HKLM\...\{EE18FF09-2F2A-4A88-85B3-B845EFD5C5FE}) (Version: 2.5.193.0 - Tracker Software Products Ltd.)
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.) Hidden
Plex Media Server (HKLM-x32\...\{11adedc6-abd6-4c3e-a37b-5d2c3159714c}) (Version: 1.16.3.1402 - Plex, Inc.)
Plex Media Server (HKLM-x32\...\{51928EFC-2EBA-4CC2-8F0B-35AB3B96F1D2}) (Version: 1.16.1402 - Plex, Inc.) Hidden
PSE10 STI Installer (HKLM-x32\...\{11D08055-939C-432b-98C3-E072478A0CD7}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Quicken WillMaker Plus 2014 (HKLM-x32\...\{44160FDE-C190-45C1-B8E1-23F00228E572}) (Version: 1.0.0.0 - Nolo)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0009 - Realtek)
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Respondus LockDown Browser (HKLM-x32\...\{C0E5147E-C9F3-4360-9ED0-2E875F11766C}) (Version: 1.02.0001 - Respondus, Inc.)
Revo Uninstaller 1.91 (HKLM-x32\...\Revo Uninstaller) (Version: 1.91 - VS Revo Group)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Sansa Updater (HKU\S-1-5-21-3472861432-3466800176-631802751-1001\...\Sansa Updater) (Version: - SanDisk Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Software Upgrade Assistant (HKLM-x32\...\{B33BA940-B460-4F02-BFF3-1DDCE7083726}_is1) (Version: 2.3.6 - Motorola Mobility LLC)
Spotify (HKU\S-1-5-21-3472861432-3466800176-631802751-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Stopping Plex (HKLM-x32\...\{D4E8F43C-F61F-4A10-87B3-86F3018F8982}) (Version: 1.16.1402 - Plex, Inc.) Hidden
SUABnR (HKLM-x32\...\{2485354C-6B65-4978-BB91-CCE61442377B}) (Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.) Hidden
SUABnR (HKLM-x32\...\InstallShield_{2485354C-6B65-4978-BB91-CCE61442377B}) (Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.)
TeraCopy 2.12 (HKLM\...\TeraCopy_is1) (Version: - Code Sector Inc.)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: - )
TreeSize Free V4.2.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.2.2 - JAM Software)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.6.7 - Tweaking.com)
Typing Instructor Platinum (HKLM-x32\...\{F358C0E1-B8DD-43A4-8B2E-269710247F16}) (Version: 21.00.0000 - Individual Software)
Verizon Wireless Software Upgrade Assistant - Samsung(ar) (HKLM-x32\...\{519CABB0-76BB-4ACF-9EAE-38E042EFB00A}) (Version: 4.19.0106 - Samsung Electronics Co., Ltd.)
Verizon Wireless Software Utility Application for Android - Samsung (HKLM-x32\...\{930FA71B-703F-4178-9FE8-1BCAA359E6EE}) (Version: 4.18.1201 - Samsung Electronics Co., Ltd.)
VFW_Codec32 (HKLM-x32\...\{4275850F-4E2E-4F60-9E73-8BD8F70891D3}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden
VFW_Codec64 (HKLM\...\{7010885D-3378-4C9B-B330-88271728EDE5}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows 7 Logon Background Changer (HKLM-x32\...\{2E6044C5-3495-485F-91BC-46D1B6430E51}) (Version: 1.5.2 - Julien MANICI)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Software Development Kit (HKLM-x32\...\{363a2c1e-637f-45ce-933b-5a5463efd945}) (Version: 8.59.29750 - Microsoft Corporation)
WModem Driver Installer (HKLM-x32\...\HTC_WModemDriver) (Version: 2.0.6.9 - HTC)
WPT Redistributables (HKLM-x32\...\{A5D42D71-4036-5F88-5085-657C9DF9F1DD}) (Version: 8.59.29750 - Microsoft) Hidden
WPTx64 (HKLM-x32\...\{986EABFC-92F6-CECD-9E5A-B13CAC40BB1D}) (Version: 8.59.29722 - Microsoft) Hidden
Zoom (HKU\S-1-5-21-3472861432-3466800176-631802751-1001\...\ZoomUMX) (Version: 4.4 - Zoom Video Communications, Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3472861432-3466800176-631802751-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\the Hoff\AppData\Local\GoToMeeting\12022\G2MOutlookAddin64.dll (LogMeIn, Inc. -> LogMeIn, Inc.)
SSODL: EldosMountNotificator-cbfs6 - {FEA65D1F-FCA0-43CF-A73E-691530704657} - C:\windows\system32\cbfsMntNtf6.dll (EldoS Corporation -> /n software, Inc.)
SSODL-x32: EldosMountNotificator-cbfs6 - {FEA65D1F-FCA0-43CF-A73E-691530704657} - C:\windows\SysWOW64\cbfsMntNtf6.dll (EldoS Corporation -> /n software, Inc.)
ShellServiceObjects: Virtual Storage Mount Notification -> {FEA65D1F-FCA0-43CF-A73E-691530704657} => C:\windows\system32\cbfsMntNtf6.dll [2016-09-21] (EldoS Corporation -> /n software, Inc.)
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {FEA65D1F-FCA0-43CF-A73E-691530704657} => C:\windows\SysWOW64\cbfsMntNtf6.dll [2016-09-21] (EldoS Corporation -> /n software, Inc.)
ShellIconOverlayIdentifiers: [ BoxAvailableOffline] -> {8D0A4E1B-C25A-4AF8-8DA7-531929C02958} => C:\Program Files\Box\Box\BoxShellExtShim-1.17.120.dll [2018-08-17] (Box, Inc. -> Box, Inc.)
ShellIconOverlayIdentifiers: [ BoxLocked] -> {1B927815-D431-48B1-A746-6FF91FB35431} => C:\Program Files\Box\Box\BoxShellExtShim-1.17.120.dll [2018-08-17] (Box, Inc. -> Box, Inc.)
ShellIconOverlayIdentifiers: [ BoxLockedByOther] -> {73C8BC94-4A51-413B-B927-829449EAFA75} => C:\Program Files\Box\Box\BoxShellExtShim-1.17.120.dll [2018-08-17] (Box, Inc. -> Box, Inc.)
ShellIconOverlayIdentifiers: [ BoxProblem] -> {8BBBCFB6-60E2-4C0F-BB31-10434068E2BE} => C:\Program Files\Box\Box\BoxShellExtShim-1.17.120.dll [2018-08-17] (Box, Inc. -> Box, Inc.)
ShellIconOverlayIdentifiers: [ BoxSynced] -> {04B9BDFA-0C53-4F36-A77F-51F53E3EF3EC} => C:\Program Files\Box\Box\BoxShellExtShim-1.17.120.dll [2018-08-17] (Box, Inc. -> Box, Inc.)
ShellIconOverlayIdentifiers: [ BoxSyncing] -> {2FFF193C-5891-4B26-B363-40D3B5257FE9} => C:\Program Files\Box\Box\BoxShellExtShim-1.17.120.dll [2018-08-17] (Box, Inc. -> Box, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\[]TOOLS[]\Avast\ashShell.dll [2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\[]TOOLS[]\Avast\ashShell.dll [2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs6] -> {699A9745-7D6F-4BC0-B6DE-484E22F2E3D7} => C:\windows\system32\cbfsMntNtf6.dll [2016-09-21] (EldoS Corporation -> /n software, Inc.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
ShellIconOverlayIdentifiers-x32: [ BoxAvailableOffline] -> {8D0A4E1B-C25A-4AF8-8DA7-531929C02958} => C:\Program Files\Box\Box\BoxShellExtShim-1.17.120.dll [2018-08-17] (Box, Inc. -> Box, Inc.)
ShellIconOverlayIdentifiers-x32: [ BoxLocked] -> {1B927815-D431-48B1-A746-6FF91FB35431} => C:\Program Files\Box\Box\BoxShellExtShim-1.17.120.dll [2018-08-17] (Box, Inc. -> Box, Inc.)
ShellIconOverlayIdentifiers-x32: [ BoxLockedByOther] -> {73C8BC94-4A51-413B-B927-829449EAFA75} => C:\Program Files\Box\Box\BoxShellExtShim-1.17.120.dll [2018-08-17] (Box, Inc. -> Box, Inc.)
ShellIconOverlayIdentifiers-x32: [ BoxProblem] -> {8BBBCFB6-60E2-4C0F-BB31-10434068E2BE} => C:\Program Files\Box\Box\BoxShellExtShim-1.17.120.dll [2018-08-17] (Box, Inc. -> Box, Inc.)
ShellIconOverlayIdentifiers-x32: [ BoxSynced] -> {04B9BDFA-0C53-4F36-A77F-51F53E3EF3EC} => C:\Program Files\Box\Box\BoxShellExtShim-1.17.120.dll [2018-08-17] (Box, Inc. -> Box, Inc.)
ShellIconOverlayIdentifiers-x32: [ BoxSyncing] -> {2FFF193C-5891-4B26-B363-40D3B5257FE9} => C:\Program Files\Box\Box\BoxShellExtShim-1.17.120.dll [2018-08-17] (Box, Inc. -> Box, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs6] -> {699A9745-7D6F-4BC0-B6DE-484E22F2E3D7} => C:\windows\system32\cbfsMntNtf6.dll [2016-09-21] (EldoS Corporation -> /n software, Inc.)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\[]TOOLS[]\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\[]TOOLS[]\Avast\ashShell.dll [2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1-x32: [DVDFAB32] -> {2B896307-03F8-4771-B13F-88176CAC4065} => C:\Program Files (x86)\[]TOOLS[]\DVDFab 8\DVDFabShellEx32.dll [2010-11-16] (Fengtao Software Inc. -> Fengtao Software Inc.)
ContextMenuHandlers1: [DVDFAB64] -> {2B896307-03F8-4771-B13F-88176CAC4066} => C:\Program Files (x86)\[]TOOLS[]\DVDFab 8\DVDFabShellEx.dll [2010-11-16] (Fengtao Software Inc. -> Fengtao Software Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-27] (Google LLC -> Google)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-10-19] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\[]TOOLS[]\TeraCopy\TeraCopyExt.dll [2009-06-22] () [File not signed]
ContextMenuHandlers1: [TeraCopyS64] -> {A764EEF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\[]TOOLS[]\TeraCopy\TeraCopyExt64.dll [2009-06-21] () [File not signed]
ContextMenuHandlers2: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\[]TOOLS[]\TeraCopy\TeraCopyExt.dll [2009-06-22] () [File not signed]
ContextMenuHandlers2: [TeraCopyS64] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\[]TOOLS[]\TeraCopy\TeraCopyExt.dll [2009-06-22] () [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\[]TOOLS[]\Avast\ashShell.dll [2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\[]TOOLS[]\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-27] (Google LLC -> Google)
ContextMenuHandlers4: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\[]TOOLS[]\TeraCopy\TeraCopyExt.dll [2009-06-22] () [File not signed]
ContextMenuHandlers4: [TeraCopyS64] -> {A764EEF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\[]TOOLS[]\TeraCopy\TeraCopyExt64.dll [2009-06-21] () [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2013-04-30] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [Actual Multiple Monitors] -> {96703F22-7167-4098-A19A-9749F3A3C6ED} => C:\Program Files (x86)\[]TOOLS[]\Actual Multiple Monitors\ActualMultipleMonitorsShellExtension64.dll [2013-08-16] (Actual Tools -> Actual Tools)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\[]TOOLS[]\TeraCopy\TeraCopyExt.dll [2009-06-22] () [File not signed]
ContextMenuHandlers5: [TeraCopyS64] -> {A764EEF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\[]TOOLS[]\TeraCopy\TeraCopyExt64.dll [2009-06-21] () [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\[]TOOLS[]\Avast\ashShell.dll [2019-07-15] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\[]TOOLS[]\TeraCopy\TeraCopyExt.dll [2009-06-22] () [File not signed]
ContextMenuHandlers6: [TeraCopyS64] -> {A764EEF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\[]TOOLS[]\TeraCopy\TeraCopyExt64.dll [2009-06-21] () [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\the Hoff\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_jhknlonaankphkkbnmjdlpehkinifeeg\Google Forms.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=jhknlonaankphkkbnmjdlpehkinifeeg
ShortcutWithArgument: C:\Users\the Hoff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Forms.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=jhknlonaankphkkbnmjdlpehkinifeeg
ShortcutWithArgument: C:\Users\the Hoff\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Forms.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=jhknlonaankphkkbnmjdlpehkinifeeg
ShortcutWithArgument: C:\Users\the Hoff\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Forms.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=jhknlonaankphkkbnmjdlpehkinifeeg
ShortcutWithArgument: C:\Users\the Hoff\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\a3a1d6b8109861c5\Google Hangouts.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=nckgahadagoaajjgafhacjanaoiihapd
==================== Loaded Modules (Whitelisted) ==============
2010-03-23 07:17 - 2010-03-23 07:17 - 000059904 _____ () [File not signed] C:\Program Files (x86)\[]TOOLS[]\CursorFX\zlib1.dll
2011-03-03 16:36 - 2009-06-22 04:27 - 000126464 _____ () [File not signed] C:\Program Files\[]TOOLS[]\TeraCopy\TeraCopy64.dll
2011-03-03 16:36 - 2009-06-21 08:52 - 000318976 _____ () [File not signed] C:\Program Files\[]TOOLS[]\TeraCopy\TeraCopyExt64.dll
2012-03-05 17:03 - 2012-03-05 17:03 - 000677376 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2013-04-30 00:25 - 2013-04-30 00:25 - 000211968 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-02-16 15:53 - 2012-02-16 15:53 - 003642880 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2013-10-03 15:56 - 2013-09-19 18:36 - 001782576 _____ (Actual Tools -> Actual Tools) [File not signed] C:\Program Files (x86)\[]TOOLS[]\Actual Multiple Monitors\ActualMultipleMonitorsCenter.exe
2013-04-30 00:03 - 2013-04-30 00:03 - 000837632 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll
2013-04-30 00:02 - 2013-04-30 00:02 - 000004608 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll
2013-04-30 00:25 - 2013-04-30 00:25 - 000361984 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
2011-03-06 18:18 - 2007-04-25 20:28 - 000183296 _____ (Canon Inc.) [File not signed] C:\windows\System32\CNCF2Lc.DLL
2011-03-06 18:18 - 2007-05-01 06:00 - 000258560 _____ (CANON INC.) [File not signed] C:\windows\System32\CNMLM90.DLL
2015-10-03 07:18 - 2012-07-31 01:48 - 000359936 _____ (CANON INC.) [File not signed] C:\windows\System32\CNMN6PPM.DLL
2011-03-06 18:18 - 2007-05-01 06:00 - 000027648 _____ (CANON INC.) [File not signed] C:\windows\system32\spool\PRTPROCS\x64\CNMPD90.DLL
2008-05-07 12:59 - 2008-05-07 19:59 - 000048640 _____ (Hewlett-Packard Company) [File not signed] C:\windows\System32\hpzlllhn.dll
2011-05-17 18:42 - 2008-05-07 19:59 - 000099840 _____ (Hewlett-Packard Corporation) [File not signed] C:\windows\system32\spool\PRTPROCS\x64\hpzpplhn.dll
2010-06-28 22:54 - 2010-06-28 22:54 - 000080384 _____ (KYOCERA MITA Corporation) [File not signed] C:\windows\System32\KMPJL64.DLL
2010-03-23 07:17 - 2010-03-23 07:17 - 000417280 _____ (Stardock Corporation) [File not signed] C:\Program Files (x86)\[]TOOLS[]\CursorFX\CursorFX.exe
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 19:34 - 2019-01-04 04:38 - 000000054 _____ C:\windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\[]TOOLS[]\QuickTime\QTSystem\;C:\Program Files (x86)\Calibre2\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Windows Kits\8.0\Windows Performance Toolkit\
HKU\S-1-5-21-3472861432-3466800176-631802751-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\the Hoff\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\startupfolder: C:^Users^the Hoff^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^the Hoff^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\windows\pss\EvernoteClipper.lnk.Startup
MSCONFIG\startupfolder: C:^Users^the Hoff^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Verizon Wireless Software Utility Application for Android – Samsung.lnk => C:\windows\pss\Verizon Wireless Software Utility Application for Android – Samsung.lnk.Startup
MSCONFIG\startupreg: Box => "C:\Program Files\Box\Box\Box.exe" -m
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
MSCONFIG\startupreg: Dropbox Update => "C:\Users\the Hoff\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: GoPro Tray App => C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{7F886027-1EC6-485C-A1E6-9BFF1B169B81}C:\program files (x86)\plex\plex media server\plexscripthost.exe] => (Block) C:\program files (x86)\plex\plex media server\plexscripthost.exe (Plex, Inc -> Python Software Foundation)
FirewallRules: [UDP Query User{833784F3-2979-4265-8516-C37225830DA0}C:\program files (x86)\plex\plex media server\plexscripthost.exe] => (Block) C:\program files (x86)\plex\plex media server\plexscripthost.exe (Plex, Inc -> Python Software Foundation)
FirewallRules: [TCP Query User{2EA624A2-2F5F-4530-9D52-ED03DCB40510}C:\program files (x86)\plex\plex media server\plexscripthost.exe] => (Block) C:\program files (x86)\plex\plex media server\plexscripthost.exe (Plex, Inc -> Python Software Foundation)
FirewallRules: [UDP Query User{E063BFD4-6177-4920-8812-94E620896C48}C:\program files (x86)\plex\plex media server\plexscripthost.exe] => (Block) C:\program files (x86)\plex\plex media server\plexscripthost.exe (Plex, Inc -> Python Software Foundation)
FirewallRules: [TCP Query User{29FA61CD-0B87-4EC9-B25F-50E6C9AD9BFE}C:\program files\itunes\itunes.exe] => (Block) C:\program files\itunes\itunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BC348D61-D046-490F-9B20-676EF5342439}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{212D4C4D-C4EF-4242-A85C-57972F8D5285}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DC6D7D76-5BD2-491C-8BA2-EE7ADBC7CCEC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{96875257-564A-4230-AD40-239312116A34}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7A50A590-688F-4E24-9EBC-6A4D7D55E0C9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8A4A1EEF-4D42-4696-BDE8-AB2C2D2532B6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{352BAEC5-F2F2-4033-B6D2-21B4A5FBEF8A}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe () [File not signed]
FirewallRules: [UDP Query User{0ADEA218-CB52-492F-95C3-FA811B8CEAFB}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe () [File not signed]
FirewallRules: [{E172366E-386F-4107-B410-DED83513C77A}] => (Allow) C:\Users\the Hoff\AppData\Roaming\Spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E826E398-18BE-4DD6-B700-1A5F585FB6D4}] => (Allow) C:\Users\the Hoff\AppData\Roaming\Spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A6CB4876-AFA5-4E5E-A431-CC74ED29435B}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoPro.exe (GoPro, Inc. -> )
FirewallRules: [{3149095F-AFE1-449E-946B-8B6CDBE92717}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe (GoPro, Inc. -> )
FirewallRules: [{0138EB29-56E0-411D-A1D1-E504BFA07FCE}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe (GoPro, Inc. -> )
FirewallRules: [{0378D645-A777-4697-939F-9F985DA120E1}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe (GoPro, Inc. -> )
FirewallRules: [TCP Query User{1EB5A5DB-1C31-41E1-9A1F-6398FB04A9C6}C:\program files (x86)\plex\plex media server\plex dlna server.exe] => (Allow) C:\program files (x86)\plex\plex media server\plex dlna server.exe (Plex, Inc -> Plex, Inc.)
FirewallRules: [UDP Query User{4F6A1F76-ABA6-4583-B97C-C881F50CE168}C:\program files (x86)\plex\plex media server\plex dlna server.exe] => (Allow) C:\program files (x86)\plex\plex media server\plex dlna server.exe (Plex, Inc -> Plex, Inc.)
FirewallRules: [TCP Query User{0C2BEEFD-598D-4526-91D3-049F5DB8FB9B}C:\users\the hoff\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\the hoff\appdata\local\amazon music\amazon music helper.exe (Amazon Services LLC -> Amazon Services LLC)
FirewallRules: [UDP Query User{10279782-679B-4693-8BC6-82FCA07278A2}C:\users\the hoff\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\the hoff\appdata\local\amazon music\amazon music helper.exe (Amazon Services LLC -> Amazon Services LLC)
FirewallRules: [TCP Query User{D4DEBBF2-485F-4318-B734-6719D582BACA}C:\users\the hoff\appdata\local\amazon music\amazon music helper.exe] => (Block) C:\users\the hoff\appdata\local\amazon music\amazon music helper.exe (Amazon Services LLC -> Amazon Services LLC)
FirewallRules: [UDP Query User{D397A4DF-4EC9-4A12-ACB7-178ADBC41BD4}C:\users\the hoff\appdata\local\amazon music\amazon music helper.exe] => (Block) C:\users\the hoff\appdata\local\amazon music\amazon music helper.exe (Amazon Services LLC -> Amazon Services LLC)
FirewallRules: [TCP Query User{75BBD6EB-6E0B-40C0-87C2-9A5AAF7AD4B0}C:\program files\itunes\itunes.exe] => (Allow) C:\program files\itunes\itunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{C4D3C730-C6CA-4B98-A3E7-3CDABF303CD8}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{A0178A3E-83CE-4C48-A999-677CCDA540FE}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{25461025-7939-4854-B68A-2C176E439503}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{51839F7B-29E0-43B7-8452-12AF2CC05EAA}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{6867B17B-1A74-456D-B53E-A93EC5296FEC}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{A250F3C6-3B56-4104-B6B9-1F06971C7159}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{7485D274-FBA2-4B3C-B0C3-016E613E333F}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{C8BB45C4-219F-471E-BA95-2AF0FD5940ED}C:\program files (x86)\plex\plex media server\plex media server.exe] => (Allow) C:\program files (x86)\plex\plex media server\plex media server.exe (Plex, Inc -> Plex, Inc.)
FirewallRules: [UDP Query User{0BF3AC52-70E5-4E25-A826-4EB08EC1EC21}C:\program files (x86)\plex\plex media server\plex media server.exe] => (Allow) C:\program files (x86)\plex\plex media server\plex media server.exe (Plex, Inc -> Plex, Inc.)
FirewallRules: [{5F3CC4DF-5803-4FA1-98EE-D81611339B2E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{2F61A3D5-70BF-4DC7-B9C5-B1686815A07F}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc -> Plex, Inc.)
FirewallRules: [{CC112FF7-9437-4B50-80AD-1BBA3AD7E67B}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Plex, Inc -> Python Software Foundation)
FirewallRules: [{E5BFA7D0-48C9-421D-A0AF-22085AAA2CCB}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe (Plex, Inc -> Plex, Inc.)
FirewallRules: [{91A0A013-8252-46F7-84AC-94FE4BB82086}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe (Plex, Inc -> )
FirewallRules: [{2392606C-8F6D-4073-A248-2F394560C93F}] => (Allow) C:\Users\the Hoff\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{7AA7D791-FC72-4421-8C82-2F969F9FE933}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
==================== Restore Points =========================
01-08-2019 17:52:46 Removed Apple Software Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/02/2019 06:41:56 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.
Error: (08/02/2019 06:40:24 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.
Error: (08/02/2019 06:40:24 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.
Error: (08/02/2019 06:38:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Fuel.Service.exe, version: 1.0.0.0, time stamp: 0x517f39a1
Faulting module name: Device.dll, version: 4.1.0.0, time stamp: 0x4f55e10b
Exception code: 0xc0000005
Fault offset: 0x00000000000033c1
Faulting process id: 0x7fc
Faulting application start time: 0x01d5499075523207
Faulting application path: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Faulting module path: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
Report Id: 5366ff7a-b58f-11e9-8b8b-bcaec54f1b9f
Error: (08/02/2019 06:37:45 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.
Error: (08/02/2019 06:15:18 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.
Error: (08/02/2019 05:12:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Fuel.Service.exe, version: 1.0.0.0, time stamp: 0x517f39a1
Faulting module name: Device.dll, version: 4.1.0.0, time stamp: 0x4f55e10b
Exception code: 0xc0000005
Fault offset: 0x00000000000033c1
Faulting process id: 0x7b0
Faulting application start time: 0x01d5498c7f8d4b73
Faulting application path: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
Faulting module path: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
Report Id: 7032b762-b583-11e9-8811-bcaec54f1b9f
Error: (08/02/2019 04:53:32 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.
System errors:
=============
Error: (08/02/2019 06:42:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
Error: (08/02/2019 06:40:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The McAfee True Key service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (08/02/2019 06:40:41 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the McAfee True Key service to connect.
Error: (08/02/2019 06:38:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AMD FUEL Service service terminated unexpectedly. It has done this 1 time(s).
Error: (08/02/2019 06:37:57 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (08/02/2019 06:36:35 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {3C5E2B20-B911-44E2-A2DD-9F05E7B5E775} did not register with DCOM within the required timeout.
Error: (08/02/2019 05:17:26 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
Error: (08/02/2019 05:15:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The McAfee True Key service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
CodeIntegrity:
===================================
Date: 2018-03-14 10:44:28.157
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\windows\System32\drivers\LHidFilt.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-03-14 10:44:27.570
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\windows\System32\drivers\LHidFilt.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-03-14 10:44:26.960
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\windows\System32\drivers\LHidFilt.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-03-14 10:44:26.358
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\windows\System32\drivers\LHidFilt.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-03-14 10:44:25.770
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\windows\System32\drivers\LHidFilt.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-03-14 10:44:25.184
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\windows\System32\drivers\LHidFilt.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-03-14 10:44:24.589
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\windows\System32\drivers\LHidFilt.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-03-14 10:44:23.990
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\windows\System32\drivers\LHidFilt.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 0801 06/11/2010
Motherboard: ASUSTeK Computer INC. M4A78LT-M
Processor: AMD Phenom II X4 955 Processor
Percentage of memory in use: 55%
Total physical RAM: 7934.18 MB
Available physical RAM: 3503.26 MB
Total Virtual: 15866.5 MB
Available Virtual: 11078.67 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:1862.92 GB) (Free:1732.31 GB) NTFS
Drive z: (Storage) (Fixed) (Total:3725.9 GB) (Free:1532.44 GB) NTFS
\\?\Volume{a8c4ae2d-3f53-11e0-a0a0-806e6f6e6963}\ (System) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 3726 GB) (Disk ID: 075A0ECB)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================