Hello,
During the last few days, all web pages have been very slow to connect on my laptop. In addition, I have had to use the Windows Network Troubleshooter to reset my Wi Fi quite often. Note that the other laptops and desktop in the house don't have this problem.
There are no popups, or redirects. FRST logs are provided below.
Thank you in advance for any help you may provide.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-09-2019
Ran by Robert (administrator) on SHADOWFAX (Hewlett-Packard HP Pavilion 17 Notebook PC) (23-09-2019 14:38:33)
Running from C:\Users\Robert\Desktop
Loaded Profiles: Robert (Available Profiles: Robert)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(ATI Technologies Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Malwarebytes Corporation -> Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Reflect\ReflectService.exe
(Photodex Corporation -> ) C:\Program Files (x86)\Photodex\ProShow Producer\scsiaccess.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Raxco Software, Inc. -> Raxco Software, Inc.) C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
(Raxco Software, Inc. -> Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
(Raxco Software, Inc. -> Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk\PDAgentS1.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(The CefSharp Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7660760 2015-02-18] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592 2015-02-18] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818800 2015-02-18] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [180448 2019-07-25] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499920 2014-09-12] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-04-01] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [654088 2015-02-17] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKU\S-1-5-21-3511957844-2261570385-1743981658-1005\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-03-12] (Nero AG -> Nero AG)
HKU\S-1-5-21-3511957844-2261570385-1743981658-1005\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
HKU\S-1-5-21-3511957844-2261570385-1743981658-1005\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22588760 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3511957844-2261570385-1743981658-1005\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30871536 2019-09-18] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-3511957844-2261570385-1743981658-1005\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [133632 2014-10-28] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30871536 2019-09-18] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
AppInit_DLLs: acaptuser64.dll => C:\Windows\system32\acaptuser64.dll [119160 2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {054B3168-3537-4FFA-8F83-38329D62AA21} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-05-14] (Google Inc -> Google Inc.)
Task: {1224973F-D8EF-4C05-960D-548EFCBF7F02} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2019-09-18] (Garmin International, Inc. -> )
Task: {19AAEA31-D5D8-4FAB-81E2-BFF88DAA5313} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2017-09-27] (HP Inc. -> HP Inc.)
Task: {1CBD150A-7000-4B68-BC57-DD75DBE3F267} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16571320 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {2A46E0F0-BF35-4D34-A2A0-D5F2CCC1C5C3} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_255_Plugin.exe [1457720 2019-09-13] (Adobe Inc. -> Adobe)
Task: {4B40DB7F-A298-4F8A-8A0F-3A77F167429F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {5FD4AD66-57F9-446C-8658-6A55AA23BB09} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {61BE1EC9-E8AA-4745-BBFA-F42AF122568C} - System32\Tasks\HPCeeScheduleForRobert => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [99208 2016-06-24] (Hewlett-Packard Company -> HP Inc.)
Task: {6510AEDA-4D54-4636-99E7-5D346A87696D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-14] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {68AB952A-7620-4D51-9A04-9ACFB2B2B7DC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1094008 2019-08-21] (HP Inc. -> HP Inc.)
Task: {82ABAF53-F6C7-433B-961E-3F6FA8AF9D88} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-05-14] (Google Inc -> Google Inc.)
Task: {850B844A-9D1F-4459-97DE-2021CE45525F} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818800 2015-02-18] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {856B9036-4BDE-4A22-9034-1998E7490AB7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [249720 2019-08-19] (HP Inc. -> HP Inc.)
Task: {8CABF83B-0C09-4FC1-A763-45065D5E325D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {A90C7AA3-D269-4F3E-9B40-7858EB23B002} - System32\Tasks\{FB1A9DC6-BD16-42C2-B04F-5221F8745A03} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe"
Task: {BBF4AC2F-7854-45DB-85D7-B7A22AA481D8} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2013-06-07] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
Task: {CD582F0A-09B9-4B81-BDC3-8F01946124C7} - System32\Tasks\{4979924A-EB1C-4F5D-B5AF-D4EBC35946DD} => C:\Windows\system32\pcalua.exe -a C:\Users\Robert\Downloads\x-video-converter.exe -d C:\Users\Robert\Downloads
Task: {D87E6F9C-6844-4B47-8C7A-C0BC74D603B6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1094008 2019-08-21] (HP Inc. -> HP Inc.)
Task: {DB3EB686-B7C1-4B28-8A1E-C3854FE5924B} - System32\Tasks\HPGenoobeReminder => C:\Program Files (x86)\Hewlett-Packard\HP Registration Service\HP GenOOBE\HPGenOOBE.exe
Task: {DF4123C2-437B-4A0A-A375-BC554AE4BED5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136056 2019-01-02] (HP Inc. -> HP Inc.)
Task: {EFC8D644-CC6D-4FD7-A985-4AE7C45B41B3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F4E129AB-7B3D-4C2F-B248-2AFF728F2996} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\HPCeeScheduleForRobert.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 207.164.234.129
Tcpip\..\Interfaces\{42E1B6EA-3728-42A7-8E02-53ADCE251643}: [DhcpNameServer] 192.168.2.1 207.164.234.129
Tcpip\..\Interfaces\{7C57A303-A069-4AAA-A050-8A4F276FEC6D}: [DhcpNameServer] 192.168.99.10 192.168.99.12
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPCON14/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPCON14/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPCON14/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPCON14/4
HKU\S-1-5-21-3511957844-2261570385-1743981658-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPCON14/4
HKU\S-1-5-21-3511957844-2261570385-1743981658-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPCON14/4
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
FireFox:
========
FF DefaultProfile: rkbdbks1.default-1462932459567
FF ProfilePath: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\rkbdbks1.default-1462932459567 [2019-09-23]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\rkbdbks1.default-1462932459567\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-09-01]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-03-16] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_255.dll [2019-09-13] (Adobe Inc. -> )
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_255.dll [2019-09-13] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll [2013-06-26] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll [2014-05-12] ( ) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-09-12] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [99328 2013-08-19] () [File not signed]
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [239616 2015-02-18] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-19] (Advanced Micro Devices, Inc.) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2428848 2019-07-25] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2428848 2019-07-25] (ESET, spol. s r.o. -> ESET)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [358264 2019-08-07] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [608520 2015-02-17] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-03-12] (Nero AG -> Nero AG)
R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [3476432 2015-10-12] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2015-02-18] (Realtek Semiconductor Corp -> Realtek Semiconductor)
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [186760 2014-05-12] (Photodex Corporation -> )
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2014-06-23] (SolidWorks) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [191728 2015-02-18] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [53424 2015-06-29] (Hewlett-Packard Company -> Hewlett-Packard)
R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17640 2015-02-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
R3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [12533760 2015-02-18] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [619008 2015-02-18] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 amd_sata; C:\Windows\System32\drivers\amd_sata.sys [82120 2015-02-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\drivers\amd_xata.sys [23752 2015-02-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [154448 2016-07-11] (SlySoft, Inc. -> RedFox)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [154448 2016-07-11] (SlySoft, Inc. -> RedFox)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2015-02-18] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Broadcom Corporation -> Windows ® Win 7 DDK provider)
S3 blackberryncm; C:\Windows\system32\DRIVERS\blackberryncm6_AMD64.sys [36360 2016-04-06] (Microsoft Windows Hardware Compatibility Publisher -> BlackBerry)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Hewlett-Packard Company -> Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Hewlett-Packard Company -> Windows ® Win 7 DDK provider)
S3 dot4usb; C:\Windows\system32\DRIVERS\dot4usb.sys [49056 2012-10-19] (Hewlett-Packard Company -> Microsoft Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [149144 2019-07-25] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [102464 2019-07-25] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15800 2019-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [189232 2019-07-25] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [113336 2019-07-25] (ESET, spol. s r.o. -> ESET)
R0 hpdskflt; C:\Windows\System32\DRIVERS\hpdskflt.sys [40624 2015-06-29] (Hewlett-Packard Company -> Hewlett-Packard)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-02-18] (Martin Malik - REALiX -> REALiX)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2019-09-23] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation -> Malwarebytes Corporation)
R3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2514120 2015-02-18] (Mediatek Inc. -> Ralink Technology, Corp.)
S3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [18432 2015-03-19] (BlackBerry Limited) [File not signed]
S3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Research in Motion Ltd)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [294104 2015-02-18] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1205448 2015-02-18] (Mediatek Inc. -> Ralink Technology, Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-07-26] (Synaptics Incorporated -> Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [34544 2013-07-26] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [31840 2016-03-24] (Hewlett-Packard Company -> HP)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [31840 2016-03-24] (Hewlett-Packard Company -> HP)
S1 epp; \??\C:\EEK\bin64\epp.sys [X]
S3 RimUsb; \SystemRoot\System32\Drivers\RimUsb_AMD64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-09-23 14:38 - 2019-09-23 14:39 - 000029782 _____ C:\Users\Robert\Desktop\FRST.txt
2019-09-23 14:37 - 2019-09-23 14:07 - 001616384 _____ (Farbar) C:\Users\Robert\Desktop\FRST64.exe
2019-09-23 10:04 - 2019-09-23 10:05 - 000000000 ____D C:\Users\Robert\Downloads\big hangover
2019-09-23 09:46 - 2019-09-23 09:49 - 000000000 ____D C:\Users\Robert\Downloads\BAIT_1954
2019-09-21 16:31 - 2019-09-21 16:31 - 000001873 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2019-09-21 16:31 - 2019-09-21 16:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2019-09-19 23:22 - 2019-09-22 19:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-09-17 09:26 - 2019-09-17 09:26 - 000000000 ____D C:\Users\Robert\Downloads\RIFIFI_DVD_rmHD
2019-09-16 15:48 - 2019-09-16 15:48 - 000000378 _____ C:\Users\Robert\Desktop\Duncan's SuDoku Solver.appref-ms
2019-09-16 15:48 - 2019-09-16 15:48 - 000000000 ____D C:\Users\Robert\Documents\My SuDokus
2019-09-16 15:48 - 2019-09-16 15:48 - 000000000 ____D C:\Users\Robert\Desktop\SuDoku Solver-10.1.6.9
2019-09-16 15:48 - 2019-09-16 15:48 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Duncan's SuDoku Solver
2019-09-16 15:48 - 2019-09-16 15:48 - 000000000 ____D C:\Users\Robert\AppData\Local\Deployment
2019-09-16 08:40 - 2019-09-16 08:40 - 000000000 ____D C:\Users\Robert\Downloads\Why Must I Die
2019-09-15 11:57 - 2019-09-15 11:57 - 000000000 ____D C:\Users\Robert\Downloads\Three Cheers For The Irish
2019-09-13 15:57 - 2019-09-13 15:57 - 000000000 ____D C:\Users\Robert\Downloads\The Wild North
2019-09-13 08:25 - 2019-09-13 08:25 - 000000000 ____D C:\Users\Robert\Downloads\How I Live Now (2013) NTSC DVD9
2019-09-10 21:58 - 2019-08-29 01:11 - 001385912 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2019-09-10 21:58 - 2019-08-29 01:02 - 007362808 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-09-10 21:58 - 2019-08-28 22:43 - 001737504 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-09-10 21:58 - 2019-08-28 22:43 - 001677024 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-09-10 21:58 - 2019-08-28 22:42 - 001537560 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-09-10 21:58 - 2019-08-28 22:42 - 001500848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-09-10 21:58 - 2019-08-28 22:42 - 001371256 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-09-10 21:58 - 2019-08-28 21:43 - 001125312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2019-09-10 21:58 - 2019-08-28 21:18 - 000284160 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-09-10 21:58 - 2019-08-27 01:07 - 025752064 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-09-10 21:58 - 2019-08-26 23:29 - 002909184 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-09-10 21:58 - 2019-08-26 23:27 - 000579072 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-09-10 21:58 - 2019-08-26 23:21 - 020290560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-09-10 21:58 - 2019-08-26 23:17 - 005500928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-09-10 21:58 - 2019-08-26 23:17 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-09-10 21:58 - 2019-08-26 23:15 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-09-10 21:58 - 2019-08-26 23:03 - 000496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-09-10 21:58 - 2019-08-26 22:59 - 002301952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-09-10 21:58 - 2019-08-26 22:54 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-09-10 21:58 - 2019-08-26 22:53 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-09-10 21:58 - 2019-08-26 22:48 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2019-09-10 21:58 - 2019-08-26 22:42 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-09-10 21:58 - 2019-08-26 22:39 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-09-10 21:58 - 2019-08-26 22:37 - 002132480 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-09-10 21:58 - 2019-08-26 22:36 - 015389184 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-09-10 21:58 - 2019-08-26 22:32 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2019-09-10 21:58 - 2019-08-26 22:30 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-09-10 21:58 - 2019-08-26 22:27 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-09-10 21:58 - 2019-08-26 22:27 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-09-10 21:58 - 2019-08-26 22:26 - 004859392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-09-10 21:58 - 2019-08-26 22:23 - 013791744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-09-10 21:58 - 2019-08-26 22:15 - 001568256 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-09-10 21:58 - 2019-08-26 22:09 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-09-10 21:58 - 2019-08-26 22:06 - 001331712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-09-10 21:58 - 2019-08-26 22:04 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-09-10 21:58 - 2019-08-26 22:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-09-10 21:58 - 2019-08-19 23:49 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys
2019-09-10 21:58 - 2019-08-15 05:47 - 000376568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2019-09-10 21:58 - 2019-08-15 05:18 - 000805384 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-09-10 21:58 - 2019-08-15 03:29 - 000611448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-09-10 21:58 - 2019-08-13 16:04 - 000374000 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2019-09-10 21:58 - 2019-08-13 16:00 - 000316144 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2019-09-10 21:58 - 2019-08-13 15:54 - 001368072 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-09-10 21:58 - 2019-08-13 15:09 - 001546992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-09-10 21:58 - 2019-08-13 13:15 - 000121288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2019-09-10 21:58 - 2019-08-12 15:29 - 004169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-09-10 21:58 - 2019-08-12 14:44 - 001994240 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-09-10 21:58 - 2019-08-12 14:01 - 001085440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-09-10 21:58 - 2019-08-12 14:00 - 001560064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-09-10 21:58 - 2019-08-10 12:53 - 000426560 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2019-09-10 21:58 - 2019-08-10 12:51 - 000367176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2019-09-10 21:58 - 2019-08-10 09:20 - 001312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-09-10 21:58 - 2019-08-10 09:20 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll
2019-09-10 21:58 - 2019-08-10 09:20 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-09-10 21:58 - 2019-08-10 09:20 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-09-10 21:58 - 2019-08-09 13:48 - 000166912 _____ (Microsoft Corporation) C:\Windows\system32\NcaSvc.dll
2019-09-10 21:58 - 2019-08-09 13:18 - 000748544 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2019-09-10 21:58 - 2019-08-09 12:58 - 007035904 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-09-10 21:58 - 2019-08-09 12:28 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2019-09-10 21:58 - 2019-08-09 12:16 - 006217728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-09-10 21:58 - 2019-08-06 12:41 - 000403968 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2019-09-10 21:58 - 2019-08-06 12:41 - 000401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-09-10 21:58 - 2019-07-31 09:31 - 000571392 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2019-09-10 21:58 - 2019-07-23 15:12 - 000169264 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-09-10 21:58 - 2019-07-23 09:37 - 001712640 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-09-10 21:58 - 2019-07-23 09:37 - 000802304 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-09-10 21:58 - 2019-07-23 09:37 - 000732160 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-09-10 21:58 - 2019-07-23 09:37 - 000634368 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-09-10 21:58 - 2019-07-23 09:37 - 000501760 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2019-09-10 21:58 - 2019-07-23 09:37 - 000456192 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-09-10 21:58 - 2019-07-23 09:37 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-09-10 21:58 - 2019-07-23 09:37 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-09-10 21:58 - 2019-07-11 00:02 - 000195072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys
2019-09-10 21:58 - 2019-07-04 20:10 - 000108392 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2019-09-10 21:58 - 2019-07-04 20:07 - 000092040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2019-09-10 16:18 - 2019-09-10 16:18 - 000000000 ____D C:\Users\Robert\Documents\Amnesia
2019-09-10 07:57 - 2019-09-10 07:57 - 007086592 _____ (Open-Shell) C:\Users\Robert\Desktop\OpenShellSetup_4_4_131.exe
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-09-23 14:38 - 2019-02-04 10:59 - 000000000 ____D C:\FRST
2019-09-23 14:38 - 2013-08-26 02:09 - 000962108 _____ C:\Windows\system32\PerfStringBackup.INI
2019-09-23 14:38 - 2013-08-22 09:36 - 000000000 ____D C:\Windows\Inf
2019-09-23 14:27 - 2014-04-23 19:02 - 000000000 ____D C:\Users\Robert\AppData\Roaming\ClassicShell
2019-09-23 14:21 - 2016-12-21 19:58 - 000192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2019-09-23 13:57 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\system32\NDF
2019-09-23 13:56 - 2016-11-29 23:05 - 000000000 ____D C:\Users\Robert\AppData\LocalLow\Mozilla
2019-09-23 13:52 - 2014-04-25 22:55 - 000000000 ____D C:\Users\Robert\AppData\Roaming\uTorrent
2019-09-23 13:26 - 2013-08-22 10:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-09-23 11:03 - 2014-04-27 16:37 - 000000000 ____D C:\Downloaded Games
2019-09-23 10:43 - 2013-08-22 09:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2019-09-22 23:19 - 2018-10-17 20:48 - 000003172 _____ C:\Windows\System32\Tasks\HPCeeScheduleForRobert
2019-09-22 23:19 - 2018-10-17 20:48 - 000000356 _____ C:\Windows\Tasks\HPCeeScheduleForRobert.job
2019-09-22 19:47 - 2014-04-23 18:58 - 000003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{8A055C58-84B1-4BA9-AD00-A48621AAEA0A}
2019-09-22 19:43 - 2014-04-23 19:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-09-21 16:55 - 2015-05-06 18:10 - 000003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3511957844-2261570385-1743981658-1005
2019-09-21 16:32 - 2017-01-03 21:40 - 000000000 ____D C:\ProgramData\Garmin
2019-09-21 16:32 - 2013-12-12 04:29 - 000000000 ____D C:\ProgramData\Package Cache
2019-09-21 16:31 - 2017-01-03 21:39 - 000003554 _____ C:\Windows\System32\Tasks\GarminUpdaterTask
2019-09-21 16:31 - 2017-01-03 21:39 - 000000000 ____D C:\Program Files (x86)\Garmin
2019-09-20 22:50 - 2013-12-12 04:31 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2019-09-20 09:31 - 2019-04-08 10:38 - 000000000 ____D C:\Users\Robert\Documents\Website Info
2019-09-20 07:55 - 2014-04-23 19:20 - 000001142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-09-19 16:45 - 2019-05-22 18:25 - 000000000 ____D C:\Users\Robert\Documents\Camping Menus and Gear Lists
2019-09-17 08:31 - 2019-02-03 10:56 - 000000000 ____D C:\Users\Robert\Documents\Movie Collector
2019-09-16 15:48 - 2014-07-30 17:33 - 000000000 ____D C:\Users\Robert\AppData\Local\Apps\2.0
2019-09-13 21:15 - 2019-02-08 17:27 - 000004466 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-09-13 21:15 - 2014-08-16 22:34 - 000000000 ____D C:\Users\Robert\AppData\Local\Adobe
2019-09-13 21:15 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-09-13 21:15 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\system32\Macromed
2019-09-13 21:13 - 2019-04-10 14:54 - 000002812 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-09-13 11:23 - 2016-02-15 00:19 - 000000000 ____D C:\Users\Robert\AppData\Roaming\MPC-HC
2019-09-12 11:16 - 2013-08-22 11:36 - 000000000 ____D C:\Windows\rescache
2019-09-11 08:45 - 2013-08-22 11:20 - 000000000 ____D C:\Windows\CbsTemp
2019-09-10 22:15 - 2013-08-22 10:44 - 000512208 _____ C:\Windows\system32\FNTCACHE.DAT
2019-09-10 21:49 - 2019-07-10 09:49 - 001101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2019-09-10 21:49 - 2019-07-10 09:49 - 000856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2019-09-05 07:38 - 2016-04-07 15:12 - 000000000 ____D C:\Windows\softwaredistribution.bak1
2019-09-04 19:12 - 2019-03-28 12:04 - 000000000 ____D C:\Windows\Minidump
2019-08-29 19:45 - 2019-05-15 13:08 - 000835480 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-08-29 19:45 - 2019-05-15 13:08 - 000179816 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories ================
2018-01-14 13:30 - 2018-01-14 13:31 - 000000077 _____ () C:\Users\Robert\SudokuWorks8.exe
2014-07-11 23:15 - 2014-07-11 23:15 - 000000017 _____ () C:\Users\Robert\AppData\Local\resmon.resmoncfg
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-09-18 08:30
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-09-2019
Ran by Robert (23-09-2019 14:40:41)
Running from C:\Users\Robert\Desktop
Windows 8.1 (Update) (X64) (2014-04-23 06:03:03)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3511957844-2261570385-1743981658-500 - Administrator - Disabled)
Guest (S-1-5-21-3511957844-2261570385-1743981658-501 - Limited - Disabled)
Robert (S-1-5-21-3511957844-2261570385-1743981658-1005 - Administrator - Enabled) => C:\Users\Robert
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
Adobe Acrobat 9 Pro Extended 64-bit Add-On (HKLM\...\{AC76BA86-1033-0000-0064-0003D0000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.09 - Adobe Systems)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.255 - Adobe)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{E825A27F-01E0-1BB8-6A7D-DD769D57E4B0}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Amnesia - The Dark Descent (HKLM-x32\...\{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1) (Version: 1.0.0 - Frictional Games)
ANT Drivers Installer x64 (HKLM\...\{13411D72-7171-440B-978A-ECAA06920C4C}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 8.0.5.0 - RedFox)
CCleaner (HKLM\...\CCleaner) (Version: 5.57 - Piriform)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Dark Parables The Match Girls Lost Paradise Collectors 1.00 (HKLM-x32\...\Dark Parables The Match Girls Lost Paradise Collectors 1.00) (Version: 1.00 - Games)
Duncan's SuDoku Solver (HKU\S-1-5-21-3511957844-2261570385-1743981658-1005\...\a0575e81e239a52c) (Version: 10.1.6.9 - Duncan's SuDoku Solver)
DVDFab 9.2.2.8 (02/02/2016) (HKLM-x32\...\DVDFab 9_is1) (Version: - Fengtao Software Inc.)
Elevated Installer (HKLM-x32\...\{4E108B93-9865-45BF-A565-865AE20AC7FC}) (Version: 6.18.0.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
ESET Security (HKLM\...\{EC96F234-2A42-4D7D-9C33-443566F72BF5}) (Version: 12.2.23.0 - ESET, spol. s r.o.)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Family Tree Maker 2017 (HKLM\...\{6BEF69F9-92AA-4BCC-8529-DA42F585EC36}) (Version: 23.2.1540 - Software MacKiev)
Free Spider Solitaire v5.0 (HKLM-x32\...\Free Spider_is1) (Version: - TreeCardGames)
Galerie de photos (HKLM-x32\...\{F4D99A13-F63A-4FC1-8799-CFFDB78DDFB3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Garmin Express (HKLM-x32\...\{D646C2CC-7782-4B95-B1C8-D9503409A40A}) (Version: 6.18.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{ffecb7df-db17-4a27-9f6b-d61ba2d7bcff}) (Version: 6.18.0.0 - Garmin Ltd or its subsidiaries)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{13133E99-B0D5-4143-B832-AAD55C62A41C}) (Version: 6.0.19.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{4AAC4B07-77EF-4BCF-88DC-D24E4DE683E8}) (Version: 8.8.24.33 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{63F82052-C045-4F97-A3CA-C41D2CCA1FFA}) (Version: 12.12.32.3 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{D17A3B70-B75E-4C49-83D6-C17DDF65B35F}) (Version: 1.3.4 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{AED1C141-3AFC-47FE-AE90-C820AA60B103}) (Version: 2.2.5 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.5.0 - LIGHTNING UK!)
IsoBuster 1.9.1 (HKLM-x32\...\IsoBuster_is1) (Version: 1.9.1 - Smart Projects)
K-Lite Mega Codec Pack 14.7.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.7.5 - KLCP)
Macrium Reflect Home Edition (HKLM\...\{017ED74E-8088-4765-8876-A250B3A1470C}) (Version: 6.1.1000 - Paramount Software (UK) Ltd.) Hidden
Macrium Reflect Home Edition (HKLM\...\MacriumReflect) (Version: 6.1 - Paramount Software (UK) Ltd.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Access database engine 2010 (English) (HKLM-x32\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Project 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{8446EB22-A746-46DC-B1BD-E0DFA1F3CDDA}) (Version: - Microsoft)
Microsoft Office Project Professional 2007 (HKLM-x32\...\PRJPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version: - Microsoft)
Microsoft Office Visio Professional 2007 (HKLM-x32\...\VISPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
Movie Collector (HKLM\...\{8EC6EBB4-D899-4C6B-BA17-C21B78988F23}_is1) (Version: - Collectorz.com)
Movie Maker (HKLM-x32\...\{0FD2B9C6-DB91-48EA-9518-AB5B68CA1E28}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 69.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 69.0.1 (x64 en-US)) (Version: 69.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 69.0.1.7199 - Mozilla)
Nero 7 Ultra Edition (HKLM-x32\...\{43FFE159-3199-4188-A1CD-629166AD1033}) (Version: 7.02.6445 - Nero AG)
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
PerfectDisk Professional Business (HKLM\...\{682B22AB-EAAA-4B1C-83AF-B26E7D4ED01E}) (Version: 13.0.783 - Raxco Software Inc.)
Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - Photodex Corporation)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.4 - Power Software Ltd)
ProShow Producer (HKLM-x32\...\ProShow Producer) (Version: - Photodex Corporation)
Ralink Bluetooth Stack64 (HKLM\...\{8A2E2A41-B814-407E-2F96-4E433C42AB78}) (Version: 11.0.739.0 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.45.0 - Mediatek)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.29068 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7373 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.108 - Skype Technologies S.A.)
Sudoku Works (HKLM-x32\...\{5B10C186-C6CF-45D8-9E2D-4F18247A5C63}) (Version: 1.0 - Oak Systems)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.7.8 - Synaptics Incorporated)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Windows 7 Games for Windows 10 and 8 (HKLM\...\Win7Games) (Version: 2.0 - hxxp://winaero.com)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Your Uninstaller! 7 (HKLM-x32\...\YU2010_is1) (Version: 7.5.2014.3 - URSoft, Inc.)
Packages:
=========
eBay -> C:\Program Files\WindowsApps\eBayInc.eBay_1.3.0.44_neutral__1618n3s9xq8tw [2013-12-12] (eBay, Inc)
Frameworkuapbase -> C:\Program Files\WindowsApps\48682KiddoTest.Frameworkuapbase_1.0.0.2_neutral__81ffpr532s7pc [2019-07-10] (KiddoTest)
Games -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.100.0_x64__8wekyb3d8bbwe [2013-12-12] (Microsoft Corporation) [MS Ad]
Getting Started with Windows 8 -> C:\Program Files\WindowsApps\AD2F1837.GettingStartedwithWindows8_1.2.4.35_neutral__v10z8vjag6ke6 [2013-12-12] (Hewlett-Packard Company)
HP Connected Photo powered by Snapfish -> C:\Program Files\WindowsApps\AD2F1837.HPConnectedPhotopoweredbySnapfish_1.9.123.1118_neutral__v10z8vjag6ke6 [2013-12-12] (Hewlett-Packard Company)
HP Registration -> C:\Program Files\WindowsApps\AD2F1837.HPRegistration_1.2.1.141_neutral__v10z8vjag6ke6 [2013-12-12] (Hewlett-Packard Company)
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.0_2.0.1410.19000_x64__8wekyb3d8bbwe [2019-07-10] (Microsoft Corporation)
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.0_2.0.1410.19000_x86__8wekyb3d8bbwe [2019-07-10] (Microsoft Corporation)
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.1_2.0.1410.19000_x64__8wekyb3d8bbwe [2019-07-10] (Microsoft Corporation)
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.1_2.0.1410.19000_x86__8wekyb3d8bbwe [2019-07-10] (Microsoft Corporation)
Microsoft PlayReady -> C:\Program Files\WindowsApps\Microsoft.Internal.Media.PlayReadyClient_2.3.1678.1_x64__8wekyb3d8bbwe [2014-04-23] (Microsoft Corporation)
Microsoft PlayReady -> C:\Program Files\WindowsApps\Microsoft.Internal.Media.PlayReadyClient_2.3.1678.1_x86__8wekyb3d8bbwe [2014-04-23] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_1.6.4.30605_x86__8wekyb3d8bbwe [2013-12-12] (Microsoft Studios) [MS Ad]
Microsoft Visual C++ Runtime Package -> C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00.Preview.Internal_12.0.20222.2_x64__8wekyb3d8bbwe [2014-04-23] (Microsoft Platform Extensions Internal)
Microsoft Visual C++ Runtime Package -> C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00.Preview.Internal_12.0.20222.2_x86__8wekyb3d8bbwe [2014-04-23] (Microsoft Platform Extensions Internal)
Microsoft Windows Library for JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.2.0.Preview.Internal_1.0.9385.3_neutral__8wekyb3d8bbwe [2014-04-23] (Microsoft Platform Extensions)
Microsoft Windows Library for JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.2.0.Preview_1.0.9431.0_neutral__8wekyb3d8bbwe [2014-04-23] (Microsoft Platform Extensions)
Microsoft Windows Library for JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.Preview.1_1.0.9345.0_neutral__8wekyb3d8bbwe [2014-04-23] (Microsoft Platform Extensions)
mxtest2 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.mxtest2_2.0.0.0_neutral__x35ns48czryn0 [2019-07-10] (m1df_mmengesha)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_1.10.0.58_x64__mcm4njqhnhss8 [2013-12-12] (Netflix, Inc.)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_2.0.0.5012_x86__kzf8qxf38zg5c [2013-12-12] (Skype) [MS Ad]
Test_Framework_BP_052015 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.TestFrameworkBP052015_1.0.0.9_neutral__x35ns48czryn0 [2019-07-10] (m1df_mmengesha)
Test_Framework_win81appxneutral_061115 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.TestFrameworkwin81appxneutral06_4.0.0.7_neutral__x35ns48czryn0 [2019-07-10] (M1DF_Mmengesha)
Test_FrameworkBackpublish_050515 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.TestFrameworkBackpublish050515_1.0.0.0_neutral__x35ns48czryn0 [2019-07-10] (m1df_mmengesha)
Test_FrameworkProd_062215_01 -> C:\Program Files\WindowsApps\50856m1dfLL.TestFrameworkProd06221501_1.0.0.10_neutral__nwcxtg9ehxpvt [2019-07-10] (m1df_lucyll)
TESTFRAMEWORKABO2 -> C:\Program Files\WindowsApps\40538vasetest101.TESTFRAMEWORKABO2_12.0.21005.1_x64__ssm1v0s3df7zc [2019-07-10] (vasetest101)
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.2.41.0_x64__8wekyb3d8bbwe [2013-12-12] (Microsoft Corporation) [MS Ad]
YouCam for HP -> C:\Program Files\WindowsApps\CyberLinkCorp.hs.YouCamforHP_1.0.2.26590_x86__06qsbagp91rvg [2013-12-12] (CYBERLINKCOM CORP)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3511957844-2261570385-1743981658-1005_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-3511957844-2261570385-1743981658-1005_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-3511957844-2261570385-1743981658-1005_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
CustomCLSID: HKU\S-1-5-21-3511957844-2261570385-1743981658-1005_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2015\en-US\acadficn.dll => No File
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-07-25] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2019-04-17] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2015-10-12] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-07-25] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2015-10-12] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2019-04-17] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2013-08-19] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip32.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-07-25] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2019-04-17] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2017-04-18 05:45 - 2017-04-18 05:45 - 000808960 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.Core.dll
2017-04-18 05:45 - 2017-04-18 05:45 - 001227264 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.Core.dll
2019-09-18 16:28 - 2019-09-18 16:28 - 000073216 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\FixBootSector.dll
2017-05-08 10:35 - 2017-05-08 10:35 - 000325632 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\GpsImgWrapper.dll
2017-04-09 23:49 - 2017-04-09 23:49 - 067109376 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libcef.dll
2017-04-09 23:49 - 2017-04-09 23:49 - 000079360 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libegl.dll
2017-04-09 23:49 - 2017-04-09 23:49 - 002246144 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libglesv2.dll
2013-08-19 17:48 - 2013-08-19 17:48 - 000016896 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\a4\AS4.NativeProxy.dll
2013-08-19 17:47 - 2013-08-19 17:47 - 000127488 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-08-19 17:47 - 2013-08-19 17:47 - 000102400 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2019-09-12 09:50 - 2019-09-12 09:50 - 000031232 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\A4.Foundation\64e205fd2642e58e28ba11b5061bbed5\A4.Foundation.ni.dll
2019-09-12 09:51 - 2019-09-12 09:51 - 000022528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Actions5dc83b46#\fdcc5bf17ab74b3da52640692259d87e\AEM.Actions.CCAA.Shared.ni.dll
2019-09-12 09:51 - 2019-09-12 09:51 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.0a1309f7#\b52cf10e631f947f3ce978a05ddd83c4\AEM.Plugin.EEU.Shared.ni.dll
2019-09-12 09:51 - 2019-09-12 09:51 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.2b6a6775#\a7095e60757210e78c36ed9dbb4cb2a9\AEM.Plugin.Hotkeys.Shared.ni.dll
2019-09-12 09:51 - 2019-09-12 09:51 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.4adf1574#\ffe14531b9f5f4c5505c4f38d2ede0e5\AEM.Plugin.Audio.Shared.ni.dll
2019-09-12 09:51 - 2019-09-12 09:51 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.54d8abe3#\730b0c26e14bd6048c95164f279ad0fe\AEM.Plugin.DPPE.Shared.ni.dll
2019-09-12 09:51 - 2019-09-12 09:51 - 000282112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.5d945b6b#\9930eac511e5727fc68a1ca8164e9350\AEM.Plugin.Source.Kit.Server.ni.dll
2019-09-12 09:51 - 2019-09-12 09:51 - 000014848 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.674d2b8a#\6a560d2f9bf5816d04f80bf8c5a10961\AEM.Plugin.WinMessages.Shared.ni.dll
2019-09-12 09:51 - 2019-09-12 09:51 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.88aba5d2#\33158e19c9f318c281d681bc17da952c\AEM.Plugin.REG.Shared.ni.dll
2019-09-12 09:51 - 2019-09-12 09:51 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.GD.Shared\f2856b74a4cd85d2f5092c21b13bc5b2\AEM.Plugin.GD.Shared.ni.dll
2019-09-12 09:51 - 2019-09-12 09:51 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server.Shared\ea4e2847f8d7309d74272f5545c73f34\AEM.Server.Shared.ni.dll
2019-09-12 09:51 - 2019-09-12 09:51 - 000267776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server\a4f6dbc794bf061bec4003e54c99ac16\AEM.Server.ni.dll
2019-09-12 09:51 - 2019-09-12 09:51 - 000055808 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Foundation\33b099f15211beaced2ddaec38adef4b\APM.Foundation.ni.dll
2019-09-12 09:54 - 2019-09-12 09:54 - 000122880 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ATICCCom\9a71015fe96cc92537dff763a5e9bff6\ATICCCom.ni.dll
2019-09-12 09:51 - 2019-09-12 09:51 - 000204288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CCC.Implementation\ac1f7fb6515151b96fb77a46bc49aa19\CCC.Implementation.ni.dll
2019-09-12 09:52 - 2019-09-12 09:52 - 000151040 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.2042675f#\48c468c0d40368f4a8d559d0722de275\CLI.Aspect.CPUPStates.Fuel.Dashboard.ni.dll
2019-09-12 09:53 - 2019-09-12 09:53 - 000153088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.21d2ac78#\40c91b400b06897c65c9d1f4edd5e253\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.ni.dll
2019-09-12 09:52 - 2019-09-12 09:52 - 000128000 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3399d0ec#\6bb1acee3b06ee2f62f99d3b7dec0eec\CLI.Aspect.CustomFormats.Graphics.Shared.ni.dll
2019-09-12 09:52 - 2019-09-12 09:52 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.37d3d968#\366c1f68ae346632f591ff937dc3bd13\CLI.Aspect.AMDHome.Graphics.Shared.ni.dll
2019-09-12 09:54 - 2019-09-12 09:54 - 000045568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.382a3def#\314606666d8d6833c40c5f51a1a593ab\CLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll
2019-09-12 09:52 - 2019-09-12 09:52 - 000072192 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.398e7f7a#\d46d04bb74c4e56e91cbf2c1987cb012\CLI.Aspect.A4.A4.Shared.ni.dll
2019-09-12 09:53 - 2019-09-12 09:53 - 000107008 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3a6f1658#\f2b1ea1490dd8fd19c6c636492f18dc9\CLI.Aspect.TransCode.Graphics.Shared.ni.dll
2019-09-12 09:52 - 2019-09-12 09:52 - 000209920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4542c692#\6ee16b572b026d3b7974996e17facf26\CLI.Aspect.DeviceCRT.Graphics.Shared.ni.dll
2019-09-12 09:53 - 2019-09-12 09:53 - 000130048 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.46819220#\3134adb88a8ada35f8bb39c28efb3cf3\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.ni.dll
2019-09-12 09:53 - 2019-09-12 09:53 - 000074752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4bbb0755#\c737a58605e68f29546259c5dffa1a58\CLI.Aspect.TransCode.Graphics.Dashboard.ni.dll
2019-09-12 09:52 - 2019-09-12 09:52 - 000151040 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4ede500c#\45c0cb83a15f1fe38690ad246336939d\CLI.Aspect.DPPE.Fuel.Dashboard.ni.dll
2019-09-12 09:53 - 2019-09-12 09:53 - 000074240 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.59a12d95#\46011db21182ca95f41881724efb90c9\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.ni.dll
2019-09-12 09:52 - 2019-09-12 09:52 - 000111616 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.5a772e69#\659ffee77cb136b653f931672ccfb78b\CLI.Aspect.Fets.Fuel.Dashboard.ni.dll
2019-09-12 09:53 - 2019-09-12 09:53 - 000070656 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.648b65fc#\3bd531509843eddc216129de93ebc959\CLI.Aspect.WiFi.Fuel.Dashboard.ni.dll
2019-09-12 09:55 - 2019-09-12 09:55 - 000263168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.73911eb5#\bb3710a5a41da769f5741ea6d9de18d0\CLI.Aspect.WirelessDisplay.Graphics.Shared.ni.dll
2019-09-12 09:52 - 2019-09-12 09:52 - 000292864 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.7ec2db45#\f7139a5920474473f7da36c16a12e9f2\CLI.Aspect.DeviceDFP.Graphics.Shared.ni.dll
2019-09-12 09:53 - 2019-09-12 09:53 - 000616960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.846fa813#\cc084c5ce5c003433ad8cd8ce99ea7fe\CLI.Aspect.MMVideo.Graphics.Dashboard.ni.dll
2019-09-12 09:53 - 2019-09-12 09:53 - 000741376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8d333b6b#\0f38ea5fc7dc4c2ea240a6b3fd60e531\CLI.Aspect.Radeon3D.Graphics.Shared.ni.dll
2019-09-12 09:52 - 2019-09-12 09:52 - 000452608 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8e996306#\6728927e37a26de6b365fafdb22bb2cc\CLI.Aspect.CrossDisplay.Graphics.Dashboard.ni.dll
2019-09-12 09:52 - 2019-09-12 09:52 - 000149504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a0ae52bc#\a14cc1b037fd8fdc7f19195f7096a12a\CLI.Aspect.DeviceLCD.Graphics.Shared.ni.dll
2019-09-12 09:52 - 2019-09-12 09:52 - 000462336 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.acb9d930#\0656ec7656ce27d648bf94e36d729656\CLI.Aspect.DeviceProperty.Graphics.Shared.ni.dll
2019-09-12 09:52 - 2019-09-12 09:52 - 000086528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ae5e117c#\b3dd4ea8d3d145b5a12984197fa2bdb6\CLI.Aspect.DisplaysColour2.Graphics.Shared.ni.dll
2019-09-12 09:52 - 2019-09-12 09:52 - 000067072 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.b0a7c1fb#\6a018058ba9230c5c963c1e14b70a802\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.ni.dll
2019-09-12 09:53 - 2019-09-12 09:53 - 000023552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c2a2b491#\1d34f417ba54ec57f08a901cfd4f14f2\CLI.Aspect.WiFi.Fuel.Shared.ni.dll
2019-09-12 09:53 - 2019-09-12 09:53 - 000313344 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c7aaa0f8#\8311d5514cdb75ba93d9721466a8ab4b\CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll
2019-09-12 09:52 - 2019-09-12 09:52 - 000017920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c854b457#\2470ac4bf776e88bbb211fd873bd0b08\CLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll
2019-09-12 09:52 - 2019-09-12 09:52 - 000081408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.caa5cc64#\2e4a14e25360dbf75b6f1250dae22e66\CLI.Aspect.Fets.Fuel.Shared.ni.dll
2019-09-12 09:53 - 2019-09-12 09:53 - 001315840 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.d7e090dc#\5351000f35db589729fbe542b47d9a2c\CLI.Aspect.User.Fuel.Dashboard.ni.dll
2019-09-12 09:51 - 2019-09-12 09:51 - 000091136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e76f4137#\d7977c409addca3b08597d3d66ff313d\CLI.Aspect.A4.A4.Dashboard.ni.dll
2019-09-12 09:52 - 2019-09-12 09:52 - 000273408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e8635fc7#\30771d3f5ce3e67d3eb30563ea5c6085\CLI.Aspect.InfoCentre.Graphics.Dashboard.ni.dll
2019-09-12 09:53 - 2019-09-12 09:53 - 003358720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e9fd7406#\f8c997469c2c747305fc7a91555efe15\CLI.Aspect.Radeon3D.Graphics.Dashboard.ni.dll
2019-09-12 09:52 - 2019-09-12 09:52 - 000240128 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.eda8935e#\a07529acd3ca27a7bc14df7cb1799723\CLI.Aspect.MMVideo.Graphics.Shared.ni.dll
2019-09-12 09:53 - 2019-09-12 09:53 - 000047104 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ef3eaa4d#\b0e1edf83bb781eee9eadab5b14af350\CLI.Aspect.TransCode.Graphics.Runtime.ni.dll
2019-09-12 09:52 - 2019-09-12 09:52 - 000070656 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.efd83192#\12c0ded256932efba032788cd73c361b\CLI.Aspect.CPUPStates.Fuel.Shared.ni.dll
2019-09-12 09:52 - 2019-09-12 09:52 - 000047104 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f38af62f#\7e88e2b131151e5631c1f64eaff8f54c\CLI.Aspect.A4.A4.Runtime.ni.dll
2019-09-12 09:52 - 2019-09-12 09:52 - 000057856 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f45bd021#\e2844846c5d116a61c902c1a9a725bd8\CLI.Aspect.DPPE.Fuel.Shared.ni.dll
2019-09-12 09:54 - 2019-09-12 09:54 - 000051200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Runtime\fcfcbedc0491c4e1aca7b719d0505cb5\CLI.Caste.A4.Runtime.ni.dll
2019-09-12 09:52 - 2019-09-12 09:52 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Shared\937bee3854b041e327f8738490c30a29\CLI.Caste.A4.Shared.ni.dll
2019-09-12 09:53 - 2019-09-12 09:53 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Af820fedc#\4e1a554847e26ccd4dd5bb38bf706aa5\CLI.Caste.A4.Dashboard.ni.dll
2019-09-12 09:52 - 2019-09-12 09:52 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F24de14fe#\2b835f74eabaa742c104cde4088d19ef\CLI.Caste.Fuel.Shared.ni.dll
2019-09-12 09:54 - 2019-09-12 09:54 - 000311296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F36b07a2b#\dad67978595f14163f8f71314d6ac4c5\CLI.Caste.Fuel.Runtime.ni.dll
2019-09-12 09:54 - 2019-09-12 09:54 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Ff3085433#\40e1121eca6ab42130c50f99c2c918d1\CLI.Caste.Fuel.Dashboard.ni.dll
2019-09-12 09:52 - 2019-09-12 09:52 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60338cc0#\b51061a99f4d7c3e1e999ac8a536dfe5\CLI.Caste.Graphics.Runtime.Shared.Private.ni.dll
2019-09-12 09:52 - 2019-09-12 09:52 - 001548800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gd9d9b43b#\4ca4ea39a61952719630e5ee0940435a\CLI.Caste.Graphics.Dashboard.Shared.ni.dll
2019-09-12 09:52 - 2019-09-12 09:52 - 000472576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gee7d2dbc#\1a31a5a5b523efb40609232aa124749a\CLI.Caste.Graphics.Dashboard.ni.dll
2019-09-12 09:54 - 2019-09-12 09:54 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H18c99613#\3b1a7592fa675febee1550110b89336b\CLI.Caste.HydraVision.Runtime.ni.dll
2019-09-12 09:54 - 2019-09-12 09:54 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H92ba4e46#\e91d6e5971a18217f2e64026f5b8069f\CLI.Caste.HydraVision.Shared.ni.dll
2019-09-12 09:54 - 2019-09-12 09:54 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Hbb906c0b#\55ad18dc645d268a29d9ef2756543d09\CLI.Caste.HydraVision.Dashboard.ni.dll
2019-09-12 09:54 - 2019-09-12 09:54 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pac40511b#\05f3364eb0e54c46d20a2e5e033c5742\CLI.Caste.Platform.Shared.ni.dll
2019-09-12 09:54 - 2019-09-12 09:54 - 000044032 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pdb36d56e#\6edc0a60e74f920caf186e7ef76b4a4f\CLI.Caste.Platform.Runtime.ni.dll
2019-09-12 09:54 - 2019-09-12 09:54 - 000024064 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pfeefa2b6#\61fee1f2eaf86b8ca5f7b533a56a4200\CLI.Caste.Platform.Dashboard.ni.dll
2019-09-12 09:54 - 2019-09-12 09:54 - 000350720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combinee84f0351#\27de2642377813869564a938f10bc366\CLI.Combined.Fusion.Aspects.Runtime.ni.dll
2019-09-12 09:51 - 2019-09-12 09:51 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone1b4a8c97#\7c0464f0b710384e2c12471e69cd906c\CLI.Component.Runtime.Shared.ni.dll
2019-09-12 09:54 - 2019-09-12 09:54 - 000173568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone29e547cc#\cfd0488177a53cf70ef56890e978c239\CLI.Component.Dashboard.ProfileManager2.ni.dll
2019-09-12 09:52 - 2019-09-12 09:52 - 000150528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone59f353b4#\75a20ccf1ce99ea8ab1525e0693e27eb\CLI.Component.Runtime.Shared.Private.ni.dll
2019-09-12 09:54 - 2019-09-12 09:54 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componeb4d0485c#\e5806595a746c954ca7705252bfafa7b\CLI.Component.Runtime.Extension.EEU.ni.dll
2019-09-12 09:51 - 2019-09-12 09:51 - 001603584 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componec89c3bec#\b3608a217f3a509f69223ea398607633\CLI.Component.Dashboard.Shared.Private.ni.dll
2019-09-12 09:51 - 2019-09-12 09:51 - 000018432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef1fd67b2#\e6b6cadb042c41a95d71a7f64d3eb1fa\CLI.Component.Client.Shared.ni.dll
2019-09-12 09:51 - 2019-09-12 09:51 - 000084992 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef4cf054f#\82bfef49a69851f1bd96b50a2433be12\CLI.Component.Dashboard.Shared.ni.dll
2019-09-12 09:51 - 2019-09-12 09:51 - 000089088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat3d5d3945#\b28a00869822944f18d5b453e766c417\CLI.Foundation.Private.ni.dll
2019-09-12 09:55 - 2019-09-12 09:55 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat60cdf5df#\e2a094b2825f0b4a7251c5828be94a31\CLI.Foundation.XManifest.ni.dll
2019-09-12 09:51 - 2019-09-12 09:51 - 000089088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat619559bd#\1d424534fe59c1319c12bc62f58a3f16\CLI.Foundation.CoreAudioAPI.ni.dll
2019-09-12 09:51 - 2019-09-12 09:51 - 000933888 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundatd3771151#\7b44aee4478eaacd2f98c66ae3cdcb2c\CLI.Foundation.Client.ni.dll
2019-09-12 09:51 - 2019-09-12 09:51 - 000301568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundation\2c68ae2fbef24f9aaec36a626ed2b102\CLI.Foundation.ni.dll
2019-09-12 09:51 - 2019-09-12 09:51 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics\c1706df93da7dec683f577997a0bdfb3\DEM.Graphics.ni.dll
2019-09-12 09:54 - 2019-09-12 09:54 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Fuel.Foundation\6117c5d8e7767c0b94e92e437a67bfc8\Fuel.Foundation.ni.dll
2019-09-12 09:55 - 2019-09-12 09:55 - 000292864 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat03490438#\0bf8094fa622ac4faff96ed3d7cfc412\LOG.Foundation.Implementation.ni.dll
2019-09-12 09:50 - 2019-09-12 09:50 - 000149504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat5023f8e7#\da312f1e8d3b2f2c0837900727095aff\LOG.Foundation.Private.ni.dll
2019-09-12 09:51 - 2019-09-12 09:51 - 000087040 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundatcaafa75b#\6987e7640a5a7ac3e3a0c92ed4975357\LOG.Foundation.Implementation.Private.ni.dll
2019-09-12 09:50 - 2019-09-12 09:50 - 000123392 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundation\08425b09e1763f4712ff186b10f10037\LOG.Foundation.ni.dll
2019-09-12 09:51 - 2019-09-12 09:51 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Foundation\99d8a3220516626c80f8a81cd3482bcc\MOM.Foundation.ni.dll
2019-09-12 09:56 - 2019-09-12 09:56 - 000402944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Implementation\e30b0401980f709608796834fb4fd388\MOM.Implementation.ni.dll
2019-09-12 09:51 - 2019-09-12 09:51 - 000055296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\NEWAEM.Foundation\e71af2d39b4e2a82cf839ed6089a2ec2\NEWAEM.Foundation.ni.dll
2013-08-19 17:38 - 2013-08-19 17:38 - 000897024 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll
2013-08-19 17:37 - 2013-08-19 17:37 - 000004608 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll
2019-09-12 09:51 - 2019-09-12 09:51 - 000774656 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ADL.Foundation\0d4bd38d21b99476d71263e73ad7e7f7\ADL.Foundation.ni.dll
2019-09-12 09:51 - 2019-09-12 09:51 - 000250880 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Server\9c74819595a7b62740db9140e4ae6478\APM.Server.ni.dll
2019-09-12 09:52 - 2019-09-12 09:52 - 000297984 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9b707b25#\6dd7cff479265dbe405a013d40e6aaec\CLI.Aspect.DeviceProperty.Graphics.Runtime.ni.dll
2019-09-12 09:52 - 2019-09-12 09:52 - 001652736 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.aa59351a#\4cbb005477faef06ee803dffaab74d01\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.ni.dll
2019-09-12 09:52 - 2019-09-12 09:52 - 000740864 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e6d9f3a8#\7aab30ba2784efb55a98d8f507e1538f\CLI.Aspect.DeviceDFP.Graphics.Dashboard.ni.dll
2019-09-12 09:54 - 2019-09-12 09:54 - 002559488 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine0616f305#\c4f0ce2b933c3cefb7b164d7a666d8f1\CLI.Combined.Graphics.Aspects1.Dashboard.ni.dll
2019-09-12 09:54 - 2019-09-12 09:54 - 000989696 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine7332395e#\86bae9c18e11598ee1f3c271cf6280d7\CLI.Combined.Graphics.Aspects2.Runtime.ni.dll
2019-09-12 09:51 - 2019-09-12 09:51 - 000136704 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone168638d1#\cfa45e66aa99a28fa29aecf711872aaf\CLI.Component.Client.Shared.Private.ni.dll
2019-09-12 09:54 - 2019-09-12 09:54 - 000233472 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6692ca50#\a20b1c2de5c5d7ed73d943992c3801af\CLI.Component.Runtime.ni.dll
2019-09-12 09:54 - 2019-09-12 09:54 - 000914944 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6bf88b08#\e8771ee0ab2407ca6fd1c95cc28cfab2\CLI.Component.Dashboard.ni.dll
2019-09-12 09:52 - 2019-09-12 09:52 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0706\2c5d437c65b33b1b02f4dd62cfd2dce9\DEM.Graphics.I0706.ni.dll
2019-09-12 09:52 - 2019-09-12 09:52 - 000084480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0709\a60dcac472514f0d69c2c18947dda216\DEM.Graphics.I0709.ni.dll
2019-09-12 09:52 - 2019-09-12 09:52 - 000012288 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0712\40d6768770f2d15df1742a02a993d65d\DEM.Graphics.I0712.ni.dll
2019-09-12 09:52 - 2019-09-12 09:52 - 000018432 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0804\bd858cb65685267acffc5bacf9bb5269\DEM.Graphics.I0804.ni.dll
2019-09-12 09:55 - 2019-09-12 09:55 - 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0805\8e58daeca6b504a0becefcc912a78449\DEM.Graphics.I0805.ni.dll
2019-09-12 09:55 - 2019-09-12 09:55 - 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0812\45a17b4a5530561053a8a4f1d28a4ab5\DEM.Graphics.I0812.ni.dll
2019-09-12 09:54 - 2019-09-12 09:54 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0906\6053e5db01ebb00b4fa94d4c3919ca87\DEM.Graphics.I0906.ni.dll
2019-09-12 09:52 - 2019-09-12 09:52 - 000014336 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0912\67542f3e868b12b29bace79626076af0\DEM.Graphics.I0912.ni.dll
2019-09-12 09:54 - 2019-09-12 09:54 - 000035840 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I1010\f55507c8f1b13f7f8f150483f1ddf1b7\DEM.Graphics.I1010.ni.dll
2019-09-12 09:51 - 2019-09-12 09:51 - 001005568 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Localizatio01dbc1c0#\7f4419ca3b535910e6627e884b6f8ef9\Localization.Foundation.Private.ni.dll
2019-09-12 09:56 - 2019-09-12 09:56 - 000242688 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceMan446ca0e5#\6105b9a6bea7549b394b1b2965ea7859\ResourceManagement.Foundation.Implementation.ni.dll
2019-09-12 09:51 - 2019-09-12 09:51 - 000023552 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceManf163905a#\d900dc2c3859a25b9bbae1084172f677\ResourceManagement.Foundation.Private.ni.dll
2019-09-12 09:52 - 2019-09-12 09:52 - 000091648 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ec8786e5#\9f77177c2d7701d8b6e401f6fb05a0d5\CLI.Aspect.AMDHome.Graphics.Dashboard.ni.dll
2019-09-12 09:51 - 2019-09-12 09:51 - 002286592 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60a7b4d1#\8c2d23aeef5b0ae44b34688abd6904c2\CLI.Caste.Graphics.Shared.ni.dll
2019-09-12 09:54 - 2019-09-12 09:54 - 002788864 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G962aa464#\dc5205266603f0296afcb477218b161c\CLI.Caste.Graphics.Runtime.ni.dll
2019-09-18 16:28 - 2019-09-18 16:28 - 001976832 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Garmin\Express\XercesLib.dll
2019-09-12 09:51 - 2019-09-12 09:51 - 000025600 _____ (ATI Technologies Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Foundation\faad3493a001b98a4b94753251f6c7d6\DEM.Foundation.ni.dll
2019-09-12 09:51 - 2019-09-12 09:51 - 000115200 _____ (ATI Technologies Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0601\138049a5558801c20eea05ccefb1700f\DEM.Graphics.I0601.ni.dll
2019-09-18 16:30 - 2019-09-18 16:30 - 000234496 _____ (Dynastream Innovations Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\ANT_WrappedLib.dll
2019-09-18 16:28 - 2019-09-18 16:28 - 002711552 _____ (Garmin International) [File not signed] C:\Program Files (x86)\Garmin\Express\legacyio.dll
2017-05-08 10:35 - 2017-05-08 10:35 - 000343552 _____ (Garmin International, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\IMG_GPSMAP.dll
2019-09-18 16:28 - 2019-09-18 16:28 - 000425472 _____ (Garmin) [File not signed] C:\Program Files (x86)\Garmin\Express\XMLdll.dll
2014-04-20 10:17 - 2014-04-20 10:17 - 000803520 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer64.dll
2014-04-20 10:17 - 2014-04-20 10:17 - 003374272 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2003-03-19 06:14 - 2003-03-19 06:14 - 000499712 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Ahead\Lib\MSVCP71.dll
2003-02-21 14:42 - 2003-02-21 14:42 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Ahead\Lib\MSVCR71.dll
2013-12-12 15:49 - 2013-12-12 15:49 - 000037512 _____ (Raxco Software, Inc. -> Raxco Software, Inc.) [File not signed] C:\Program Files\Common Files\Raxco\Shared\PDEnginePS.dll
2019-09-18 16:29 - 2019-09-18 16:29 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\DSI_SiUSBXp_3_1.DLL
2017-04-09 23:49 - 2017-04-09 23:49 - 000434176 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\chrome_elf.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:1CE11B51 [152]
AlternateDataStreams: C:\ProgramData\Temp:2398E95B [139]
AlternateDataStreams: C:\ProgramData\Temp:FC97DEBC [147]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-3511957844-2261570385-1743981658-1005\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 09:25 - 2016-12-21 19:57 - 000000178 ____R C:\Windows\system32\drivers\etc\hosts
127.0.0.1 keystone.mwbsys.com
127.0.0.1 sirius.mwbsys.com
127.0.0.1 bactem.mwbsys.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3511957844-2261570385-1743981658-1005\Control Panel\Desktop\\Wallpaper -> C:\Photos\WIND RIVER BOB\DSC00376.JPG
DNS Servers: 192.168.2.1 - 207.164.234.129
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\StartupFolder: => "SolidWorks 2014 Fast Start.lnk"
HKLM\...\StartupApproved\StartupFolder: => "SolidWorks Background Downloader.lnk"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKU\S-1-5-21-3511957844-2261570385-1743981658-1005\...\StartupApproved\Run: => "Autodesk Sync"
HKU\S-1-5-21-3511957844-2261570385-1743981658-1005\...\StartupApproved\Run: => "AnyDVD"
HKU\S-1-5-21-3511957844-2261570385-1743981658-1005\...\StartupApproved\Run: => "Skype"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{027A2713-D6BD-4A9C-8A1B-40E58AF026AD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe No File
FirewallRules: [{4C4F41CB-7472-4A76-BE5A-0983120BE539}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe No File
FirewallRules: [{40C0F5E0-4E08-4D13-8751-F36663AD8BC2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe No File
FirewallRules: [{9ABE0139-9650-4C1B-9FAD-C24BE1CC0B9B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe No File
FirewallRules: [{75E2B264-F083-461B-A302-17FD65CCA98E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe No File
FirewallRules: [{6F4FA5C4-9803-478C-9B68-5F8D0BF88326}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe No File
FirewallRules: [{CF3748AF-48E7-4CCC-AF18-7AA712AEE7EB}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{04C3E7B9-8BE0-4440-9E96-5998F0D863C3}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{37F3F536-98BA-4535-B6F7-0A142B3CD0A5}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{16354299-2032-4F7F-8FC3-D624C1F476A0}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{D6B5F960-757A-464B-B837-7C2541BA312C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe No File
FirewallRules: [{E391D2D7-D081-4FDE-911A-89FFD3A5F831}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe No File
FirewallRules: [{CF39E51A-276C-4B5B-A4EB-126D0FD3E617}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe No File
FirewallRules: [{1F11568A-868C-474A-8C1C-D9A5C3758278}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe No File
FirewallRules: [{CD227912-D37C-4BE1-9D4A-CD6FFFEA9649}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe No File
FirewallRules: [{7311761D-148D-4EA8-9807-7D36DEFB5980}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe No File
FirewallRules: [{6F76C9D8-A6F8-44CE-A8D4-FDBC96D861F1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe No File
FirewallRules: [{FEC748DC-3F69-430C-B6B7-4ADC5AD26F7B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe No File
FirewallRules: [{87BFE6EB-7370-4D88-A499-C6E7D54FB381}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe No File
FirewallRules: [{B41342F7-7E5B-4833-A2EB-7C9261E005E1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe No File
FirewallRules: [{F382F42C-30DC-4637-A876-A2C8816ED645}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe No File
FirewallRules: [{08270B2A-DFD8-419D-A149-51F53E46EC5F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe No File
FirewallRules: [{F60E5310-C881-4942-BDF9-F6450272248C}] => (Allow) C:\Users\Robert\AppData\Roaming\OAS\oas.exe No File
FirewallRules: [{B98C766F-AC48-4ACE-A567-F54BADCACBA4}] => (Allow) C:\Users\Robert\AppData\Roaming\OAS\oasupd.exe No File
FirewallRules: [{7516FD80-6552-4D75-8FE8-BE23EACA781B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2D5D68CB-2589-455F-9FA2-4314A4E9C891}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{37210263-5DB9-4A35-9297-E7ECBF7AEA7F}] => (Block) %ProgramFiles% (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe No File
FirewallRules: [{43FB2BE8-BBEE-4DDD-AB76-064634D94334}] => (Block) %ProgramFiles% (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe No File
FirewallRules: [{50D5CDDC-5780-497E-A0CB-E1A50EF54E1F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C35C7DA0-B461-415E-872E-97C28B174D95}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{33FF83E7-D837-4CAF-A42E-88D1286DA898}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{F9511E3C-4DEC-4B7F-A36F-B23406781868}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{99AB0D9B-878E-406F-B97A-3EC70B95F9A2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe No File
FirewallRules: [{A10E90A9-FB91-4EB3-A9F5-C2BB2A76D75D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe No File
FirewallRules: [{DD79683A-AEDF-4999-9123-A1FBB00B3273}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe No File
FirewallRules: [{66B115C9-4F88-4CDB-96FF-2134BBF5C9CF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe No File
FirewallRules: [{7FE3058F-AEDE-493C-8576-F4DB9DA408DC}] => (Allow) C:\Program Files (x86)\BlackBerry\BlackBerry Blend\desktopinvokeproxy.exe No File
FirewallRules: [{D712D4C1-3349-41B7-8592-E299B2D7BBB5}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe No File
==================== Restore Points =========================
03-09-2019 12:40:27 JRT Pre-Junkware Removal
10-09-2019 21:59:23 Windows Update
17-09-2019 17:26:04 Windows Update
21-09-2019 16:29:41 Garmin Express
23-09-2019 13:19:28 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/23/2019 10:48:16 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (09/23/2019 10:45:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HPWMISVC.exe, version: 1.3.4.0, time stamp: 0x54e2a903
Faulting module name: OLEAUT32.dll, version: 6.3.9600.19460, time stamp: 0x5d54f39d
Exception code: 0xc0000005
Fault offset: 0x00005210
Faulting process id: 0x814
Faulting application start time: 0x01d5721d5c7bf112
Faulting application path: C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
Faulting module path: C:\Windows\SYSTEM32\OLEAUT32.dll
Report Id: bf86504a-de10-11e9-86c0-5435306021e4
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (09/23/2019 01:25:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (09/23/2019 01:25:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HP Software Framework Service service terminated unexpectedly. It has done this 1 time(s).
Error: (09/23/2019 01:25:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The SynTPEnh Caller Service service terminated unexpectedly. It has done this 1 time(s).
Error: (09/23/2019 01:25:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NMIndexingService service terminated unexpectedly. It has done this 1 time(s).
Error: (09/23/2019 01:25:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The ScsiAccess service terminated unexpectedly. It has done this 1 time(s).
Error: (09/23/2019 01:25:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Macrium Reflect Image Mounting Service service terminated unexpectedly. It has done this 1 time(s).
Error: (09/23/2019 01:25:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The PDEngine service terminated unexpectedly. It has done this 1 time(s).
Error: (09/23/2019 01:25:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AMD FUEL Service service terminated unexpectedly. It has done this 1 time(s).
Windows Defender:
===================================
Date: 2015-10-28 23:09:35.766
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted: Current
Error Code: 0x80073aba
Error description: The resource is too old to be compatible.
Signature version: 1.155.266.0;1.155.266.0
Engine version: 1.1.9700.0
Date: 2015-05-07 20:07:04.679
Description:
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: Network Inspection System
Error Code: 0x80070002
Error description: The system cannot find the file specified.
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Date: 2015-05-07 20:05:55.325
Description:
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: Network Inspection System
Error Code: 0x80070002
Error description: The system cannot find the file specified.
Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.
Date: 2014-12-29 21:26:36.484
Description:
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: Network Inspection System
Error Code: 0x80070002
Error description: The system cannot find the file specified.
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
Date: 2014-12-29 21:25:37.068
Description:
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: Network Inspection System
Error Code: 0x80070002
Error description: The system cannot find the file specified.
Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.
CodeIntegrity:
===================================
Date: 2016-04-07 16:43:13.281
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-04-07 16:02:36.066
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-04-07 14:43:27.801
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-04-07 07:18:22.962
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-04-06 21:16:11.470
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-04-06 17:38:05.676
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-04-06 16:46:43.931
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-04-05 22:59:18.702
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: Insyde F.37 10/22/2015
Motherboard: Hewlett-Packard 213B
Processor: AMD A6-5200 APU with Radeon HD Graphics
Percentage of memory in use: 28%
Total physical RAM: 7643.95 MB
Available physical RAM: 5498.39 MB
Total Virtual: 15323.95 MB
Available Virtual: 12873.94 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:677.33 GB) (Free:326.64 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:20.54 GB) (Free:2.08 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{b412d7c1-a189-4967-aa4a-59b14fdfd4c1}\ (WINRE) (Fixed) (Total:0.39 GB) (Free:0.11 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 3A472083)
Partition: GPT.
==================== End of Addition.txt ============================