Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Something wiped out everything on my computer (programs, files, folder


  • Please log in to reply

#1
mewsick75

mewsick75

    Member

  • Member
  • PipPipPip
  • 292 posts

Hello,

 

I have a Dell desktop with Windows 10 Pro x64

 

I was working on my computer and all of a sudden several icons disappeared off the desktop and then several more and then all except the trash can and the This PC.

I restarted the computer and when I logged into the desktop nothing was there except those two icons.

I tried to go to Google Chrome and that was gone, so was IE and Edge.  My icons that were pinned to the task bar turned to white paper icons.

Everything in my Documents, Downloads, etc were gone and all my programs disappeared out of the start - programs menu (Office, Plex, Adobe, etc...)

I also can not get to Control Panel, Device Manager, etc..  The entire right-click start menu is gone.

 

I think this is a virus but I don't know for sure.

Any help would be great.

 

I ran FRST and will post the logs.

 

Thanks

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-06-2021
Ran by Ryno Family (administrator) on RYNO01 (Dell Inc. XPS 8700) (11-06-2021 11:11:31)
Running from C:\Users\Ryno Family\Desktop
Loaded Profiles: Ryno Family
Platform: Windows 10 Pro Version 2004 19041.1052 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2>
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <3>
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems, Incorporated -> ) D:\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\123.4.4832\QtWebEngineProcess.exe <3>
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ecb9604542bb4ba6\RstMwService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Ryno Family\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\NisSrv.exe
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Plex, Inc. -> ) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe
(Plex, Inc. -> ) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe <11>
(Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio) C:\Program Files\PDFsam Enhanced 6\updater-ws.exe
(SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio) C:\Program Files\PDFsam Enhanced 6\ws.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe <6>
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8504064 2015-06-26] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-26] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-01-30] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [8172320 2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [779448 2021-05-13] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5296352 2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-02-08] (Adobe Inc. -> )
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [710264 2020-06-18] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1434938535-2261300646-1492766918-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Ryno Family\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated"
HKU\S-1-5-21-1434938535-2261300646-1492766918-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [680776 2021-06-10] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1434938535-2261300646-1492766918-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5549280 2021-05-28] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1434938535-2261300646-1492766918-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [20215464 2021-06-04] (Plex, Inc. -> Plex, Inc.)
HKU\S-1-5-21-1434938535-2261300646-1492766918-1001\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe [2763952 2021-05-13] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-21-1434938535-2261300646-1492766918-1001\...\MountPoints2: {0ae999d1-3150-11e8-904c-806e6f6e6963} - "M:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-18\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [20215464 2021-06-04] (Plex, Inc. -> Plex, Inc.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65160 2021-05-28] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\PDFsam Enhanced 6 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\pdfsam enhanced_pdfpmon_v.4.12.26.3.dll [932984 2020-01-18] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.101\Installer\chrmstp.exe [2021-06-09] (Google LLC -> Google LLC)
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {00407A8C-0092-4858-8F3E-EA1F27B35FA9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764968 2021-05-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {2450BFBF-993C-4395-9161-5D6A4FEE9F60} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694752 2021-02-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {2E1CAC10-148F-42DD-983F-4FD8C7F437E2} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764968 2021-05-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {490D4669-B120-4559-9B47-A645649DF7B3} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-1434938535-2261300646-1492766918-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [24064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {4E4A59F1-C3D5-4C36-886B-7F07B59A35A1} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1283488 2021-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {505A61F3-6BE9-4B67-A0BD-BB4A4995A4D6} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-03-26] (Dropbox, Inc -> Dropbox, Inc.)
Task: {5A437D4B-0ADE-45C0-A4C9-AEB17E689218} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {5C636FAD-3A97-4602-B6E8-CAD2348391B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-26] (Google Inc -> Google Inc.)
Task: {614687FE-7B76-45BC-B194-12576F1B7613} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-26] (Google Inc -> Google Inc.)
Task: {68E85843-F31B-4DD8-BF3A-6A3E9045889B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MpCmdRun.exe [644888 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6D593B7D-4389-40AD-B28B-DE4040C37240} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3914704 2021-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {955856CD-FCE9-47A6-9E9A-4681084E6419} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1434938535-2261300646-1492766918-1001 => C:\Users\Ryno Family\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {A0163128-1992-47C0-AB61-ABD3AF3421D5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118104 2021-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {A1F3A903-6853-426D-A0C6-F8EE6C9A79F9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MpCmdRun.exe [644888 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BBC99E3A-8FA6-4BDA-A737-DB44DE310331} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {D2FED5FE-7860-4A8D-98DF-348C71242C6B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3914704 2021-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {DB79165D-15CA-4BB3-A7CD-5A040CA63314} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-03-26] (Dropbox, Inc -> Dropbox, Inc.)
Task: {E4172DE9-04A8-4193-95FE-847C32FF6C95} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MpCmdRun.exe [644888 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F1B4C4F9-C84E-460F-9833-057EE67A4D65} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118104 2021-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {FDD13ED2-C3E7-46DB-B44A-5C856D88CA77} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MpCmdRun.exe [644888 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{16a432c1-c27b-458b-9759-3d1acf09aca7}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a7708d01-ad8f-4d11-913c-0da3a7195aaf}: [DhcpNameServer] 192.168.1.1
 
Edge: 
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
 
FireFox:
========
FF DefaultProfile: jsnru0zb.default
FF ProfilePath: C:\Users\Ryno Family\AppData\Roaming\Mozilla\Firefox\Profiles\jsnru0zb.default [2021-06-11]
FF ProfilePath: C:\Users\Ryno Family\AppData\Roaming\Mozilla\Firefox\Profiles\2pxpm4em.default-release [2021-06-11]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-03-05]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-05-13] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-08-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-08-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-05-13] (Adobe Inc. -> Adobe Systems)
 
Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842424 2021-05-13] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8854928 2021-05-09] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-03-26] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-03-26] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44328 2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [7391408 2021-05-13] (Malwarebytes Inc -> Malwarebytes)
R3 PDFsam Enhanced 6; C:\Program Files\PDFsam Enhanced 6\ws.exe [2464464 2019-10-23] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
S3 PDFsam Enhanced 6 Creator; C:\Program Files\PDFsam Enhanced 6\creator\common\creator-ws.exe [577232 2019-10-23] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
R2 PDFsam Enhanced 6 Update Service; C:\Program Files\PDFsam Enhanced 6\updater-ws.exe [1716944 2019-10-23] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [550568 2021-06-04] (Plex, Inc. -> Plex, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5393304 2021-06-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11795800 2019-04-15] (TeamViewer GmbH -> TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\NisSrv.exe [2644760 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MsMpEng.exe [136656 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-05-13] (Malwarebytes Inc -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-06-11] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-05-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-06-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-06-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-05-13] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156880 2021-06-11] (Malwarebytes Inc -> Malwarebytes)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425208 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76008 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-06-11 11:11 - 2021-06-11 11:12 - 000024350 _____ C:\Users\Ryno Family\Desktop\FRST.txt
2021-06-11 11:11 - 2021-06-11 11:11 - 000000000 ____D C:\Users\Ryno Family\Desktop\FRST-OlderVersion
2021-06-11 11:11 - 2021-06-11 11:11 - 000000000 ____D C:\FRST
2021-06-11 11:10 - 2021-06-11 11:11 - 002300416 _____ (Farbar) C:\Users\Ryno Family\Desktop\FRST64.exe
2021-06-11 10:58 - 2021-06-11 10:58 - 000000000 ____D C:\Users\Ryno Family\AppData\Roaming\Sun
2021-06-11 10:58 - 2021-06-11 10:58 - 000000000 ____D C:\Users\Ryno Family\AppData\LocalLow\Sun
2021-06-11 10:55 - 2021-06-11 10:55 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-06-11 10:55 - 2021-06-11 10:55 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-06-11 10:55 - 2021-06-11 10:55 - 000156880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-06-11 10:55 - 2021-06-11 10:55 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-06-11 10:55 - 2021-06-11 10:55 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-06-11 10:55 - 2021-06-11 10:55 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-06-11 10:55 - 2021-06-11 10:55 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-06-11 10:55 - 2021-06-11 10:55 - 000000000 ____D C:\Users\Ryno Family\AppData\Roaming\Mozilla
2021-06-11 10:55 - 2021-06-11 10:55 - 000000000 ____D C:\Users\Ryno Family\AppData\LocalLow\Mozilla
2021-06-11 10:55 - 2021-06-11 10:55 - 000000000 ____D C:\Users\Ryno Family\AppData\Local\Mozilla
2021-06-11 10:55 - 2021-06-11 10:55 - 000000000 ____D C:\Users\Ryno Family\AppData\Local\mbam
2021-06-11 10:55 - 2021-06-11 10:55 - 000000000 ____D C:\ProgramData\Mozilla
2021-06-11 10:53 - 2021-06-11 10:53 - 000000000 ____D C:\Users\Ryno Family\AppData\Local\D3DSCache
2021-06-11 10:53 - 2021-06-11 10:53 - 000000000 ____D C:\Users\Ryno Family\AppData\Local\CEF
2021-06-11 10:53 - 2021-06-11 10:53 - 000000000 ____D C:\ProgramData\Apple
2021-06-11 10:52 - 2021-06-11 10:52 - 000000020 ___SH C:\Users\Ryno Family\ntuser.ini
2021-06-11 10:52 - 2021-06-11 10:52 - 000000000 ____D C:\Users\Ryno Family\AppData\Roaming\PDFsam Enhanced 6
2021-06-11 10:52 - 2021-06-11 10:52 - 000000000 ____D C:\Users\Ryno Family\AppData\Local\MicrosoftEdge
2021-06-11 10:50 - 2021-06-11 10:54 - 000000000 ____D C:\Users\Ryno Family\AppData\Local\CrashDumps
2021-06-11 10:50 - 2021-06-11 10:50 - 000000000 ____D C:\Users\Ryno Family\AppData\Local\Publishers
2021-06-11 10:49 - 2021-06-11 10:49 - 000000000 ____D C:\Users\Ryno Family\AppData\Local\Comms
2021-06-08 17:24 - 2021-06-08 17:24 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-06-08 17:24 - 2021-06-08 17:24 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-06-08 17:24 - 2021-06-08 17:24 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-06-08 17:24 - 2021-06-08 17:24 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-06-08 17:24 - 2021-06-08 17:24 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-06-08 17:24 - 2021-06-08 17:24 - 000011353 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-06-08 17:23 - 2021-06-08 17:23 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-06-08 17:23 - 2021-06-08 17:23 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-06-08 17:23 - 2021-06-08 17:23 - 001823792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-06-08 17:23 - 2021-06-08 17:23 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-06-08 17:23 - 2021-06-08 17:23 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-06-08 17:23 - 2021-06-08 17:23 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-06-08 17:23 - 2021-06-08 17:23 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-06-08 17:23 - 2021-06-08 17:23 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-06-08 17:23 - 2021-06-08 17:23 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-06-08 17:23 - 2021-06-08 17:23 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-06-08 17:23 - 2021-06-08 17:23 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-06-08 17:23 - 2021-06-08 17:23 - 000097280 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-06-08 17:03 - 2021-06-08 17:03 - 000000000 ____D C:\Program Files (x86)\Plex
2021-05-28 01:58 - 2021-05-28 01:58 - 000065160 _____ (Adobe Systems Inc) C:\WINDOWS\system32\AdobePDF.dll
2021-05-28 01:58 - 2021-05-28 01:58 - 000035992 _____ (Adobe Systems Inc.) C:\WINDOWS\system32\AdobePDFUI.dll
2021-05-22 09:52 - 2021-05-22 09:52 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-05-22 09:52 - 2021-05-22 09:52 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-05-22 09:52 - 2021-05-22 09:52 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-05-22 09:52 - 2021-05-22 09:52 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx.sys
2021-05-22 09:52 - 2021-05-22 09:52 - 000044328 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-05-13 12:11 - 2021-05-13 12:11 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-05-13 12:11 - 2021-05-13 12:09 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-05-12 06:01 - 2021-05-12 06:01 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-12 06:01 - 2021-05-12 06:01 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-05-12 06:01 - 2021-05-12 06:01 - 000153600 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2021-05-12 06:00 - 2021-05-12 06:00 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-12 06:00 - 2021-05-12 06:00 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-12 06:00 - 2021-05-12 06:00 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-12 06:00 - 2021-05-12 06:00 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-12 06:00 - 2021-05-12 06:00 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-06-11 11:12 - 2020-04-14 20:29 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-06-11 11:12 - 2020-04-14 20:29 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2021-06-11 11:10 - 2018-03-26 15:51 - 000000000 ____D C:\Users\Ryno Family\AppData\Local\Packages
2021-06-11 11:05 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-11 11:05 - 2018-03-26 20:22 - 000000000 ____D C:\Users\Ryno Family\AppData\LocalLow\Adobe
2021-06-11 11:05 - 2018-03-26 20:20 - 000000000 ____D C:\ProgramData\Adobe
2021-06-11 11:05 - 2018-03-26 15:51 - 000000000 ____D C:\Users\Ryno Family\AppData\Roaming\Adobe
2021-06-11 11:04 - 2018-03-26 20:19 - 000000000 ____D C:\Users\Ryno Family\AppData\Local\Adobe
2021-06-11 11:03 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-11 10:59 - 2020-08-23 11:59 - 000840602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-06-11 10:59 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-11 10:53 - 2020-09-13 20:53 - 000000000 ____D C:\Users\Ryno Family\AppData\Local\Plex Media Server
2021-06-11 10:53 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-11 10:53 - 2018-03-26 20:31 - 000000000 ____D C:\Users\Ryno Family\AppData\Local\Dropbox
2021-06-11 10:53 - 2018-03-26 16:18 - 000000000 ____D C:\Users\Ryno Family\AppData\Roaming\ControlCenter4
2021-06-11 10:53 - 2018-03-26 15:50 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-06-11 10:52 - 2020-08-23 12:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-06-11 10:52 - 2020-08-23 11:56 - 000000000 ____D C:\Users\Ryno Family
2021-06-11 10:52 - 2020-08-23 11:55 - 000008192 ___SH C:\DumpStack.log.tmp
2021-06-11 10:52 - 2019-04-22 16:49 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-06-11 10:52 - 2018-03-26 15:51 - 000000000 ____D C:\Users\Ryno Family\AppData\Local\ConnectedDevicesPlatform
2021-06-11 10:52 - 2018-03-26 15:51 - 000000000 ____D C:\ProgramData\NVIDIA
2021-06-11 10:50 - 2019-12-07 05:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-06-11 10:50 - 2018-03-26 15:53 - 000000000 ___RD C:\Users\Ryno Family\OneDrive
2021-06-11 10:49 - 2020-04-14 20:35 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2021-06-11 10:49 - 2020-03-01 17:33 - 000000000 ____D C:\Program Files (x86)\Quicken
2021-06-11 10:49 - 2019-12-07 05:14 - 000000000 __RHD C:\Users\Public\Libraries
2021-06-11 10:49 - 2018-08-27 22:50 - 000000000 ____D C:\ProgramData\Leawo
2021-06-11 10:49 - 2018-04-15 17:46 - 000000000 ____D C:\Users\Ryno Family\AppData\Roaming\vlc
2021-06-11 10:49 - 2018-03-26 16:16 - 000000000 ____D C:\Brother
2021-06-11 10:49 - 2018-03-26 16:11 - 000000000 ____D C:\ProgramData\Brother
2021-06-11 10:49 - 2018-03-26 15:56 - 000000000 ____D C:\Users\Ryno Family\AppData\Local\Google
2021-06-11 10:49 - 2018-03-26 15:51 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-06-11 10:49 - 2018-03-26 15:51 - 000000000 ___RD C:\Users\Ryno Family\3D Objects
2021-06-11 10:49 - 2018-03-26 15:51 - 000000000 ____D C:\Users\Ryno Family\AppData\Local\VirtualStore
2021-06-11 10:38 - 2020-08-23 11:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-10 15:44 - 2018-10-20 22:54 - 000000000 ____D C:\ProgramData\boost_interprocess
2021-06-10 15:39 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-06-10 15:38 - 2020-08-23 11:55 - 000456312 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-06-10 15:38 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-06-10 15:35 - 2019-12-07 05:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-06-10 15:35 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-06-10 15:35 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-06-10 15:35 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-06-10 15:35 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-06-10 15:35 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-06-10 15:35 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-06-10 15:35 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-06-10 15:35 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-06-10 15:35 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-06-10 15:35 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-06-10 15:35 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-06-10 15:35 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-06-10 15:35 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-06-10 15:35 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-06-10 12:06 - 2020-04-14 20:26 - 000000000 ____D C:\Program Files\Adobe
2021-06-09 12:09 - 2020-04-14 20:26 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-06-08 17:25 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-06-08 17:15 - 2018-03-26 16:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-06-08 17:13 - 2018-03-26 16:25 - 132447432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-06-08 17:03 - 2020-04-14 20:26 - 000000000 ____D C:\ProgramData\Package Cache
2021-06-05 12:32 - 2018-03-26 16:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-06-04 12:09 - 2020-08-23 12:00 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1434938535-2261300646-1492766918-1001
2021-05-26 10:54 - 2018-03-26 20:31 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-05-23 23:20 - 2018-03-26 16:29 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-05-13 12:57 - 2018-03-26 20:21 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-05-13 12:11 - 2019-12-07 05:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-05-13 12:09 - 2019-07-28 11:05 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-05-13 11:43 - 2018-03-26 20:31 - 000000932 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2021-05-13 11:43 - 2018-03-26 20:31 - 000000928 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2021-05-13 11:41 - 2019-12-07 05:51 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-13 11:41 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-13 11:41 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-13 11:41 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-13 11:41 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-13 11:41 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-13 11:41 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-13 11:41 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-13 11:41 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-13 11:41 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-13 11:41 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-12 06:02 - 2019-12-07 05:54 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-06-2021
Ran by Ryno Family (11-06-2021 11:12:53)
Running from C:\Users\Ryno Family\Desktop
Windows 10 Pro Version 2004 19041.1052 (X64) (2020-08-23 16:00:52)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1434938535-2261300646-1492766918-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1434938535-2261300646-1492766918-503 - Limited - Disabled)
Guest (S-1-5-21-1434938535-2261300646-1492766918-501 - Limited - Disabled)
Ryno Family (S-1-5-21-1434938535-2261300646-1492766918-1001 - Administrator - Enabled) => C:\Users\Ryno Family
WDAGUtilityAccount (S-1-5-21-1434938535-2261300646-1492766918-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 21.005.20048 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.005.20048 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.4.5.550 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version:  - Adobe)
Brother MFL-Pro Suite MFC-J870DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.3.0 - Brother Industries, Ltd.)
CDCheck (HKLM-x32\...\CDCheck) (Version:  - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 123.4.4832 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.459.1 - Dropbox, Inc.) Hidden
DVDFab (x64) 10.2.1.7 (10/10/2018) (HKLM-x32\...\DVDFab 10(x64)) (Version: 10.2.1.7 - DVDFab Software Inc.)
DVDFab 12 (x64) (26/02/2021) (HKLM-x32\...\DVDFab 12 (x64)) (Version: 12.0.1.9 - DVDFab Software Inc.)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
Exact Audio Copy 1.3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.3 - Andre Wiethoff)
Express Zip File Compression (HKLM-x32\...\ExpressZip) (Version: 7.23 - NCH Software)
FLAC Frontend (HKLM-x32\...\{315E5E8B-0560-413A-B604-622A4C8BECBD}) (Version: 2.1.1 - Xiph.org)
foobar2000 v1.4 (HKLM-x32\...\foobar2000) (Version: 1.4 - Peter Pawlowski)
FreeRIP MP3 Converter 5.7.0.1 (HKLM-x32\...\{501451DE-5808-4599-B544-8BD0915B6B24}_is1) (Version: 5.7.0.1 - GreenTree Applications SRL)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.101 - Google LLC)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Java 8 Update 261 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180261F0}) (Version: 8.0.2610.12 - Oracle Corporation)
Leawo Blu-ray Player version  1.10.0.1 (HKLM-x32\...\{CF7F52BF-DEE0-44CD-A7E1-AADD5CCECCDD}_is1) (Version: 1.10.0.1 - Leawo Software)
Malwarebytes version 4.4.0.117 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.0.117 - Malwarebytes)
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.13127.21624 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.41 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1434938535-2261300646-1492766918-1001\...\OneDriveSetup.exe) (Version: 21.099.0516.0003 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1434938535-2261300646-1492766918-1001\...\Teams) (Version: 1.3.00.13565 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Mozilla Firefox 86.0 (x64 en-US) (HKLM\...\Mozilla Firefox 86.0 (x64 en-US)) (Version: 86.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 86.0 - Mozilla)
nugster 1.1.232 (HKLM\...\nugster) (Version: 1.1.232 - Nugs, Inc.)
NVIDIA Graphics Driver 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13127.21064 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13127.21064 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13127.21624 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13127.21064 - Microsoft Corporation) Hidden
PDFsam Basic (HKLM\...\{7C663C91-1147-4B5A-872D-A3BC3F7F860B}) (Version: 4.0.5.0 - Sober Lemur S.a.s. di Vacondio Andrea)
PDFsam Enhanced 6 (HKLM-x32\...\PDFsam Enhanced 6) (Version: 6.1.12.1769 - SOBER LEMUR SAS DI VACONDIO ANDREA)
PDFsam Enhanced 6 Asian Fonts Pack (HKLM\...\{AD872FD7-E383-4730-90DD-DBC6085FA707}) (Version: 6.1.14.5050 - Andrea Vacondio) Hidden
PDFsam Enhanced 6 Convert Module (HKLM\...\{97B3B4E7-98E4-496D-978E-7846D01DA279}) (Version: 6.1.14.5050 - Andrea Vacondio) Hidden
PDFsam Enhanced 6 Create Module (HKLM\...\{AB55FD1D-9E1F-4606-8587-B8548C72DB6A}) (Version: 6.1.14.5050 - Andrea Vacondio) Hidden
PDFsam Enhanced 6 Edit Module (HKLM\...\{3EB8F0AB-575B-4EC3-8011-F35E3CA6BA7E}) (Version: 6.1.14.5050 - Andrea Vacondio) Hidden
PDFsam Enhanced 6 Forms Module (HKLM\...\{FD343EE1-C0AB-432E-8777-2F3B5F0C9E1B}) (Version: 6.1.14.5050 - Andrea Vacondio) Hidden
PDFsam Enhanced 6 Insert Module (HKLM\...\{4CEFA15B-4CEF-42C1-833E-E5305F9B4BEA}) (Version: 6.1.14.5050 - Andrea Vacondio) Hidden
PDFsam Enhanced 6 Review Module (HKLM\...\{F96CE21B-3FD4-49CB-AEED-A65702CE4D03}) (Version: 6.1.14.5050 - Andrea Vacondio) Hidden
PDFsam Enhanced 6 Secure Module (HKLM\...\{78B8FA91-2850-465D-8D8F-7DD46EDA98C6}) (Version: 6.1.14.5050 - Andrea Vacondio) Hidden
PDFsam Enhanced 6 View Module (HKLM\...\{4ABC92E5-382F-4E49-AFD8-7BBA142F226A}) (Version: 6.1.14.5050 - Andrea Vacondio) Hidden
PhotoPad Image Editor (HKLM-x32\...\PhotoPad) (Version: 4.00 - NCH Software)
Plex Media Player (HKLM\...\{01668612-849E-47C7-973D-FFB1D7D85007}) (Version: 2.58.0 - Plex) Hidden
Plex Media Player (HKLM-x32\...\{03880fc4-b074-4ddd-a32e-ff00cac16bba}) (Version: 2.58.0 - Plex)
Plex Media Server (HKLM-x32\...\{81269e3b-8a2f-45ea-a6b6-a4cf18249052}) (Version: 1.23.2.4656 - Plex, Inc.)
Plex Media Server (HKLM-x32\...\{9ED1C029-CB76-4054-B264-395BACAC8473}) (Version: 1.23.2656 - Plex, Inc.) Hidden
Quicken (HKLM-x32\...\{62D93E3E-2F8E-42BD-9343-896F4F0031D3}) (Version: 27.1.25.21 - Quicken)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
Smart View (HKLM-x32\...\{1800D8A5-F7B2-4C20-868E-1CF55CBBDF21}) (Version: 1.0.0.0 - Samsung )
Stopping Plex (HKLM-x32\...\{D0094EB9-033F-40EC-ACCB-AD771A20B0BA}) (Version: 1.23.2656 - Plex, Inc.) Hidden
Tau Analyzer (remove only) (HKLM-x32\...\Tau Analyzer) (Version:  - )
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.34161 - Microsoft Corporation)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.2.8352 - TeamViewer)
Trader's Little Helper 2.7.0 (HKLM-x32\...\TradersLittleHelper_is1) (Version: 2.7.0 - Robert Hoffmann)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
World Empire V 5.0.0 (HKLM-x32\...\World Empire V) (Version: 5.0.0 - Viable Software Alternatives)
 
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-04-14] (Adobe Systems Incorporated)
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2020-07-10] (Adobe Systems Incorporated)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa [2021-04-28] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-17] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5310.0_x64__8wekyb3d8bbwe [2021-06-06] (Microsoft Studios) [MS Ad]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-12-09] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0 [2021-06-11] (Spotify AB) [Startup Task]
Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2020-09-03] (Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1434938535-2261300646-1492766918-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Ryno Family\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll => No File
CustomCLSID: HKU\S-1-5-21-1434938535-2261300646-1492766918-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-1434938535-2261300646-1492766918-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> "C:\Users\Ryno Family\AppData\Local\Microsoft\OneDrive\21.099.0516.0003\Microsoft.Nucleus.exe" => No File
CustomCLSID: HKU\S-1-5-21-1434938535-2261300646-1492766918-1001_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> "C:\Users\Ryno Family\AppData\Local\Microsoft\OneDrive\21.099.0516.0003\Microsoft.Nucleus.exe" => No File
CustomCLSID: HKU\S-1-5-21-1434938535-2261300646-1492766918-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Ryno Family\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll => No File
CustomCLSID: HKU\S-1-5-21-1434938535-2261300646-1492766918-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => D:\Ryno Family\Dropbox [2018-03-26 20:33]
CustomCLSID: HKU\S-1-5-21-1434938535-2261300646-1492766918-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-10] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-10] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-10] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-10] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [ExpressZip] -> {8EEA165E-0B8B-4BA7-9796-50214C767171} => C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll [2020-09-06] () [File not signed]
ContextMenuHandlers1: [PDFsamEnhanced6_ManagerExt] -> {7631D455-88D9-4774-83C6-D6A2B78182BF} => C:\Program Files\PDFsam Enhanced 6\context-menu.dll [2019-10-23] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-10] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [ExpressZip] -> {8EEA165E-0B8B-4BA7-9796-50214C767171} => C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll [2020-09-06] () [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
==================== Loaded Modules (Whitelisted) =============
 
2021-06-08 17:03 - 2021-06-08 17:03 - 000325632 _____ () [File not signed] \\?\C:\Users\Ryno Family\AppData\Local\Plex Media Server\Codecs\fa235d6-3858-windows-x86\ac3_decoder.dll
2021-06-08 17:03 - 2021-06-08 17:03 - 000462848 _____ () [File not signed] \\?\C:\Users\Ryno Family\AppData\Local\Plex Media Server\Codecs\fa235d6-3858-windows-x86\dca_decoder.dll
2021-06-08 17:03 - 2021-06-08 17:03 - 001831936 _____ () [File not signed] \\?\C:\Users\Ryno Family\AppData\Local\Plex Media Server\Codecs\fa235d6-3858-windows-x86\h264_decoder.dll
2021-06-08 17:03 - 2021-06-08 17:03 - 002375680 _____ () [File not signed] \\?\C:\Users\Ryno Family\AppData\Local\Plex Media Server\Codecs\fa235d6-3858-windows-x86\libx264_encoder.dll
2021-06-08 17:03 - 2021-06-08 17:04 - 000531456 _____ () [File not signed] \\?\C:\Users\Ryno Family\AppData\Local\Plex Media Server\Codecs\fa235d6-3858-windows-x86\mpeg2video_decoder.dll
2021-06-08 17:04 - 2021-06-08 17:04 - 001068032 _____ () [File not signed] \\?\C:\Users\Ryno Family\AppData\Local\Plex Media Server\Codecs\fa235d6-3858-windows-x86\vc1_decoder.dll
2018-03-26 16:16 - 2009-02-27 16:38 - 000139264 ____R () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2020-09-06 11:50 - 2020-09-06 11:50 - 000105984 _____ () [File not signed] C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll
2018-03-26 16:16 - 2005-04-22 00:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2018-03-26 16:16 - 2012-07-13 13:09 - 000385024 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll
2018-03-26 16:16 - 2010-09-29 17:07 - 000180224 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BroSNMP.dll
2018-03-26 16:16 - 2011-02-28 11:32 - 000208896 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrFirmUpdateCheck.dll
2018-03-26 16:16 - 2012-11-29 19:04 - 002040832 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2018-03-26 16:16 - 2013-01-30 15:17 - 000137728 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2018-03-26 16:16 - 2012-12-21 12:31 - 000078848 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2018-03-26 16:16 - 2012-12-21 12:31 - 017666560 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2018-03-26 16:16 - 2013-01-18 14:31 - 000074240 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcLUsa.dll
2018-03-26 16:16 - 2012-10-19 08:02 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2018-12-10 11:29 - 2018-12-10 11:29 - 000438272 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Program Files\PDFsam Enhanced 6\libcurl.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: PDFsam Enhanced 6 Helper -> {861A3991-1B45-4F34-96B4-CE30DD4AB339} -> C:\Program Files\PDFsam Enhanced 6\creator\plugins\IEAddin\creator-ie-helper.dll [2019-10-23] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\ssv.dll [2020-08-25] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: PDFsam Enhanced 6 Helper -> {861A3991-1B45-4F34-96B4-CE30DD4AB339} -> C:\Program Files (x86)\PDFsam Enhanced 6\creator\plugins\IEAddin\creator-ie-helper.dll [2019-10-23] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-08-25] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - PDFsam Enhanced 6 Toolbar - {6F5E9294-F682-4F06-8DA6-CA13DF1D8B17} - C:\Program Files\PDFsam Enhanced 6\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-10-23] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - PDFsam Enhanced 6 Toolbar - {6F5E9294-F682-4F06-8DA6-CA13DF1D8B17} - C:\Program Files (x86)\PDFsam Enhanced 6\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-10-23] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2017-09-29 09:46 - 2017-09-29 09:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1434938535-2261300646-1492766918-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKU\S-1-5-21-1434938535-2261300646-1492766918-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{3D5A0B9F-3461-4E78-A012-08FC474D0B86}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DB66C98C-2003-4459-A42C-7E8035D1D2F7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{638C2585-A643-4370-A982-8B136E51FE45}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6FC89B3A-AA3E-4C9D-A935-540559F2F075}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F8113BA3-1FA3-407D-BA81-61D049688846}] => (Allow) LPort=35699
FirewallRules: [{C0869AEF-C43E-4752-929D-DB0C00377A22}] => (Allow) LPort=54925
FirewallRules: [{780FD78E-ECA4-41EE-8B69-1B255775F727}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{69AC50ED-2155-4F24-B04C-B3398E302C1E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{43D5A660-1496-41D5-B56E-0082DAE77F30}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{A2F5E079-D810-42EA-B4C7-A1CCCF4D3A0E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{70AA112E-8EB7-4230-86DA-4611CB78E938}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{2031DCD4-26E4-46A8-B65E-746BA78AF1B1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{50C0FB54-2832-4316-B2D8-43637C2564EF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{5CA98F27-FE59-4847-9518-7B09BA27C582}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{03E8B8F1-0FC8-476D-9071-BAF8D98586BE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe => No File
FirewallRules: [{9CFA6316-36D5-4EBD-B0FD-057107AA8716}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe => No File
FirewallRules: [{15026752-DFDA-46BA-87F2-7E42A6B76A53}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{609FBBFD-66B4-43D7-95CE-A381ABD05884}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{CAD5ACB4-2571-4CA2-A76E-D831552E785F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{6A8803F9-A5EC-47D9-9813-AEE0669A5248}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{346657F0-3CB7-42BC-98CA-FB93D048D697}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{05F52CE3-4413-4C0C-8C5F-BCBE4B538B37}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{8CD04F5C-A91F-4FBF-8A62-ABE9C728ACA8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{75AC8766-6798-4B80-8B50-7FA9E3351057}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{F684ECCD-DA3C-4097-B436-FD381A8D612F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe => No File
FirewallRules: [{A45FAC8F-E58B-4743-A592-609716590BE4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe => No File
FirewallRules: [{DC04D83C-FAFD-4FF7-A925-99D247C66EF9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.257.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{1D2101B0-C6BE-4B6A-9970-D5B5BC5154C5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.257.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{CD263754-8EF8-4D25-A151-315EB66CF878}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.257.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{283D8FE7-0EB0-475A-98A4-1FE10C42E511}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.257.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{1029E18D-BE24-4357-B7F5-7DE0907E95BC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.257.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{8154C6D8-91F7-4B3F-8261-EA295CD54EF6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.257.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{9A53E8A0-DDF1-4775-818E-FCF38AF9E35B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.257.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{BAC78ABF-DF82-485D-B028-98D2309F4887}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.257.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{A61B47DA-83E5-4EC5-87D7-BFE30B5FF784}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.257.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe => No File
FirewallRules: [{31097A92-B169-448F-A59D-F8EA8023A851}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.257.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe => No File
FirewallRules: [TCP Query User{B7E515A1-0ABD-4292-8AFF-E98F216FF604}C:\program files\dvdfab 10\dvdfab64.exe] => (Allow) C:\program files\dvdfab 10\dvdfab64.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [UDP Query User{FF01B863-4F9A-47EC-AFBE-30675ED06D97}C:\program files\dvdfab 10\dvdfab64.exe] => (Allow) C:\program files\dvdfab 10\dvdfab64.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [TCP Query User{CCA9966C-73AC-4A77-A04E-C500FA779C09}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{4F256C47-78A3-4461-958F-938B76F9077E}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{6633C230-268F-4A23-99DF-073C39341812}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{CBC105B1-A63C-4594-93BA-68AA4EC181DB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{CC817D28-70AF-4804-94D6-6EE49E680B7C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{046DA1AC-979C-40DF-8859-CF031F9040D7}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{BC935A2B-E27A-47D7-9043-17E644AD0525}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{ED5465B7-734A-4B69-AD0C-E3C1B1FB8AEC}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{3C5000C0-D14A-48A3-BB42-FB76B8E35406}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{209A77FD-7E56-415C-A20A-C3B7021B5216}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{FE27EA1B-7760-4A0C-B89E-3604C76B98F6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{E662E495-8C1D-459B-8B40-4FAA5B2B597B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{AD67B3CA-D547-494D-9804-DB54E06505D3}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{D0A04D9B-4811-4EDF-BB7E-30D998E8C34F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{0FB91C9F-7995-4B8F-9653-6DF8DDCF9070}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{BE94356D-FA57-4E1A-B1B5-5774424EE1AA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{F748B1B9-2391-4B73-B9B1-427DDA8FE586}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{10F863C0-DED2-4309-B361-3D1EA6C88A85}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{E77937E4-1245-4A7A-93C0-BF117B55E6D4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{38E97234-1E4D-487F-A5C4-6240DEA41A4D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{F767CA29-6438-4911-A621-B29AA258F3C4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{C6BF7CC5-208A-4A6E-99E2-193322050CFB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{09C9B7DF-546B-4EE6-8432-499237721E39}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{70267104-F3F8-400A-9453-4C35DFF790FF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{05A756A0-842D-456B-8ABB-1CA102CF747B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{C4488363-4264-4BC7-8F7C-2BDEC84356E5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{1F4706EA-1751-4E5A-8393-C35BFB5E3BFE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{FB8B2C94-5932-4243-8025-DB5C251311FD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{4EE7D0AA-4169-4137-ACE8-24977AA23D99}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{E925D618-7AB7-4B6A-A5C0-ED5D6DEDBCA2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [TCP Query User{BA678A2C-71CF-4872-BCC3-BF1B580D3E17}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe () [File not signed]
FirewallRules: [UDP Query User{81324C97-7702-4E43-8C1B-508099029F2F}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe () [File not signed]
FirewallRules: [TCP Query User{5969DA88-EA32-409E-84B6-BE53924A5CA7}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{C590B2A6-9C08-40DA-9144-6B64D34CE058}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{06448731-1A80-42C4-98D1-F4DFA91ADA4E}] => (Allow) C:\Program Files\Plex\Plex Media Player\PlexMediaPlayer.exe (Plex, Inc. -> )
FirewallRules: [{79E073FD-5030-4A83-A6EF-242532AF1C81}] => (Allow) C:\Program Files\Plex\Plex Media Player\PMPHelper.exe () [File not signed]
FirewallRules: [{3AF434B1-E0D9-4333-8F08-95A7FCA5226D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{E5D20086-B1BB-496F-8715-A621E9F797B7}C:\program files\dvdfab\dvdfab 12\dvdfab64.exe] => (Allow) C:\program files\dvdfab\dvdfab 12\dvdfab64.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [UDP Query User{E82F3F6C-6CBC-4865-8543-286E35105794}C:\program files\dvdfab\dvdfab 12\dvdfab64.exe] => (Allow) C:\program files\dvdfab\dvdfab 12\dvdfab64.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [{679779A8-710E-42DA-B04E-326D51A677E9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1193D513-742C-45F6-BB8E-9A53AC30FFAC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{607DD052-151E-4AE7-8FD8-E81532201966}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{79C516E2-56A2-4F6B-8AD1-AFCE59A56192}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AB325EFB-41B9-431A-8D18-B79078A9C174}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C41E49A6-9D69-42C5-9595-ACA4D495DEE9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{07EAE164-F4E9-457F-9475-E866AF52118E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8BC5A06E-07F6-4E60-A8B6-C510AFC55FA8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{71746ED0-9D87-4DB6-9564-C2147A999AA1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4B46F91D-F1C9-419D-9EA1-DAB43A5B287D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{21B50BEF-F005-450D-95E0-5C7EE0710B4C}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{642E2F07-C0C4-4F73-9377-B795D5071028}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [{59438C81-4468-41F7-BF1F-90A771064351}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Plex, Inc. -> )
FirewallRules: [{A02D242F-C771-4EA7-953B-3CFE8CF4B858}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [{F4B2D602-1AEE-4E93-87CD-4530591B4DCB}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe (Plex, Inc. -> )
FirewallRules: [{8D9628AC-3B2A-4F49-91E7-22C2A24955C8}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Game Transcoder\Plex Game Transcoder.exe (Plex, Inc. -> )
FirewallRules: [{AC16F231-CE08-4861-9E38-EAC482A0161A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{BCDB8C5C-696B-49AF-9527-0BA7C0F52724}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{00D001BE-0D7C-43EC-B91D-A6E84254077B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A37A1AEE-65C6-4572-968F-9005A20896E4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7D310921-2AA7-4D55-8CE9-B7133CFE2AF1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{700B3F27-AF99-4611-B620-41D6B18D84FA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C71A69D6-4817-4F8D-B263-FB8C48017FA6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{65B96074-1CE5-41C8-976A-C94EF79652B1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8E698197-8D8F-4A4E-BB33-FE2EE4F5FA97}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0A7258B5-038D-4C6D-89A0-E63AD8F83615}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{680A412F-FD05-4646-8FEE-42C869DD073B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E0F8A2A4-9B24-47CD-9266-B780ECE747BA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{534E39B4-F680-4BBD-9442-F00A1D53AF4C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
 
==================== Restore Points =========================
 
25-05-2021 12:54:33 Scheduled Checkpoint
03-06-2021 13:15:33 Scheduled Checkpoint
08-06-2021 17:02:03 Plex Media Server
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (06/11/2021 10:58:24 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 13) (User: RYNO01)
Description: C:\Users\Ryno Family\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\TempStateMicrosoft.Windows.ShellExperienceHost_cw5n1h2txyewy-2147024894
 
Error: (06/11/2021 10:55:02 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: RYNO01)
Description: Microsoft.ZuneVideo_8wekyb3d8bbwe-2147024893
 
Error: (06/11/2021 10:55:02 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: RYNO01)
Description: Microsoft.ZuneVideo_8wekyb3d8bbwe-2147024893
 
Error: (06/11/2021 10:55:02 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: RYNO01)
Description: Microsoft.ZuneVideo_8wekyb3d8bbwe-2147024893
 
Error: (06/11/2021 10:55:01 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: RYNO01)
Description: Microsoft.ZuneVideo_8wekyb3d8bbwe-2147024893
 
Error: (06/11/2021 10:55:01 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: RYNO01)
Description: Microsoft.ZuneVideo_8wekyb3d8bbwe-2147024893
 
Error: (06/11/2021 10:55:01 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: RYNO01)
Description: Microsoft.ZuneVideo_8wekyb3d8bbwe-2147024893
 
Error: (06/11/2021 10:55:01 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: RYNO01)
Description: Microsoft.ZuneVideo_8wekyb3d8bbwe-2147024893
 
 
System errors:
=============
Error: (06/11/2021 10:50:34 AM) (Source: DCOM) (EventID: 10010) (User: RYNO01)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
 
Error: (06/10/2021 04:32:13 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NCBCSZSJRSB-SpotifyAB.SpotifyMusic.
 
Error: (06/08/2021 05:03:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Plex Update Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (06/04/2021 09:05:43 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: Security Intelligence Update for Microsoft Defender Antivirus - KB2267602 (Version 1.341.24.0).
 
Error: (06/04/2021 02:49:46 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: Security Intelligence Update for Microsoft Defender Antivirus - KB2267602 (Version 1.341.24.0).
 
Error: (05/16/2021 10:08:48 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Plex Update Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (05/13/2021 12:09:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Malwarebytes Service service failed to start due to the following error: 
Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Error: (05/06/2021 08:37:02 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: Security Intelligence Update for Microsoft Defender Antivirus - KB2267602 (Version 1.339.26.0).
 
 
Windows Defender:
================
Date: 2021-06-10 14:06:17
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-06-09 13:40:07
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-06-08 12:58:01
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-06-07 16:20:19
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-06-04 13:04:33
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-06-04 09:05:40
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.341.24.0
Previous security intelligence Version: 1.339.1957.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.18200.4
Previous Engine Version: 1.1.18100.6
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 
 
Date: 2021-06-04 09:05:40
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.341.24.0
Previous security intelligence Version: 1.339.1957.0
Update Source: User
Security intelligence Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.18200.4
Previous Engine Version: 1.1.18100.6
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 
 
Date: 2021-06-04 09:05:40
Description: 
Microsoft Defender Antivirus has encountered an error trying to update the engine.
New Engine Version: 1.1.18200.4
Previous Engine Version: 1.1.18100.6
Error Code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 
 
Date: 2021-06-04 02:49:45
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.341.24.0
Previous security intelligence Version: 1.339.1957.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.18200.4
Previous Engine Version: 1.1.18100.6
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 
 
Date: 2021-06-04 02:49:45
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.341.24.0
Previous security intelligence Version: 1.339.1957.0
Update Source: User
Security intelligence Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.18200.4
Previous Engine Version: 1.1.18100.6
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 
 
CodeIntegrity:
===============
Date: 2021-05-13 12:09:28
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
BIOS: Dell Inc. A12 02/05/2018
Motherboard: Dell Inc. 0KWVT8
Processor: Intel® Core™ i7-4770 CPU @ 3.40GHz
Percentage of memory in use: 31%
Total physical RAM: 16335.18 MB
Available physical RAM: 11221.5 MB
Total Virtual: 18767.18 MB
Available Virtual: 13132.02 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:465.16 GB) (Free:403.84 GB) NTFS
Drive d: (Files & Storage) (Fixed) (Total:1862.89 GB) (Free:1526.7 GB) NTFS
Drive e: (My Book) (Fixed) (Total:2794.49 GB) (Free:1456.86 GB) NTFS
Drive f: (Elements) (Fixed) (Total:11175.97 GB) (Free:6435.9 GB) NTFS
Drive g: (My Book) (Fixed) (Total:1396.61 GB) (Free:761.47 GB) NTFS
Drive m: (WD SmartWare) (CDROM) (Total:0.43 GB) (Free:0 GB) UDF
Drive n: (New Volume) (Fixed) (Total:1862.98 GB) (Free:356.89 GB) NTFS
Drive o: (Elements) (Fixed) (Total:11175.97 GB) (Free:3604.57 GB) NTFS
Drive p: (NEW VOLUME) (Removable) (Total:29.81 GB) (Free:29.75 GB) NTFS
 
\\?\Volume{82f22c68-f0d4-4705-9ffa-50a7e3a55cdb}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS
\\?\Volume{c557409b-41be-47b7-8654-2860c5346652}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==========================================================
Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)
 
Partition: GPT.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 2.
 
==========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 1396.6 GB) (Disk ID: 000389F4)
Partition 1: (Not Active) - (Size=1396.6 GB) - (Type=07 NTFS)
 
==========================================================
Disk: 4 (Size: 11176 GB) (Disk ID: 16F2A91F)
 
Partition: GPT.
 
==========================================================
Disk: 5 (Size: 1863 GB) (Disk ID: D409B4F0)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 
==========================================================
Disk: 6 (Size: 11176 GB) (Disk ID: 16F2A91F)
 
Partition: GPT.
 
==========================================================
Disk: 11 (MBR Code: Windows 7 or Vista) (Size: 29.8 GB) (Disk ID: E7731309)
Partition 1: (Not Active) - (Size=29.8 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt =======================

 


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,850 posts
  • MVP

I don't see a bunch of files missing so perhaps it is just your login that is having problems.  See if this fix list helps.  It will try to create a new login called Ryno2 with password: Geeks2go and at the same time it will test your essential system files to make sure they are still good.  Will take about 25 minutes to complete and will then reboot.  After it reboots go into your original login and see if things look better.  If not try logging in as Ryno2.

 

Download the attached fixlist.txt to the same location as FRST

Attached File  fixlist.txt   578bytes   31 downloads

Run FRST and press Fix
A fix log will be generated please post that

Reboot if the fix doesn't reboot it for you

Run FRST again but this time make sure Addition.txt is checked and hit Scan.  Post both logs.


 


  • 0

#3
mewsick75

mewsick75

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 292 posts
 
Fix result of Farbar Recovery Scan Tool (x64) Version: 09-06-2021
Ran by Ryno Family (11-06-2021 16:00:41) Run:1
Running from C:\Users\Ryno Family\Desktop
Loaded Profiles: Ryno Family
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CMD: net user Ryno2 Geeks2go /ADD
CMD: net localgroup administrators Ryno2 /add
CMD: DISM /Online /Cleanup-Image /RestoreHealth
CMD: SFC /scannow
CMD: findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:
 
 
*****************
 
 
========= net user Ryno2 Geeks2go /ADD =========
 
The command completed successfully.
 
 
========= End of CMD: =========
 
 
========= net localgroup administrators Ryno2 /add =========
 
The command completed successfully.
 
 
========= End of CMD: =========
 
 
========= DISM /Online /Cleanup-Image /RestoreHealth =========
 
 
Deployment Image Servicing and Management tool
Version: 10.0.19041.844
 
Image Version: 10.0.19041.1052
 
 
[==                         3.8%                           ] 
 
[==                         4.8%                           ] 
 
[===                        5.7%                           ] 
 
[===                        6.7%                           ] 
 
[====                       7.7%                           ] 
 
[=====                      8.7%                           ] 
 
[=====                      9.7%                           ] 
 
[======                     10.6%                          ] 
 
[======                     11.6%                          ] 
 
[=======                    12.6%                          ] 
 
[=======                    13.5%                          ] 
 
[========                   14.2%                          ] 
 
[========                   15.2%                          ] 
 
[=========                  16.2%                          ] 
 
[=========                  17.1%                          ] 
 
[==========                 18.1%                          ] 
 
[===========                19.1%                          ] 
 
[===========                20.1%                          ] 
 
[============               21.1%                          ] 
 
[============               22.0%                          ] 
 
[=============              23.0%                          ] 
 
[=============              24.0%                          ] 
 
[==============             25.0%                          ] 
 
[==============             25.4%                          ] 
 
[===============            26.3%                          ] 
 
[===============            26.6%                          ] 
 
[===============            26.8%                          ] 
 
[===============            26.9%                          ] 
 
[================           27.9%                          ] 
 
[================           28.9%                          ] 
 
[=================          29.9%                          ] 
 
[=================          30.9%                          ] 
 
[==================         31.8%                          ] 
 
[==================         32.4%                          ] 
 
[===================        33.4%                          ] 
 
[===================        34.3%                          ] 
 
[====================       35.2%                          ] 
 
[=====================      36.2%                          ] 
 
[=====================      37.2%                          ] 
 
[=====================      37.8%                          ] 
 
[======================     38.0%                          ] 
 
[======================     38.2%                          ] 
 
[======================     38.6%                          ] 
 
[======================     39.0%                          ] 
 
[======================     39.4%                          ] 
 
[=======================    39.9%                          ] 
 
[=======================    40.5%                          ] 
 
[=======================    41.2%                          ] 
 
[========================   41.8%                          ] 
 
[========================   42.3%                          ] 
 
[========================   43.1%                          ] 
 
[=========================  43.5%                          ] 
 
[=========================  44.1%                          ] 
 
[=========================  44.8%                          ] 
 
[========================== 45.2%                          ] 
 
[========================== 45.7%                          ] 
 
[========================== 46.5%                          ] 
 
[===========================47.2%                          ] 
 
[===========================48.2%                          ] 
 
[===========================49.2%                          ] 
 
[===========================50.2%                          ] 
 
[===========================51.2%                          ] 
 
[===========================52.2%                          ] 
 
[===========================53.1%                          ] 
 
[===========================53.3%                          ] 
 
[===========================53.4%                          ] 
 
[===========================53.4%                          ] 
 
[===========================53.6%                          ] 
 
[===========================53.7%                          ] 
 
[===========================53.7%                          ] 
 
[===========================53.8%                          ] 
 
[===========================53.8%                          ] 
 
[===========================53.9%                          ] 
 
[===========================53.9%                          ] 
 
[===========================54.0%                          ] 
 
[===========================54.0%                          ] 
 
[===========================54.0%                          ] 
 
[===========================54.2%                          ] 
 
[===========================54.2%                          ] 
 
[===========================54.3%                          ] 
 
[===========================54.4%                          ] 
 
[===========================54.5%                          ] 
 
[===========================54.7%                          ] 
 
[===========================54.8%                          ] 
 
[===========================54.9%                          ] 
 
[===========================54.9%                          ] 
 
[===========================54.9%                          ] 
 
[===========================55.0%                          ] 
 
[===========================55.1%                          ] 
 
[===========================55.2%                          ] 
 
[===========================55.2%                          ] 
 
[===========================55.2%                          ] 
 
[===========================55.3%                          ] 
 
[===========================55.4%                          ] 
 
[===========================55.4%                          ] 
 
[===========================55.5%                          ] 
 
[===========================55.5%                          ] 
 
[===========================55.6%                          ] 
 
[===========================55.6%                          ] 
 
[===========================55.6%                          ] 
 
[===========================55.7%                          ] 
 
[===========================55.8%                          ] 
 
[===========================55.9%                          ] 
 
[===========================55.9%                          ] 
 
[===========================56.0%                          ] 
 
[===========================56.3%                          ] 
 
[===========================56.5%                          ] 
 
[===========================56.5%                          ] 
 
[===========================56.6%                          ] 
 
[===========================56.7%                          ] 
 
[===========================56.8%                          ] 
 
[===========================56.9%=                         ] 
 
[===========================57.1%=                         ] 
 
[===========================57.1%=                         ] 
 
[===========================57.1%=                         ] 
 
[===========================57.5%=                         ] 
 
[===========================58.5%=                         ] 
 
[===========================59.5%==                        ] 
 
[===========================62.3%====                      ] 
 
[===========================84.9%=================         ] 
 
[==========================100.0%==========================] 
The restore operation completed successfully.
The operation completed successfully.
 
========= End of CMD: =========
 
 
========= SFC /scannow =========
 
 
 
Beginning system scan.  This process will take some time.
 
 
 
Beginning verification phase of system scan.
 
 
Verification 0% complete.
Verification 1% complete.
Verification 1% complete.
Verification 2% complete.
Verification 3% complete.
Verification 3% complete.
Verification 4% complete.
Verification 4% complete.
Verification 5% complete.
Verification 6% complete.
Verification 6% complete.
Verification 7% complete.
Verification 7% complete.
Verification 8% complete.
Verification 9% complete.
Verification 9% complete.
Verification 10% complete.
Verification 11% complete.
Verification 11% complete.
Verification 12% complete.
Verification 12% complete.
Verification 13% complete.
Verification 14% complete.
Verification 14% complete.
Verification 15% complete.
Verification 15% complete.
Verification 16% complete.
Verification 17% complete.
Verification 17% complete.
Verification 18% complete.
Verification 18% complete.
Verification 19% complete.
Verification 20% complete.
Verification 20% complete.
Verification 21% complete.
Verification 22% complete.
Verification 22% complete.
Verification 23% complete.
Verification 23% complete.
Verification 24% complete.
Verification 25% complete.
Verification 25% complete.
Verification 26% complete.
Verification 26% complete.
Verification 27% complete.
Verification 28% complete.
Verification 28% complete.
Verification 29% complete.
Verification 30% complete.
Verification 30% complete.
Verification 31% complete.
Verification 31% complete.
Verification 32% complete.
Verification 33% complete.
Verification 33% complete.
Verification 34% complete.
Verification 34% complete.
Verification 35% complete.
Verification 36% complete.
Verification 36% complete.
Verification 37% complete.
Verification 37% complete.
Verification 38% complete.
Verification 39% complete.
Verification 39% complete.
Verification 40% complete.
Verification 41% complete.
Verification 41% complete.
Verification 42% complete.
Verification 42% complete.
Verification 43% complete.
Verification 44% complete.
Verification 44% complete.
Verification 45% complete.
Verification 45% complete.
Verification 46% complete.
Verification 47% complete.
Verification 47% complete.
Verification 48% complete.
Verification 48% complete.
Verification 49% complete.
Verification 50% complete.
Verification 50% complete.
Verification 51% complete.
Verification 52% complete.
Verification 52% complete.
Verification 53% complete.
Verification 53% complete.
Verification 54% complete.
Verification 55% complete.
Verification 55% complete.
Verification 56% complete.
Verification 56% complete.
Verification 57% complete.
Verification 58% complete.
Verification 58% complete.
Verification 59% complete.
Verification 60% complete.
Verification 60% complete.
Verification 61% complete.
Verification 61% complete.
Verification 62% complete.
Verification 63% complete.
Verification 63% complete.
Verification 64% complete.
Verification 64% complete.
Verification 65% complete.
Verification 66% complete.
Verification 66% complete.
Verification 67% complete.
Verification 67% complete.
Verification 68% complete.
Verification 69% complete.
Verification 69% complete.
Verification 70% complete.
Verification 71% complete.
Verification 71% complete.
Verification 72% complete.
Verification 72% complete.
Verification 73% complete.
Verification 74% complete.
Verification 74% complete.
Verification 75% complete.
Verification 75% complete.
Verification 76% complete.
Verification 77% complete.
Verification 77% complete.
Verification 78% complete.
Verification 78% complete.
Verification 79% complete.
Verification 80% complete.
Verification 80% complete.
Verification 81% complete.
Verification 82% complete.
Verification 82% complete.
Verification 83% complete.
Verification 83% complete.
Verification 84% complete.
Verification 85% complete.
Verification 85% complete.
Verification 86% complete.
Verification 86% complete.
Verification 87% complete.
Verification 88% complete.
Verification 88% complete.
Verification 89% complete.
Verification 90% complete.
Verification 90% complete.
Verification 91% complete.
Verification 91% complete.
Verification 92% complete.
Verification 93% complete.
Verification 93% complete.
Verification 94% complete.
Verification 94% complete.
Verification 95% complete.
Verification 96% complete.
Verification 96% complete.
Verification 97% complete.
Verification 97% complete.
Verification 98% complete.
Verification 99% complete.
Verification 99% complete.
Verification 100% complete.
 
 
Windows Resource Protection found corrupt files and successfully repaired them.
 
For online repairs, details are included in the CBS log file located at
 
windir\Logs\CBS\CBS.log. For example C:\Windows\Logs\CBS\CBS.log. For offline
 
repairs, details are included in the log file provided by the /OFFLOGFILE flag.
 
 
========= End of CMD: =========
 
 
========= findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log =========
 
2021-06-11 16:03:15, Info                  CSI    0000000a [SR] Verifying 100 components
2021-06-11 16:03:15, Info                  CSI    0000000b [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:15, Info                  CSI    0000000c [SR] Verify complete
2021-06-11 16:03:15, Info                  CSI    0000000d [SR] Verifying 100 components
2021-06-11 16:03:15, Info                  CSI    0000000e [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:16, Info                  CSI    0000000f [SR] Verify complete
2021-06-11 16:03:16, Info                  CSI    00000010 [SR] Verifying 100 components
2021-06-11 16:03:16, Info                  CSI    00000011 [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:16, Info                  CSI    00000012 [SR] Verify complete
2021-06-11 16:03:16, Info                  CSI    00000013 [SR] Verifying 100 components
2021-06-11 16:03:16, Info                  CSI    00000014 [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:16, Info                  CSI    00000015 [SR] Verify complete
2021-06-11 16:03:16, Info                  CSI    00000016 [SR] Verifying 100 components
2021-06-11 16:03:16, Info                  CSI    00000017 [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:17, Info                  CSI    00000018 [SR] Verify complete
2021-06-11 16:03:17, Info                  CSI    00000019 [SR] Verifying 100 components
2021-06-11 16:03:17, Info                  CSI    0000001a [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:17, Info                  CSI    0000001b [SR] Verify complete
2021-06-11 16:03:17, Info                  CSI    0000001c [SR] Verifying 100 components
2021-06-11 16:03:17, Info                  CSI    0000001d [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:18, Info                  CSI    0000001e [SR] Verify complete
2021-06-11 16:03:18, Info                  CSI    0000001f [SR] Verifying 100 components
2021-06-11 16:03:18, Info                  CSI    00000020 [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:19, Info                  CSI    00000021 [SR] Verify complete
2021-06-11 16:03:19, Info                  CSI    00000022 [SR] Verifying 100 components
2021-06-11 16:03:19, Info                  CSI    00000023 [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:20, Info                  CSI    00000024 [SR] Verify complete
2021-06-11 16:03:20, Info                  CSI    00000025 [SR] Verifying 100 components
2021-06-11 16:03:20, Info                  CSI    00000026 [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:22, Info                  CSI    00000027 [SR] Verify complete
2021-06-11 16:03:22, Info                  CSI    00000028 [SR] Verifying 100 components
2021-06-11 16:03:22, Info                  CSI    00000029 [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:26, Info                  CSI    0000002a [SR] Verify complete
2021-06-11 16:03:27, Info                  CSI    0000002b [SR] Verifying 100 components
2021-06-11 16:03:27, Info                  CSI    0000002c [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:27, Info                  CSI    0000002d [SR] Verify complete
2021-06-11 16:03:27, Info                  CSI    0000002e [SR] Verifying 100 components
2021-06-11 16:03:27, Info                  CSI    0000002f [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:28, Info                  CSI    00000030 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\Event Viewer.lnk from store
2021-06-11 16:03:28, Info                  CSI    00000031 [SR] Verify complete
2021-06-11 16:03:28, Info                  CSI    00000032 [SR] Verifying 100 components
2021-06-11 16:03:28, Info                  CSI    00000033 [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:28, Info                  CSI    00000034 [SR] Verify complete
2021-06-11 16:03:28, Info                  CSI    00000035 [SR] Verifying 100 components
2021-06-11 16:03:28, Info                  CSI    00000036 [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:29, Info                  CSI    00000038 [SR] Verify complete
2021-06-11 16:03:29, Info                  CSI    00000039 [SR] Verifying 100 components
2021-06-11 16:03:29, Info                  CSI    0000003a [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:29, Info                  CSI    0000003b [SR] Verify complete
2021-06-11 16:03:30, Info                  CSI    0000003c [SR] Verifying 100 components
2021-06-11 16:03:30, Info                  CSI    0000003d [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:30, Info                  CSI    0000003e [SR] Verify complete
2021-06-11 16:03:30, Info                  CSI    0000003f [SR] Verifying 100 components
2021-06-11 16:03:30, Info                  CSI    00000040 [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:31, Info                  CSI    00000041 [SR] Verify complete
2021-06-11 16:03:31, Info                  CSI    00000042 [SR] Verifying 100 components
2021-06-11 16:03:31, Info                  CSI    00000043 [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:32, Info                  CSI    00000045 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\\Steps Recorder.lnk from store
2021-06-11 16:03:32, Info                  CSI    00000046 [SR] Verify complete
2021-06-11 16:03:32, Info                  CSI    00000047 [SR] Verifying 100 components
2021-06-11 16:03:32, Info                  CSI    00000048 [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:33, Info                  CSI    00000049 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\\Task Manager.lnk from store
2021-06-11 16:03:33, Info                  CSI    0000004a [SR] Verify complete
2021-06-11 16:03:33, Info                  CSI    0000004b [SR] Verifying 100 components
2021-06-11 16:03:33, Info                  CSI    0000004c [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:34, Info                  CSI    0000004d [SR] Verify complete
2021-06-11 16:03:34, Info                  CSI    0000004e [SR] Verifying 100 components
2021-06-11 16:03:34, Info                  CSI    0000004f [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:34, Info                  CSI    00000050 [SR] Verify complete
2021-06-11 16:03:35, Info                  CSI    00000051 [SR] Verifying 100 components
2021-06-11 16:03:35, Info                  CSI    00000052 [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:35, Info                  CSI    00000053 [SR] Verify complete
2021-06-11 16:03:35, Info                  CSI    00000054 [SR] Verifying 100 components
2021-06-11 16:03:35, Info                  CSI    00000055 [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:36, Info                  CSI    00000056 [SR] Verify complete
2021-06-11 16:03:36, Info                  CSI    00000057 [SR] Verifying 100 components
2021-06-11 16:03:36, Info                  CSI    00000058 [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:37, Info                  CSI    0000005a [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\Computer Management.lnk from store
2021-06-11 16:03:37, Info                  CSI    0000005b [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\Component Services.lnk from store
2021-06-11 16:03:37, Info                  CSI    0000005c [SR] Verify complete
2021-06-11 16:03:37, Info                  CSI    0000005d [SR] Verifying 100 components
2021-06-11 16:03:37, Info                  CSI    0000005e [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:37, Info                  CSI    0000005f [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\\Character Map.lnk from store
2021-06-11 16:03:38, Info                  CSI    00000060 [SR] Verify complete
2021-06-11 16:03:38, Info                  CSI    00000061 [SR] Verifying 100 components
2021-06-11 16:03:38, Info                  CSI    00000062 [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:38, Info                  CSI    00000063 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\Disk Cleanup.lnk from store
2021-06-11 16:03:38, Info                  CSI    00000064 [SR] Verify complete
2021-06-11 16:03:38, Info                  CSI    00000065 [SR] Verifying 100 components
2021-06-11 16:03:38, Info                  CSI    00000066 [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:39, Info                  CSI    00000067 [SR] Verify complete
2021-06-11 16:03:39, Info                  CSI    00000068 [SR] Verifying 100 components
2021-06-11 16:03:39, Info                  CSI    00000069 [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:40, Info                  CSI    0000006b [SR] Verify complete
2021-06-11 16:03:40, Info                  CSI    0000006c [SR] Verifying 100 components
2021-06-11 16:03:40, Info                  CSI    0000006d [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:40, Info                  CSI    0000006e [SR] Verify complete
2021-06-11 16:03:40, Info                  CSI    0000006f [SR] Verifying 100 components
2021-06-11 16:03:40, Info                  CSI    00000070 [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:41, Info                  CSI    00000071 [SR] Verify complete
2021-06-11 16:03:41, Info                  CSI    00000072 [SR] Verifying 100 components
2021-06-11 16:03:41, Info                  CSI    00000073 [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:41, Info                  CSI    00000074 [SR] Verify complete
2021-06-11 16:03:41, Info                  CSI    00000075 [SR] Verifying 100 components
2021-06-11 16:03:41, Info                  CSI    00000076 [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:42, Info                  CSI    00000077 [SR] Verify complete
2021-06-11 16:03:42, Info                  CSI    00000078 [SR] Verifying 100 components
2021-06-11 16:03:42, Info                  CSI    00000079 [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:42, Info                  CSI    0000007a [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\dfrgui.lnk from store
2021-06-11 16:03:43, Info                  CSI    0000007b [SR] Verify complete
2021-06-11 16:03:43, Info                  CSI    0000007c [SR] Verifying 100 components
2021-06-11 16:03:43, Info                  CSI    0000007d [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:43, Info                  CSI    0000007e [SR] Verify complete
2021-06-11 16:03:43, Info                  CSI    0000007f [SR] Verifying 100 components
2021-06-11 16:03:43, Info                  CSI    00000080 [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:44, Info                  CSI    00000081 [SR] Verify complete
2021-06-11 16:03:44, Info                  CSI    00000082 [SR] Verifying 100 components
2021-06-11 16:03:44, Info                  CSI    00000083 [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:45, Info                  CSI    00000085 [SR] Verify complete
2021-06-11 16:03:45, Info                  CSI    00000086 [SR] Verifying 100 components
2021-06-11 16:03:45, Info                  CSI    00000087 [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:46, Info                  CSI    00000088 [SR] Verify complete
2021-06-11 16:03:46, Info                  CSI    00000089 [SR] Verifying 100 components
2021-06-11 16:03:46, Info                  CSI    0000008a [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:47, Info                  CSI    0000008c [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\\Windows Fax and Scan.lnk from store
2021-06-11 16:03:48, Info                  CSI    00000090 [SR] Verify complete
2021-06-11 16:03:48, Info                  CSI    00000091 [SR] Verifying 100 components
2021-06-11 16:03:48, Info                  CSI    00000092 [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:50, Info                  CSI    00000093 [SR] Verify complete
2021-06-11 16:03:50, Info                  CSI    00000094 [SR] Verifying 100 components
2021-06-11 16:03:50, Info                  CSI    00000095 [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:51, Info                  CSI    00000097 [SR] Verify complete
2021-06-11 16:03:52, Info                  CSI    00000098 [SR] Verifying 100 components
2021-06-11 16:03:52, Info                  CSI    00000099 [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:52, Info                  CSI    0000009a [SR] Verify complete
2021-06-11 16:03:52, Info                  CSI    0000009b [SR] Verifying 100 components
2021-06-11 16:03:52, Info                  CSI    0000009c [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:53, Info                  CSI    0000009e [SR] Verify complete
2021-06-11 16:03:53, Info                  CSI    0000009f [SR] Verifying 100 components
2021-06-11 16:03:53, Info                  CSI    000000a0 [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:54, Info                  CSI    000000a2 [SR] Verify complete
2021-06-11 16:03:54, Info                  CSI    000000a3 [SR] Verifying 100 components
2021-06-11 16:03:54, Info                  CSI    000000a4 [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:54, Info                  CSI    000000a5 [SR] Verify complete
2021-06-11 16:03:54, Info                  CSI    000000a6 [SR] Verifying 100 components
2021-06-11 16:03:54, Info                  CSI    000000a7 [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:55, Info                  CSI    000000a8 [SR] Verify complete
2021-06-11 16:03:55, Info                  CSI    000000a9 [SR] Verifying 100 components
2021-06-11 16:03:55, Info                  CSI    000000aa [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:56, Info                  CSI    000000ac [SR] Verify complete
2021-06-11 16:03:56, Info                  CSI    000000ad [SR] Verifying 100 components
2021-06-11 16:03:56, Info                  CSI    000000ae [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:57, Info                  CSI    000000b0 [SR] Verify complete
2021-06-11 16:03:57, Info                  CSI    000000b1 [SR] Verifying 100 components
2021-06-11 16:03:57, Info                  CSI    000000b2 [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:58, Info                  CSI    000000b4 [SR] Verify complete
2021-06-11 16:03:58, Info                  CSI    000000b5 [SR] Verifying 100 components
2021-06-11 16:03:58, Info                  CSI    000000b6 [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:59, Info                  CSI    000000b7 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\iSCSI Initiator.lnk from store
2021-06-11 16:03:59, Info                  CSI    000000b8 [SR] Verify complete
2021-06-11 16:03:59, Info                  CSI    000000b9 [SR] Verifying 100 components
2021-06-11 16:03:59, Info                  CSI    000000ba [SR] Beginning Verify and Repair transaction
2021-06-11 16:03:59, Info                  CSI    000000bb [SR] Verify complete
2021-06-11 16:04:00, Info                  CSI    000000bc [SR] Verifying 100 components
2021-06-11 16:04:00, Info                  CSI    000000bd [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:00, Info                  CSI    000000be [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\ODBC Data Sources (64-bit).lnk from store
2021-06-11 16:04:00, Info                  CSI    000000bf [SR] Verify complete
2021-06-11 16:04:00, Info                  CSI    000000c0 [SR] Verifying 100 components
2021-06-11 16:04:00, Info                  CSI    000000c1 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:01, Info                  CSI    000000c2 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\Memory Diagnostics Tool.lnk from store
2021-06-11 16:04:01, Info                  CSI    000000c3 [SR] Verify complete
2021-06-11 16:04:01, Info                  CSI    000000c4 [SR] Verifying 100 components
2021-06-11 16:04:01, Info                  CSI    000000c5 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:02, Info                  CSI    000000c8 [SR] Verify complete
2021-06-11 16:04:02, Info                  CSI    000000c9 [SR] Verifying 100 components
2021-06-11 16:04:02, Info                  CSI    000000ca [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:03, Info                  CSI    000000cb [SR] Verify complete
2021-06-11 16:04:03, Info                  CSI    000000cc [SR] Verifying 100 components
2021-06-11 16:04:03, Info                  CSI    000000cd [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:03, Info                  CSI    000000ce [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\\Windows Media Player.lnk from store
2021-06-11 16:04:04, Info                  CSI    000000d0 [SR] Verify complete
2021-06-11 16:04:04, Info                  CSI    000000d1 [SR] Verifying 100 components
2021-06-11 16:04:04, Info                  CSI    000000d2 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:05, Info                  CSI    000000d4 [SR] Verify complete
2021-06-11 16:04:05, Info                  CSI    000000d5 [SR] Verifying 100 components
2021-06-11 16:04:05, Info                  CSI    000000d6 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:06, Info                  CSI    000000d7 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\\Paint.lnk from store
2021-06-11 16:04:06, Info                  CSI    000000d8 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\System Configuration.lnk from store
2021-06-11 16:04:06, Info                  CSI    000000d9 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\System Information.lnk from store
2021-06-11 16:04:06, Info                  CSI    000000da [SR] Verify complete
2021-06-11 16:04:06, Info                  CSI    000000db [SR] Verifying 100 components
2021-06-11 16:04:06, Info                  CSI    000000dc [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:07, Info                  CSI    000000dd [SR] Verify complete
2021-06-11 16:04:07, Info                  CSI    000000de [SR] Verifying 100 components
2021-06-11 16:04:07, Info                  CSI    000000df [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:07, Info                  CSI    000000e1 [SR] Verify complete
2021-06-11 16:04:07, Info                  CSI    000000e2 [SR] Verifying 100 components
2021-06-11 16:04:07, Info                  CSI    000000e3 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:08, Info                  CSI    000000e4 [SR] Verify complete
2021-06-11 16:04:08, Info                  CSI    000000e5 [SR] Verifying 100 components
2021-06-11 16:04:08, Info                  CSI    000000e6 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:08, Info                  CSI    000000e7 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\\Notepad.lnk from store
2021-06-11 16:04:09, Info                  CSI    000000e8 [SR] Verify complete
2021-06-11 16:04:09, Info                  CSI    000000e9 [SR] Verifying 100 components
2021-06-11 16:04:09, Info                  CSI    000000ea [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:10, Info                  CSI    000000eb [SR] Verify complete
2021-06-11 16:04:10, Info                  CSI    000000ec [SR] Verifying 100 components
2021-06-11 16:04:10, Info                  CSI    000000ed [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:10, Info                  CSI    000000ee [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\Print Management.lnk from store
2021-06-11 16:04:10, Info                  CSI    000000ef [SR] Verify complete
2021-06-11 16:04:10, Info                  CSI    000000f0 [SR] Verifying 100 components
2021-06-11 16:04:10, Info                  CSI    000000f1 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:11, Info                  CSI    000000f2 [SR] Verify complete
2021-06-11 16:04:11, Info                  CSI    000000f3 [SR] Verifying 100 components
2021-06-11 16:04:11, Info                  CSI    000000f4 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:11, Info                  CSI    000000f5 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\Performance Monitor.lnk from store
2021-06-11 16:04:11, Info                  CSI    000000f6 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\Resource Monitor.lnk from store
2021-06-11 16:04:12, Info                  CSI    000000f7 [SR] Verify complete
2021-06-11 16:04:12, Info                  CSI    000000f8 [SR] Verifying 100 components
2021-06-11 16:04:12, Info                  CSI    000000f9 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:12, Info                  CSI    000000fa [SR] Verify complete
2021-06-11 16:04:13, Info                  CSI    000000fb [SR] Verifying 100 components
2021-06-11 16:04:13, Info                  CSI    000000fc [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:13, Info                  CSI    000000fd [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\\Quick Assist.lnk from store
2021-06-11 16:04:13, Info                  CSI    000000fe [SR] Verify complete
2021-06-11 16:04:13, Info                  CSI    000000ff [SR] Verifying 100 components
2021-06-11 16:04:13, Info                  CSI    00000100 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:14, Info                  CSI    00000101 [SR] Verify complete
2021-06-11 16:04:14, Info                  CSI    00000102 [SR] Verifying 100 components
2021-06-11 16:04:14, Info                  CSI    00000103 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:14, Info                  CSI    00000104 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\RecoveryDrive.lnk from store
2021-06-11 16:04:14, Info                  CSI    00000105 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\Registry Editor.lnk from store
2021-06-11 16:04:14, Info                  CSI    00000106 [SR] Verify complete
2021-06-11 16:04:14, Info                  CSI    00000107 [SR] Verifying 100 components
2021-06-11 16:04:14, Info                  CSI    00000108 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:15, Info                  CSI    00000109 [SR] Verify complete
2021-06-11 16:04:15, Info                  CSI    0000010a [SR] Verifying 100 components
2021-06-11 16:04:15, Info                  CSI    0000010b [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:16, Info                  CSI    0000010c [SR] Verify complete
2021-06-11 16:04:16, Info                  CSI    0000010d [SR] Verifying 100 components
2021-06-11 16:04:16, Info                  CSI    0000010e [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:16, Info                  CSI    0000010f [SR] Verify complete
2021-06-11 16:04:16, Info                  CSI    00000110 [SR] Verifying 100 components
2021-06-11 16:04:16, Info                  CSI    00000111 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:17, Info                  CSI    00000112 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\Security Configuration Management.lnk from store
2021-06-11 16:04:17, Info                  CSI    00000113 [SR] Verify complete
2021-06-11 16:04:17, Info                  CSI    00000114 [SR] Verifying 100 components
2021-06-11 16:04:17, Info                  CSI    00000115 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:18, Info                  CSI    00000116 [SR] Verify complete
2021-06-11 16:04:18, Info                  CSI    00000117 [SR] Verifying 100 components
2021-06-11 16:04:18, Info                  CSI    00000118 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:19, Info                  CSI    00000119 [SR] Verify complete
2021-06-11 16:04:19, Info                  CSI    0000011a [SR] Verifying 100 components
2021-06-11 16:04:19, Info                  CSI    0000011b [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:20, Info                  CSI    0000011c [SR] Verify complete
2021-06-11 16:04:20, Info                  CSI    0000011d [SR] Verifying 100 components
2021-06-11 16:04:20, Info                  CSI    0000011e [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:21, Info                  CSI    00000120 [SR] Verify complete
2021-06-11 16:04:21, Info                  CSI    00000121 [SR] Verifying 100 components
2021-06-11 16:04:21, Info                  CSI    00000122 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:21, Info                  CSI    00000123 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\services.lnk from store
2021-06-11 16:04:22, Info                  CSI    00000124 [SR] Verify complete
2021-06-11 16:04:22, Info                  CSI    00000125 [SR] Verifying 100 components
2021-06-11 16:04:22, Info                  CSI    00000126 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:23, Info                  CSI    00000127 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\\Snipping Tool.lnk from store
2021-06-11 16:04:23, Info                  CSI    0000012d [SR] Verify complete
2021-06-11 16:04:23, Info                  CSI    0000012e [SR] Verifying 100 components
2021-06-11 16:04:23, Info                  CSI    0000012f [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:25, Info                  CSI    00000131 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\\Speech Recognition.lnk from store
2021-06-11 16:04:25, Info                  CSI    00000132 [SR] Verify complete
2021-06-11 16:04:25, Info                  CSI    00000133 [SR] Verifying 100 components
2021-06-11 16:04:25, Info                  CSI    00000134 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:25, Info                  CSI    00000135 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\\Math Input Panel.lnk from store
2021-06-11 16:04:26, Info                  CSI    00000136 [SR] Verify complete
2021-06-11 16:04:26, Info                  CSI    00000137 [SR] Verifying 100 components
2021-06-11 16:04:26, Info                  CSI    00000138 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:26, Info                  CSI    00000139 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\\Remote Desktop Connection.lnk from store
2021-06-11 16:04:27, Info                  CSI    0000013c [SR] Verify complete
2021-06-11 16:04:27, Info                  CSI    0000013d [SR] Verifying 100 components
2021-06-11 16:04:27, Info                  CSI    0000013e [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:28, Info                  CSI    00000140 [SR] Verify complete
2021-06-11 16:04:28, Info                  CSI    00000141 [SR] Verifying 100 components
2021-06-11 16:04:28, Info                  CSI    00000142 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:29, Info                  CSI    00000144 [SR] Verify complete
2021-06-11 16:04:29, Info                  CSI    00000145 [SR] Verifying 100 components
2021-06-11 16:04:29, Info                  CSI    00000146 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:30, Info                  CSI    00000147 [SR] Verify complete
2021-06-11 16:04:30, Info                  CSI    00000148 [SR] Verifying 100 components
2021-06-11 16:04:30, Info                  CSI    00000149 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:31, Info                  CSI    0000014a [SR] Verify complete
2021-06-11 16:04:31, Info                  CSI    0000014b [SR] Verifying 100 components
2021-06-11 16:04:31, Info                  CSI    0000014c [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:32, Info                  CSI    0000014e [SR] Verify complete
2021-06-11 16:04:32, Info                  CSI    0000014f [SR] Verifying 100 components
2021-06-11 16:04:32, Info                  CSI    00000150 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:33, Info                  CSI    00000151 [SR] Verify complete
2021-06-11 16:04:33, Info                  CSI    00000152 [SR] Verifying 100 components
2021-06-11 16:04:33, Info                  CSI    00000153 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:33, Info                  CSI    00000154 [SR] Verify complete
2021-06-11 16:04:33, Info                  CSI    00000155 [SR] Verifying 100 components
2021-06-11 16:04:33, Info                  CSI    00000156 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:34, Info                  CSI    00000157 [SR] Verify complete
2021-06-11 16:04:34, Info                  CSI    00000158 [SR] Verifying 100 components
2021-06-11 16:04:34, Info                  CSI    00000159 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:35, Info                  CSI    0000015b [SR] Verify complete
2021-06-11 16:04:35, Info                  CSI    0000015c [SR] Verifying 100 components
2021-06-11 16:04:35, Info                  CSI    0000015d [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:35, Info                  CSI    0000015e [SR] Verify complete
2021-06-11 16:04:35, Info                  CSI    0000015f [SR] Verifying 100 components
2021-06-11 16:04:35, Info                  CSI    00000160 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:36, Info                  CSI    00000161 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\\Wordpad.lnk from store
2021-06-11 16:04:36, Info                  CSI    00000162 [SR] Verify complete
2021-06-11 16:04:36, Info                  CSI    00000163 [SR] Verifying 100 components
2021-06-11 16:04:36, Info                  CSI    00000164 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:37, Info                  CSI    00000165 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\\XPS Viewer.lnk from store
2021-06-11 16:04:37, Info                  CSI    00000166 [SR] Verify complete
2021-06-11 16:04:37, Info                  CSI    00000167 [SR] Verifying 100 components
2021-06-11 16:04:37, Info                  CSI    00000168 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:37, Info                  CSI    00000169 [SR] Verify complete
2021-06-11 16:04:38, Info                  CSI    0000016a [SR] Verifying 100 components
2021-06-11 16:04:38, Info                  CSI    0000016b [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:39, Info                  CSI    0000016d [SR] Verify complete
2021-06-11 16:04:39, Info                  CSI    0000016e [SR] Verifying 100 components
2021-06-11 16:04:39, Info                  CSI    0000016f [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:39, Info                  CSI    00000170 [SR] Verify complete
2021-06-11 16:04:39, Info                  CSI    00000171 [SR] Verifying 100 components
2021-06-11 16:04:39, Info                  CSI    00000172 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:40, Info                  CSI    00000173 [SR] Verify complete
2021-06-11 16:04:40, Info                  CSI    00000174 [SR] Verifying 100 components
2021-06-11 16:04:40, Info                  CSI    00000175 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:40, Info                  CSI    00000176 [SR] Verify complete
2021-06-11 16:04:40, Info                  CSI    00000177 [SR] Verifying 100 components
2021-06-11 16:04:40, Info                  CSI    00000178 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:42, Info                  CSI    0000017a [SR] Verify complete
2021-06-11 16:04:42, Info                  CSI    0000017b [SR] Verifying 100 components
2021-06-11 16:04:42, Info                  CSI    0000017c [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:44, Info                  CSI    0000017e [SR] Verify complete
2021-06-11 16:04:44, Info                  CSI    0000017f [SR] Verifying 100 components
2021-06-11 16:04:44, Info                  CSI    00000180 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:44, Info                  CSI    00000182 [SR] Verify complete
2021-06-11 16:04:45, Info                  CSI    00000183 [SR] Verifying 100 components
2021-06-11 16:04:45, Info                  CSI    00000184 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:45, Info                  CSI    00000185 [SR] Verify complete
2021-06-11 16:04:45, Info                  CSI    00000186 [SR] Verifying 100 components
2021-06-11 16:04:45, Info                  CSI    00000187 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:46, Info                  CSI    00000188 [SR] Verify complete
2021-06-11 16:04:46, Info                  CSI    00000189 [SR] Verifying 100 components
2021-06-11 16:04:46, Info                  CSI    0000018a [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:46, Info                  CSI    0000018b [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\Windows Defender Firewall with Advanced Security.lnk from store
2021-06-11 16:04:46, Info                  CSI    0000018c [SR] Verify complete
2021-06-11 16:04:46, Info                  CSI    0000018d [SR] Verifying 100 components
2021-06-11 16:04:46, Info                  CSI    0000018e [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:47, Info                  CSI    0000018f [SR] Verify complete
2021-06-11 16:04:47, Info                  CSI    00000190 [SR] Verifying 100 components
2021-06-11 16:04:47, Info                  CSI    00000191 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:47, Info                  CSI    00000192 [SR] Verify complete
2021-06-11 16:04:47, Info                  CSI    00000193 [SR] Verifying 100 components
2021-06-11 16:04:47, Info                  CSI    00000194 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:48, Info                  CSI    00000195 [SR] Verify complete
2021-06-11 16:04:48, Info                  CSI    00000196 [SR] Verifying 100 components
2021-06-11 16:04:48, Info                  CSI    00000197 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:49, Info                  CSI    00000198 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\Task Scheduler.lnk from store
2021-06-11 16:04:49, Info                  CSI    00000199 [SR] Verify complete
2021-06-11 16:04:49, Info                  CSI    0000019a [SR] Verifying 100 components
2021-06-11 16:04:49, Info                  CSI    0000019b [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:49, Info                  CSI    0000019c [SR] Verify complete
2021-06-11 16:04:49, Info                  CSI    0000019d [SR] Verifying 100 components
2021-06-11 16:04:49, Info                  CSI    0000019e [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:50, Info                  CSI    000001a0 [SR] Verify complete
2021-06-11 16:04:50, Info                  CSI    000001a1 [SR] Verifying 100 components
2021-06-11 16:04:50, Info                  CSI    000001a2 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:51, Info                  CSI    000001a3 [SR] Verify complete
2021-06-11 16:04:52, Info                  CSI    000001a4 [SR] Verifying 100 components
2021-06-11 16:04:52, Info                  CSI    000001a5 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:52, Info                  CSI    000001a6 [SR] Verify complete
2021-06-11 16:04:52, Info                  CSI    000001a7 [SR] Verifying 100 components
2021-06-11 16:04:52, Info                  CSI    000001a8 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:53, Info                  CSI    000001a9 [SR] Verify complete
2021-06-11 16:04:53, Info                  CSI    000001aa [SR] Verifying 100 components
2021-06-11 16:04:53, Info                  CSI    000001ab [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:53, Info                  CSI    000001ac [SR] Verify complete
2021-06-11 16:04:53, Info                  CSI    000001ad [SR] Verifying 100 components
2021-06-11 16:04:53, Info                  CSI    000001ae [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:54, Info                  CSI    000001af [SR] Verify complete
2021-06-11 16:04:54, Info                  CSI    000001b0 [SR] Verifying 100 components
2021-06-11 16:04:54, Info                  CSI    000001b1 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:54, Info                  CSI    000001b2 [SR] Verify complete
2021-06-11 16:04:54, Info                  CSI    000001b3 [SR] Verifying 100 components
2021-06-11 16:04:54, Info                  CSI    000001b4 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:55, Info                  CSI    000001b5 [SR] Verify complete
2021-06-11 16:04:55, Info                  CSI    000001b6 [SR] Verifying 100 components
2021-06-11 16:04:55, Info                  CSI    000001b7 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:56, Info                  CSI    000001b8 [SR] Verify complete
2021-06-11 16:04:56, Info                  CSI    000001b9 [SR] Verifying 100 components
2021-06-11 16:04:56, Info                  CSI    000001ba [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:56, Info                  CSI    000001bb [SR] Verify complete
2021-06-11 16:04:56, Info                  CSI    000001bc [SR] Verifying 100 components
2021-06-11 16:04:56, Info                  CSI    000001bd [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:57, Info                  CSI    000001be [SR] Verify complete
2021-06-11 16:04:57, Info                  CSI    000001bf [SR] Verifying 100 components
2021-06-11 16:04:57, Info                  CSI    000001c0 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:58, Info                  CSI    000001c1 [SR] Verify complete
2021-06-11 16:04:58, Info                  CSI    000001c2 [SR] Verifying 100 components
2021-06-11 16:04:58, Info                  CSI    000001c3 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:58, Info                  CSI    000001c4 [SR] Verify complete
2021-06-11 16:04:58, Info                  CSI    000001c5 [SR] Verifying 100 components
2021-06-11 16:04:58, Info                  CSI    000001c6 [SR] Beginning Verify and Repair transaction
2021-06-11 16:04:59, Info                  CSI    000001c7 [SR] Verify complete
2021-06-11 16:04:59, Info                  CSI    000001c8 [SR] Verifying 100 components
2021-06-11 16:04:59, Info                  CSI    000001c9 [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:00, Info                  CSI    000001ca [SR] Verify complete
2021-06-11 16:05:00, Info                  CSI    000001cb [SR] Verifying 100 components
2021-06-11 16:05:00, Info                  CSI    000001cc [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:00, Info                  CSI    000001d0 [SR] Verify complete
2021-06-11 16:05:00, Info                  CSI    000001d1 [SR] Verifying 100 components
2021-06-11 16:05:00, Info                  CSI    000001d2 [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:01, Info                  CSI    000001d3 [SR] Verify complete
2021-06-11 16:05:01, Info                  CSI    000001d4 [SR] Verifying 100 components
2021-06-11 16:05:01, Info                  CSI    000001d5 [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:01, Info                  CSI    000001d6 [SR] Verify complete
2021-06-11 16:05:01, Info                  CSI    000001d7 [SR] Verifying 100 components
2021-06-11 16:05:01, Info                  CSI    000001d8 [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:02, Info                  CSI    000001d9 [SR] Verify complete
2021-06-11 16:05:02, Info                  CSI    000001da [SR] Verifying 100 components
2021-06-11 16:05:02, Info                  CSI    000001db [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:02, Info                  CSI    000001dc [SR] Verify complete
2021-06-11 16:05:02, Info                  CSI    000001dd [SR] Verifying 100 components
2021-06-11 16:05:02, Info                  CSI    000001de [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:03, Info                  CSI    000001e0 [SR] Verify complete
2021-06-11 16:05:03, Info                  CSI    000001e1 [SR] Verifying 100 components
2021-06-11 16:05:03, Info                  CSI    000001e2 [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:04, Info                  CSI    000001e3 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\ODBC Data Sources (32-bit).lnk from store
2021-06-11 16:05:04, Info                  CSI    000001e4 [SR] Verify complete
2021-06-11 16:05:04, Info                  CSI    000001e5 [SR] Verifying 100 components
2021-06-11 16:05:04, Info                  CSI    000001e6 [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:05, Info                  CSI    000001e7 [SR] Verify complete
2021-06-11 16:05:05, Info                  CSI    000001e8 [SR] Verifying 100 components
2021-06-11 16:05:05, Info                  CSI    000001e9 [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:06, Info                  CSI    000001eb [SR] Verify complete
2021-06-11 16:05:06, Info                  CSI    000001ec [SR] Verifying 100 components
2021-06-11 16:05:06, Info                  CSI    000001ed [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:06, Info                  CSI    000001ee [SR] Verify complete
2021-06-11 16:05:06, Info                  CSI    000001ef [SR] Verifying 100 components
2021-06-11 16:05:06, Info                  CSI    000001f0 [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:07, Info                  CSI    000001f1 [SR] Verify complete
2021-06-11 16:05:07, Info                  CSI    000001f2 [SR] Verifying 100 components
2021-06-11 16:05:07, Info                  CSI    000001f3 [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:08, Info                  CSI    000001f5 [SR] Verify complete
2021-06-11 16:05:08, Info                  CSI    000001f6 [SR] Verifying 100 components
2021-06-11 16:05:08, Info                  CSI    000001f7 [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:09, Info                  CSI    000001f8 [SR] Verify complete
2021-06-11 16:05:09, Info                  CSI    000001f9 [SR] Verifying 100 components
2021-06-11 16:05:09, Info                  CSI    000001fa [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:09, Info                  CSI    000001fb [SR] Verify complete
2021-06-11 16:05:09, Info                  CSI    000001fc [SR] Verifying 100 components
2021-06-11 16:05:09, Info                  CSI    000001fd [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:10, Info                  CSI    000001fe [SR] Verify complete
2021-06-11 16:05:10, Info                  CSI    000001ff [SR] Verifying 100 components
2021-06-11 16:05:10, Info                  CSI    00000200 [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:10, Info                  CSI    00000201 [SR] Verify complete
2021-06-11 16:05:11, Info                  CSI    00000202 [SR] Verifying 100 components
2021-06-11 16:05:11, Info                  CSI    00000203 [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:11, Info                  CSI    00000208 [SR] Verify complete
2021-06-11 16:05:11, Info                  CSI    00000209 [SR] Verifying 100 components
2021-06-11 16:05:11, Info                  CSI    0000020a [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:12, Info                  CSI    0000020b [SR] Verify complete
2021-06-11 16:05:12, Info                  CSI    0000020c [SR] Verifying 100 components
2021-06-11 16:05:12, Info                  CSI    0000020d [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:13, Info                  CSI    0000020e [SR] Verify complete
2021-06-11 16:05:13, Info                  CSI    0000020f [SR] Verifying 100 components
2021-06-11 16:05:13, Info                  CSI    00000210 [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:14, Info                  CSI    00000211 [SR] Verify complete
2021-06-11 16:05:14, Info                  CSI    00000212 [SR] Verifying 100 components
2021-06-11 16:05:14, Info                  CSI    00000213 [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:14, Info                  CSI    00000214 [SR] Verify complete
2021-06-11 16:05:14, Info                  CSI    00000215 [SR] Verifying 100 components
2021-06-11 16:05:14, Info                  CSI    00000216 [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:15, Info                  CSI    00000218 [SR] Verify complete
2021-06-11 16:05:15, Info                  CSI    00000219 [SR] Verifying 100 components
2021-06-11 16:05:15, Info                  CSI    0000021a [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:16, Info                  CSI    0000021b [SR] Verify complete
2021-06-11 16:05:16, Info                  CSI    0000021c [SR] Verifying 100 components
2021-06-11 16:05:16, Info                  CSI    0000021d [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:16, Info                  CSI    0000021e [SR] Verify complete
2021-06-11 16:05:17, Info                  CSI    0000021f [SR] Verifying 100 components
2021-06-11 16:05:17, Info                  CSI    00000220 [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:18, Info                  CSI    00000222 [SR] Verify complete
2021-06-11 16:05:18, Info                  CSI    00000223 [SR] Verifying 100 components
2021-06-11 16:05:18, Info                  CSI    00000224 [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:19, Info                  CSI    00000225 [SR] Verify complete
2021-06-11 16:05:19, Info                  CSI    00000226 [SR] Verifying 100 components
2021-06-11 16:05:19, Info                  CSI    00000227 [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:19, Info                  CSI    00000228 [SR] Verify complete
2021-06-11 16:05:19, Info                  CSI    00000229 [SR] Verifying 100 components
2021-06-11 16:05:19, Info                  CSI    0000022a [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:20, Info                  CSI    0000022b [SR] Verify complete
2021-06-11 16:05:20, Info                  CSI    0000022c [SR] Verifying 100 components
2021-06-11 16:05:20, Info                  CSI    0000022d [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:21, Info                  CSI    0000022e [SR] Verify complete
2021-06-11 16:05:21, Info                  CSI    0000022f [SR] Verifying 100 components
2021-06-11 16:05:21, Info                  CSI    00000230 [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:21, Info                  CSI    00000231 [SR] Verify complete
2021-06-11 16:05:21, Info                  CSI    00000232 [SR] Verifying 100 components
2021-06-11 16:05:21, Info                  CSI    00000233 [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:22, Info                  CSI    00000234 [SR] Verify complete
2021-06-11 16:05:22, Info                  CSI    00000235 [SR] Verifying 100 components
2021-06-11 16:05:22, Info                  CSI    00000236 [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:22, Info                  CSI    00000237 [SR] Verify complete
2021-06-11 16:05:22, Info                  CSI    00000238 [SR] Verifying 100 components
2021-06-11 16:05:22, Info                  CSI    00000239 [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:23, Info                  CSI    0000023a [SR] Verify complete
2021-06-11 16:05:23, Info                  CSI    0000023b [SR] Verifying 100 components
2021-06-11 16:05:23, Info                  CSI    0000023c [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:25, Info                  CSI    0000023e [SR] Verify complete
2021-06-11 16:05:25, Info                  CSI    0000023f [SR] Verifying 100 components
2021-06-11 16:05:25, Info                  CSI    00000240 [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:25, Info                  CSI    00000241 [SR] Verify complete
2021-06-11 16:05:25, Info                  CSI    00000242 [SR] Verifying 100 components
2021-06-11 16:05:25, Info                  CSI    00000243 [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:26, Info                  CSI    00000245 [SR] Verify complete
2021-06-11 16:05:26, Info                  CSI    00000246 [SR] Verifying 100 components
2021-06-11 16:05:26, Info                  CSI    00000247 [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:27, Info                  CSI    00000248 [SR] Verify complete
2021-06-11 16:05:27, Info                  CSI    00000249 [SR] Verifying 33 components
2021-06-11 16:05:27, Info                  CSI    0000024a [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:28, Info                  CSI    0000024b [SR] Verify complete
2021-06-11 16:05:28, Info                  CSI    0000024c [SR] Repairing 33 components
2021-06-11 16:05:28, Info                  CSI    0000024d [SR] Beginning Verify and Repair transaction
2021-06-11 16:05:28, Info                  CSI    0000024e [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\\Steps Recorder.lnk from store
2021-06-11 16:05:28, Info                  CSI    0000024f [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\Component Services.lnk from store
2021-06-11 16:05:28, Info                  CSI    00000250 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\ODBC Data Sources (64-bit).lnk from store
2021-06-11 16:05:28, Info                  CSI    00000251 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\\Paint.lnk from store
2021-06-11 16:05:28, Info                  CSI    00000252 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\Print Management.lnk from store
2021-06-11 16:05:28, Info                  CSI    00000253 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\services.lnk from store
2021-06-11 16:05:28, Info                  CSI    00000254 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\\Speech Recognition.lnk from store
2021-06-11 16:05:28, Info                  CSI    00000255 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\\XPS Viewer.lnk from store
2021-06-11 16:05:28, Info                  CSI    00000256 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\Task Scheduler.lnk from store
2021-06-11 16:05:28, Info                  CSI    00000257 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\\Windows Fax and Scan.lnk from store
2021-06-11 16:05:28, Info                  CSI    00000258 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\System Information.lnk from store
2021-06-11 16:05:28, Info                  CSI    00000259 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\Registry Editor.lnk from store
2021-06-11 16:05:28, Info                  CSI    0000025a [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\\Windows Media Player.lnk from store
2021-06-11 16:05:28, Info                  CSI    0000025b [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\System Configuration.lnk from store
2021-06-11 16:05:28, Info                  CSI    0000025c [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\\Quick Assist.lnk from store
2021-06-11 16:05:28, Info                  CSI    0000025d [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\Security Configuration Management.lnk from store
2021-06-11 16:05:28, Info                  CSI    0000025e [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\\Wordpad.lnk from store
2021-06-11 16:05:28, Info                  CSI    0000025f [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\Event Viewer.lnk from store
2021-06-11 16:05:28, Info                  CSI    00000260 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\Computer Management.lnk from store
2021-06-11 16:05:28, Info                  CSI    00000261 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\Memory Diagnostics Tool.lnk from store
2021-06-11 16:05:28, Info                  CSI    00000262 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\\Character Map.lnk from store
2021-06-11 16:05:28, Info                  CSI    00000263 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\\Notepad.lnk from store
2021-06-11 16:05:28, Info                  CSI    00000264 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\RecoveryDrive.lnk from store
2021-06-11 16:05:28, Info                  CSI    00000265 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\\Math Input Panel.lnk from store
2021-06-11 16:05:28, Info                  CSI    00000266 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\Disk Cleanup.lnk from store
2021-06-11 16:05:28, Info                  CSI    00000267 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\iSCSI Initiator.lnk from store
2021-06-11 16:05:28, Info                  CSI    00000268 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\\Snipping Tool.lnk from store
2021-06-11 16:05:28, Info                  CSI    00000269 [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\\Remote Desktop Connection.lnk from store
2021-06-11 16:05:28, Info                  CSI    0000026a [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\\Task Manager.lnk from store
2021-06-11 16:05:28, Info                  CSI    0000026b [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\dfrgui.lnk from store
2021-06-11 16:05:28, Info                  CSI    0000026c [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\Performance Monitor.lnk from store
2021-06-11 16:05:28, Info                  CSI    0000026d [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\Resource Monitor.lnk from store
2021-06-11 16:05:28, Info                  CSI    0000026e [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\Windows Defender Firewall with Advanced Security.lnk from store
2021-06-11 16:05:28, Info                  CSI    0000026f [SR] Repairing file \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\\ODBC Data Sources (32-bit).lnk from store
2021-06-11 16:05:28, Info                  CSI    00000270 [SR] Repair complete
2021-06-11 16:05:28, Info                  CSI    00000271 [SR] Committing transaction
2021-06-11 16:05:28, Info                  CSI    00000276 [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction  have been successfully repaired
 
========= End of CMD: =========
 
 
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
 
 
========= End of CMD: =========
 
 
 
The system needed a reboot.
 
==== End of Fixlog 16:05:54 ====
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-06-2021
Ran by Ryno Family (administrator) on RYNO01 (Dell Inc. XPS 8700) (11-06-2021 16:49:13)
Running from C:\Users\Ryno Family\Desktop
Loaded Profiles: Ryno Family
Platform: Windows 10 Pro Version 2004 19041.1052 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2>
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <3>
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\123.4.4832\QtWebEngineProcess.exe <3>
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ecb9604542bb4ba6\RstMwService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Ryno Family\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1022_none_7e372e9e7c6ecccb\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\NisSrv.exe
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Plex, Inc. -> ) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe
(Plex, Inc. -> ) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe <2>
(Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio) C:\Program Files\PDFsam Enhanced 6\updater-ws.exe
(SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio) C:\Program Files\PDFsam Enhanced 6\ws.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe <6>
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8504064 2015-06-26] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-26] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-01-30] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [8172320 2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [779448 2021-05-13] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5296352 2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-02-08] (Adobe Inc. -> )
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [710264 2020-06-18] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1434938535-2261300646-1492766918-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Ryno Family\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated"
HKU\S-1-5-21-1434938535-2261300646-1492766918-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [680776 2021-06-10] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1434938535-2261300646-1492766918-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5549280 2021-05-28] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1434938535-2261300646-1492766918-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [20215464 2021-06-04] (Plex, Inc. -> Plex, Inc.)
HKU\S-1-5-21-1434938535-2261300646-1492766918-1001\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe [2763952 2021-05-13] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-21-1434938535-2261300646-1492766918-1001\...\MountPoints2: {0ae999d1-3150-11e8-904c-806e6f6e6963} - "M:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-18\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [20215464 2021-06-04] (Plex, Inc. -> Plex, Inc.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65160 2021-05-28] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\PDFsam Enhanced 6 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\pdfsam enhanced_pdfpmon_v.4.12.26.3.dll [932984 2020-01-18] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.101\Installer\chrmstp.exe [2021-06-09] (Google LLC -> Google LLC)
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {00407A8C-0092-4858-8F3E-EA1F27B35FA9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764968 2021-05-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {2450BFBF-993C-4395-9161-5D6A4FEE9F60} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694752 2021-02-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {2E1CAC10-148F-42DD-983F-4FD8C7F437E2} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764968 2021-05-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {490D4669-B120-4559-9B47-A645649DF7B3} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-1434938535-2261300646-1492766918-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [24064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {4E4A59F1-C3D5-4C36-886B-7F07B59A35A1} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1283488 2021-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {505A61F3-6BE9-4B67-A0BD-BB4A4995A4D6} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-03-26] (Dropbox, Inc -> Dropbox, Inc.)
Task: {5A437D4B-0ADE-45C0-A4C9-AEB17E689218} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {5C636FAD-3A97-4602-B6E8-CAD2348391B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-26] (Google Inc -> Google Inc.)
Task: {614687FE-7B76-45BC-B194-12576F1B7613} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-26] (Google Inc -> Google Inc.)
Task: {68E85843-F31B-4DD8-BF3A-6A3E9045889B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MpCmdRun.exe [644888 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6D593B7D-4389-40AD-B28B-DE4040C37240} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3914704 2021-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {955856CD-FCE9-47A6-9E9A-4681084E6419} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1434938535-2261300646-1492766918-1001 => C:\Users\Ryno Family\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {A0163128-1992-47C0-AB61-ABD3AF3421D5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118104 2021-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {A1F3A903-6853-426D-A0C6-F8EE6C9A79F9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MpCmdRun.exe [644888 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BBC99E3A-8FA6-4BDA-A737-DB44DE310331} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {D2FED5FE-7860-4A8D-98DF-348C71242C6B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3914704 2021-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {DB79165D-15CA-4BB3-A7CD-5A040CA63314} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-03-26] (Dropbox, Inc -> Dropbox, Inc.)
Task: {E4172DE9-04A8-4193-95FE-847C32FF6C95} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MpCmdRun.exe [644888 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F1B4C4F9-C84E-460F-9833-057EE67A4D65} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118104 2021-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {FDD13ED2-C3E7-46DB-B44A-5C856D88CA77} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MpCmdRun.exe [644888 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{16a432c1-c27b-458b-9759-3d1acf09aca7}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a7708d01-ad8f-4d11-913c-0da3a7195aaf}: [DhcpNameServer] 192.168.1.1
 
Edge: 
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
 
FireFox:
========
FF DefaultProfile: jsnru0zb.default
FF ProfilePath: C:\Users\Ryno Family\AppData\Roaming\Mozilla\Firefox\Profiles\jsnru0zb.default [2021-06-11]
FF ProfilePath: C:\Users\Ryno Family\AppData\Roaming\Mozilla\Firefox\Profiles\2pxpm4em.default-release [2021-06-11]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-03-05]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-05-13] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-08-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-08-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-05-13] (Adobe Inc. -> Adobe Systems)
 
Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842424 2021-05-13] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8854928 2021-05-09] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-03-26] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-03-26] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44328 2021-05-22] (Dropbox, Inc -> Dropbox, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [7391408 2021-05-13] (Malwarebytes Inc -> Malwarebytes)
R3 PDFsam Enhanced 6; C:\Program Files\PDFsam Enhanced 6\ws.exe [2464464 2019-10-23] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
S3 PDFsam Enhanced 6 Creator; C:\Program Files\PDFsam Enhanced 6\creator\common\creator-ws.exe [577232 2019-10-23] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
R2 PDFsam Enhanced 6 Update Service; C:\Program Files\PDFsam Enhanced 6\updater-ws.exe [1716944 2019-10-23] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
S2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [550568 2021-06-04] (Plex, Inc. -> Plex, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5393304 2021-06-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11795800 2019-04-15] (TeamViewer GmbH -> TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\NisSrv.exe [2644760 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MsMpEng.exe [136656 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-05-13] (Malwarebytes Inc -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-06-11] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-05-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-06-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-06-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-05-13] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156880 2021-06-11] (Malwarebytes Inc -> Malwarebytes)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425208 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76008 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-06-11 16:48 - 2021-06-11 16:49 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2021-06-11 16:48 - 2021-06-11 16:49 - 000000000 ___HD C:\ProgramData\Documents\AdobeGC
2021-06-11 16:47 - 2021-06-11 16:47 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-06-11 16:47 - 2021-06-11 16:47 - 000156880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-06-11 16:47 - 2021-06-11 16:47 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-06-11 16:06 - 2021-06-11 16:06 - 000000000 ____D C:\Users\Ryno Family\AppData\Local\PeerDistRepub
2021-06-11 16:00 - 2021-06-11 16:05 - 000072791 _____ C:\Users\Ryno Family\Desktop\Fixlog.txt
2021-06-11 11:12 - 2021-06-11 11:13 - 000059558 _____ C:\Users\Ryno Family\Desktop\Addition.txt
2021-06-11 11:11 - 2021-06-11 16:49 - 000024102 _____ C:\Users\Ryno Family\Desktop\FRST.txt
2021-06-11 11:11 - 2021-06-11 16:49 - 000000000 ____D C:\FRST
2021-06-11 11:11 - 2021-06-11 11:11 - 000000000 ____D C:\Users\Ryno Family\Desktop\FRST-OlderVersion
2021-06-11 11:10 - 2021-06-11 11:11 - 002300416 _____ (Farbar) C:\Users\Ryno Family\Desktop\FRST64.exe
2021-06-11 10:58 - 2021-06-11 10:58 - 000000000 ____D C:\Users\Ryno Family\AppData\Roaming\Sun
2021-06-11 10:58 - 2021-06-11 10:58 - 000000000 ____D C:\Users\Ryno Family\AppData\LocalLow\Sun
2021-06-11 10:55 - 2021-06-11 10:55 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-06-11 10:55 - 2021-06-11 10:55 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-06-11 10:55 - 2021-06-11 10:55 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-06-11 10:55 - 2021-06-11 10:55 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-06-11 10:55 - 2021-06-11 10:55 - 000000000 ____D C:\Users\Ryno Family\AppData\Roaming\Mozilla
2021-06-11 10:55 - 2021-06-11 10:55 - 000000000 ____D C:\Users\Ryno Family\AppData\LocalLow\Mozilla
2021-06-11 10:55 - 2021-06-11 10:55 - 000000000 ____D C:\Users\Ryno Family\AppData\Local\Mozilla
2021-06-11 10:55 - 2021-06-11 10:55 - 000000000 ____D C:\Users\Ryno Family\AppData\Local\mbam
2021-06-11 10:55 - 2021-06-11 10:55 - 000000000 ____D C:\ProgramData\Mozilla
2021-06-11 10:53 - 2021-06-11 12:11 - 000000000 ____D C:\Users\Ryno Family\AppData\Local\D3DSCache
2021-06-11 10:53 - 2021-06-11 10:53 - 000000000 ____D C:\Users\Ryno Family\AppData\Local\CEF
2021-06-11 10:53 - 2021-06-11 10:53 - 000000000 ____D C:\ProgramData\Apple
2021-06-11 10:52 - 2021-06-11 10:52 - 000000020 ___SH C:\Users\Ryno Family\ntuser.ini
2021-06-11 10:52 - 2021-06-11 10:52 - 000000000 ____D C:\Users\Ryno Family\AppData\Roaming\PDFsam Enhanced 6
2021-06-11 10:52 - 2021-06-11 10:52 - 000000000 ____D C:\Users\Ryno Family\AppData\Local\MicrosoftEdge
2021-06-11 10:50 - 2021-06-11 10:54 - 000000000 ____D C:\Users\Ryno Family\AppData\Local\CrashDumps
2021-06-11 10:50 - 2021-06-11 10:50 - 000000000 ____D C:\Users\Ryno Family\AppData\Local\Publishers
2021-06-11 10:49 - 2021-06-11 10:49 - 000000000 ____D C:\Users\Ryno Family\AppData\Local\Comms
2021-06-08 17:24 - 2021-06-08 17:24 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-06-08 17:24 - 2021-06-08 17:24 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-06-08 17:24 - 2021-06-08 17:24 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-06-08 17:24 - 2021-06-08 17:24 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-06-08 17:24 - 2021-06-08 17:24 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-06-08 17:24 - 2021-06-08 17:24 - 000011353 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-06-08 17:23 - 2021-06-08 17:23 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-06-08 17:23 - 2021-06-08 17:23 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-06-08 17:23 - 2021-06-08 17:23 - 001823792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-06-08 17:23 - 2021-06-08 17:23 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-06-08 17:23 - 2021-06-08 17:23 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-06-08 17:23 - 2021-06-08 17:23 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-06-08 17:23 - 2021-06-08 17:23 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-06-08 17:23 - 2021-06-08 17:23 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-06-08 17:23 - 2021-06-08 17:23 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-06-08 17:23 - 2021-06-08 17:23 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-06-08 17:23 - 2021-06-08 17:23 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-06-08 17:23 - 2021-06-08 17:23 - 000097280 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-06-08 17:03 - 2021-06-08 17:03 - 000000000 ____D C:\Program Files (x86)\Plex
2021-05-28 01:58 - 2021-05-28 01:58 - 000065160 _____ (Adobe Systems Inc) C:\WINDOWS\system32\AdobePDF.dll
2021-05-28 01:58 - 2021-05-28 01:58 - 000035992 _____ (Adobe Systems Inc.) C:\WINDOWS\system32\AdobePDFUI.dll
2021-05-22 09:52 - 2021-05-22 09:52 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-05-22 09:52 - 2021-05-22 09:52 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-05-22 09:52 - 2021-05-22 09:52 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-05-22 09:52 - 2021-05-22 09:52 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx.sys
2021-05-22 09:52 - 2021-05-22 09:52 - 000044328 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-05-13 12:11 - 2021-05-13 12:11 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-05-13 12:11 - 2021-05-13 12:09 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-05-12 06:01 - 2021-05-12 06:01 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-12 06:01 - 2021-05-12 06:01 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-05-12 06:01 - 2021-05-12 06:01 - 000153600 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2021-05-12 06:00 - 2021-05-12 06:00 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-12 06:00 - 2021-05-12 06:00 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-12 06:00 - 2021-05-12 06:00 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-12 06:00 - 2021-05-12 06:00 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-12 06:00 - 2021-05-12 06:00 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-06-11 16:48 - 2020-09-13 20:53 - 000000000 ____D C:\Users\Ryno Family\AppData\Local\Plex Media Server
2021-06-11 16:47 - 2020-08-23 12:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-06-11 16:47 - 2020-08-23 11:55 - 000008192 ___SH C:\DumpStack.log.tmp
2021-06-11 16:47 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-11 16:47 - 2019-04-22 16:49 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-06-11 16:47 - 2018-03-26 15:51 - 000000000 ____D C:\ProgramData\NVIDIA
2021-06-11 16:45 - 2019-12-07 05:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-06-11 16:44 - 2020-08-23 11:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-11 16:03 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-06-11 16:00 - 2020-04-14 20:29 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-06-11 16:00 - 2020-04-14 20:29 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2021-06-11 15:56 - 2018-03-26 15:51 - 000000000 ____D C:\Users\Ryno Family\AppData\Local\Packages
2021-06-11 11:05 - 2018-03-26 20:22 - 000000000 ____D C:\Users\Ryno Family\AppData\LocalLow\Adobe
2021-06-11 11:05 - 2018-03-26 20:20 - 000000000 ____D C:\ProgramData\Adobe
2021-06-11 11:05 - 2018-03-26 15:51 - 000000000 ____D C:\Users\Ryno Family\AppData\Roaming\Adobe
2021-06-11 11:04 - 2018-03-26 20:19 - 000000000 ____D C:\Users\Ryno Family\AppData\Local\Adobe
2021-06-11 11:03 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-11 10:59 - 2020-08-23 11:59 - 000840602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-06-11 10:59 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-11 10:53 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-11 10:53 - 2018-03-26 20:31 - 000000000 ____D C:\Users\Ryno Family\AppData\Local\Dropbox
2021-06-11 10:53 - 2018-03-26 16:18 - 000000000 ____D C:\Users\Ryno Family\AppData\Roaming\ControlCenter4
2021-06-11 10:53 - 2018-03-26 15:50 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-06-11 10:52 - 2020-08-23 11:56 - 000000000 ____D C:\Users\Ryno Family
2021-06-11 10:52 - 2018-03-26 15:51 - 000000000 ____D C:\Users\Ryno Family\AppData\Local\ConnectedDevicesPlatform
2021-06-11 10:50 - 2018-03-26 15:53 - 000000000 ___RD C:\Users\Ryno Family\OneDrive
2021-06-11 10:49 - 2020-04-14 20:35 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2021-06-11 10:49 - 2020-03-01 17:33 - 000000000 ____D C:\Program Files (x86)\Quicken
2021-06-11 10:49 - 2019-12-07 05:14 - 000000000 __RHD C:\Users\Public\Libraries
2021-06-11 10:49 - 2018-08-27 22:50 - 000000000 ____D C:\ProgramData\Leawo
2021-06-11 10:49 - 2018-04-15 17:46 - 000000000 ____D C:\Users\Ryno Family\AppData\Roaming\vlc
2021-06-11 10:49 - 2018-03-26 16:16 - 000000000 ____D C:\Brother
2021-06-11 10:49 - 2018-03-26 16:11 - 000000000 ____D C:\ProgramData\Brother
2021-06-11 10:49 - 2018-03-26 15:56 - 000000000 ____D C:\Users\Ryno Family\AppData\Local\Google
2021-06-11 10:49 - 2018-03-26 15:51 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-06-11 10:49 - 2018-03-26 15:51 - 000000000 ___RD C:\Users\Ryno Family\3D Objects
2021-06-11 10:49 - 2018-03-26 15:51 - 000000000 ____D C:\Users\Ryno Family\AppData\Local\VirtualStore
2021-06-10 15:44 - 2018-10-20 22:54 - 000000000 ____D C:\ProgramData\boost_interprocess
2021-06-10 15:39 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-06-10 15:38 - 2020-08-23 11:55 - 000456312 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-06-10 15:38 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-06-10 15:35 - 2019-12-07 05:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-06-10 15:35 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-06-10 15:35 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-06-10 15:35 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-06-10 15:35 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-06-10 15:35 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-06-10 15:35 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-06-10 15:35 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-06-10 15:35 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-06-10 15:35 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-06-10 15:35 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-06-10 15:35 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-06-10 15:35 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-06-10 15:35 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-06-10 15:35 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-06-10 12:06 - 2020-04-14 20:26 - 000000000 ____D C:\Program Files\Adobe
2021-06-09 12:09 - 2020-04-14 20:26 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-06-08 17:15 - 2018-03-26 16:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-06-08 17:13 - 2018-03-26 16:25 - 132447432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-06-08 17:03 - 2020-04-14 20:26 - 000000000 ____D C:\ProgramData\Package Cache
2021-06-05 12:32 - 2018-03-26 16:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-06-04 12:09 - 2020-08-23 12:00 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1434938535-2261300646-1492766918-1001
2021-05-26 10:54 - 2018-03-26 20:31 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-05-23 23:20 - 2018-03-26 16:29 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-05-13 12:57 - 2018-03-26 20:21 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-05-13 12:11 - 2019-12-07 05:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-05-13 12:09 - 2019-07-28 11:05 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-05-13 11:43 - 2018-03-26 20:31 - 000000932 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2021-05-13 11:43 - 2018-03-26 20:31 - 000000928 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2021-05-13 11:41 - 2019-12-07 05:51 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-13 11:41 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-13 11:41 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-13 11:41 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-13 11:41 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-13 11:41 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-13 11:41 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-13 11:41 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-13 11:41 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-13 11:41 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-13 11:41 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-12 06:02 - 2019-12-07 05:54 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-06-2021
Ran by Ryno Family (11-06-2021 16:50:29)
Running from C:\Users\Ryno Family\Desktop
Windows 10 Pro Version 2004 19041.1052 (X64) (2020-08-23 16:00:52)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1434938535-2261300646-1492766918-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1434938535-2261300646-1492766918-503 - Limited - Disabled)
Guest (S-1-5-21-1434938535-2261300646-1492766918-501 - Limited - Disabled)
Ryno Family (S-1-5-21-1434938535-2261300646-1492766918-1001 - Administrator - Enabled) => C:\Users\Ryno Family
Ryno2 (S-1-5-21-1434938535-2261300646-1492766918-1002 - Administrator - Enabled)
WDAGUtilityAccount (S-1-5-21-1434938535-2261300646-1492766918-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 21.005.20048 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.005.20048 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.4.5.550 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version:  - Adobe)
Brother MFL-Pro Suite MFC-J870DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.3.0 - Brother Industries, Ltd.)
CDCheck (HKLM-x32\...\CDCheck) (Version:  - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 123.4.4832 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.459.1 - Dropbox, Inc.) Hidden
DVDFab (x64) 10.2.1.7 (10/10/2018) (HKLM-x32\...\DVDFab 10(x64)) (Version: 10.2.1.7 - DVDFab Software Inc.)
DVDFab 12 (x64) (26/02/2021) (HKLM-x32\...\DVDFab 12 (x64)) (Version: 12.0.1.9 - DVDFab Software Inc.)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
Exact Audio Copy 1.3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.3 - Andre Wiethoff)
Express Zip File Compression (HKLM-x32\...\ExpressZip) (Version: 7.23 - NCH Software)
FLAC Frontend (HKLM-x32\...\{315E5E8B-0560-413A-B604-622A4C8BECBD}) (Version: 2.1.1 - Xiph.org)
foobar2000 v1.4 (HKLM-x32\...\foobar2000) (Version: 1.4 - Peter Pawlowski)
FreeRIP MP3 Converter 5.7.0.1 (HKLM-x32\...\{501451DE-5808-4599-B544-8BD0915B6B24}_is1) (Version: 5.7.0.1 - GreenTree Applications SRL)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.101 - Google LLC)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Java 8 Update 261 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180261F0}) (Version: 8.0.2610.12 - Oracle Corporation)
Leawo Blu-ray Player version  1.10.0.1 (HKLM-x32\...\{CF7F52BF-DEE0-44CD-A7E1-AADD5CCECCDD}_is1) (Version: 1.10.0.1 - Leawo Software)
Malwarebytes version 4.4.0.117 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.0.117 - Malwarebytes)
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.13127.21624 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.41 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1434938535-2261300646-1492766918-1001\...\OneDriveSetup.exe) (Version: 21.099.0516.0003 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1434938535-2261300646-1492766918-1001\...\Teams) (Version: 1.3.00.13565 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Mozilla Firefox 86.0 (x64 en-US) (HKLM\...\Mozilla Firefox 86.0 (x64 en-US)) (Version: 86.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 86.0 - Mozilla)
nugster 1.1.232 (HKLM\...\nugster) (Version: 1.1.232 - Nugs, Inc.)
NVIDIA Graphics Driver 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13127.21064 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13127.21064 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13127.21624 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13127.21064 - Microsoft Corporation) Hidden
PDFsam Basic (HKLM\...\{7C663C91-1147-4B5A-872D-A3BC3F7F860B}) (Version: 4.0.5.0 - Sober Lemur S.a.s. di Vacondio Andrea)
PDFsam Enhanced 6 (HKLM-x32\...\PDFsam Enhanced 6) (Version: 6.1.12.1769 - SOBER LEMUR SAS DI VACONDIO ANDREA)
PDFsam Enhanced 6 Asian Fonts Pack (HKLM\...\{AD872FD7-E383-4730-90DD-DBC6085FA707}) (Version: 6.1.14.5050 - Andrea Vacondio) Hidden
PDFsam Enhanced 6 Convert Module (HKLM\...\{97B3B4E7-98E4-496D-978E-7846D01DA279}) (Version: 6.1.14.5050 - Andrea Vacondio) Hidden
PDFsam Enhanced 6 Create Module (HKLM\...\{AB55FD1D-9E1F-4606-8587-B8548C72DB6A}) (Version: 6.1.14.5050 - Andrea Vacondio) Hidden
PDFsam Enhanced 6 Edit Module (HKLM\...\{3EB8F0AB-575B-4EC3-8011-F35E3CA6BA7E}) (Version: 6.1.14.5050 - Andrea Vacondio) Hidden
PDFsam Enhanced 6 Forms Module (HKLM\...\{FD343EE1-C0AB-432E-8777-2F3B5F0C9E1B}) (Version: 6.1.14.5050 - Andrea Vacondio) Hidden
PDFsam Enhanced 6 Insert Module (HKLM\...\{4CEFA15B-4CEF-42C1-833E-E5305F9B4BEA}) (Version: 6.1.14.5050 - Andrea Vacondio) Hidden
PDFsam Enhanced 6 Review Module (HKLM\...\{F96CE21B-3FD4-49CB-AEED-A65702CE4D03}) (Version: 6.1.14.5050 - Andrea Vacondio) Hidden
PDFsam Enhanced 6 Secure Module (HKLM\...\{78B8FA91-2850-465D-8D8F-7DD46EDA98C6}) (Version: 6.1.14.5050 - Andrea Vacondio) Hidden
PDFsam Enhanced 6 View Module (HKLM\...\{4ABC92E5-382F-4E49-AFD8-7BBA142F226A}) (Version: 6.1.14.5050 - Andrea Vacondio) Hidden
PhotoPad Image Editor (HKLM-x32\...\PhotoPad) (Version: 4.00 - NCH Software)
Plex Media Player (HKLM\...\{01668612-849E-47C7-973D-FFB1D7D85007}) (Version: 2.58.0 - Plex) Hidden
Plex Media Player (HKLM-x32\...\{03880fc4-b074-4ddd-a32e-ff00cac16bba}) (Version: 2.58.0 - Plex)
Plex Media Server (HKLM-x32\...\{81269e3b-8a2f-45ea-a6b6-a4cf18249052}) (Version: 1.23.2.4656 - Plex, Inc.)
Plex Media Server (HKLM-x32\...\{9ED1C029-CB76-4054-B264-395BACAC8473}) (Version: 1.23.2656 - Plex, Inc.) Hidden
Quicken (HKLM-x32\...\{62D93E3E-2F8E-42BD-9343-896F4F0031D3}) (Version: 27.1.25.21 - Quicken)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
Smart View (HKLM-x32\...\{1800D8A5-F7B2-4C20-868E-1CF55CBBDF21}) (Version: 1.0.0.0 - Samsung )
Stopping Plex (HKLM-x32\...\{D0094EB9-033F-40EC-ACCB-AD771A20B0BA}) (Version: 1.23.2656 - Plex, Inc.) Hidden
Tau Analyzer (remove only) (HKLM-x32\...\Tau Analyzer) (Version:  - )
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.34161 - Microsoft Corporation)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.2.8352 - TeamViewer)
Trader's Little Helper 2.7.0 (HKLM-x32\...\TradersLittleHelper_is1) (Version: 2.7.0 - Robert Hoffmann)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
World Empire V 5.0.0 (HKLM-x32\...\World Empire V) (Version: 5.0.0 - Viable Software Alternatives)
 
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-04-14] (Adobe Systems Incorporated)
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2020-07-10] (Adobe Systems Incorporated)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa [2021-04-28] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-17] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5310.0_x64__8wekyb3d8bbwe [2021-06-06] (Microsoft Studios) [MS Ad]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-12-09] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0 [2021-06-11] (Spotify AB) [Startup Task]
Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2020-09-03] (Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1434938535-2261300646-1492766918-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Ryno Family\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll => No File
CustomCLSID: HKU\S-1-5-21-1434938535-2261300646-1492766918-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-1434938535-2261300646-1492766918-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> "C:\Users\Ryno Family\AppData\Local\Microsoft\OneDrive\21.099.0516.0003\Microsoft.Nucleus.exe" => No File
CustomCLSID: HKU\S-1-5-21-1434938535-2261300646-1492766918-1001_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> "C:\Users\Ryno Family\AppData\Local\Microsoft\OneDrive\21.099.0516.0003\Microsoft.Nucleus.exe" => No File
CustomCLSID: HKU\S-1-5-21-1434938535-2261300646-1492766918-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Ryno Family\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll => No File
CustomCLSID: HKU\S-1-5-21-1434938535-2261300646-1492766918-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => D:\Ryno Family\Dropbox [2018-03-26 20:33]
CustomCLSID: HKU\S-1-5-21-1434938535-2261300646-1492766918-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-10] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-10] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-10] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-10] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [ExpressZip] -> {8EEA165E-0B8B-4BA7-9796-50214C767171} => C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll [2020-09-06] () [File not signed]
ContextMenuHandlers1: [PDFsamEnhanced6_ManagerExt] -> {7631D455-88D9-4774-83C6-D6A2B78182BF} => C:\Program Files\PDFsam Enhanced 6\context-menu.dll [2019-10-23] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-06-10] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [ExpressZip] -> {8EEA165E-0B8B-4BA7-9796-50214C767171} => C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll [2020-09-06] () [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
==================== Loaded Modules (Whitelisted) =============
 
2021-06-08 17:03 - 2021-06-08 17:03 - 000325632 _____ () [File not signed] \\?\C:\Users\Ryno Family\AppData\Local\Plex Media Server\Codecs\fa235d6-3858-windows-x86\ac3_decoder.dll
2021-06-08 17:03 - 2021-06-08 17:03 - 000462848 _____ () [File not signed] \\?\C:\Users\Ryno Family\AppData\Local\Plex Media Server\Codecs\fa235d6-3858-windows-x86\dca_decoder.dll
2021-06-08 17:03 - 2021-06-08 17:03 - 001831936 _____ () [File not signed] \\?\C:\Users\Ryno Family\AppData\Local\Plex Media Server\Codecs\fa235d6-3858-windows-x86\h264_decoder.dll
2021-06-08 17:03 - 2021-06-08 17:03 - 002375680 _____ () [File not signed] \\?\C:\Users\Ryno Family\AppData\Local\Plex Media Server\Codecs\fa235d6-3858-windows-x86\libx264_encoder.dll
2021-06-08 17:03 - 2021-06-08 17:04 - 000531456 _____ () [File not signed] \\?\C:\Users\Ryno Family\AppData\Local\Plex Media Server\Codecs\fa235d6-3858-windows-x86\mpeg2video_decoder.dll
2021-06-08 17:04 - 2021-06-08 17:04 - 001068032 _____ () [File not signed] \\?\C:\Users\Ryno Family\AppData\Local\Plex Media Server\Codecs\fa235d6-3858-windows-x86\vc1_decoder.dll
2018-03-26 16:16 - 2009-02-27 16:38 - 000139264 ____R () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2020-09-06 11:50 - 2020-09-06 11:50 - 000105984 _____ () [File not signed] C:\Program Files (x86)\NCH Software\ExpressZip\ezcm64.dll
2018-03-26 16:16 - 2005-04-22 00:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2018-03-26 16:16 - 2012-07-13 13:09 - 000385024 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll
2018-03-26 16:16 - 2010-09-29 17:07 - 000180224 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BroSNMP.dll
2018-03-26 16:16 - 2011-02-28 11:32 - 000208896 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrFirmUpdateCheck.dll
2018-03-26 16:16 - 2012-11-29 19:04 - 002040832 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2018-03-26 16:16 - 2013-01-30 15:17 - 000137728 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2018-03-26 16:16 - 2012-12-21 12:31 - 000078848 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2018-03-26 16:16 - 2012-12-21 12:31 - 017666560 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2018-03-26 16:16 - 2013-01-18 14:31 - 000074240 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcLUsa.dll
2018-03-26 16:16 - 2012-10-19 08:02 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2018-12-10 11:29 - 2018-12-10 11:29 - 000438272 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Program Files\PDFsam Enhanced 6\libcurl.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: PDFsam Enhanced 6 Helper -> {861A3991-1B45-4F34-96B4-CE30DD4AB339} -> C:\Program Files\PDFsam Enhanced 6\creator\plugins\IEAddin\creator-ie-helper.dll [2019-10-23] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\ssv.dll [2020-08-25] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: PDFsam Enhanced 6 Helper -> {861A3991-1B45-4F34-96B4-CE30DD4AB339} -> C:\Program Files (x86)\PDFsam Enhanced 6\creator\plugins\IEAddin\creator-ie-helper.dll [2019-10-23] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-08-25] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - PDFsam Enhanced 6 Toolbar - {6F5E9294-F682-4F06-8DA6-CA13DF1D8B17} - C:\Program Files\PDFsam Enhanced 6\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-10-23] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - PDFsam Enhanced 6 Toolbar - {6F5E9294-F682-4F06-8DA6-CA13DF1D8B17} - C:\Program Files (x86)\PDFsam Enhanced 6\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-10-23] (SOBER LEMUR SAS DI VACONDIO ANDREA -> Andrea Vacondio)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2017-09-29 09:46 - 2017-09-29 09:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1434938535-2261300646-1492766918-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKU\S-1-5-21-1434938535-2261300646-1492766918-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{3D5A0B9F-3461-4E78-A012-08FC474D0B86}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DB66C98C-2003-4459-A42C-7E8035D1D2F7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{638C2585-A643-4370-A982-8B136E51FE45}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6FC89B3A-AA3E-4C9D-A935-540559F2F075}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F8113BA3-1FA3-407D-BA81-61D049688846}] => (Allow) LPort=35699
FirewallRules: [{C0869AEF-C43E-4752-929D-DB0C00377A22}] => (Allow) LPort=54925
FirewallRules: [{780FD78E-ECA4-41EE-8B69-1B255775F727}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{69AC50ED-2155-4F24-B04C-B3398E302C1E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{43D5A660-1496-41D5-B56E-0082DAE77F30}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{A2F5E079-D810-42EA-B4C7-A1CCCF4D3A0E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{70AA112E-8EB7-4230-86DA-4611CB78E938}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{2031DCD4-26E4-46A8-B65E-746BA78AF1B1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{50C0FB54-2832-4316-B2D8-43637C2564EF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{5CA98F27-FE59-4847-9518-7B09BA27C582}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{03E8B8F1-0FC8-476D-9071-BAF8D98586BE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe => No File
FirewallRules: [{9CFA6316-36D5-4EBD-B0FD-057107AA8716}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe => No File
FirewallRules: [{15026752-DFDA-46BA-87F2-7E42A6B76A53}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{609FBBFD-66B4-43D7-95CE-A381ABD05884}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{CAD5ACB4-2571-4CA2-A76E-D831552E785F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{6A8803F9-A5EC-47D9-9813-AEE0669A5248}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{346657F0-3CB7-42BC-98CA-FB93D048D697}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{05F52CE3-4413-4C0C-8C5F-BCBE4B538B37}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{8CD04F5C-A91F-4FBF-8A62-ABE9C728ACA8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{75AC8766-6798-4B80-8B50-7FA9E3351057}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{F684ECCD-DA3C-4097-B436-FD381A8D612F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe => No File
FirewallRules: [{A45FAC8F-E58B-4743-A592-609716590BE4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.83.318.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe => No File
FirewallRules: [{DC04D83C-FAFD-4FF7-A925-99D247C66EF9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.257.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{1D2101B0-C6BE-4B6A-9970-D5B5BC5154C5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.257.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{CD263754-8EF8-4D25-A151-315EB66CF878}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.257.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{283D8FE7-0EB0-475A-98A4-1FE10C42E511}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.257.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{1029E18D-BE24-4357-B7F5-7DE0907E95BC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.257.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{8154C6D8-91F7-4B3F-8261-EA295CD54EF6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.257.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{9A53E8A0-DDF1-4775-818E-FCF38AF9E35B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.257.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{BAC78ABF-DF82-485D-B028-98D2309F4887}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.257.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{A61B47DA-83E5-4EC5-87D7-BFE30B5FF784}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.257.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe => No File
FirewallRules: [{31097A92-B169-448F-A59D-F8EA8023A851}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.257.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe => No File
FirewallRules: [TCP Query User{B7E515A1-0ABD-4292-8AFF-E98F216FF604}C:\program files\dvdfab 10\dvdfab64.exe] => (Allow) C:\program files\dvdfab 10\dvdfab64.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [UDP Query User{FF01B863-4F9A-47EC-AFBE-30675ED06D97}C:\program files\dvdfab 10\dvdfab64.exe] => (Allow) C:\program files\dvdfab 10\dvdfab64.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [TCP Query User{CCA9966C-73AC-4A77-A04E-C500FA779C09}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{4F256C47-78A3-4461-958F-938B76F9077E}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{6633C230-268F-4A23-99DF-073C39341812}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{CBC105B1-A63C-4594-93BA-68AA4EC181DB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{CC817D28-70AF-4804-94D6-6EE49E680B7C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{046DA1AC-979C-40DF-8859-CF031F9040D7}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{BC935A2B-E27A-47D7-9043-17E644AD0525}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{ED5465B7-734A-4B69-AD0C-E3C1B1FB8AEC}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{3C5000C0-D14A-48A3-BB42-FB76B8E35406}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{209A77FD-7E56-415C-A20A-C3B7021B5216}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{FE27EA1B-7760-4A0C-B89E-3604C76B98F6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{E662E495-8C1D-459B-8B40-4FAA5B2B597B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{AD67B3CA-D547-494D-9804-DB54E06505D3}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{D0A04D9B-4811-4EDF-BB7E-30D998E8C34F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{0FB91C9F-7995-4B8F-9653-6DF8DDCF9070}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{BE94356D-FA57-4E1A-B1B5-5774424EE1AA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{F748B1B9-2391-4B73-B9B1-427DDA8FE586}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{10F863C0-DED2-4309-B361-3D1EA6C88A85}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{E77937E4-1245-4A7A-93C0-BF117B55E6D4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{38E97234-1E4D-487F-A5C4-6240DEA41A4D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{F767CA29-6438-4911-A621-B29AA258F3C4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{C6BF7CC5-208A-4A6E-99E2-193322050CFB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{09C9B7DF-546B-4EE6-8432-499237721E39}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{70267104-F3F8-400A-9453-4C35DFF790FF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{05A756A0-842D-456B-8ABB-1CA102CF747B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{C4488363-4264-4BC7-8F7C-2BDEC84356E5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{1F4706EA-1751-4E5A-8393-C35BFB5E3BFE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{FB8B2C94-5932-4243-8025-DB5C251311FD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{4EE7D0AA-4169-4137-ACE8-24977AA23D99}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{E925D618-7AB7-4B6A-A5C0-ED5D6DEDBCA2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [TCP Query User{BA678A2C-71CF-4872-BCC3-BF1B580D3E17}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe () [File not signed]
FirewallRules: [UDP Query User{81324C97-7702-4E43-8C1B-508099029F2F}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe () [File not signed]
FirewallRules: [TCP Query User{5969DA88-EA32-409E-84B6-BE53924A5CA7}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{C590B2A6-9C08-40DA-9144-6B64D34CE058}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{06448731-1A80-42C4-98D1-F4DFA91ADA4E}] => (Allow) C:\Program Files\Plex\Plex Media Player\PlexMediaPlayer.exe (Plex, Inc. -> )
FirewallRules: [{79E073FD-5030-4A83-A6EF-242532AF1C81}] => (Allow) C:\Program Files\Plex\Plex Media Player\PMPHelper.exe () [File not signed]
FirewallRules: [{3AF434B1-E0D9-4333-8F08-95A7FCA5226D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{E5D20086-B1BB-496F-8715-A621E9F797B7}C:\program files\dvdfab\dvdfab 12\dvdfab64.exe] => (Allow) C:\program files\dvdfab\dvdfab 12\dvdfab64.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [UDP Query User{E82F3F6C-6CBC-4865-8543-286E35105794}C:\program files\dvdfab\dvdfab 12\dvdfab64.exe] => (Allow) C:\program files\dvdfab\dvdfab 12\dvdfab64.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [{679779A8-710E-42DA-B04E-326D51A677E9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1193D513-742C-45F6-BB8E-9A53AC30FFAC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{607DD052-151E-4AE7-8FD8-E81532201966}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{79C516E2-56A2-4F6B-8AD1-AFCE59A56192}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AB325EFB-41B9-431A-8D18-B79078A9C174}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C41E49A6-9D69-42C5-9595-ACA4D495DEE9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{07EAE164-F4E9-457F-9475-E866AF52118E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8BC5A06E-07F6-4E60-A8B6-C510AFC55FA8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{71746ED0-9D87-4DB6-9564-C2147A999AA1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4B46F91D-F1C9-419D-9EA1-DAB43A5B287D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{21B50BEF-F005-450D-95E0-5C7EE0710B4C}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{642E2F07-C0C4-4F73-9377-B795D5071028}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [{59438C81-4468-41F7-BF1F-90A771064351}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Plex, Inc. -> )
FirewallRules: [{A02D242F-C771-4EA7-953B-3CFE8CF4B858}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [{F4B2D602-1AEE-4E93-87CD-4530591B4DCB}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe (Plex, Inc. -> )
FirewallRules: [{8D9628AC-3B2A-4F49-91E7-22C2A24955C8}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Game Transcoder\Plex Game Transcoder.exe (Plex, Inc. -> )
FirewallRules: [{AC16F231-CE08-4861-9E38-EAC482A0161A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{BCDB8C5C-696B-49AF-9527-0BA7C0F52724}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{00D001BE-0D7C-43EC-B91D-A6E84254077B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A37A1AEE-65C6-4572-968F-9005A20896E4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7D310921-2AA7-4D55-8CE9-B7133CFE2AF1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{700B3F27-AF99-4611-B620-41D6B18D84FA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C71A69D6-4817-4F8D-B263-FB8C48017FA6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{65B96074-1CE5-41C8-976A-C94EF79652B1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8E698197-8D8F-4A4E-BB33-FE2EE4F5FA97}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0A7258B5-038D-4C6D-89A0-E63AD8F83615}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{680A412F-FD05-4646-8FEE-42C869DD073B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E0F8A2A4-9B24-47CD-9266-B780ECE747BA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{534E39B4-F680-4BBD-9442-F00A1D53AF4C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
 
==================== Restore Points =========================
 
25-05-2021 12:54:33 Scheduled Checkpoint
03-06-2021 13:15:33 Scheduled Checkpoint
08-06-2021 17:02:03 Plex Media Server
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (06/11/2021 04:48:33 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
 
Error: (06/11/2021 04:48:33 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
 
Error: (06/11/2021 04:48:33 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
 
Error: (06/11/2021 04:48:33 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
 
Error: (06/11/2021 04:48:30 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
 
Error: (06/11/2021 04:45:19 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.
 
Error: (06/11/2021 04:45:19 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
Error: (06/11/2021 04:45:19 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.
 
 
System errors:
=============
Error: (06/11/2021 04:45:09 PM) (Source: DCOM) (EventID: 10010) (User: RYNO01)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
 
 
==================== Memory info =========================== 
 
BIOS: Dell Inc. A12 02/05/2018
Motherboard: Dell Inc. 0KWVT8
Processor: Intel® Core™ i7-4770 CPU @ 3.40GHz
Percentage of memory in use: 29%
Total physical RAM: 16335.18 MB
Available physical RAM: 11500.29 MB
Total Virtual: 18767.18 MB
Available Virtual: 13477.53 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:465.16 GB) (Free:404.09 GB) NTFS
Drive d: (Files & Storage) (Fixed) (Total:1862.89 GB) (Free:1526.7 GB) NTFS
Drive e: (My Book) (Fixed) (Total:2794.49 GB) (Free:1456.86 GB) NTFS
Drive f: (Elements) (Fixed) (Total:11175.97 GB) (Free:6435.9 GB) NTFS
Drive g: (My Book) (Fixed) (Total:1396.61 GB) (Free:761.47 GB) NTFS
Drive m: (WD SmartWare) (CDROM) (Total:0.43 GB) (Free:0 GB) UDF
Drive n: (New Volume) (Fixed) (Total:1862.98 GB) (Free:356.89 GB) NTFS
Drive o: (Elements) (Fixed) (Total:11175.97 GB) (Free:3604.57 GB) NTFS
Drive p: (NEW VOLUME) (Removable) (Total:29.81 GB) (Free:29.75 GB) NTFS
 
\\?\Volume{82f22c68-f0d4-4705-9ffa-50a7e3a55cdb}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS
\\?\Volume{c557409b-41be-47b7-8654-2860c5346652}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==========================================================
Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)
 
Partition: GPT.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 2.
 
==========================================================
Disk: 3 (Size: 1863 GB) (Disk ID: D409B4F0)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 
==========================================================
Disk: 4 (Size: 11176 GB) (Disk ID: 16F2A91F)
 
Partition: GPT.
 
==========================================================
Disk: 5 (MBR Code: Windows XP) (Size: 1396.6 GB) (Disk ID: 000389F4)
Partition 1: (Not Active) - (Size=1396.6 GB) - (Type=07 NTFS)
 
==========================================================
Disk: 6 (Size: 11176 GB) (Disk ID: 16F2A91F)
 
Partition: GPT.
 
==========================================================
Disk: 11 (MBR Code: Windows 7 or Vista) (Size: 29.8 GB) (Disk ID: E7731309)
Partition 1: (Not Active) - (Size=29.8 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt =======================
 

  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,850 posts
  • MVP

Did the fixlist help?

 

Were you able to login to the new login?


  • 0

#5
mewsick75

mewsick75

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 292 posts

It never came up with a new user login.

 

It just said it needed to reboot and when it did it came up with my regular login, so i just logged into it normally.


  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,850 posts
  • MVP

Do you have the shutdown button?  It should give you an offer to switch user.  That should show you the logon screen with your old login selected but down in the bottom left of the screen you should see the new login.  Just click on it.


  • 0

#7
mewsick75

mewsick75

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 292 posts

OK, I was able to log on as Ryno2 but its just like a new user logon.

Edge and Chrome are on the desktop in addition to Recycle Bin but thats it.

 

Where do we go from here?  Is all my stuff gone?


  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,850 posts
  • MVP

The new logon doesn't have any data but we can use it to look to see if your old data is still there.

 

Open File Explorer:

https://www.howtogee...-in-windows-10/

 

Double click on This PC

Double Click on (C:)

Double click on Users (you will probably need to scroll down to see it)

Double click on Ryno Family (if it is still there)

It will say You don't currently have permission to access the folder. .. Click Continue and wait a few minutes.

Double click on Desktop.  Do you see anything there?

If you do then click on the left arrow below the word File (upper left).  That will move you back one level.  Select the top item in the right pane.  Hold down the CTRL key and click on each folder in the same pane.  This should select all of them.  Now right click on your selection and Copy.

Then click on the left arrow twice which should take you to Users.  Click once on Ryno2 then Right click on Ryno2  and Paste.  It will say something about the destination already contains the folder and ask if you want to Merge.  Say Yes.

 

If that works you can minimize File Explorer and whatever browser you are using and you should see a desktop like you used to have.  Do you? 


  • 0

#9
mewsick75

mewsick75

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 292 posts

There were no files or folders in the old profile.


  • 0

#10
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,850 posts
  • MVP

Log in with your old login and try this quick fixlist.  It should not need to reboot.

 

Download the attached fixlist.txt to the same location as FRST

Attached File  fixlist.txt   318bytes   26 downloads

Run FRST and press Fix
A fix log will be generated please post that

 


  • 0

Advertisements


#11
mewsick75

mewsick75

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 292 posts
Fix result of Farbar Recovery Scan Tool (x64) Version: 12-06-2021
Ran by Ryno Family (12-06-2021 12:05:22) Run:2
Running from C:\Users\Ryno Family\Desktop
Loaded Profiles: Ryno Family & Ryno2
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Unlock: C:\Users\Ryno Family\Desktop
Folder: C:\Users\Ryno Family\Desktop
Unlock: C:\Users\Ryno Family\Documents
Folder: C:\Users\Ryno Family\Documents
 
 
*****************
 
"C:\Users\Ryno Family\Desktop" => was unlocked
 
========================= Folder: C:\Users\Ryno Family\Desktop ========================
 
2021-06-11 11:12 - 2021-06-11 16:51 - 000053339 ____A [43F4CB8755BAB469D14C009062AF4343] () C:\Users\Ryno Family\Desktop\Addition.txt
2021-06-12 12:04 - 2021-06-12 12:05 - 000000158 ____A [CCF332A30F441FC79C119D927241E587] () C:\Users\Ryno Family\Desktop\fixlist.txt
2021-06-12 12:05 - 2021-06-12 12:05 - 000000893 ____A [22A9242774337C672FE1D584C08C2231] () C:\Users\Ryno Family\Desktop\Fixlog.txt
2021-06-11 11:11 - 2021-06-11 16:51 - 000038630 ____A [C373C28E59A3EFFB6285E6A2B8783503] () C:\Users\Ryno Family\Desktop\FRST.txt
2021-06-11 11:10 - 2021-06-12 12:05 - 002300416 ____A [093F2A7254496BB240CBEED95416F906] (Farbar) C:\Users\Ryno Family\Desktop\FRST64.exe
2021-06-11 22:23 - 2021-06-11 22:23 - 000002336 ____A [A9D2D3F4308CF29FB50B3474C228D2AE] () C:\Users\Ryno Family\Desktop\Google Chrome.lnk
2021-06-11 11:11 - 2021-06-12 12:05 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Ryno Family\Desktop\FRST-OlderVersion
2021-06-11 11:10 - 2021-06-11 11:11 - 002300416 ____A [D3595F9B46BF7250ABE8ECD785FB9515] (Farbar) C:\Users\Ryno Family\Desktop\FRST-OlderVersion\FRST64.exe
 
====== End of Folder: ======
 
"C:\Users\Ryno Family\Documents" => was unlocked
 
========================= Folder: C:\Users\Ryno Family\Documents ========================
 
2020-08-23 11:56 - 2020-08-23 11:56 - 000000000 _SHDL [00000000000000000000000000000000] (Access Denied) C:\Users\Ryno Family\Documents\My Music
2020-08-23 11:56 - 2020-08-23 11:56 - 000000000 _SHDL [00000000000000000000000000000000] (Access Denied) C:\Users\Ryno Family\Documents\My Pictures
2020-08-23 11:56 - 2020-08-23 11:56 - 000000000 _SHDL [00000000000000000000000000000000] (Access Denied) C:\Users\Ryno Family\Documents\My Videos
 
====== End of Folder: ======
 
 
==== End of Fixlog 12:05:22 ====

  • 0

#12
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,850 posts
  • MVP

It doesn't show much in Desktop.  Says it can't access the three folders in the Documents folder so let's unlock them too with another fixlist.

 

Download the attached fixlist.txt to the same location as FRST

Attached File  fixlist.txt   390bytes   27 downloads

Run FRST and press Fix
A fix log will be generated please post that


 


  • 0

#13
mewsick75

mewsick75

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 292 posts

It scares me when you say you dont see much, because i used to have a lot of stuff on the desktop.

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 12-06-2021
Ran by Ryno Family (12-06-2021 13:33:29) Run:3
Running from C:\Users\Ryno Family\Desktop
Loaded Profiles: Ryno Family & Ryno2
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Unlock: C:\Users\Ryno Family\Documents\My Music
Unlock: C:\Users\Ryno Family\Documents\My Pictures
Unlock:  C:\Users\Ryno Family\Documents\My Videos
Folder: C:\Users\Ryno Family\Documents
 
 
*****************
 
"C:\Users\Ryno Family\Documents\My Music" => was unlocked
"C:\Users\Ryno Family\Documents\My Pictures" => was unlocked
"C:\Users\Ryno Family\Documents\My Videos" => was unlocked
 
========================= Folder: C:\Users\Ryno Family\Documents ========================
 
2020-08-23 11:56 - 2020-08-23 11:56 - 000000000 _SHDL [00000000000000000000000000000000] () C:\Users\Ryno Family\Documents\My Music
2020-08-23 11:56 - 2020-08-23 11:56 - 000000000 _SHDL [00000000000000000000000000000000] () C:\Users\Ryno Family\Documents\My Pictures
2020-08-23 11:56 - 2020-08-23 11:56 - 000000000 _SHDL [00000000000000000000000000000000] () C:\Users\Ryno Family\Documents\My Videos
 
====== End of Folder: ======
 
 
==== End of Fixlog 13:33:29 ====

  • 0

#14
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,850 posts
  • MVP

Doesn't look good.  Let's check the health of your hard drives:

 

Get the free version of Speccy:

http://www.filehippo...ownload_speccy/ 

(Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.


 


  • 0

#15
mewsick75

mewsick75

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 292 posts

Here is the log...

Attached Files


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP