Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Pesky Pop ups and PC is running slower. ww1.ouo.today ?


  • Please log in to reply

#1
roachklip

roachklip

    Member

  • Member
  • PipPip
  • 45 posts

Hello.

 

It's been a long time since I've been here.

 

I am getting pop ups while using my Chrome browser.

 

Computer seems to be going slower also.

 

This has been going on for the last few days or so.

 

I've run Malwarebytes and I also ran my Spybot S&D but the problem still exists.  

 

Thank you.

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-11-2019
Ran by Joe (administrator) on LIVINGROOM1 (ASUSTeK COMPUTER INC. M51BC) (07-11-2019 01:20:20)
Running from C:\Users\Joe\Desktop
Loaded Profiles: Joe (Available Profiles: Joe)
Platform: Windows 10 Home Version 1903 18362.418 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS Cloud Corporation) [File not signed] C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe
(ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}\AiChargerDT.exe
(ASUSTeK Computer Inc. -> ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe
(ASUSTeK) [File not signed] C:\Program Files (x86)\ASUS\ASUS Manager\Ai Charger II\Ai_ChargerII_TrayIcon(ASUS_Manager).exe
(Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(CyberLink -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(DEVGURU CO LTD -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Endpoint Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Endpoint Security\ekrn.exe
(Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGABYTE Technology Co.,Ltd.) C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\AORUS.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intuit, Inc. -> Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\Pub\PreMalScn.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(MAGIX AG) [File not signed] C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(NEATO LLC.) [File not signed] C:\Program Files (x86)\MediaFACE\CDFACE32.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Nero 2016\Nero Burning ROM\nero.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Nero 2016\Nero Burning ROM\StartNBR.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Plays.tv, LLC -> Copyright © 2017 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(Prolific Technology Inc.) [File not signed] C:\Windows\SysWOW64\IoctlSvc.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
(Unified Intents AB -> Unified Intents AB) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7199448 2013-09-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-07-19] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Endpoint Security\ecmds.exe [177832 2019-06-19] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2014-04-25] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [File not signed]
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.15.438\ASUSWSLoader.exe [63272 2014-11-07] (ASUS Cloud Corporation -> )
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) [File not signed]
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51416 2017-05-10] (Plays.tv, LLC -> Copyright © 2017 Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-08-04] (Raptr, Inc -> Raptr, Inc)
HKLM-x32\...\Run: [MyBackupPC] => C:\Program Files (x86)\Rerware\MyBackupPC\mybackuppc.exe [170791 2015-11-02] (Rerware LLC) [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [C16A] => C:\WINDOWS\twain_32\Brimc16a\Common\TwDsUiLaunch.exe [85984 2018-04-04] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [35648 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [17600 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFProHook] => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe [641864 2013-03-20] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5007408 2019-07-31] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) [File not signed]
HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-05-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\Run: [Spotify] => C:\Users\Joe\AppData\Roaming\Spotify\Spotify.exe [21070224 2018-01-03] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\Run: [Amazon Music Helper] => C:\Users\Joe\AppData\Local\Amazon Music\Amazon Music Helper.exe [2087864 2019-08-02] (Amazon Services LLC -> Amazon Services LLC)
HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\Run: [Amazon Music] => C:\Users\Joe\AppData\Local\Amazon Music\Amazon Music.exe [19453880 2019-08-02] (Amazon Services LLC -> Amazon Services LLC)
HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\Run: [Unified Remote V3] => C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [3187384 2017-12-13] (Unified Intents AB -> Unified Intents AB)
HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [7388488 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [6113328 2019-07-31] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\Run: [Spotify Web Helper] => C:\Users\Joe\AppData\Roaming\Spotify\SpotifyWebHelper.exe [780688 2018-01-03] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30862320 2019-07-25] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.97\Installer\chrmstp.exe [2019-11-06] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2016-08-04]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) [File not signed]
Startup: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE AORUS GRAPHICS ENGINE.lnk [2019-10-31]
ShortcutTarget: GIGABYTE AORUS GRAPHICS ENGINE.lnk -> C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\autorun.exe () [File not signed]
Startup: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2018-01-12]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Joe\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
Startup: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verizon Wireless Software Utility Application for Android - Samsung.lnk [2016-08-04]
ShortcutTarget: Verizon Wireless Software Utility Application for Android - Samsung.lnk ->  (No File)
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {01195176-2ABE-4C8B-A4EE-272DA7DBBFC1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {037DC8C0-2F22-4AC0-AF1C-C78123B67848} - System32\Tasks\ASUS\ASUS Updater => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSFourceUpdater.exe [930104 2013-11-28] (ASUSTeK Computer Inc. -> )
Task: {06BF2F65-A57D-446A-BE33-E00316AFA8AA} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {0C8BC236-04EA-473A-8A1D-358DBB929635} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {0E4E4A6D-1702-49CC-822D-7CD2C578F6B0} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-09-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {10BBE0A1-8F92-4C06-8E4A-5A9FF3DD53C1} - System32\Tasks\ASUS\Power_Manager_background => C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe [216344 2014-02-20] (ASUSTeK Computer Inc. -> ASUSTeK)
Task: {17172B95-EE8A-4965-A022-50826B1A797D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-18] (Google Inc -> Google Inc.)
Task: {19BA2E70-BEDA-4F58-8C63-523DB41B081B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {2596F1FB-437B-4EAA-B8A0-8A9F3EEC0C56} - System32\Tasks\PowerENGAGE => Command(1): msiexec -> /f {BFE5C68B-E6D4-4421-9ACF-2B8C4BC2D2A1} /quiet /qn
Task: {2596F1FB-437B-4EAA-B8A0-8A9F3EEC0C56} - System32\Tasks\PowerENGAGE => Command(2): PowerENGAGE.exe -> scheduled-run
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {437B9BCB-E6DD-455F-A0F6-55E3BB811285} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [6944304 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {4617E858-5E0F-4A42-A9EB-DCA075AEFAE9} - System32\Tasks\EPSON WF-4640 Series Update {2983E78D-F2E5-4014-B4BE-84DD6C69D8D9} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSKME.EXE [688224 2015-12-08] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {466A398C-3FFE-40DA-ABC0-9F74FF61E0E1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {473C68DF-C56E-4875-8E99-11E4544793CD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {4D0931AE-A9AF-47E3-AD82-B7293159949E} - System32\Tasks\Opera scheduled Autoupdate 1451168915 => C:\Program Files (x86)\Opera\launcher.exe [1348632 2019-10-04] (Opera Software AS -> Opera Software)
Task: {4D2C8840-D079-485B-BCD7-676C65C0822E} - System32\Tasks\EPSON WF-4640 Series Invitation {75D411D6-B9FD-4DDE-9B05-4FC4742B2347} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKME.EXE [688224 2015-12-08] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {5241AE3A-545F-4AE9-B72E-437829A62979} - System32\Tasks\GoogleUpdateTaskMachineCore1d0f531a749693 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-18] (Google Inc -> Google Inc.)
Task: {536A0A73-BC98-4791-A92E-4688AE7D5B1E} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {58AB143C-B1B2-4CCC-A1E4-D9ED41BE91F7} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [1957040 2013-11-04] (ASUSTeK Computer Inc. -> ) [File not signed]
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [32256 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
Task: {5E3A9C51-92EC-4674-A3DB-37A75B3E89F8} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {5E4E4874-D1F4-44E8-A7F6-3E1C104B275F} - System32\Tasks\PinnacleStudioUpdater => C:\Program Files\Pinnacle\Studio 22\programs\PSNotification.exe [635976 2019-02-20] (Corel Corporation -> )
Task: {637672D3-324F-4EE3-9605-329E4EFAA769} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [25512 2017-01-16] (Garmin International, Inc. -> )
Task: {6DD0B784-7E86-447F-A88C-2DA7DDC10C5F} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {72D65463-6AB4-4857-8594-653CEB1E4ECD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {791302D9-6266-492F-89C1-992BFC51CAF4} - System32\Tasks\ASUS\ASUS Manager - PC Cleanup - SecureDeleteBackground => C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe [929936 2014-03-25] (ASUSTeK Computer Inc. -> ) [File not signed]
Task: {7A05C075-820D-41C7-A11E-CCB809B49CB6} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {7AE0ADB3-D2B9-4522-9CBF-DAB4B33AFE5C} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {7AF21016-5FDA-4CAE-9A6C-DE0D29540F73} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {7BF53327-D4FE-4087-8D85-29D791BA50CD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {7E7F64CA-1423-4909-A51A-760B3594CE58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-18] (Google Inc -> Google Inc.)
Task: {7EDAED79-6346-4905-A88A-5DB3AF8DCF00} - \Nero 2015 Platinum Update -> No File <==== ATTENTION
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {9334386B-D207-45A4-A30F-A3E9C84EB05D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {93EE0BD2-EEBD-4F51-8D10-B71DCF265436} - System32\Tasks\ASUS\ASUS Manager HotKey Service => C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe [225080 2013-11-26] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {9A4A41E9-7C37-4D05-B539-0507FFFAAB33} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {9C5003D1-2A8C-4388-91B1-36E41589E308} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe [919696 2013-11-27] (ASUSTeK Computer Inc. -> ) [File not signed]
Task: {9EB7F61B-88B2-4ACB-8E02-C71EC6C931D9} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {A00FDF3B-80ED-49D5-B829-BA4023EB19BA} - System32\Tasks\GoogleUpdateTaskMachineCore1d0b2bb11088c7e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-18] (Google Inc -> Google Inc.)
Task: {A31ECF3E-5004-4B11-B9DB-97FDC4553A3C} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {A607FC30-9E8C-49EC-8576-7C8D8CC6CFE3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A817F53E-9D4D-4EC1-B5B4-3C5038DD6C8A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [7192192 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {AA13BBCD-E934-4608-8F20-C5803BAB02A5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {AB86D96C-D64E-4633-99C2-9C92ACF09B48} - System32\Tasks\Launcher GIGABYTE AORUS GRAPHICS ENGINE => C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\AORUS.exe [32127200 2019-10-22] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGABYTE Technology Co.,Ltd.)
Task: {ABA66ACC-8D5F-49E4-BA24-FE571641389A} - System32\Tasks\EPSON WF-4640 Series Update {75D411D6-B9FD-4DDE-9B05-4FC4742B2347} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKME.EXE [688224 2015-12-08] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {AD5E656E-B84A-45B3-90A3-C911BD3C704F} - System32\Tasks\EPSON WF-4640 Series Update {60EB12BB-8610-4F85-A240-242A0AB2DA87} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKME.EXE [688224 2015-12-08] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {ADA9103A-ECC4-4F1F-B251-BBF0A652D3B7} - System32\Tasks\ASUS\ASUS AiCharger_Desktop Execute => C:\Program Files (x86)\InstallShield Installation Information\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}\AiChargerDT.exe [548512 2013-04-02] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {AEF7BD0B-0452-4F93-862D-EECD3E7A5DDB} - System32\Tasks\EPSON WF-4640 Series Invitation {A1ABA5FB-EBBC-4484-9A6B-439FCCA3A111} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKME.EXE [688224 2015-12-08] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {B3027E17-2F02-4E6C-B334-9DDC68A12371} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [3685360 2015-06-04] (Nero AG -> Nero AG)
Task: {B8F78B48-112F-49EA-AF1B-6FEE0E31C791} - System32\Tasks\PinnacleStudio22Notifier => C:\Program Files\Pinnacle\Studio 22\programs\PinnacleNotifierWrapper.exe [17504 2019-06-19] (Corel Corporation -> Pinnacle)
Task: {B9781DAD-02B0-4A8A-BCFC-D312F0EFB1C9} - System32\Tasks\EPSON WF-4640 Series Update {A1ABA5FB-EBBC-4484-9A6B-439FCCA3A111} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKME.EXE [688224 2015-12-08] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {BF7351B8-722B-4D7F-90B6-AD995C394100} - System32\Tasks\ASUS\ASUS Manager BackgroundWindow => C:\Program Files (x86)\ASUS\ASUS Manager\BackgroundWindow.exe [21784 2013-08-23] (ASUSTeK Computer Inc. -> )
Task: {C1DAA96F-7E7C-4819-ACAA-A7DD32F4E144} - System32\Tasks\GoogleUpdateTaskMachineCore1d043f37f70dace => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-18] (Google Inc -> Google Inc.)
Task: {C90AA304-4847-46F6-B321-E2EAEEF105F3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D2ECF740-5D13-47A4-BFE1-5F52B0E9DC8A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {DBFA0E77-9EEB-40B9-ABF9-6793AB383A05} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [7651984 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {DBFC033C-17A0-46D1-9BCF-8EE0F9AD2C71} - System32\Tasks\Uninstaller_SkipUac_Joe => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [5900560 2019-08-27] (IObit Information Technology -> IObit)
Task: {DDA4E60B-D585-4685-9A73-EEAE0BC531F4} - System32\Tasks\EPSON WF-4640 Series Invitation {60EB12BB-8610-4F85-A240-242A0AB2DA87} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKME.EXE [688224 2015-12-08] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {E7378018-AFA6-4B10-A0EF-E525B64CFFD3} - System32\Tasks\GoogleUpdateTaskMachineCore1d0e5d1808fe046 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-18] (Google Inc -> Google Inc.)
Task: {F1BFD09D-ED66-41F5-A602-FB6C83B26326} - System32\Tasks\GoogleUpdateTaskMachineCore1d0d1ebfa94c5db => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-18] (Google Inc -> Google Inc.)
Task: {F28DF44F-2684-4E5D-A94A-1A6EECC30102} - System32\Tasks\ASUS\ASUS AiCharger_II TrayIcon => C:\Program Files (x86)\ASUS\ASUS Manager\Ai Charger II\Ai_ChargerII_TrayIcon(ASUS_Manager).exe [287232 2014-02-19] (ASUSTeK) [File not signed]
Task: {FE3F5E27-4D21-4D1A-8802-3729C220819F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {FF21FAF9-DA99-4E69-A73D-6B99054BE47B} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2421003995-3247290216-19678324-1001 => C:\Users\Joe\AppData\Local\MEGAsync\MEGAupdater.exe [615160 2019-09-03] (Mega Limited -> Mega Limited)
Task: {FFF08CFE-044B-42E8-94BC-8265B0B64361} - System32\Tasks\EPSON WF-4640 Series Invitation {2983E78D-F2E5-4014-B4BE-84DD6C69D8D9} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSKME.EXE [688224 2015-12-08] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\EPSON WF-4640 Series Invitation {2983E78D-F2E5-4014-B4BE-84DD6C69D8D9}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSKME.EXE
Task: C:\WINDOWS\Tasks\EPSON WF-4640 Series Invitation {60EB12BB-8610-4F85-A240-242A0AB2DA87}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKME.EXE
Task: C:\WINDOWS\Tasks\EPSON WF-4640 Series Invitation {75D411D6-B9FD-4DDE-9B05-4FC4742B2347}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKME.EXE
Task: C:\WINDOWS\Tasks\EPSON WF-4640 Series Invitation {A1ABA5FB-EBBC-4484-9A6B-439FCCA3A111}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKME.EXE
Task: C:\WINDOWS\Tasks\EPSON WF-4640 Series Update {2983E78D-F2E5-4014-B4BE-84DD6C69D8D9}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSKME.EXE:/EXE:{2983E78D-F2E5-4014-B4BE-84DD6C69D8D9} /F:UpdateWORKGROUP\LIVINGROOM1$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON WF-4640 Series Update {60EB12BB-8610-4F85-A240-242A0AB2DA87}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKME.EXE:/EXE:{60EB12BB-8610-4F85-A240-242A0AB2DA87} /F:UpdateWORKGROUP\LIVINGROOM1$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON WF-4640 Series Update {75D411D6-B9FD-4DDE-9B05-4FC4742B2347}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKME.EXE:/EXE:{75D411D6-B9FD-4DDE-9B05-4FC4742B2347} /F:UpdateWORKGROUP\LIVINGROOM1$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON WF-4640 Series Update {A1ABA5FB-EBBC-4484-9A6B-439FCCA3A111}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKME.EXE:/EXE:{A1ABA5FB-EBBC-4484-9A6B-439FCCA3A111} /F:UpdateWORKGROUP\LIVINGROOM1$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{93275ed6-2ecf-4d2b-afd5-ef519abf47a6}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{ad7cac48-8da8-4967-a501-cf0690795e49}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{dbb177e6-cf24-4e76-b622-554cf30844bb}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{fcebeeb6-60f0-4a17-a71d-df7121d18680}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKU\S-1-5-21-2421003995-3247290216-19678324-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\S-1-5-21-2421003995-3247290216-19678324-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2421003995-3247290216-19678324-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2019-06-20] (IObit Information Technology -> IObit)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2019-08-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-01-31] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-01-31] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2019-09-10] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation -> Zeon Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\ssv.dll [2017-07-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-01-31] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-01-31] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-01-31] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-01-31] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: xtcyz22x.default-1463599828700-1570069927378
FF ProfilePath: C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\xtcyz22x.default-1463599828700-1570069927378 [2019-11-07]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2015-10-24] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (Garmin International, Inc. -> GARMIN Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (Garmin International, Inc. -> GARMIN Corp.)
FF Plugin-x32: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-04-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\Program Files (x86)\Common Files\Nero\BrowserPlugin\npBrowserPlugin.dll [2015-08-28] (Nero AG -> Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2019-07-31] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-10-11] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll [2011-07-15] (Zeon Corporation -> Zeon Corporation)
FF Plugin HKU\S-1-5-21-2421003995-3247290216-19678324-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Joe\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2018-12-06] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Notifications: Default -> hxxps://maranhesduve.club; hxxps://mavicpilots.com; hxxps://p4.maranhesduve.club; hxxps://uploaded.downloads-now.net; hxxps://ww1.ouo.today; hxxps://www.dontpayfull.com; hxxps://www.facebook.com
CHR Profile: C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default [2019-11-07]
CHR Extension: (Slides) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Docs) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Google Drive) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (uBlock Origin) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-10-29]
CHR Extension: (Google Search) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Adobe Acrobat) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-10-01]
CHR Extension: (Sheets) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Office Editing for Docs, Sheets & Slides) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2019-10-23]
CHR Extension: (Google Docs Offline) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-06]
CHR Extension: (OKCupid++) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdbllemflimbpbpehfngjnffaceailod [2017-08-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-06]
CHR Extension: (Notifications for Instagram) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb [2019-10-23]
CHR Extension: (Gmail) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-23]
CHR Profile: C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-11-07]
CHR Profile: C:\Users\Joe\AppData\Local\Google\Chrome\User Data\System Profile [2019-11-07]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
 
Opera: 
=======
OPR StartupUrls:  "hxxp://google%2Ccom/" 
OPR Session Restore: -> is enabled.
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [560544 2017-10-13] (Advanced Micro Devices, Inc. -> AMD)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-04-29] (Apple Inc. -> Apple Inc.)
S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-11-06] (ASUSTeK Computer Inc. -> )
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation) [File not signed]
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (Shanghai Comet Network Technology -> www.BitComet.com)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [File not signed]
S3 EHttpSrv; C:\Program Files\ESET\ESET Endpoint Security\ehttpsrv.exe [55320 2019-06-19] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Security\ekrn.exe [2377896 2019-06-19] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Endpoint Security\ekrn.exe [2377896 2019-06-19] (ESET, spol. s r.o. -> ESET)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [161376 2015-12-08] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1175056 2018-03-27] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [156944 2019-08-23] (IObit Information Technology -> IObit)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [3046688 2016-07-29] (IObit Information Technology -> IObit)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77336 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55000 2017-05-10] (Plays.tv, LLC -> Copyright © 2017 Plays.tv, LLC)
R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] (CyberLink -> )
R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [324168 2018-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S2 SonosLibraryService; C:\Program Files (x86)\Sonos\SonosLibraryService.exe [26624 2018-07-12] () [File not signed]
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-16] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [297240 2018-04-09] (Reason Software Company Inc. -> Reason Software Company Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-18] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-18] (Microsoft Corporation -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmdag.sys [38774688 2017-10-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmpag.sys [549792 2017-10-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AmdTools64; C:\WINDOWS\System32\drivers\AmdTools64.sys [58216 2018-03-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] (ASUSTeK Computer Inc. -> )
R0 assdv2; C:\Windows\System32\Drivers\assdv2.sys [21816 2013-12-05] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] (ASUSTeK Computer Inc. -> )
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [111112 2017-11-07] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [146008 2019-06-19] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-05-30] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [190256 2019-06-19] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [82136 2019-06-19] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [114576 2019-06-19] (ESET, spol. s r.o. -> ESET)
R3 gdrv2; C:\WINDOWS\gdrv2.sys [32600 2019-10-31] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [44112 2019-07-30] (IObit Information Technology -> IObit)
R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37328 2019-07-30] (IObit Information Technology -> IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [49800 2019-07-30] (IObit Information Technology -> IObit)
S3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [72224 2019-10-17] (SZ DJI Technology Co., Ltd. -> hxxp://libusb-win32.sourceforge.net)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-11-06] (Malwarebytes Corporation -> Malwarebytes)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2014-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 RtkBtFilter; C:\WINDOWS\System32\drivers\RtkBtfilter.sys [758352 2018-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 RTWlanE02; C:\WINDOWS\System32\drivers\rtwlane02.sys [9599440 2018-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24576 2019-09-10] (Microsoft Windows -> Microsoft Corporation)
R3 uvhid; C:\WINDOWS\System32\drivers\uvhid.sys [28128 2017-12-13] (Unified Intents AB -> Windows ® Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz143; \??\C:\Users\Joe\AppData\Local\Temp\cpuz143\cpuz143_x64.sys [X] <==== ATTENTION
S3 GPCIDrv; \??\C:\Users\Joe\AppData\Local\Temp\7zS9EC5.tmp\N2080_FW_Upgrade_Tool_V003\GPCIDrv64.sys [X] <==== ATTENTION
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-11-07 01:20 - 2019-11-07 01:22 - 000055403 _____ C:\Users\Joe\Desktop\FRST.txt
2019-11-07 01:07 - 2019-11-07 01:07 - 002259968 _____ (Farbar) C:\Users\Joe\Desktop\FRST64.exe
2019-11-06 21:36 - 2019-11-06 21:36 - 001465372 _____ C:\Users\Joe\Desktop\How_To_Use_NLD.pdf
2019-11-06 18:21 - 2019-11-06 18:21 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-11-06 08:21 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-11-06 08:20 - 2019-11-06 18:20 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-11-06 08:20 - 2019-11-06 08:20 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-11-06 08:20 - 2019-11-06 08:20 - 000001919 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2019-11-06 08:20 - 2019-11-06 08:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-11-03 08:49 - 2019-05-03 17:11 - 000000000 ____D C:\Users\Joe\Desktop\Joel Ross - KingMaker (2019)
2019-11-03 08:38 - 2019-11-03 08:46 - 000000000 ____D C:\Users\Joe\Desktop\Maria Schneider Orchestra - Sky Blue (2007) [EAC-FLAC]
2019-11-03 08:36 - 2019-11-03 08:40 - 000000000 ____D C:\Users\Joe\Desktop\Maria Schneider Orchestra - Days Of Wine And Roses (2005)
2019-11-03 08:31 - 2019-11-03 08:55 - 000000000 ____D C:\Users\Joe\Desktop\Maria Schneider Orchestra - Allegresse (2000)
2019-11-03 08:16 - 2019-11-03 08:43 - 166050603 _____ C:\Users\Joe\Desktop\Joel_Ross_-_KingMaker_(2019).rar
2019-11-03 08:05 - 2019-11-03 11:02 - 445540319 _____ C:\Users\Joe\Desktop\Pete_McGuinness_Jazz_Orchestra_-_Along_for_the_Ride__2019__FLAC.rar
2019-11-01 20:31 - 2019-11-01 20:33 - 000000000 ____D C:\Users\Joe\Desktop\New folder
2019-11-01 13:04 - 2019-11-01 13:04 - 000000000 ____D C:\WINDOWS\LastGood
2019-11-01 10:48 - 2019-11-01 10:48 - 000001393 _____ C:\Users\Public\Desktop\DJI Assistant 2 For Mavic.lnk
2019-11-01 10:48 - 2019-11-01 10:48 - 000001393 _____ C:\ProgramData\Desktop\DJI Assistant 2 For Mavic.lnk
2019-11-01 10:48 - 2019-10-17 12:18 - 000087072 _____ (hxxp://libusb-win32.sourceforge.net) C:\WINDOWS\system32\libusb0.dll
2019-11-01 10:48 - 2019-10-17 12:18 - 000072224 _____ (hxxp://libusb-win32.sourceforge.net) C:\WINDOWS\system32\Drivers\libusb0.sys
2019-11-01 10:46 - 2019-11-01 10:47 - 208566416 _____ (DJI ) C:\Users\Joe\Desktop\DJI+Assistant+2+For+Mavic+2.0.10.exe
2019-10-31 11:15 - 2019-10-31 11:15 - 000032600 ____N (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\gdrv2.sys
2019-10-31 11:14 - 2019-10-31 11:14 - 000003160 _____ C:\WINDOWS\system32\Tasks\StartCN
2019-10-31 11:14 - 2019-10-31 11:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2019-10-31 10:58 - 2019-10-31 10:58 - 000003440 _____ C:\WINDOWS\system32\Tasks\Launcher GIGABYTE AORUS GRAPHICS ENGINE
2019-10-31 10:58 - 2019-10-31 10:58 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2019-10-31 10:58 - 2019-10-31 10:58 - 000000000 ____D C:\Users\Joe\Documents\temp
2019-10-31 10:57 - 2019-10-31 10:57 - 000001246 _____ C:\Users\Public\Desktop\AORUS ENGINE.lnk
2019-10-31 10:57 - 2019-10-31 10:57 - 000001246 _____ C:\ProgramData\Desktop\AORUS ENGINE.lnk
2019-10-31 10:57 - 2019-10-31 10:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
2019-10-31 10:55 - 2019-10-31 10:55 - 000000000 ____D C:\Program Files (x86)\GIGABYTE
2019-10-30 23:21 - 2019-10-30 23:21 - 000000000 ____D C:\Users\Joe\AppData\Local\GIGABYTE
2019-10-27 01:52 - 2019-10-27 01:52 - 008324798 _____ C:\Users\Joe\Desktop\ASW EVALUATION 8-4015.pdf
2019-10-27 01:46 - 2019-10-27 01:46 - 002482323 _____ C:\Users\Joe\Desktop\EPSON001.PDF
2019-10-27 01:40 - 2019-10-27 01:40 - 000154054 _____ C:\Users\Joe\Desktop\call_21-39-47_OUT_2542958744 (2).AMR
2019-10-27 01:38 - 2019-10-27 01:38 - 000154054 _____ C:\Users\Joe\Desktop\call_21-39-47_OUT_2542958744 (1).AMR
2019-10-27 01:27 - 2019-10-27 01:27 - 001143782 _____ C:\Users\Joe\Desktop\call_16-26-02_IN_2542958744.AMR
2019-10-27 01:25 - 2019-10-27 01:25 - 000154054 _____ C:\Users\Joe\Desktop\call_21-39-47_OUT_2542958744.AMR
2019-10-25 21:36 - 2019-10-25 21:36 - 000000844 _____ C:\Users\Public\Desktop\Speccy.lnk
2019-10-25 21:36 - 2019-10-25 21:36 - 000000844 _____ C:\ProgramData\Desktop\Speccy.lnk
2019-10-25 21:36 - 2019-10-25 21:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2019-10-25 21:36 - 2019-10-25 21:36 - 000000000 ____D C:\Program Files\Speccy
2019-10-25 21:35 - 2019-10-25 21:35 - 006889184 _____ (Piriform Ltd) C:\Users\Joe\Desktop\spsetup132.exe
2019-10-24 19:06 - 2019-10-24 19:08 - 000000000 ____D C:\Users\Joe\Desktop\06-08-19
2019-10-21 08:00 - 2019-10-21 08:17 - 3776768666 _____ C:\Users\Joe\Desktop\CedarPointNight.mp4
2019-10-21 07:30 - 2019-10-21 07:39 - 1905316100 _____ C:\Users\Joe\Desktop\DownTownNight.mp4
2019-10-18 01:06 - 2019-10-18 01:06 - 000000000 ____D C:\Users\Public\File Viewer Plus
2019-10-18 01:06 - 2019-10-18 01:06 - 000000000 ____D C:\Users\Joe\AppData\Local\Sharpened_Productions
2019-10-09 15:27 - 2019-10-09 15:27 - 025900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 022628352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 019811840 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 018019840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 008010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 007195648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 007015936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 006232064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 005915648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 004129616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 003525592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-10-09 15:27 - 2019-10-09 15:27 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2019-10-09 15:27 - 2019-10-09 15:27 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2019-10-09 15:27 - 2019-10-09 15:27 - 002494440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 002422592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-10-09 15:27 - 2019-10-09 15:27 - 002314648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 002236144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 002138472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2019-10-09 15:27 - 2019-10-09 15:27 - 001847808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 001563648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 001394488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-10-09 15:27 - 2019-10-09 15:27 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 001273392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 001217904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-10-09 15:27 - 2019-10-09 15:27 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 001152016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 001098712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-10-09 15:27 - 2019-10-09 15:27 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 000829536 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2019-10-09 15:27 - 2019-10-09 15:27 - 000774672 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-10-09 15:27 - 2019-10-09 15:27 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 000669496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 000537600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 000422008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 000300184 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-10-09 15:27 - 2019-10-09 15:27 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-10-09 15:27 - 2019-10-09 15:27 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-10-09 15:27 - 2019-10-09 15:27 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 017787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 014816256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 009928504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-10-09 15:26 - 2019-10-09 15:26 - 007600664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 006517640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 005041664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 004562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-10-09 15:26 - 2019-10-09 15:26 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 004012544 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 003771392 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 003701760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 002861568 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 002762504 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 002723328 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-10-09 15:26 - 2019-10-09 15:26 - 002703360 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 002456064 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 002448712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 002284032 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 002114048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 002095104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 002081976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 002000168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 001952360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 001743672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 001730560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 001687040 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 001664928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 001656392 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 001562424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 001439744 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-10-09 15:26 - 2019-10-09 15:26 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-10-09 15:26 - 2019-10-09 15:26 - 001084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000904208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000890472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000880088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000856576 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2019-10-09 15:26 - 2019-10-09 15:26 - 000844800 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-10-09 15:26 - 2019-10-09 15:26 - 000818688 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000758584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mousocoreworker.exe
2019-10-09 15:26 - 2019-10-09 15:26 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000679880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000598024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-10-09 15:26 - 2019-10-09 15:26 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-10-09 15:26 - 2019-10-09 15:26 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000516408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2019-10-09 15:26 - 2019-10-09 15:26 - 000515896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-10-09 15:26 - 2019-10-09 15:26 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-10-09 15:26 - 2019-10-09 15:26 - 000466416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000456504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-10-09 15:26 - 2019-10-09 15:26 - 000452408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-10-09 15:26 - 2019-10-09 15:26 - 000436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-10-09 15:26 - 2019-10-09 15:26 - 000412152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-10-09 15:26 - 2019-10-09 15:26 - 000404392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000380216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000225080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2019-10-09 15:26 - 2019-10-09 15:26 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000220472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-10-09 15:26 - 2019-10-09 15:26 - 000202040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-10-09 15:26 - 2019-10-09 15:26 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-10-09 15:26 - 2019-10-09 15:26 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-10-09 15:26 - 2019-10-09 15:26 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000150328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-10-09 15:26 - 2019-10-09 15:26 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000117048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-10-09 15:26 - 2019-10-09 15:26 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2019-10-09 15:26 - 2019-10-09 15:26 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2019-10-09 15:26 - 2019-10-09 15:26 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-10-09 15:26 - 2019-10-09 15:26 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000039304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000037176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2019-10-09 15:26 - 2019-10-09 15:26 - 000033048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
2019-10-09 15:26 - 2019-10-09 15:26 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2019-10-09 15:26 - 2019-10-09 15:26 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2019-10-09 15:05 - 2019-10-09 15:05 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2019-10-09 15:05 - 2019-10-09 15:05 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-11-07 01:21 - 2016-01-09 08:49 - 000000000 ____D C:\FRST
2019-11-07 01:19 - 2019-03-18 23:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-11-07 01:19 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-11-07 01:19 - 2019-03-18 23:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-11-07 00:53 - 2019-03-18 23:50 - 000000000 ____D C:\WINDOWS\INF
2019-11-07 00:22 - 2019-08-29 17:20 - 000000000 ___DC C:\WINDOWS\Panther
2019-11-07 00:21 - 2019-09-01 09:53 - 000000000 ____D C:\WINDOWS\Minidump
2019-11-07 00:21 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-11-06 22:17 - 2019-08-30 12:51 - 000004152 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{073931BD-8D21-4E0C-A568-51C4E0205EAD}
2019-11-06 20:44 - 2018-08-15 14:44 - 000000000 ____D C:\Program Files (x86)\PowerENGAGE
2019-11-06 20:36 - 2019-08-26 07:23 - 000000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2019-11-06 20:36 - 2019-08-26 07:23 - 000000349 _____ C:\ProgramData\Documents\PCLECHAL.INI
2019-11-06 18:50 - 2019-08-30 12:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-11-06 18:15 - 2019-10-01 16:22 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-11-06 18:15 - 2019-10-01 16:22 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2019-11-06 18:14 - 2019-08-30 12:31 - 000840848 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-11-06 18:06 - 2018-08-30 19:59 - 000000000 ____D C:\ProgramData\Unified Remote
2019-11-06 18:05 - 2019-02-15 03:07 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2019-11-06 18:04 - 2019-08-30 12:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-11-06 16:05 - 2015-10-18 02:56 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-06 08:21 - 2019-03-18 23:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-11-05 07:52 - 2016-03-18 13:32 - 000037888 _____ C:\Users\Joe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-11-05 07:51 - 2019-08-21 08:26 - 000000000 ____D C:\Users\Joe\Desktop\Mav
2019-11-05 07:44 - 2019-08-30 12:51 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-11-05 07:44 - 2019-08-30 12:51 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-11-05 07:44 - 2016-03-10 19:33 - 000000000 ____D C:\ProgramData\ProductData
2019-11-05 07:43 - 2014-11-09 21:42 - 000000000 ____D C:\Program Files (x86)\Google
2019-11-04 08:57 - 2019-03-18 23:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-11-04 08:57 - 2017-06-03 14:30 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-11-04 08:12 - 2014-06-22 11:09 - 000000000 ____D C:\ProgramData\Realtek
2019-11-04 08:10 - 2019-08-30 12:17 - 000000000 ____D C:\Users\Joe
2019-11-04 08:05 - 2014-11-19 10:45 - 000000000 ____D C:\Users\Joe\AppData\Roaming\BitComet
2019-11-03 08:36 - 2016-04-08 12:45 - 000000000 ____D C:\Users\Joe\Documents\DOX
2019-11-02 08:14 - 2019-08-30 12:51 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2421003995-3247290216-19678324-1001
2019-11-02 08:14 - 2019-08-30 12:17 - 000002406 _____ C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-11-02 08:14 - 2015-10-17 14:17 - 000000000 ___RD C:\Users\Joe\OneDrive
2019-11-02 00:21 - 2018-07-09 14:47 - 000000000 ____D C:\ProgramData\Packages
2019-11-01 20:24 - 2019-08-15 13:47 - 000000000 ____D C:\Users\Joe\AppData\Roaming\DJIAssistant2
2019-11-01 17:21 - 2019-08-30 12:51 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2019-11-01 10:48 - 2019-08-15 13:47 - 000000000 ____D C:\Users\Joe\AppData\Roaming\DJI Assistant 2
2019-11-01 10:48 - 2019-08-15 13:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DJI Product
2019-11-01 10:47 - 2019-08-15 13:46 - 000000000 ____D C:\Program Files (x86)\DJI Product
2019-10-31 18:54 - 2018-09-11 07:14 - 000000000 ____D C:\Users\Joe\AppData\Local\ElevatedDiagnostics
2019-10-31 10:58 - 2015-10-17 21:36 - 000000000 ____D C:\AMD
2019-10-31 10:57 - 2017-06-03 14:30 - 000000000 ____D C:\ProgramData\Package Cache
2019-10-27 01:03 - 2015-10-18 10:17 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-10-26 21:06 - 2017-12-06 11:34 - 000000000 ____D C:\Users\Joe\AppData\Local\Packages
2019-10-26 15:11 - 2015-10-17 13:11 - 000000000 ____D C:\Users\Joe\AppData\Roaming\IrfanView
2019-10-25 10:40 - 2015-12-26 17:28 - 000000000 ____D C:\Program Files (x86)\Opera
2019-10-20 08:24 - 2016-09-30 16:06 - 000000000 ____D C:\Users\Joe\Desktop\Junk
2019-10-20 08:06 - 2015-12-13 00:08 - 000000000 ____D C:\Users\Joe\Desktop\Tunez
2019-10-18 01:41 - 2019-08-26 09:07 - 000000000 ____D C:\Users\Joe\temp
2019-10-18 01:39 - 2019-08-26 09:06 - 000000000 ____D C:\Users\Joe\AppData\Local\Pinnacle
2019-10-18 01:39 - 2019-08-26 09:05 - 000000757 _____ C:\Users\Joe\AppData\Roaming\LIVINGROOM1.MTBF.txt
2019-10-17 14:42 - 2019-10-01 16:22 - 000003518 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2019-10-17 12:18 - 2019-08-15 13:47 - 000087072 _____ (hxxp://libusb-win32.sourceforge.net) C:\WINDOWS\SysWOW64\libusb0.dll
2019-10-17 08:19 - 2015-10-18 10:14 - 000000000 ____D C:\Users\Joe\AppData\Local\Adobe
2019-10-10 02:43 - 2019-03-18 23:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-10-10 02:43 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-10-10 02:43 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-10-10 02:43 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-10-10 02:43 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-10-10 02:43 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-10-10 02:43 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-10-10 02:43 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-10-09 23:07 - 2019-09-28 11:40 - 000000000 ____D C:\Users\Joe\Desktop\Phan3
2019-10-09 15:39 - 2014-11-12 03:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-10-09 15:33 - 2014-11-12 03:50 - 127230528 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-10-09 15:32 - 2019-03-18 23:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-10-08 22:20 - 2013-08-22 08:25 - 000000262 _____ C:\WINDOWS\win.ini
 
==================== Files in the root of some directories ========
 
2019-02-14 08:12 - 2019-02-14 08:12 - 002121768 _____ (Adobe) C:\Users\Joe\acrobatproDC_UBbtv1lUQvKTadmPoKnTqQ0409.exe
2019-02-15 13:20 - 2019-02-15 13:20 - 002106392 _____ (Adobe Inc.) C:\Users\Joe\Acrobat_DC_Set-Up.exe
2016-03-08 07:51 - 2016-03-08 08:10 - 000000636 _____ () C:\Users\Joe\AppData\Roaming\burnaware.ini
2019-08-26 09:05 - 2019-10-18 01:39 - 000000757 _____ () C:\Users\Joe\AppData\Roaming\LIVINGROOM1.MTBF.txt
2016-03-18 13:32 - 2019-11-05 07:52 - 000037888 _____ () C:\Users\Joe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-02-14 08:23 - 2019-02-14 08:23 - 000000410 _____ () C:\Users\Joe\AppData\Local\oobelibMkey.log
2018-10-18 15:19 - 2018-10-18 15:19 - 000007605 _____ () C:\Users\Joe\AppData\Local\Resmon.ResmonCfg
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
 
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-11-2019
Ran by Joe (07-11-2019 01:23:22)
Running from C:\Users\Joe\Desktop
Windows 10 Home Version 1903 18362.418 (X64) (2019-08-30 17:52:44)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2421003995-3247290216-19678324-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2421003995-3247290216-19678324-503 - Limited - Disabled)
Guest (S-1-5-21-2421003995-3247290216-19678324-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2421003995-3247290216-19678324-1003 - Limited - Enabled)
Joe (S-1-5-21-2421003995-3247290216-19678324-1001 - Administrator - Enabled) => C:\Users\Joe
WDAGUtilityAccount (S-1-5-21-2421003995-3247290216-19678324-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: Spybot - Search and Destroy (Enabled - Out of date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: ESET Endpoint Security (Enabled - Out of date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.012.20040 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.021.20049 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Amazon Music (HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\Amazon Amazon Music) (Version: 7.6.0.1902 - Amazon Services LLC)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x64 (HKLM\...\{40609980-A00D-4DA9-B8C9-1B56C5628C7B}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ANT Drivers Installer x64 (HKLM\...\{B7626024-53D9-4982-A1EE-64BC9438DFD5}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AORUS ENGINE (HKLM-x32\...\AORUS ENGINE_is1) (Version: 1.7.4.0 - GIGABYTE Technology Co.,Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{5C028510-A6A1-409A-A2BF-4DCB43B21EF9}) (Version: 7.6 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{5C7D4FCF-80C5-4520-9934-D50532AAC59C}) (Version: 7.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B5A46811-3612-4DA5-8A5A-E6DED5D7C523}) (Version: 12.2.1.12 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASUS Manager - Ai Booting (HKLM-x32\...\{2DCE446C-D090-4458-8782-8F16DF94351E}) (Version: 2.01.12 - ASUSTeK Computer Inc.)
ASUS Manager - Ai Charger II (HKLM-x32\...\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}) (Version: 2.00.11 - ASUSTeK Computer Inc.)
ASUS Manager - Backup & Recovery (HKLM-x32\...\{34D67DE5-2ECF-4E6B-A243-2C16E2792787}) (Version: 2.01.10 - ASUSTeK Computer Inc.)
ASUS Manager - Family Safety (HKLM-x32\...\{016AFF97-4E18-4560-B8E5-B684BB124E32}) (Version: 2.00.03 - ASUSTeK Computer Inc.)
ASUS Manager - PC Cleanup (HKLM-x32\...\{E22A19AE-7DDB-4959-B1DB-A0996294352A}) (Version: 2.01.08 - ASUSTeK Computer Inc.)
ASUS Manager - Power Manager (HKLM-x32\...\{DD248BEE-E925-4720-A775-9A42276BB6EA}) (Version: 2.02.02 - ASUSTeK Computer Inc.)
ASUS Manager - Update (HKLM-x32\...\{675BBE8A-0ED3-4048-8723-BA51EAB8E1A8}) (Version: 2.02.04 - ASUSTeK Computer Inc.)
ASUS Manager (HKLM-x32\...\{F5E5AD85-4A90-4604-A887-464D3818D8FD}) (Version: 2.08.00 - ASUSTeK Computer Inc.)
ASUS Music Maker (HKLM\...\{AB515018-7F9D-4047-B0C0-F26BAC30F3E1}) (Version: 18.0.4.1 - MAGIX AG) Hidden
ASUS Music Maker (HKLM-x32\...\MAGIX_{AB515018-7F9D-4047-B0C0-F26BAC30F3E1}) (Version: 18.0.4.1 - MAGIX AG)
ASUSDVD (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5424.52 - CyberLink Corp.) Hidden
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5424.52 - CyberLink Corp.)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.311 - ASUSTEK)
ATF DSP PC-Tool 4.10d version 4.10d (HKLM-x32\...\{1CB7F315-91A6-429C-8923-2FBC942338E2}_is1) (Version: 4.10d - Audiotec Fischer)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
BitComet 1.45 (HKLM-x32\...\BitComet_x64) (Version: 1.45 - CometNetwork)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BrLauncher (HKLM-x32\...\{4E7ADA5A-EEBF-4966-9965-01F1EA4CFEEA}) (Version: 1.1.23.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{B556F816-FF4D-4BB6-9339-ED28639E2EF3}) (Version: 1.0.2.1 - Brother Industries Ltd.) Hidden
Brother PCFax Driver (HKLM-x32\...\{56BA05BD-7A67-4EF8-85A7-8C6528AEE2AC}) (Version: 1.4.0.0 - Brother Industries Ltd.) Hidden
Brother PowerENGAGE (HKLM-x32\...\{05421625-9BA9-482B-ACF2-794221A06F4E}) (Version: 1.0.23 - Aviata, Inc.)
Brother Printer Driver (HKLM-x32\...\{3D497843-0E28-4C06-8C7F-7DE2C1379A62}) (Version: 1.3.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{45A8BB8B-3369-4B00-940A-CDE621C435E2}) (Version: 1.0.16.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{C0439A0D-8A66-4BD0-A3E0-85C8E2920762}) (Version: 1.0.26.0 - Brother Industries Ltd.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{118C2119-84B6-E32C-63E2-B56DBCF41CE5}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{3E245378-BF77-6946-C6F6-096DBE5EAB82}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{51F85784-6799-5CA3-97B2-2E5904FC3E58}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{A16E186C-58C4-3BDC-5CCE-714EFEF5F27F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E8D9A5F5-A76F-C1CB-2609-F09167AA5628}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{45907537-804A-514F-5280-5F4F12A6DCBC}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{5A083A57-10D6-D4E5-292C-F274870E73A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{8E6F5592-ED7E-9C50-74AC-BF417B1FE291}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{BD555B5E-F1F9-3B62-18AD-DCF2E079AEB4}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{E42911E5-48F8-8557-ED20-D72AD1907D25}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{962364E4-08BB-347D-32E7-2B789F37BF8A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{AD28960A-6190-C991-C964-308B86EAA2E2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B4C30EF4-B2C5-1395-B534-7B63BCB6E8E4}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{DF0D7C1C-72B6-9FFB-DF66-B3720237BB80}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{FCB5675A-A034-2872-8361-00EE0391C399}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{238F6F6F-2544-86CF-3AB6-2CDADAB58CF0}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{29F35063-F14F-D4A8-5825-0F74240F25C3}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{62098A5F-E03B-31A3-5F9C-51A7F7D25744}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{84C3F2C5-F7B2-2F08-CDF4-79EF7CC55D74}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{A0407E39-2AA4-60B3-885F-3C5347B6909E}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0989D0EA-AFF3-5F9A-3D25-20EE133E409B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0E8A3B17-D603-B1B6-C205-1685EBDD23E9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{1757AD9B-0E3C-05F9-FE43-4343BED7DA85}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{51E9360E-0B90-EE7F-D840-28458BD048DA}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{EC688BD0-240D-AE40-55F3-234E54919AE6}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{1E7D3072-1D28-E33A-99DF-85D9F7ECD06E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{33FF313C-78A1-35CE-2E12-93EC013CD42D}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{66B06F29-EE4F-9130-D96A-754826093FEA}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{A8689A0F-5928-7300-B82B-C5E85131B7BA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{E27224E3-7913-DA1E-5B08-9BEEC8FEE3D1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{76AAF56B-93D8-161D-809A-EC05F3B913DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{821D0A0E-F246-BE40-0D68-93883C14C410}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{8F4F9CAC-37A7-E424-2DBC-B9293E772F60}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{95A52FC1-C728-841D-1BFC-CC793B77B0A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{BA26B70C-3D8C-2D14-4122-211FB3E6F691}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{063CED74-F5F0-870E-DC9C-2D78FDEDA3EE}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{5FEACE78-C338-9AED-FF05-7DE7E273C774}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{88BD74C4-23AB-4554-915C-6E1F0C81F6CD}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{A22CDEBA-6DB5-12CD-F6CE-6238C2D78363}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{B709D228-78E5-4D06-6BD9-7C49CAF0F3A2}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{13BB60AA-88F7-4B1F-2DEC-D81EEDE8B3AA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{5066336E-513F-CBB9-9BB0-C89A3933C10F}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A3795528-F572-6314-C4E3-EE9DAF0FBF02}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A48E2AB0-0866-7783-9657-E1709EB18D02}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{C0BFC67D-E447-02C8-6046-C078DFE9EC97}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{37AA6227-FF2C-95AC-87C0-45DCC0BB87DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{4853A56D-7931-A08B-5BA7-8E2D61043DF9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{94C72EBE-2908-F0AC-62DA-D61951830F8F}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{AED89989-7DBE-543C-19A4-BE5A855DD2FB}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{E61CEF9A-BAC3-EAEE-F735-E257D2354DF2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{5B987681-3652-492B-6A11-E02AC0FE5959}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{98DD6106-888C-301A-AD03-753FF86838AE}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{B28CF677-E2C8-12CA-52BB-19B6F066D36A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{DA0326BB-657D-AAFC-752C-363E8FA33755}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{EB328356-1DF0-1CCE-3607-6361DD329219}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{43F6D22B-E0E9-EE90-9B62-1C5FC5D15A55}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{86BFE5B4-1FCE-3C02-6373-92B1AE6431E8}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{87E6EC29-AEC5-28CB-F773-93EB6C1B8A2B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{B873A1FB-5EA0-EE5F-A861-1E38880AD08E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{D0EA7EFC-D5CD-D8B1-EB42-F72483CEAABF}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{0742432E-42D9-2240-4CA1-8595CCCBAA77}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{A88050CD-0501-3DCF-2DDA-D290D3E3DCAA}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{CA55697D-BD74-3ED8-6B21-D7EDAD3B7D02}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{D4490E0F-8E7B-1097-B56A-7643C75F1C28}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{EC9DF9FF-9D75-4CDD-1D58-A2E887B0A42E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{1739AB49-2038-78F5-1A87-BC7490CAC76A}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{7ABACA7E-6E59-0EF9-8FA3-6B32E5F58127}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{CFC860C8-4F51-E08C-A74C-2E444ED06160}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{DAB44116-0266-C65B-B643-AC11217C3041}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{EAEAA839-44F4-22DF-D1CC-88C3B2A3D4B1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3530D72B-E13A-E242-1B65-1D4A56FEB793}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3AF70346-52C7-0334-606F-118D1C1CB7A2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3E196AAF-F81C-B384-E2AB-28EE2398FE5F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{9338D693-38B7-1ED4-9B42-BFA1D5600CCB}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{A3973655-E448-4A1B-477C-988A79D132D9}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{413A45F5-20F8-1760-22DF-000C80A392E5}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{53AE8AC7-5213-67AF-0DC0-CED696B77643}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{6DC92550-D065-4B36-C4D3-D8D7A702A7A7}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{C971C145-258D-6650-7088-13DDB161327A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DAEFFE0C-CD05-1355-6AFC-7B3D4106A820}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{47E510DD-18B9-17F3-121E-B068BCD51D94}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{B2A83706-3F14-1532-20CD-B4EE715A8945}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{DC9DFCBF-87DA-892C-6151-99CC9EF46E3E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{E392A425-53A7-DF90-96A0-E287A75DD3B2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{EBA09DAF-14B4-7BE7-676E-6E2FB21EDBDD}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{44ED2CDA-4197-E9E9-B328-26E1FB749116}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{9AA4DD93-94BF-22EA-C9D2-7084F304A31B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{C1EFF2A2-DF4A-F6D1-B99C-1ED194AE9E78}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{D6F47BB4-700A-F612-0671-5F69EA311BB7}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{FDA9F952-8DBD-112A-1244-0AD718D6C3A6}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{01FD9A26-3F61-9236-B360-BE5D043D82C0}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{25DEBD2B-5356-EF0F-43D8-CFFB5BBAA808}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{3450566C-4561-0EE8-B1AB-D5C79CCE8D2C}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{379D900B-A785-6DB0-012E-434356A365B3}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{46EB68BE-8AAC-8C2B-7284-8DEDE6B5CD2A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{366C4FB5-CF6E-258B-418D-E6D29549A278}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{4793D2FE-9842-F82B-F03F-05A89A0AC2E4}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{64D4CCC3-63DF-252D-D29D-03491670225D}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{7A6E431B-CF43-EC3E-FD7E-0A0AAB1B25FC}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{FCE8438C-3272-D63F-479F-670F082B294B}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{2464B26D-1665-8DA4-190D-7C474AE7586B}) (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{25D1751E-7CA2-5F6D-0125-0A16E47AF9FE}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{89A1F076-19B8-A2B1-D5A3-E8247EFAF157}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{8DF90937-B869-9F76-5D45-5A8BDA0A33B6}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{B10089DE-934F-6E0F-683A-B788F89348DF}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.47 - Piriform)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.79.0.2015 - Georgy Berdyshev)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
ControlCenter4 (HKLM-x32\...\{CD0E9C09-7A83-4DC4-A54E-7B8EECBF3CA0}) (Version: 4.6.22.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{1E89F75C-EF46-406C-9AAC-615B3CCC1D3D}) (Version: 4.3.2.1 - Brother Insutries Ltd.) Hidden
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4428 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dazzle Video Capture DVC100 X64 Driver 1.08 (HKLM-x32\...\{FB4B9EB9-68B2-4C42-8C38-B65F8FE5A5CA}) (Version: 1.08.0000 - Pinnacle)
DJI Assistant 2 For Mavic version V2.0.10.8 (HKLM-x32\...\{6859F742-537E-44EA-AF45-000EC275335F}_is1) (Version: V2.0.10.8 - DJI)
DJI Assistant 2 version V1.2.5 (HKLM-x32\...\{D939E096-78F1-4A32-A711-C1AD3F3D082A}_is1) (Version: V1.2.5 - DJI)
Document Capture Pro (HKLM-x32\...\{381B8ACC-78BB-496E-8533-F3CF340421CB}) (Version: 2.01.0007 - Seiko Epson Corporation)
Easy Audio Copy (HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\Easy Audio Copy) (Version: 1.0.1.9 - Andre Wiethoff)
Elevated Installer (HKLM-x32\...\{067FCCD5-0DC8-4D84-849C-A82656EFD36C}) (Version: 6.16.1.0 - Garmin Ltd or its subsidiaries) Hidden
eManual (HKLM-x32\...\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}) (Version: 1.00.07 - ASUSTeK Computer Inc.)
ESET Endpoint Security (HKLM\...\{21449018-069C-4B91-8AA2-B2E0320C6640}) (Version: 7.1.2053.0 - ESET, spol. s r.o.)
Exact Audio Copy 1.0beta6 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta6 - Andre Wiethoff)
Fellowes/NEATO MediaFACE (HKLM-x32\...\Fellowes/NEATO MediaFACE) (Version:  - )
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
foobar2000 v1.3.10 (HKLM-x32\...\foobar2000) (Version: 1.3.10 - Peter Pawlowski)
Galería de fotos (HKLM-x32\...\{5AE1297A-58E3-40F2-9C59-ADCB8CF56918}) (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Galerie de photos (HKLM-x32\...\{43711B8E-AE78-4C83-84EC-3E86D689311C}) (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{249CFC92-210D-401D-89AF-5B40B60BC3F4}) (Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{78B7CE44-6303-4EC8-9A53-B7F3F3F89E24}) (Version: 6.16.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{824324a6-400d-4ee8-9aa0-72a8627a425e}) (Version: 6.16.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.97 - Google LLC)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
herdProtect Anti-Malware Scanner (HKLM-x32\...\herdProtectScan) (Version: 1.0 - Reason Company Software Inc.)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
HydraVision (HKLM-x32\...\{D488B63F-22EC-9E53-8447-7FF938B9F947}) (Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
iCloud (HKLM\...\{2C05E99A-94F0-4F95-B602-CD2D2682D6C3}) (Version: 7.13.0.14 - Apple Inc.)
IObit Uninstaller 9 (HKLM-x32\...\IObitUninstall) (Version: 9.0.2.38 - IObit)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
iTunes (HKLM\...\{00ECC1A0-72EC-4E21-A03E-A9242A92CE1F}) (Version: 12.9.6.3 - Apple Inc.)
Java 8 Update 141 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
K-Lite Codec Pack 11.9.6 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.9.6 - KLCP)
Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\OneDriveSetup.exe) (Version: 19.174.0902.0013 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{186312F7-5E94-4709-859E-8A91F97DC674}) (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{5A88AF74-251F-4CE1-A9C4-5A627D10AE16}) (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 56.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 56.0 (x86 en-US)) (Version: 56.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 56.0.0.6478 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MultiCam Capture Lite (HKLM\...\{0E4CA68C-72C3-4B01-AE33-8854AC00D17B}) (Version: 1.1.4.10460 - Corel Corporation)
MyBackupPC from Rerware, LLC (HKLM-x32\...\MyBackupPC) (Version:  - )
MyDVD Content Pack 1 (HKLM-x32\...\{ADCF7AE3-8E36-4B80-9460-66B74B56927F}) (Version: 1.00.0000 - Corel Corporation)
MyDVD Content Pack 2 (HKLM-x32\...\{B9987701-F119-46FA-BFF1-A8B593BFAF9E}) (Version: 1.00.0000 - Corel Corporation)
Nero 2016 (HKLM-x32\...\{4297E807-5633-466A-8AC0-5AC48D310471}) (Version: 17.0.02000 - Nero AG)
Nero 2016 Content Pack (HKLM-x32\...\{006F5CFF-ED35-41AF-9B2A-F52B0F545BF4}) (Version: 17.0.00200 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2000 - Nero AG)
NetworkRepairTool (HKLM-x32\...\{947DE453-69FD-4CF6-A682-04D1308C79AF}) (Version: 1.2.15.0 - Brother Industries, Ltd.) Hidden
Nuance PaperPort 14 (HKLM-x32\...\{6CC9391F-D441-4D2E-9ECC-1F7084C733ED}) (Version: 14.5.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer SE (HKLM-x32\...\{7BAC9170-359D-4EAD-B6E4-238A14940C11}) (Version: 7.20.3230 - Nuance Communications, Inc.)
OEM Application Profile (HKLM-x32\...\{315F1A48-D883-B234-7C79-15873574ACC1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Opera Stable 63.0.3368.107 (HKLM-x32\...\Opera 63.0.3368.107) (Version: 63.0.3368.107 - Opera Software)
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0002 - Nuance Communications, Inc.)
PC-FAXReceive (HKLM-x32\...\{5905E4B2-93DD-4F9D-AC84-8AE1FC7F91F7}) (Version: 1.6.17.0 - Brother Insutries Ltd.) Hidden
PCFaxTx (HKLM-x32\...\{3C17737F-A6C4-4528-9A60-06DD0D4B3A63}) (Version: 1.0.18.1 - Brother Industries Ltd.) Hidden
Pinnacle 3D Title Editor (HKLM\...\{0A4DB5B8-8C83-458B-8D0F-603543BA50A2}) (Version: 1.0.8.185 - Corel Corporation)
Pinnacle Creative Pack Volume 1 (HKLM\...\{C42189EA-8768-4B9A-B54B-5B8872853D16}) (Version: 7.0 - Corel Corporation)
Pinnacle Hollywood FX Volumes 1-3 (HKLM\...\{D6CB064E-E69F-4E2A-A9F5-BD9F538B5911}) (Version: 6.0 - Corel Corporation)
Pinnacle MyDVD (HKLM\...\{C9CEF17D-DE54-4E20-9FC8-8AE13A31E419}) (Version: 3.0.019 - Corel Corporation) Hidden
Pinnacle MyDVD (HKLM-x32\...\{6C7DC3C2-32EF-4B67-B2FB-5CBCE63313D7}) (Version: 3.0 - Pinnacle)
Pinnacle NewBlue Effects (HKLM\...\{D5E68EF5-0260-4014-8DD8-71ACE5D96672}) (Version: 5.1.0 - Corel Corporation)
Pinnacle Premium Pack Volumes 1-2 (HKLM-x32\...\{A8322551-5857-46E0-8FD8-E5A13808DDB9}) (Version: 6.0 - Corel Corporation)
Pinnacle ScoreFitter Volumes 1-2 (HKLM\...\{009950B1-18A3-4F88-AD32-47415BF7DD52}) (Version: 6.0 - Corel Corporation)
Pinnacle Studio 22 - Standard Content Pack (HKLM\...\{EEC666DC-1B29-4F81-8D7B-A886C86159C6}) (Version: 22.1 - Corel Corporation)
Pinnacle Studio 22 (HKLM\...\{74D19994-F843-4BFE-9850-18DFFC8A1056}) (Version: 22.3.0.377 - Corel Corporation)
Pinnacle Title Extreme (HKLM\...\{9D319237-4D59-418B-A972-C9CAD471A7A5}) (Version: 6.0 - Corel Corporation)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.23.2-r122830-release - Plays.tv, LLC)
PowerENGAGE (HKLM-x32\...\{BFE5C68B-E6D4-4421-9ACF-2B8C4BC2D2A1}) (Version: 3.2.13 - Aviata, Inc.) Hidden
Prerequisite installer (HKLM-x32\...\{5F284483-EE8D-447E-BEBE-2BF13B08C4BF}) (Version: 17.0.0002 - Nero AG) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.5-r115042-release - Raptr, Inc)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.769.769.092613 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30166 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7035 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0224 - REALTEK Semiconductor Corp.)
RemoteSetup (HKLM-x32\...\{FAB8A30A-B074-48F9-9D73-5E9A757403F8}) (Version: 3.10.2.0 - Brother Industries Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version:  - ) Hidden
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 44.2.55120 - Sonos, Inc.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Spotify (HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\Spotify) (Version: 1.0.70.388.g8e1ed5af - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.)
Stashimi Stub Installer (HKLM-x32\...\{910B539D-F257-46C8-9CB8-6C95EFF9CF22}) (Version: 18.001.1 - Nero AG) Hidden
StatusMonitor (HKLM-x32\...\{5AB5D907-DCFA-4372-913B-46F4D4674680}) (Version: 1.18.10.0 - Brother Insutries Ltd.) Hidden
SUABnR (HKLM-x32\...\{2485354C-6B65-4978-BB91-CCE61442377B}) (Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.) Hidden
SUABnR (HKLM-x32\...\InstallShield_{2485354C-6B65-4978-BB91-CCE61442377B}) (Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.)
TurboTax 2015 (HKLM-x32\...\TurboTax 2015) (Version: 2015.0 - Intuit, Inc)
Unchecky v1.2 (HKLM-x32\...\Unchecky) (Version: 1.2 - Reason Software Company Inc.)
Unified Remote (HKLM-x32\...\{415B4714-4F8C-49C6-B310-881EAF892CFB}_is1) (Version: 3.6.1 - Unified Intents AB)
Update for Skype for Business 2016 (KB4484102) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{BE84972D-5F00-49E3-8F22-316ACAB0E6FF}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4484102) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{BE84972D-5F00-49E3-8F22-316ACAB0E6FF}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4484102) 64-Bit Edition (HKLM\...\{90160000-012B-0409-1000-0000000FF1CE}_Office16.PROPLUS_{BE84972D-5F00-49E3-8F22-316ACAB0E6FF}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
Verizon Wireless Software Upgrade Assistant - Samsung(ar) (HKLM-x32\...\{F3BA1C5E-51F1-4256-B5FD-0C060D963D35}) (Version: 2.17.0214 - Samsung Electronics Co., Ltd.)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.15.438 - ASUS Cloud Corporation)
WhatsApp (HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\WhatsApp) (Version: 0.2.4240 - WhatsApp)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Winrar and Options (HKLM\...\Winrar_and_Options) (Version: 1.0 - Winrar)
YI Home (HKLM-x32\...\YI Home) (Version: 1.0.0.0_201712251000 - XiaoYi)
Zoom (HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\ZoomUMX) (Version: 4.1 - Zoom Video Communications, Inc.)
 
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-02-28] (Adobe Systems Incorporated)
Aerize Explorer -> C:\Program Files\WindowsApps\37960Aerize.AerizeExplorer_8.1.0.569_neutral__cmwngt68pf618 [2017-12-06] (Aerize)
ASUS WebStorage -> C:\Program Files\WindowsApps\ASUSCloudCorporation.MobileFileExplorer_1.0.24.190_x86__wk4d32h0cvhem [2015-06-29] (ASUS Cloud Corporation)
ASUS Welcome -> C:\Program Files\WindowsApps\B9ECED6F.ASUSWelcome_1.0.1.0_x64__qmba6cd70vzyy [2015-10-17] (ASUSTeK COMPUTER INC.)
Fingertapps Instruments recommended by ASUS -> C:\Program Files\WindowsApps\fingertappsASUS.FingertappsInstrumentsrecommendedb_2.0.6.2438_x86__0z6fvz9fjphfe [2014-04-25] (fingertapps)
Fingertapps Organizer recommended by ASUS -> C:\Program Files\WindowsApps\fingertappsasus.FingertappsOrganizerrecommendedbyA_3.0.2.3330_x86__0z6fvz9fjphfe [2014-04-25] (fingertapps)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.1000_x86__8wekyb3d8bbwe [2019-06-08] (Microsoft Corporation)
JigsWar recommended by ASUS -> C:\Program Files\WindowsApps\fingertappsASUS.JigsWarrecommendedbyASUS_1.0.0.913_x86__0z6fvz9fjphfe [2014-04-25] (fingertapps)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20368.0_x64__8wekyb3d8bbwe [2019-11-05] (Microsoft Corporation) [MS Ad]
McAfee® Central for ASUS -> C:\Program Files\WindowsApps\McAfeeInc.05.McAfeeSecurityAdvisorforASUS_5.0.188.1_x64__qnhseag2m6wjg [2018-04-10] (McAfee Inc)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.10022.0_x64__8wekyb3d8bbwe [2019-10-07] (Microsoft Studios) [MS Ad]
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-24] (Microsoft Corporation)
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-08-08] (Microsoft Corporation) [MS Ad]
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-08-08] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-19] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-19] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-08-08] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.0.0.0_x64__a2t3txkz9j1jw [2019-07-26] (MAGIX)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2018-10-26] (Adobe Systems Incorporated)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2421003995-3247290216-19678324-1001_Classes\CLSID\{A23C5D00-59B7-48BB-9205-5FE7F0B031E3} -> [MEGA] => C:\Users\Joe\Documents\MEGA [2018-01-12 11:23]
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Joe\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-03] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Joe\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-03] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Joe\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-03] (Mega Limited -> )
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.15.438\ASUSWSShellExt64.dll [2014-09-03] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.15.438\ASUSWSShellExt64.dll [2014-09-03] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.15.438\ASUSWSShellExt64.dll [2014-09-03] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Joe\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-03] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Joe\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-03] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Joe\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-03] (Mega Limited -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Security\shellExt.dll [2019-06-19] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Joe\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-03] (Mega Limited -> )
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-05-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Security\shellExt.dll [2019-06-19] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Joe\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-03] (Mega Limited -> )
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Program Files (x86)\Common Files\AWS\2.1.15.438\ASUSWSContextMenu.dll [2014-11-07] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Joe\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-03] (Mega Limited -> )
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Joe\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-03] (Mega Limited -> )
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-09-22] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Security\shellExt.dll [2019-06-19] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2019-07-30] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [vidc.mjpg] => pvmjpgx40.dll
HKLM\...\Drivers32: [vidc.pDAD] => C:\Windows\SysWOW64\prodad-codec.dll [506312 2014-01-08] (proDAD GmbH -> proDAD GmbH)
 
==================== Shortcuts & WMI ========================
 
==================== Loaded Modules (Whitelisted) =============
 
2009-02-27 15:38 - 2009-02-27 15:38 - 000139264 _____ () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2017-12-11 13:25 - 2018-01-18 14:39 - 000519168 _____ () [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll
2017-12-11 13:25 - 2017-12-22 11:53 - 000180224 _____ () [File not signed] C:\Program Files (x86)\Browny02\BroSNMP.dll
2017-12-11 13:25 - 2018-01-18 14:39 - 000208896 _____ () [File not signed] C:\Program Files (x86)\Browny02\Brother\BrFirmUpdateCheck.dll
2017-12-11 13:25 - 2018-01-18 14:39 - 001720832 _____ () [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2017-11-07 18:55 - 2017-11-07 18:55 - 000137728 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2017-08-18 10:23 - 2017-08-18 10:23 - 000087552 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2017-08-18 10:23 - 2017-08-18 10:23 - 017974784 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2017-11-07 19:04 - 2017-11-07 19:04 - 000087040 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcLUsa.dll
2017-11-07 18:55 - 2017-11-07 18:55 - 000440832 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\Track.dll
2017-01-16 14:43 - 2017-01-16 14:43 - 000073216 _____ () [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\FixBootSector.dll
2017-05-08 09:35 - 2017-05-08 09:35 - 000325632 _____ () [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\GpsImgWrapper.dll
2019-10-31 10:55 - 2019-08-05 12:26 - 000025088 _____ () [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\BSL430.dll
2019-10-31 10:55 - 2019-08-05 12:26 - 000225792 _____ () [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GvFireware.dll
2017-05-10 15:43 - 2017-05-10 15:43 - 000033280 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\cx_Logging.cp35-win32.pyd
2017-05-10 15:43 - 2017-05-10 15:43 - 001780736 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2017-05-10 15:43 - 2017-05-10 15:43 - 001934336 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2017-05-10 15:43 - 2017-05-10 15:43 - 000505856 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2017-05-10 15:43 - 2017-05-10 15:43 - 003812864 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2017-05-10 15:43 - 2017-05-10 15:43 - 000405504 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom35.dll
2017-05-10 15:43 - 2017-05-10 15:43 - 000111616 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes35.dll
2017-05-10 15:43 - 2017-05-10 15:43 - 000077824 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2017-05-10 15:43 - 2017-05-10 15:43 - 000103424 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2017-05-10 15:43 - 2017-05-10 15:43 - 000173568 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2017-05-10 15:43 - 2017-05-10 15:43 - 000041984 _____ () [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2016-09-13 01:01 - 2016-09-13 01:01 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000191488 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2014-06-22 11:13 - 2014-03-12 17:51 - 000907776 _____ () [File not signed] C:\Windows\PCCleanupContextMenu\x64\ContextMenuHandler.dll
2018-08-15 14:19 - 2017-06-20 13:17 - 000089600 _____ () [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2018-08-15 14:19 - 2005-04-22 12:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2017-09-22 15:57 - 2017-09-22 15:57 - 000979456 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\atiacm64.dll
2017-01-16 14:43 - 2017-01-16 14:43 - 001976832 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\XercesLib.dll
2014-06-22 11:12 - 2012-10-09 00:42 - 000211456 _____ (ASUSTek Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\ASUS Manager\Ai Charger II\ACPIWMI.dll
2014-06-22 11:13 - 2012-10-09 00:42 - 000211456 _____ (ASUSTek Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\ACPIWMI.dll
2012-12-05 11:29 - 2012-12-05 11:29 - 004883456 _____ (BCGSoft Ltd) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\BCGCBPRO1100u100.dll
2017-01-16 14:44 - 2017-01-16 14:44 - 000234496 _____ (Dynastream Innovations Inc.) [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\ANT_WrappedLib.dll
2017-01-16 14:43 - 2017-01-16 14:43 - 002711552 _____ (Garmin International) [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\legacyio.dll
2017-02-14 08:42 - 2017-02-14 08:42 - 000343552 _____ (Garmin International, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\IMG_GPSMAP.dll
2017-01-16 14:43 - 2017-01-16 14:43 - 000425472 _____ (Garmin) [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\XMLdll.dll
2019-10-31 10:55 - 2019-08-05 12:27 - 002010112 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GbtCpuLib.dll
2019-10-31 10:55 - 2019-08-05 12:27 - 000155648 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\yccV2.dll
2019-10-31 10:55 - 2019-08-16 15:46 - 000289280 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVBIOSLib.dll
2019-10-31 10:55 - 2019-08-05 12:26 - 000628736 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GvComW.dll
2019-10-31 10:55 - 2019-08-05 12:26 - 000013312 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GvCrypt.dll
2019-10-31 10:55 - 2019-09-10 08:47 - 000445952 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVDisplay.dll
2019-10-31 10:55 - 2019-08-05 12:26 - 000240640 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GvIllumLib.dll
2019-10-31 10:55 - 2019-08-05 12:26 - 000218112 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GvOrderLib.dll
2019-08-30 15:59 - 2019-08-30 15:59 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2019-08-30 15:58 - 2019-08-30 15:58 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL
2014-11-10 01:27 - 1999-10-27 09:01 - 000103936 _____ (NEATO LLC) [File not signed] C:\Program Files (x86)\MediaFACE\cdfacerc.dll
2015-09-02 08:35 - 2017-12-05 08:06 - 009265648 ____R (Nero AG -> Nero AG) [File not signed] C:\Program Files (x86)\Common Files\Nero\AdvrCntr6\AdvrCntr6.dll
2017-01-16 14:43 - 2017-01-16 14:43 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\DSI_SiUSBXp_3_1.DLL
2018-08-30 19:59 - 2016-10-10 04:27 - 000556544 _____ (Soft Service Company) [File not signed] C:\Program Files (x86)\Unified Remote 3\wcl.dll
2018-08-30 19:59 - 2016-09-23 13:08 - 001283584 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Unified Remote 3\LIBEAY32MD.dll
2018-08-30 19:59 - 2016-09-23 13:08 - 000255488 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Unified Remote 3\SSLEAY32MD.dll
2017-05-10 15:43 - 2017-05-10 15:43 - 004626432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\Qt5Core.dll
2017-05-10 15:43 - 2017-05-10 15:43 - 004854784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\Qt5Gui.dll
2017-05-10 15:43 - 2017-05-10 15:43 - 000847872 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\Qt5Network.dll
2017-05-10 15:43 - 2017-05-10 15:43 - 004439552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Raptr Inc\PlaysTV\Qt5Widgets.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-09-13 01:00 - 2016-09-13 01:00 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-09-13 01:00 - 2016-09-13 01:00 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-09-13 01:00 - 2016-09-13 01:00 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-09-13 01:00 - 2016-09-13 01:00 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-09-13 01:00 - 2016-09-13 01:00 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-09-13 01:00 - 2016-09-13 01:00 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-09-13 01:00 - 2016-09-13 01:00 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-09-13 01:00 - 2016-09-13 01:00 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-09-13 01:01 - 2016-09-13 01:01 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-10-31 10:55 - 2019-08-27 12:22 - 000224256 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GvAutoUpdate.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\garmin.com -> hxxps://my.garmin.com
IE restricted site: HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\123simsen.com -> www.123simsen.com
 
There are 7865 more sites.
 
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 08:25 - 2019-11-06 18:04 - 000451988 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
 
There are 15501 more lines.
 
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\QuickTime\QTSystem\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2421003995-3247290216-19678324-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Joe\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "MyBackupPC"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "IndexSearch"
HKLM\...\StartupApproved\Run32: => "PaperPort PTD"
HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\StartupApproved\Run: => "Amazon Music Helper"
HKU\S-1-5-21-2421003995-3247290216-19678324-1001\...\StartupApproved\Run: => "GarminExpress"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [TCP Query User{3106BB63-8D9D-432B-95D7-05CD06F2BFB0}C:\program files (x86)\unified remote 3\remoteserverwin.exe] => (Block) C:\program files (x86)\unified remote 3\remoteserverwin.exe (Unified Intents AB -> Unified Intents AB)
FirewallRules: [UDP Query User{35D5F49A-073D-4B33-8D7B-B521EAB66A93}C:\program files (x86)\unified remote 3\remoteserverwin.exe] => (Block) C:\program files (x86)\unified remote 3\remoteserverwin.exe (Unified Intents AB -> Unified Intents AB)
FirewallRules: [{7AB7D6C5-337E-44D8-9C89-779D29B73954}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{902E71DA-EB41-4804-8B9B-BAA69FC6FAF0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{77E30C45-CDF1-455D-8E0B-9B22AE6118E6}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9F52DFDE-D99C-4CF6-82B5-3A47F1BF9F18}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F94F8520-BDB3-403D-AAD4-C806A37F4DA1}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{942A1289-44F7-43BD-B48C-53390F50C395}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{60E16D9A-5DBE-43FB-8D44-FA12C5E91DA9}] => (Allow) C:\Program Files (x86)\Opera\63.0.3368.94\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{20936A3B-08C0-430C-938A-779DE18BBB7C}] => (Allow) C:\Program Files (x86)\Opera\63.0.3368.107\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{DD0F8BE5-768A-457A-AE6D-7F5FC1486484}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 
==================== Restore Points =========================
 
16-10-2019 18:57:25 Scheduled Checkpoint
24-10-2019 00:44:14 Scheduled Checkpoint
31-10-2019 09:12:45 Scheduled Checkpoint
31-10-2019 10:55:33 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
31-10-2019 10:55:59 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
31-10-2019 11:03:42 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
 
==================== Faulty Device Manager Devices ============
 
Name: BlueBuds X Stereo
Description: Microsoft Bluetooth A2dp Source
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthA2dp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Galaxy Note9 Hands-Free HF
Description: Microsoft Bluetooth Hands-Free Profile Handsfree role
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthHFEnum
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (11/07/2019 01:24:39 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1976,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (11/07/2019 01:15:26 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7516,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (11/07/2019 12:53:21 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: MTDLL BrtMTDLL: [2019/11/07 00:53:21.023]: [00010956]: Error GetInkSupplyType Send ( ErrCode == 5 )
 
Error: (11/07/2019 12:53:13 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: MTDLL BrtMTDLL: [2019/11/07 00:53:13.924]: [00010956]: Error GetInkSupplyType Send ( ErrCode == 5 )
 
Error: (11/07/2019 12:53:06 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: MTDLL BrtMTDLL: [2019/11/07 00:53:06.850]: [00010956]: Error GetInkSupplyType Send ( ErrCode == 5 )
 
Error: (11/07/2019 12:52:24 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: MTDLL BrtMTDLL: [2019/11/07 00:52:24.396]: [00010956]: Error GetInkSupplyType Send ( ErrCode == 5 )
 
Error: (11/07/2019 12:52:17 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: MTDLL BrtMTDLL: [2019/11/07 00:52:17.325]: [00010956]: Error GetInkSupplyType Send ( ErrCode == 5 )
 
Error: (11/07/2019 12:52:10 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: MTDLL BrtMTDLL: [2019/11/07 00:52:10.231]: [00010956]: Error GetInkSupplyType Send ( ErrCode == 5 )
 
 
System errors:
=============
Error: (11/07/2019 12:21:29 AM) (Source: DCOM) (EventID: 10000) (User: LivingRoom1)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
 
Error: (11/06/2019 06:16:57 PM) (Source: usbehci) (EventID: 4) (User: )
Description: A timeout occurred while waiting for the EHCI host controller Interrupt on Async Advance Doorbell response.
 
Error: (11/06/2019 06:13:35 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Downloaded Maps Manager service hung on starting.
 
Error: (11/06/2019 06:11:34 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intuit Update Service v4 service hung on starting.
 
Error: (11/06/2019 06:08:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (11/06/2019 06:08:38 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.
 
Error: (11/06/2019 06:08:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ASUS Com Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (11/06/2019 06:08:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the ASUS Com Service service to connect.
 
 
CodeIntegrity:
===================================
 
Date: 2019-11-07 01:19:03.716
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Endpoint Security\eamsi.dll that did not meet the Windows signing level requirements.
 
Date: 2019-11-07 01:19:03.712
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Endpoint Security\eamsi.dll that did not meet the Windows signing level requirements.
 
Date: 2019-11-07 01:19:03.697
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Endpoint Security\eamsi.dll that did not meet the Windows signing level requirements.
 
Date: 2019-11-06 18:45:01.676
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Endpoint Security\eamsi.dll that did not meet the Windows signing level requirements.
 
Date: 2019-11-06 18:45:01.672
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Endpoint Security\eamsi.dll that did not meet the Windows signing level requirements.
 
Date: 2019-11-06 18:45:01.660
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Endpoint Security\eamsi.dll that did not meet the Windows signing level requirements.
 
Date: 2019-11-06 18:09:12.158
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Endpoint Security\eamsi.dll that did not meet the Windows signing level requirements.
 
Date: 2019-11-06 18:09:11.153
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Endpoint Security\eamsi.dll that did not meet the Windows signing level requirements.
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. 0502 01/07/2014
Motherboard: ASUSTeK COMPUTER INC. M51BC
Processor: AMD FX™-8300 Eight-Core Processor 
Percentage of memory in use: 23%
Total physical RAM: 32683.44 MB
Available physical RAM: 24862.42 MB
Total Virtual: 40619.44 MB
Available Virtual: 27099.38 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:1848.14 GB) (Free:251.49 GB) NTFS
Drive e: (FreeAgent GoFlex Drive) (Fixed) (Total:2794.51 GB) (Free:418.12 GB) NTFS
 
\\?\Volume{8401d0cf-c5de-4884-9653-5645807abf43}\ (Windows RE tools) (Fixed) (Total:0.78 GB) (Free:0.55 GB) NTFS
\\?\Volume{09464d49-be8e-40ad-8ad4-401e8a443715}\ (Recovery image) (Fixed) (Total:13.72 GB) (Free:3.53 GB) NTFS
\\?\Volume{21881f97-1161-4247-8532-28550e73fb00}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: CDE1F06D)
 
Partition: GPT.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 3.
 
==================== End of Addition.txt =======================

 


  • 0

Advertisements


#2
iMacg3

iMacg3

    GeekU Mod

  • GeekU Moderator
  • 954 posts
Hi roachklip, welcome to the Geeks to Go malware removal forum.

I am iMacg3 and will be helping you with your computer problems.

Please keep the following information in mind before we begin:
  • Back up any important data before we continue.
    • Back up any important data on your computer to external media. I will not knowingly suggest any steps that will damage your computer; however, malware infections are often unpredictable and it may be necessary to reformat and reinstall your operating system depending on the infection.
  • Do not install any new software or run any fixes/tools on your system unless I request that you do so.
    • Running additional tools on your system can interfere with the clean-up process, or cause issues such as false positives.
  • Please read all instructions carefully, and complete them in the order listed.
    • Items that are especially important will be highlighted in bold or red.
  • If your computer seems to start working normally, please don't abandon the topic.
    • Even if your system is behaving normally, there may still be some malware remnants left over. Additionally, malware can re-infect the computer if some remnants are left. Therefore, please complete all requested steps to make sure any malware is successfully eradicated from your PC.
  • If you have pirated or illegal software on your computer, uninstall it now before proceeding.
    • Using pirated/cracked software is an easy way to infect your computer - almost as easy as intentionally downloading malware. Therefore, please remove any, if present, before we begin the clean-up.
  • If you don't respond to your topic in 4 days, it will be closed.
    • If your topic is closed and you still need assistance, send me a Personal Message with a link to your topic.
  • If you have questions at any time during the cleanup, feel free to ask.
Please give me some time to go over your logs and I will get back to you as soon as possible.
  • 0

#3
roachklip

roachklip

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

Ok iMacg3,

 

I'm ready when you are.

 

Thanks.


  • 0

#4
iMacg3

iMacg3

    GeekU Mod

  • GeekU Moderator
  • 954 posts
Hi roachklip,

Going over your logs I noticed that you have BitComet 1.45 installed.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall BitComet 1.45, however that choice is up to you. If you choose to remove these programs, you can do so via Start > Settings icon > Apps.
If you wish to keep it, please do not use it until your computer is cleaned.

---------------------------------------------------
Farbar Recovery Scan Tool - Fix
  • Highlight the contents of the below code box and press Ctrl + C on your keyboard:
    Start::
    CreateRestorePoint:
    Startup: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verizon Wireless Software Utility Application for Android - Samsung.lnk [2016-08-04]
    Task: {06BF2F65-A57D-446A-BE33-E00316AFA8AA} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
    Task: {19BA2E70-BEDA-4F58-8C63-523DB41B081B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
    Task: {466A398C-3FFE-40DA-ABC0-9F74FF61E0E1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
    Task: {5E3A9C51-92EC-4674-A3DB-37A75B3E89F8} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
    Task: {72D65463-6AB4-4857-8594-653CEB1E4ECD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
    Task: {7AE0ADB3-D2B9-4522-9CBF-DAB4B33AFE5C} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
    Task: {7AF21016-5FDA-4CAE-9A6C-DE0D29540F73} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
    Task: {7EDAED79-6346-4905-A88A-5DB3AF8DCF00} - \Nero 2015 Platinum Update -> No File <==== ATTENTION
    Task: {9334386B-D207-45A4-A30F-A3E9C84EB05D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
    Task: {9A4A41E9-7C37-4D05-B539-0507FFFAAB33} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
    Task: {AA13BBCD-E934-4608-8F20-C5803BAB02A5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
    Task: {C90AA304-4847-46F6-B321-E2EAEEF105F3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
    Task: {D2ECF740-5D13-47A4-BFE1-5F52B0E9DC8A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
    CHR Notifications: Default -> hxxps://maranhesduve.club; hxxps://mavicpilots.com; hxxps://p4.maranhesduve.club; hxxps://uploaded.downloads-now.net; hxxps://ww1.ouo.today; hxxps://www.dontpayfull.com; hxxps://www.facebook.com
    S3 cpuz143; \??\C:\Users\Joe\AppData\Local\Temp\cpuz143\cpuz143_x64.sys [X] <==== ATTENTION
    S3 GPCIDrv; \??\C:\Users\Joe\AppData\Local\Temp\7zS9EC5.tmp\N2080_FW_Upgrade_Tool_V003\GPCIDrv64.sys [X] <==== ATTENTION
    ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
    ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
    ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
    ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
    ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
    ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
    ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
    ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
    Emptytemp:
    End::
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Double-click FRST.exe/FRST64.exe to run it.
  • Press the Fix button just once and wait.
    Note: No need to paste the script into FRST.
  • Restart the computer if prompted.
  • When the fix is complete FRST will generate a log in the same location it was run from (Fixlog.txt)
  • Please copy and paste its contents into your reply.
---------------------------------------------------

In your next reply, please include:
  • Fixlog.txt

  • 0

#5
roachklip

roachklip

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

I should not have did this but I uninstalled the BitComet app at the same time the FRST fix was running.

 

I hope that didn't hurt anything.

 

Thank you.

 

 

 

 

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 08-11-2019
Ran by Joe (08-11-2019 18:40:20) Run:1
Running from C:\Users\Joe\Desktop
Loaded Profiles: Joe (Available Profiles: Joe)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
Startup: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verizon Wireless Software Utility Application for Android - Samsung.lnk [2016-08-04]
Task: {06BF2F65-A57D-446A-BE33-E00316AFA8AA} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {19BA2E70-BEDA-4F58-8C63-523DB41B081B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {466A398C-3FFE-40DA-ABC0-9F74FF61E0E1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {5E3A9C51-92EC-4674-A3DB-37A75B3E89F8} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B ->
No File <==== ATTENTION
Task: {72D65463-6AB4-4857-8594-653CEB1E4ECD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {7AE0ADB3-D2B9-4522-9CBF-DAB4B33AFE5C} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {7AF21016-5FDA-4CAE-9A6C-DE0D29540F73} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {7EDAED79-6346-4905-A88A-5DB3AF8DCF00} - \Nero 2015 Platinum Update -> No File <==== ATTENTION
Task: {9334386B-D207-45A4-A30F-A3E9C84EB05D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {9A4A41E9-7C37-4D05-B539-0507FFFAAB33} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {AA13BBCD-E934-4608-8F20-C5803BAB02A5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {C90AA304-4847-46F6-B321-E2EAEEF105F3} -
\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {D2ECF740-5D13-47A4-BFE1-5F52B0E9DC8A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
CHR Notifications: Default -> hxxps://maranhesduve.club; hxxps://mavicpilots.com; hxxps://p4.maranhesduve.club; hxxps://uploaded.downloads-now.net; hxxps://ww1.ouo.today; hxxps://www.dontpayfull.com; hxxps://www.facebook.com
S3 cpuz143; \??\C:\Users\Joe\AppData\Local\Temp\cpuz143\cpuz143_x64.sys [X] <==== ATTENTION
S3 GPCIDrv; \??\C:\Users\Joe\AppData\Local\Temp\7zS9EC5.tmp\N2080_FW_Upgrade_Tool_V003\GPCIDrv64.sys [X] <==== ATTENTION
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers3:
[{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
Emptytemp:
 
*****************
 
Restore point was successfully created.
C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verizon Wireless Software Utility Application for Android - Samsung.lnk => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{06BF2F65-A57D-446A-BE33-E00316AFA8AA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{06BF2F65-A57D-446A-BE33-E00316AFA8AA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{19BA2E70-BEDA-4F58-8C63-523DB41B081B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{19BA2E70-BEDA-4F58-8C63-523DB41B081B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{466A398C-3FFE-40DA-ABC0-9F74FF61E0E1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{466A398C-3FFE-40DA-ABC0-9F74FF61E0E1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5E3A9C51-92EC-4674-A3DB-37A75B3E89F8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5E3A9C51-92EC-4674-A3DB-37A75B3E89F8}" => removed successfully
No File <==== ATTENTION => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{72D65463-6AB4-4857-8594-653CEB1E4ECD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72D65463-6AB4-4857-8594-653CEB1E4ECD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7AE0ADB3-D2B9-4522-9CBF-DAB4B33AFE5C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7AE0ADB3-D2B9-4522-9CBF-DAB4B33AFE5C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7AF21016-5FDA-4CAE-9A6C-DE0D29540F73}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7AF21016-5FDA-4CAE-9A6C-DE0D29540F73}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7EDAED79-6346-4905-A88A-5DB3AF8DCF00}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7EDAED79-6346-4905-A88A-5DB3AF8DCF00}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Nero 2015 Platinum Update" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9334386B-D207-45A4-A30F-A3E9C84EB05D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9334386B-D207-45A4-A30F-A3E9C84EB05D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9A4A41E9-7C37-4D05-B539-0507FFFAAB33}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A4A41E9-7C37-4D05-B539-0507FFFAAB33}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AA13BBCD-E934-4608-8F20-C5803BAB02A5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA13BBCD-E934-4608-8F20-C5803BAB02A5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\Task: {C90AA304-4847-46F6-B321-E2EAEEF105F3} -" => not found
\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D2ECF740-5D13-47A4-BFE1-5F52B0E9DC8A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D2ECF740-5D13-47A4-BFE1-5F52B0E9DC8A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"Chrome Notifications" => removed successfully
HKLM\System\CurrentControlSet\Services\cpuz143 => removed successfully
cpuz143 => service removed successfully
HKLM\System\CurrentControlSet\Services\GPCIDrv => removed successfully
GPCIDrv => service removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\ContextMenuHandlers3: => not found
[{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File => Error: No automatic fix found for this entry.
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 53462664 B
Java, Flash, Steam htmlcache => 564 B
Windows/system/drivers => 3073221 B
Edge => 3295521 B
Chrome => 514215314 B
Firefox => 7583265 B
Opera => 180461 B
 
Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 10552 B
NetworkService => 10552 B
Joe => 56900611 B
 
RecycleBin => 3017427246 B
EmptyTemp: => 3.4 GB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 18:48:14 ====

  • 0

#6
iMacg3

iMacg3

    GeekU Mod

  • GeekU Moderator
  • 954 posts
Hi roachklip,

---------------------------------------------------
ESET Online Scanner

Download ESET Online Scanner and save it to your desktop.
  • Right-click on esetonlinescanner_enu.exe and select Run as Administrator.
  • When the tool opens, click Get Started.
  • Read and accept the license agreement.
  • At the Welcome to ESET Online Scanner window, click Get Started.
  • Select whether you would like to send anonymous data to ESET.
  • Note: if you see the "Welcome Back to ESET Online Scanner" screen, click Computer Scan > Full Scan.
  • Click on the Full Scan option.
  • Select Enable ESET to detect and remove potentially unwanted applications, then click Start scan.
  • ESET will now begin scanning your computer. This may take some time.
  • When the scan is finished and if threats have been detected, select Save scan log. Save it to your desktop as eset.txt. Click on Continue.
  • ESET Online Scanner may ask if you'd like to turn on the Periodic Scan feature. Click on Continue.
  • On the next screen, you can leave feedback about the program if you wish. Check the box for Delete application data on closing. If you left feedback, click Submit and continue. If not, Close without feedback.
  • Open the scan log on your desktop (eset.txt) and copy and paste its contents into your next reply.
---------------------------------------------------

In your next reply, please include:
  • eset.txt
  • Let me know if the issue persists

  • 0

#7
roachklip

roachklip

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
Machine running nicely!
 
Thank you.  : )
 
 
 
 
 
 
 
 
 
 
11/10/2019 1:44:47 AM
Files scanned: 869672
Infected files: 34
Cleaned threats: 34
Total scan time 11:28:02
Scan status: Finished
 
 
C:\Downloads\microsoft office 2016 professional plus 16 0 4229 1002 preview 32 64 bit ratiborus 2 8 activator appzdam\KMSAuto Lite Portable TEST4\KMSAuto.exe a variant of Win32/HackKMS.Q potentially unsafe application cleaned by deleting
C:\Downloads\Microsoft Office Professional 2016 v16.0.4498.1000 - CrackzSoft\x64\Activator.exe a variant of MSIL/HackKMS.I potentially unsafe application cleaned by deleting
C:\Downloads\Microsoft Office Professional 2016 v16.0.4498.1000 - CrackzSoft\x86\Activator.exe a variant of MSIL/HackKMS.I potentially unsafe application cleaned by deleting
C:\Program Files (x86)\IObit\IObit Uninstaller\Feedback.exe a variant of Win32/IObit.AF potentially unwanted application cleaned by deleting
C:\Program Files (x86)\IObit\IObit Uninstaller\IObitDownloader.exe a variant of Win32/IObit.AD potentially unwanted application cleaned by deleting
C:\Program Files (x86)\IObit\IObit Uninstaller\IU9.0.2.38_patch.exe a variant of Win32/IObit.AD potentially unwanted application,a variant of Win32/IObit.AF potentially unwanted application cleaned by deleting
C:\Program Files (x86)\IObit\IObit Uninstaller\iush.exe a variant of Win32/IObit.AD potentially unwanted application cleaned by deleting
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallPromote.exe a variant of Win32/IObit.AD potentially unwanted application cleaned by deleting
C:\Users\Joe\Desktop\Junk\Mapped Routes\Microsoft Toolkit.exe a variant of MSIL/HackKMS.G potentially unsafe application cleaned by deleting
C:\Users\Joe\Desktop\spsetup132.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
C:\Users\Joe\Documents\MEGAsync Downloads\ccsetup547pro.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
C:\Users\Joe\Documents\ccsetup548.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
C:\Users\Joe\Downloads\ccsetup419.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
C:\Windows\SysWOW64\ActionCenterForms.dll a variant of Win32/Auslogics.X potentially unwanted application cleaned by deleting
E:\New Folder\September 2010 Latest Android Content\Applications\Spy Phone (1.0.17).apk Android/Monitor.SpyPhone.P potentially unwanted application cleaned by deleting
E:\New Folder\ccsetup309.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application cleaned by deleting
E:\New Folder\ccsetup314.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application cleaned by deleting
E:\New Folder\ccsetup315.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application cleaned by deleting
E:\New Folder\ccsetup316.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application cleaned by deleting
E:\New Folder\ccsetup317(1).exe Win32/Bundled.Toolbar.Google.E potentially unsafe application cleaned by deleting
E:\New Folder\ccsetup317.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application cleaned by deleting
E:\New Folder\ccsetup318.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application cleaned by deleting
E:\New Folder\ccsetup319.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application cleaned by deleting
E:\New Folder\ccsetup320.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application cleaned by deleting
E:\SoftWarez\PCTools.Registry.Mechanic.v8.0.0.900.Incl.Keymaker-ROGUE\rminstall.exe Win32/RegistryMechanic.B potentially unwanted application,Win32/Bundled.Toolbar.Google.G potentially unsafe application cleaned by deleting
E:\SoftWarez\Sony Vegas Pro 13.0 Build 453 (x64) Multilingual\Keygen.exe a variant of Win32/Keygen.HU potentially unsafe application cleaned by deleting
E:\SoftWarez\Microsoft Toolkit.exe a variant of MSIL/HackKMS.G potentially unsafe application cleaned by deleting
E:\Vital Apps\Microsoft Toolkit 2.4.9.exe a variant of MSIL/HackKMS.G potentially unsafe application cleaned by deleting
E:\wd_windows_tools\Google\Toolbar\W2KXP\GoogleToolbarInstaller_WDIB_de_signed.exe Win32/Bundled.Toolbar.Google.G potentially unsafe application cleaned by deleting
E:\wd_windows_tools\Google\Toolbar\W2KXP\GoogleToolbarInstaller_WDIB_en_signed.exe Win32/Bundled.Toolbar.Google.G potentially unsafe application cleaned by deleting
E:\wd_windows_tools\Google\Toolbar\W2KXP\GoogleToolbarInstaller_WDIB_es_signed.exe Win32/Bundled.Toolbar.Google.G potentially unsafe application cleaned by deleting
E:\wd_windows_tools\Google\Toolbar\W2KXP\GoogleToolbarInstaller_WDIB_fr_signed.exe Win32/Bundled.Toolbar.Google.G potentially unsafe application cleaned by deleting
E:\wd_windows_tools\Google\Toolbar\W2KXP\GoogleToolbarInstaller_WDIB_it_signed.exe Win32/Bundled.Toolbar.Google.G potentially unsafe application cleaned by deleting
E:\wd_windows_tools\Google\Toolbar\W2KXP\GoogleToolbarInstaller_WDIB_zh-cn_signed.exe Win32/Bundled.Toolbar.Google.G potentially unsafe application cleaned by deleting

  • 0

#8
iMacg3

iMacg3

    GeekU Mod

  • GeekU Moderator
  • 954 posts
Hi roachklip,

Excellent. :thumbsup:

Please run the following scan with Emsisoft Emergency Kit:

---------------------------------------------------
Emsisoft Emergency Kit

Download Emsisoft Emergency Kit and save it to your desktop. Double click on the EmsisoftEmergencyKit file you downloaded to extract its contents and create a shortcut on the desktop. Leave all settings as they are and click the Extract button at the bottom. A folder named EEK will be created in the root of the drive (usually c:\).
  • After extraction please double-click on the new Start Emsisoft Emergency Kit icon on your desktop.
  • The first time you launch it, Emsisoft Emergency Kit will recommend that you allow it to download updates. Please click Yes so that it downloads the latest database updates.
  • When update is complete, click Malware Scan. When asked if you want the scanner to scan for Potentially Unwanted Programs, click Yes. Emsisoft Emergency Kit will start scanning.
  • When the scan is completed click Quarantine selected objects. Note, this option is only available if malicious objects were detected during the scan.
  • When the threats have been quarantined, click the View report button in the lower-right corner, and the scan log will be opened in Notepad.
  • Please save the log in Notepad on your desktop and post the contents in your next reply.
  • When you close Emsisoft Emergency Kit, it will give you an option to sign up for a newsletter. This is optional, and is not necessary for the malware removal process.
---------------------------------------------------

In your next reply, please include:
  • Emsisoft Emergency Kit log

  • 0

#9
roachklip

roachklip

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts

Hello.

 

That one object that it found is a hack program i used a while ago but is harmless.

 

I let it quarantine it anyway.

 

Computer is humming along very nicely!

 

Thank you!

 

 

 

 

 Emsisoft Emergency Kit - Version 2019.10

Last update: 11/12/2019 9:22:32 AM
User account: LivingRoom1\Joe
Computer name: LIVINGROOM1
OS version: Windows 10x64 
 
Scan settings:
 
Scan type: Malware Scan
Objects: Rootkits, Memory, Traces, Files
 
Detect PUPs: On
Scan archives: Off
Scan mail archives: Off
ADS Scan: On
File extension filter: Off
Direct disk access: Off
 
Scan start: 11/12/2019 9:25:48 AM
C:\Users\Joe\Desktop\Junk\Eset6Hactvator\SafeMode.exe detected: Trojan.GenericKD.30977367 (B) [krnl.xmd]
 
Scanned 115553
Found 1
 
Scan end: 11/12/2019 9:50:30 AM
Scan time: 0:24:42
 
C:\Users\Joe\Desktop\Junk\Eset6Hactvator\SafeMode.exe Trojan.GenericKD.30977367 (B)
 
Quarantined 1

  • 0

#10
iMacg3

iMacg3

    GeekU Mod

  • GeekU Moderator
  • 954 posts
Hi roachklip,

If all is well:

The following will remove the tools we used as well as reset system restore points:

---------------------------------------------------
KpRm

Download KpRm by kernel-panik and save it to your desktop.
  • Right-click kprm_(version).exe and select Run as Administrator.
  • When the tool opens, ensure all boxes are checked, and select Run.
  • Once complete, click OK.
  • A log will open in Notepad titled kprm-(date).txt.
  • Please copy and paste its contents in your next reply.
----------------------------------------------------
Some tips to keep your computer safe on the Internet

Make sure to use strong passwords. There are password managers (for example, Bitwarden) that can help you use secure passwords, and keep track of them.

How to create a strong password
----------------------------------------------------
Keeping software up-to-date is important as well. Programs such as UCheck, Heimdal Free, or PatchMyPC can help keep software on your computer up-to-date.

To keep your operating system up-to-date, make sure that Windows Update is enabled on your computer.
----------------------------------------------------
I recommend backing up your PC regularly. There are several ways to back up your computer, such as using a cloud-based service online, external hard drive, or CD/DVD.

The following articles have more information about methods to back up your computer:

What's the Best Way to Back Up My Computer?

5 Ways to Back up Your Data
----------------------------------------------------
Here are some articles about how to keep your computer safe on the Internet -

Simple and easy ways to keep your computer safe and secure on the Internet - by Lawrence Abrams

Answers to common security questions - Best Practices - by quietman7

COMPUTER SECURITY - a short guide to staying safer online - Malware Removal

PC Safety and Security - What Do I Need? - Tech Support Forum
----------------------------------------------------

Safe surfing :)
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP