1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

In Progress Avira: TR/Patched.Ren.Gen W32/Virut.Gen EXP/MS04-028.JPEG.A

Discussion in 'Virus & Other Malware Removal' started by BondiJonno, Jan 25, 2020.

Advertisement
  1. BondiJonno

    BondiJonno Thread Starter

    Joined:
    Jan 25, 2020
    Messages:
    21
    Hi Tech Gurus!

    I'm running Avira, MalwareBytes and Windows Defender on my 64 bit machine (details below).

    Avira has been reporting the following infections for some time.
    - TR/Patched.Ren.Gen
    - W32/Virut.Gen
    - EXP/MS04-028.JPEG.A

    Usually the reports come up when I'm using Windows Image Resizer utility.

    I've ignored them up to this point because I had read that these alerts were false positives, resulting from conflicts between Avira and AdAware, so I also disabled AdAware (possibly not the best idea in retrospect).

    Please note that I have not noticed any specific issues with the operation of my computer, except for the infection alerts mentioned above. I've not seeing any suspicious activity, unwanted pop-ups etc.

    HOWEVER, having just seen this thread (https://forums.techguy.org/threads/exp-ms04-028-jpeg-a-virus-detected-when-editing-photos.1191893/) I realised that this was perhaps not a false positive after all, so I would appreciate your assistance in resolving!!


    Tech Support Guy System Info Utility results as follows:
    ======================================

    Tech Support Guy System Info Utility version 1.0.0.9
    OS Version: Microsoft Windows 7 Ultimate, Service Pack 1, 64 bit, Build 7601, Installed 20160423101044.000000+600
    Processor: Intel(R) Core(TM) i7-3930K CPU @ 3.20GHz, Intel64 Family 6 Model 45 Stepping 7, CPU Count: 12
    Total Physical RAM: 32 GB
    Graphics Card: NVIDIA GeForce GTX 660 Ti
    Hard Drives: C: 894 GB (498 GB Free); D: 0 GB (0 GB Free); E: 931 GB (148 GB Free); G: 2794 GB (458 GB Free);
    Motherboard: ASUSTeK COMPUTER INC. RAMPAGE IV BLACK EDITION, ver Rev 1.xx, s/n 140526243400484
    System: American Megatrends Inc., ver ALASKA - 1072009, s/n System Serial Number
    Antivirus: Avira Antivirus, Enabled and Updated


    Looking forward to receiving your reply!!
     
  2. BondiJonno

    BondiJonno Thread Starter

    Joined:
    Jan 25, 2020
    Messages:
    21
    Actually I may have mis-spoken when I said "I have not noticed any specific issues with the operation of my computer, except for the infection alerts mentioned above. I've not seeing any suspicious activity, unwanted pop-ups etc.". There are frequent periods through the day where my mouse pointer - which usually responds in "real time" - is delayed by several seconds, making it unusable. The episodes last for 5-10 seconds at a time. Then the mouse "catches up" and I can use it normally again. This could be unrelated though.
     
  3. Macboatmaster

    Macboatmaster Trusted Advisor Spam Fighter

    Joined:
    Jan 14, 2010
    Messages:
    23,310
    I cannot help with the possible infection issue, as that help must come from one of our qualified malware experts
    However whilst you are waiting for a reply from one of those experts, please proceed as below

    Please run the MGA Diagnostic Tool and post back the report it creates:
    • Download MGADiag to your desktop.
    • Double-click on MGADiag.exe to launch the program
    • Click "Continue"
    • Ensure that the "Windows" tab is selected (it should be by default).
    • Click the "Copy" button to copy the MGA Diagnostic Report to the Windows clipboard.
    • Paste the MGA Diagnostic Report back here in your next reply.
     
  4. BondiJonno

    BondiJonno Thread Starter

    Joined:
    Jan 25, 2020
    Messages:
    21
    Hi Macboatmaster,

    Thanks for your comment.


    MGA Diagnostic Report as as follows:

    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0
    Cached Online Validation Code: 0x0
    Windows Product Key: *****-*****-HD88T-RRQFX-GDV3W
    Windows Product Key Hash: DtAuUgfYzQG/Xn6skHy0UA/WuRk=
    Windows Product ID: 00426-OEM-9154333-75212
    Windows Product ID Type: 3
    Windows License Type: OEM System Builder
    Windows OS version: 6.1.7601.2.00010100.1.0.001
    ID: {22835FE9-799C-484C-B05A-3E333C98E946}(1)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Ultimate
    Architecture: 0x00000009
    Build lab: 7601.win7sp1_ldr_escrow.200102-1707
    TTS Error:
    Validation Diagnostic:
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 100 Genuine
    2007 Microsoft Office system - 100 Genuine
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005_E2AD56EA-765-b01a_E2AD56EA-766-0_E2AD56EA-148-80004005_16E0B333-89-80004005_B4D0AA8B-1029-80004005

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{22835FE9-799C-484C-B05A-3E333C98E946}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.001</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-GDV3W</PKey><PID>00426-OEM-9154333-75212</PID><PIDType>3</PIDType><SID>S-1-5-21-1467402742-1454247715-597687806</SID><SYSTEM><Manufacturer>System manufacturer</Manufacturer><Model>System Product Name</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>0801</Version><SMBIOSVersion major="2" minor="7"/><Date>20140704000000.000000+000</Date></BIOS><HWID>AD8A3507018400F2</HWID><UserLCID>0C09</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>AUS Eastern Standard Time(GMT+10:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91120000-0031-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>2007 Microsoft Office system</Name><Ver>12</Ver><Val>B252D7085299F14</Val><Hash>gcqzfsIrotVa3EmaR2/CVb7/7Xc=</Hash><Pid>89451-906-9750833-66569</Pid><PidType>1</PidType></Product></Products><Applications><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>

    Spsys.log Content: 0x80070002

    Licensing Data-->
    Software licensing service version: 6.1.7601.17514

    Name: Windows(R) 7, Ultimate edition
    Description: Windows Operating System - Windows(R) 7, OEM_COA_NSLP channel
    Activation ID: cfb3e52c-d707-4861-af51-11b27ee6169c
    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
    Extended PID: 00426-00182-543-375212-02-3081-7601.0000-1142016
    Installation ID: 004715143202583474016905512841738343582013579562882593
    Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
    Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
    Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
    Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
    Partial Product Key: GDV3W
    License Status: Licensed
    Remaining Windows rearm count: 3
    Trusted time: 29/01/2020 5:56:47 PM

    Windows Activation Technologies-->
    HrOffline: 0x00000000
    HrOnline: 0x00000000
    HealthStatus: 0x0000000000000000
    Event Time Stamp: 7:29:2019 16:51
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:


    HWID Data-->
    HWID Hash Current: OgAAAAEAAQABAAEAAgADAAAABQABAAEAhFEGcPZheDQUt1aY3BjmFJgMsDvDvDFfhOI2tSLOCKs0IQ==

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes, but no SLIC table
    Windows marker version: N/A
    OEMID and OEMTableID Consistent: N/A
    BIOS Information:
    ACPI Table Name OEMID Value OEMTableID Value
    APIC ALASKA A M I
    FACP ALASKA A M I
    HPET ALASKA A M I
    MCFG ALASKA OEMMCFG.
    FPDT ALASKA A M I
    BGRT ALASKA A M I
    SSDT INTEL CpuPm
     
  5. Macboatmaster

    Macboatmaster Trusted Advisor Spam Fighter

    Joined:
    Jan 14, 2010
    Messages:
    23,310
    THANK YOU
    I asked for the MGA report, just while you were waiting for a reply, from one of our Malware experts, as I mentioned.
    The reason I asked, to be perfectly honest with you, is because Windows 7 Ultimate edition is not often seen on an Asus with a Rampage board, as the preinstalled OS if the computer itself is an ASUS, as against a generic build with simply an Asus board

    Ultimate in such circumstances, is often not genuinely in use, in accordance with the Microsoft licensing conditions. Frequently showing to be a Volume Licensing key.

    However all is in order insofar as it is NOT a VLK with a file mismatch shown and the OEM table etc is in order.

    I have drawn your topic to the attention of one of our Malware experts.

    Please be patient while he gets a chance to deal with the issue. The Malware forum is always very busy.
     
  6. iMacg3

    iMacg3 Malware Specialist

    Joined:
    Nov 3, 2018
    Messages:
    726
    Hi BondiJonno, welcome to the Tech Support Guy malware removal forum.

    I am iMacg3 and will be helping you with your computer problems.

    Please keep the following information in mind before we begin:
    • Back up any important data before we continue.
      • Back up any important data on your computer to external media. I will not knowingly suggest any steps that will damage your computer; however, malware infections are often unpredictable and it may be necessary to reformat and reinstall your operating system depending on the infection.
    • Do not install any new software or run any fixes/tools on your system unless I request that you do so.
      • Running additional tools on your system can interfere with the clean-up process, or cause issues such as false positives.
    • Please read all instructions carefully, and complete them in the order listed.
      • Items that are especially important will be highlighted in bold or red.
    • If your computer seems to start working normally, please don't abandon the topic.
      • Even if your system is behaving normally, there may still be some malware remnants left over. Additionally, malware can re-infect the computer if some remnants are left. Therefore, please complete all requested steps to make sure any malware is successfully eradicated from your PC.
    • If you have pirated or illegal software on your computer, uninstall it now before proceeding.
      • Using pirated/cracked software is an easy way to infect your computer - almost as easy as intentionally downloading malware. Therefore, please remove any, if present, before we begin the clean-up.
    • If you have questions at any time during the cleanup, feel free to ask.
    ---------------------------------------------------
    Farbar Recovery Scan Tool (FRST)

    Download Farbar Recovery Scan Tool and save it to your desktop.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, and that will be the right version.
    • Right-click FRST.exe/FRST64.exe then click "Run as administrator"
    • When the tool opens, click Yes to the disclaimer.
    • Press the Scan button.
    • When finished, it will produce logs called FRST.txt and Addition.txt in the same directory the tool was run from.
    • Please copy and paste the logs in your next reply.
    ---------------------------------------------------

    In your next reply, please include:
    • FRST.txt
    • Addition.txt
     
  7. BondiJonno

    BondiJonno Thread Starter

    Joined:
    Jan 25, 2020
    Messages:
    21
    No problem Macboatmaster - thanks for your reply.

    I installed it myself as I'm very hand-on with my computer and I work in IT as a Database Analyst/Programmer and Data Manager.
     
  8. BondiJonno

    BondiJonno Thread Starter

    Joined:
    Jan 25, 2020
    Messages:
    21
    Hi Imacg3, will do. Should I disable Avira and MBAM etc on my PC before doign this, or is it OK to leave them running?
     
  9. Macboatmaster

    Macboatmaster Trusted Advisor Spam Fighter

    Joined:
    Jan 14, 2010
    Messages:
    23,310
    Cheers
    Hope my colleague sorts it for you.
    I am sure you have seen he has replied to you.
     
    BondiJonno likes this.
  10. BondiJonno

    BondiJonno Thread Starter

    Joined:
    Jan 25, 2020
    Messages:
    21
    FIRST.TXT
    ================

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-01-2020
    Ran by Jonathan (administrator) on GEEKLAND-PC (30-01-2020 13:35:19)
    Running from C:\Users\Jonathan\Desktop
    Loaded Profiles: Jonathan (Available Profiles: GEEKLAND & Jonathan & Administrator & Guest)
    Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
    (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
    (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
    (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
    (Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
    (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
    (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
    (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
    (Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
    (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
    (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
    (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
    (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
    (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
    (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
    (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
    (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
    (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
    (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
    (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
    (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
    (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.RealTime.Client.exe
    (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.RealTimeOptimizer.exe
    (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
    (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.WebAppHost.exe
    (BlackBerry Ltd. -> ) C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
    (BlackBerry Ltd. -> ) C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
    (BlackBerry Ltd. -> Apple Inc.) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
    (BlackBerry Ltd. -> BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe
    (BlackBerry Ltd. -> BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
    (BlackBerry Ltd. -> BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
    (BlackBerry Ltd. -> BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
    (Blue Jeans Network -> Blue Jeans) C:\Users\Jonathan\AppData\Local\Blue Jeans\App\BlueJeans.exe
    (Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
    (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
    (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
    (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
    (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
    (Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\90.3.292\QtWebEngineProcess.exe
    (Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\90.3.292\QtWebEngineProcess.exe
    (Fieldston Software) [File not signed] C:\Program Files (x86)\Fieldston Software\gSyncit\gsyncit.exe
    (Fieldston Software) [File not signed] C:\Program Files (x86)\Fieldston Software\gSyncit\gsyncit.updater.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
    (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Intel Corporation) [File not signed] C:\Windows\System32\IPROSetMonitor.exe
    (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
    (Logitech Inc -> Logitech) C:\Program Files\Logitech\SetPointP\Campaign\LogiCampaignNotifier.exe
    (Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
    (Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\LAClient\laclient.exe
    (Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\LAClient\laclient.exe
    (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
    (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
    (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
    (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (NETGEAR TAIWAN CO., LTD -> ) C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
    (NETGEAR TAIWAN CO., LTD -> NETGEAR Inc.) C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
    (Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
    (Node.js Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
    (Polar Electro Oy) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\flowsync.exe
    (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (Slack Technologies, Inc. -> Slack Technologies Inc.) C:\Users\Jonathan\AppData\Local\slack\app-4.2.0\slack.exe
    (Slack Technologies, Inc. -> Slack Technologies Inc.) C:\Users\Jonathan\AppData\Local\slack\app-4.2.0\slack.exe
    (Slack Technologies, Inc. -> Slack Technologies Inc.) C:\Users\Jonathan\AppData\Local\slack\app-4.2.0\slack.exe
    (Slack Technologies, Inc. -> Slack Technologies Inc.) C:\Users\Jonathan\AppData\Local\slack\app-4.2.0\slack.exe
    (Slack Technologies, Inc. -> Slack Technologies Inc.) C:\Users\Jonathan\AppData\Local\slack\app-4.2.0\slack.exe

    ==================== Registry (Whitelisted) ===================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9068040 2016-11-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
    HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
    HKLM\...\Run: [] => [X]
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-12-09] (Apple Inc. -> Apple Inc.)
    HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3136136 2019-01-30] (Logitech Inc -> Logitech, Inc.)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [228136 2020-01-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
    HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331352 2020-01-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
    HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
    HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [6261760 2020-01-23] (Dropbox, Inc -> Dropbox, Inc.)
    HKU\S-1-5-21-1467402742-1454247715-597687806-1001\...\Run: [] => [X]
    HKU\S-1-5-21-1467402742-1454247715-597687806-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-12-09] (Apple Inc. -> Apple Inc.)
    HKU\S-1-5-21-1467402742-1454247715-597687806-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-11-26] (Adobe Inc. -> Adobe Systems Incorporated)
    HKU\S-1-5-21-1467402742-1454247715-597687806-1001\...\Policies\Explorer: [NoViewOnDrive] 0
    HKU\S-1-5-21-1467402742-1454247715-597687806-1001\...\MountPoints2: E - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\Start.exe
    HKU\S-1-5-21-1467402742-1454247715-597687806-1001\...\MountPoints2: H - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL H:\Start.exe
    HKU\S-1-5-21-1467402742-1454247715-597687806-1001\...\MountPoints2: {35df7f55-1d3e-11e6-8659-54271ebdb358} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL D:\Start.exe
    HKU\S-1-5-21-1467402742-1454247715-597687806-1001\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [30720 2010-11-21] (Microsoft Windows -> Microsoft Corporation)
    HKU\S-1-5-21-1467402742-1454247715-597687806-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [3229696 2016-08-30] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-23] (Google LLC -> Google LLC)
    HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2013-10-01] (Broadcom Corporation -> Broadcom Corporation.)
    HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] -> C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll [2013-10-01] (Broadcom Corporation -> Broadcom Corporation.)
    HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
    Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
    Startup: C:\Users\Jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bluejeans-helper.vbs [2017-01-10] (Blue Jeans Network -> )

    ==================== Scheduled Tasks (Whitelisted) ============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {01E6C348-3CFA-4222-BC1B-B6583DCE21C9} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [3220640 2013-08-27] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [File not signed]
    Task: {03B1E9AD-52C7-4676-BBEB-E616FFB5C8FD} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_321_Plugin.exe [1458232 2020-01-22] (Adobe Inc. -> Adobe)
    Task: {0B9C68E7-55FB-49E7-BA62-3D965E02D4B9} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [27892072 2020-01-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG )
    Task: {0C9B54D1-6026-45F4-93F2-D7ED88B83E13} - System32\Tasks\AdobeAAMUpdater-1.0-GEEKLAND-PC-Jonathan => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
    Task: {0D048758-2F09-4F41-9524-C5DD5ED8F541} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
    Task: {1267E88E-F1A6-4DE4-BA39-1D6193B0A36A} - System32\Tasks\Avira\Safe Shopping\Update => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe [112016 2019-09-10] (Solute GmbH -> Avira)
    Task: {1757A696-4F01-486B-ACFE-F7A77DBAB8C8} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\8 => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2623032 2019-07-05] (Adobe Inc. -> Adobe Inc.)
    Task: {21C3504D-42CE-4AC1-81D3-114F799107D0} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\1 => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [6261760 2020-01-23] (Dropbox, Inc -> Dropbox, Inc.)
    Task: {242FEB2E-F0EE-411A-A6EC-274B3E160E34} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
    Task: {262ACB91-1F11-4080-B35F-3BE2F5B59457} - System32\Tasks\Norton Security Scan for Jonathan => C:\Program Files (x86)\Norton Security Scan\Engine\4.6.2.17\Nss.exe [846928 2018-03-13] (Symantec Corporation -> Symantec Corporation)
    Task: {3330EF97-D3CF-4901-8B2A-DB0853391924} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\11 => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation -> Microsoft Corporation)
    Task: {33DA3000-EB1F-4082-A3C1-C470206B807A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-01-22] (Adobe Inc. -> Adobe)
    Task: {3C41DFED-236A-474B-8928-10464315EC05} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\6 => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3136136 2019-01-30] (Logitech Inc -> Logitech, Inc.)
    Task: {3FBC0E20-D3B8-4E2E-848D-472314169C5D} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\12 => C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4730616 2015-05-26] (BlackBerry Ltd. -> BlackBerry Limited)
    Task: {49B5F4A7-E2D4-4BE7-BA47-3EB207A63DC2} - \{48973997-C0D2-4197-A4B7-A49E94895A6D} -> No File <==== ATTENTION
    Task: {4C386216-B2F4-4107-8EEE-1733404A11FE} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
    Task: {4F43F91E-FEEB-4524-B175-F1F8D71EF19D} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
    Task: {52A51CE8-E989-4E16-B6B7-81F2460F8405} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2757672 2019-11-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
    Task: {53F6B8A7-83AF-4FC6-B940-726522CFEBA7} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\7 => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
    Task: {562ED150-D9BD-40A5-863F-66DC8314528D} - System32\Tasks\Avira\Safe Shopping\Launch => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe [112016 2019-09-10] (Solute GmbH -> Avira)
    Task: {5FC6D78B-5586-4D66-9E70-2BFFF8164794} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\5 => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
    Task: {66311871-D784-4F58-B2DD-8A1168FA7ED3} - System32\Tasks\EPSON SC-P800 Series Update {C73DC83A-DE0E-417D-B05B-26A0A95B5184} => C:\Windows\system32\spool\DRIVERS\x64\3\E_32TS01FA.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
    Task: {6F5E0945-56E8-408F-983F-F78AFC767AEB} - System32\Tasks\Avira\System Speedup\Delayed Startup\Jonathan\5 => C:\Program Files (x86)\Fieldston Software\gSyncit\gsyncit.exe [229376 2018-10-13] (Fieldston Software) [File not signed] <==== ATTENTION
    Task: {709AC958-0B9C-4C09-B093-89B1BB4C8507} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
    Task: {73AA6CC1-0E1F-474F-9743-0A409AAB9586} - System32\Tasks\Avira\System Speedup\Delayed Startup\Jonathan\1 => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-11-26] (Adobe Inc. -> Adobe Systems Incorporated) <==== ATTENTION
    Task: {84DE5376-DA1E-4A87-987D-FA637336A7E0} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\Moo0\FileShredder 1.21\FileShredder.exe [1769472 2013-08-13] (Moo0) [File not signed]
    Task: {868D7A00-8622-461C-9F3F-35A08920F193} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\4 => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
    Task: {8BC4C405-4D55-4CAC-9A16-16AA92201755} - System32\Tasks\Avira\System Speedup\Delayed Startup\Jonathan\4 => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5553712 2019-12-03] (Adobe Inc. -> Adobe Systems Incorporated) <==== ATTENTION
    Task: {8C488D20-6DEC-4F8A-AB38-F53F460388FE} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [331352 2020-01-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
    Task: {922E2903-6786-4FDF-98FF-AFD933502C90} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\10 => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443640 2014-10-31] (BlackBerry Ltd. -> BlackBerry Limited)
    Task: {9CD568DD-B065-4919-B64B-DDF3E79ED270} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\9 => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-09-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    Task: {9D8931E4-F5D5-4C8B-A6D9-476C218CA03A} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [20776 2015-03-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
    Task: {9E812F31-38E6-4065-8AE0-945534C6049C} - System32\Tasks\Avira\Safe Shopping\Check => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe [112016 2019-09-10] (Solute GmbH -> Avira)
    Task: {AFC6CE0C-8454-490D-8308-85E51B88873E} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe
    Task: {B63FB122-A3E5-4899-B327-B966E4F67190} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-04-23] (Google Inc -> Google Inc.)
    Task: {B8DDF598-E8EC-4C8E-A40F-7E9F6769AFE9} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_321_pepper.exe [1453624 2020-01-22] (Adobe Inc. -> Adobe)
    Task: {C6C1D1EA-D8CE-486B-8B54-09EAB6A7B708} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-04-23] (Google Inc -> Google Inc.)
    Task: {CAACDB1D-0EA0-403B-98AA-75AA67BB4B3F} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\2 => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5011504 2019-12-03] (Adobe Inc. -> Adobe Systems Inc.)
    Task: {D000E333-EBAB-440A-BE3F-F34EA322AA73} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1467402742-1454247715-597687806-1001UA => C:\Users\Jonathan\AppData\Local\Google\Update\GoogleUpdate.exe [153752 2016-09-25] (Google Inc -> Google Inc.)
    Task: {DDBDCA2B-0967-4822-9E83-6CF4B2213A9C} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\13 => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1804432 2015-11-10] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {DE6929B2-7248-49A5-899D-4F69F84E4E96} - System32\Tasks\Microsoft_Hardware_Launch_LifeExp_exe => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation -> Microsoft Corporation)
    Task: {E648B5FC-DD26-4F03-8F79-80CA59D460F3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [7619288 2017-05-20] (Piriform Ltd -> Piriform Ltd)
    Task: {E65ACD73-3B18-4434-BE2E-FA4807D65541} - System32\Tasks\Avira\System Speedup\Delayed Startup\Jonathan\7 => C:\Program Files (x86)\Polar\Polar FlowSync\FlowSync.exe [1397248 2018-09-17] (Polar Electro Oy) [File not signed] <==== ATTENTION
    Task: {E7000BB4-7913-4B4F-A32B-4464F5830CE8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-24] (Dropbox, Inc -> Dropbox, Inc.)
    Task: {EB3C2451-2BDB-49B6-BD52-52287E180193} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-24] (Dropbox, Inc -> Dropbox, Inc.)
    Task: {EC7D577B-DFE3-4CD1-8F33-F45C326096D6} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\3 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
    Task: {F307C9BC-4F7C-4A8E-968A-6AEE02D31EC1} - System32\Tasks\Avira\System Speedup\Delayed Startup\Jonathan\3 => C:\Users\Jonathan\AppData\Local\slack\Update.exe [1569296 2020-01-30] (Slack Technologies, Inc. -> ) <==== ATTENTION
    Task: {F33BA5A6-A912-43E8-B400-A70193798FE1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1467402742-1454247715-597687806-1001Core => C:\Users\Jonathan\AppData\Local\Google\Update\GoogleUpdate.exe [153752 2016-09-25] (Google Inc -> Google Inc.)
    Task: {F3F00957-7C7B-4CAF-972B-B8C8B3854C7D} - System32\Tasks\Avira\System Speedup\Delayed Startup\Jonathan\6 => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [610904 2018-07-23] (NETGEAR TAIWAN CO., LTD -> NETGEAR Inc.) <==== ATTENTION
    Task: {FA4FAA73-8397-4FC5-BA8E-F453BB907F60} - System32\Tasks\EPSON SC-P800 Series Update {F144E462-C433-4052-A776-B4C793B39AC6} => C:\Windows\system32\spool\DRIVERS\x64\3\E_32TS01FA.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\Windows\Tasks\EPSON SC-P800 Series Update {C73DC83A-DE0E-417D-B05B-26A0A95B5184}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_32TS01FA.EXE:/EXE:{C73DC83A-DE0E-417D-B05B-26A0A95B5184} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
    Task: C:\Windows\Tasks\EPSON SC-P800 Series Update {F144E462-C433-4052-A776-B4C793B39AC6}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_32TS01FA.EXE:/EXE:{F144E462-C433-4052-A776-B4C793B39AC6} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
    Task: C:\Windows\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}.job => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
    Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
    Winsock: Catalog5 10 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
    Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
    Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
    Winsock: Catalog5-x64 10 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
    Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
    Tcpip\..\Interfaces\{7377666B-1A6D-4578-A079-34FF0C11F304}: [DhcpNameServer] 192.168.0.1
    Tcpip\..\Interfaces\{CB51C88B-B445-4649-AD8A-287F54B5ECFB}: [DhcpNameServer] 192.168.0.1

    Internet Explorer:
    ==================
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\S-1-5-21-1467402742-1454247715-597687806-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-1467402742-1454247715-597687806-1001 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
    SearchScopes: HKU\S-1-5-21-1467402742-1454247715-597687806-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
    BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-05-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2019-01-30] (Logitech Inc -> Logitech, Inc.)
    BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-05-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
    BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-05-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2019-01-30] (Logitech Inc -> Logitech, Inc.)
    BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Program Files (x86)\Avira\Browser Safety\Avira Browser Safety.dll [2015-03-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
    BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-05-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-05-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-05-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
    Toolbar: HKU\S-1-5-21-1467402742-1454247715-597687806-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-05-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    Toolbar: HKU\S-1-5-21-1467402742-1454247715-597687806-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://akamaicdn.webex.com/client/WBXclient-32.5.4-8/webex/ieatgpc1.cab
    Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Program Files (x86)\Avira\Browser Safety\Avira Browser Safety.dll [2015-03-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

    FireFox:
    ========
    FF DefaultProfile: uoj9mtky.default
    FF ProfilePath: C:\Users\Jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\uoj9mtky.default [2020-01-29]
    FF Notifications: Mozilla\Firefox\Profiles\uoj9mtky.default -> hxxps://phoenix5.slack.com; hxxps://aoschat.apple.com
    FF Extension: (Facebook Container) - C:\Users\Jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\uoj9mtky.default\Extensions\@contain-facebook.xpi [2018-04-10]
    FF Extension: (Avira Browser Safety) - C:\Users\Jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\uoj9mtky.default\Extensions\[email protected] [2019-11-25]
    FF Extension: (Cisco Webex Extension) - C:\Users\Jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\uoj9mtky.default\Extensions\[email protected] [2019-08-14]
    FF Extension: (Facebook Secret Emoticons) - C:\Users\Jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\uoj9mtky.default\Extensions\[email protected] [2016-04-29] [Legacy]
    FF Extension: (Hide Likes on Facebook Notifications) - C:\Users\Jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\uoj9mtky.default\Extensions\[email protected] [2016-04-29] [Legacy]
    FF Extension: (Facebook Ads Block) - C:\Users\Jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\uoj9mtky.default\Extensions\[email protected] [2016-04-29] [Legacy]
    FF Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\Jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\uoj9mtky.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2018-08-12] [UpdateUrl:hxxps://tools.google.com/service/update2/ff?guid=%ITEM_ID%&version=%ITEM_VERSION%&application=%APP_ID%&appversion=%APP_VERSION%]
    FF Extension: (Download YouTube Videos as MP4) - C:\Users\Jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\uoj9mtky.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2017-04-02] [Legacy]
    FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
    FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
    FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2018-07-20] [Legacy] [not signed]
    FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
    FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2020-01-22] [not signed]
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_321.dll [2020-01-22] (Adobe Inc. -> )
    FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-07-05] (Adobe Inc. -> Adobe Systems)
    FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-03] (Adobe Systems Incorporated -> Adobe Systems)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_321.dll [2020-01-22] (Adobe Inc. -> )
    FF Plugin-x32: @Intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
    FF Plugin-x32: @Intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
    FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2015-05-22] (Research In Motion -> )
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-15] (Google LLC -> Google LLC)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-15] (Google LLC -> Google LLC)
    FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2019-12-03] (Adobe Inc. -> Adobe Systems Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-03] (Adobe Inc. -> Adobe Systems Inc.)
    FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-07-05] (Adobe Inc. -> Adobe Systems)
    FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-03] (Adobe Systems Incorporated -> Adobe Systems)
    FF Plugin HKU\S-1-5-21-1467402742-1454247715-597687806-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Jonathan\AppData\Local\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-15] (Google LLC -> Google LLC)
    FF Plugin HKU\S-1-5-21-1467402742-1454247715-597687806-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Jonathan\AppData\Local\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-15] (Google LLC -> Google LLC)
    FF Plugin HKU\S-1-5-21-1467402742-1454247715-597687806-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Jonathan\AppData\Roaming\Zoom\bin_00\npzoomplugin.dll [2019-09-17] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
    FF Plugin HKU\S-1-5-21-1467402742-1454247715-597687806-1001: SkypeForBusinessPlugin-15.8 -> C:\Users\Jonathan\AppData\Local\Microsoft\SkypeForBusinessPlugin\15.8.20020.400\npGatewayNpapi.dll [2015-06-15] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin HKU\S-1-5-21-1467402742-1454247715-597687806-1001: SkypeForBusinessPlugin-16.2 -> C:\Users\Jonathan\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.194\npGatewayNpapi.dll [2017-05-19] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin HKU\S-1-5-21-1467402742-1454247715-597687806-1001: SkypeForBusinessPlugin64-15.8 -> C:\Users\Jonathan\AppData\Local\Microsoft\SkypeForBusinessPlugin\15.8.20020.400\npGatewayNpapi-x64.dll [2015-06-15] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin HKU\S-1-5-21-1467402742-1454247715-597687806-1001: SkypeForBusinessPlugin64-16.2 -> C:\Users\Jonathan\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.194\npGatewayNpapi-x64.dll [2017-05-19] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin ProgramFiles/Appdata: C:\Users\Jonathan\AppData\Roaming\mozilla\plugins\npatgpc.dll [2019-11-04]

    Chrome:
    =======
    CHR Profile: C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default [2020-01-30]
    CHR Notifications: Default -> hxxp://mymodem.modem; hxxps://www.facebook.com
    CHR NewTab: Default -> Not-active:"chrome-extension://ipmkfpcnmccejididiaagpgchgjfajgp/html/newtab.html"
    CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
    CHR DefaultSearchKeyword: Default -> duckduckgo.com
    CHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
    CHR Extension: (Slides) - C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-26]
    CHR Extension: (Docs) - C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-26]
    CHR Extension: (Google Drive) - C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-26]
    CHR Extension: (DuckDuckGo) - C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2019-12-15]
    CHR Extension: (YouTube) - C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-26]
    CHR Extension: (Avira Password Manager) - C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2020-01-28]
    CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2018-09-08]
    CHR Extension: (Adobe Acrobat) - C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-10-05]
    CHR Extension: (Sheets) - C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-26]
    CHR Extension: (Google Docs Offline) - C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-18]
    CHR Extension: (Yout) - C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\iclfkmojooboaohipbeghlojbeadeold [2017-04-02]
    CHR Extension: (Avira SafeSearch Plus) - C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp [2019-06-18]
    CHR Extension: (Hide 'Like' Notifications) - C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfakkkdllpodegeoggpfcmjabodhpca [2019-04-19]
    CHR Extension: (Screencastify - Screen Video Recorder) - C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmeijimgabbpbgpdklnllpncmdofkcpn [2020-01-29]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
    CHR Extension: (ScriptSafe) - C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf [2017-12-13]
    CHR Extension: (Gmail) - C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-25]
    CHR Extension: (Chrome Media Router) - C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-19]
    CHR Extension: (YouTube Video and MP3 Downloader) - C:\Users\Jonathan\Desktop\YouTube Video Downloader - 15.0.6 [2018-10-03]
    CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
    CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
    CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
    CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]
     
  11. BondiJonno

    BondiJonno Thread Starter

    Joined:
    Jan 25, 2020
    Messages:
    21
    (..... continued...)

    ==================== Services (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [816184 2019-07-05] (Adobe Inc. -> Adobe Inc.)
    R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
    R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
    S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1210168 2019-12-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
    R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [484768 2019-11-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
    R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [484768 2019-11-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
    S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [574848 2020-01-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-10-07] (Apple Inc. -> Apple Inc.)
    R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-07] (ASUSTeK Computer Inc. -> )
    R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [617520 2020-01-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
    R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2989536 2020-01-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
    R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [379624 2020-01-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
    R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [150648 2019-12-23] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
    R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [588024 2014-10-31] (BlackBerry Ltd. -> BlackBerry Limited)
    S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-24] (Dropbox, Inc -> Dropbox, Inc.)
    S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-24] (Dropbox, Inc -> Dropbox, Inc.)
    R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [44552 2020-01-23] (Dropbox, Inc -> Dropbox, Inc.)
    R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
    S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation)
    R2 Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [506368 2018-12-05] (Intel Corporation) [File not signed]
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
    R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2019-12-15] (Malwarebytes Inc -> Malwarebytes)
    R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
    S3 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [233456 2017-07-04] (Netgear Incorporated -> NETGEAR)
    R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
    R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [396024 2015-03-19] (BlackBerry Ltd. -> Apple Inc.)
    R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1355000 2015-05-26] (BlackBerry Ltd. -> BlackBerry Limited)
    S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
    R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
    R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

    ===================== Drivers (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] (ASUSTeK Computer Inc. -> )
    R3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [140032 2013-08-16] (MCCI Corporation -> ASMedia Technology Inc)
    R3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [424192 2013-08-16] (MCCI Corporation -> ASMedia Technology Inc)
    R0 asstor64; C:\Windows\System32\DRIVERS\asstor64.sys [84816 2014-01-27] (ASMedia Technology Inc. -> Asmedia Technology)
    R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [68152 2019-06-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
    R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [222888 2019-12-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
    R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [175808 2019-09-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
    R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36072 2019-02-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
    R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-24] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
    S3 blackberryncm; C:\Windows\System32\DRIVERS\blackberryncm6_AMD64.sys [36360 2016-04-06] (Microsoft Windows Hardware Compatibility Publisher -> BlackBerry)
    S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
    R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [507984 2018-01-09] (Symantec Corporation -> Symantec Corporation)
    R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2019-12-24] (Malwarebytes Corporation -> Malwarebytes)
    R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
    R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [216544 2019-12-24] (Malwarebytes Inc -> Malwarebytes)
    R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [224408 2020-01-26] (Malwarebytes Corporation -> Malwarebytes)
    R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73584 2020-01-26] (Malwarebytes Corporation -> Malwarebytes)
    R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [278344 2020-01-26] (Malwarebytes Inc -> Malwarebytes)
    R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [106344 2020-01-26] (Malwarebytes Corporation -> Malwarebytes)
    R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
    R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
    R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
    R2 NPF; C:\Windows\system32\drivers\npf.sys [35344 2018-09-13] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
    S3 PcaSp50; C:\Windows\System32\Drivers\PcaSp50.sys [45624 2009-08-24] (PRINTING COMMUNICATIONS ASSOC., INC. -> Printing Communications Assoc., Inc. (PCAUSA))
    R3 phantomtap; C:\Windows\System32\DRIVERS\phantomtap.sys [35664 2019-11-05] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
    S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2014-05-06] (Microsoft Windows Hardware Compatibility Publisher -> BlackBerry Limited)
    R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [18432 2015-03-19] (Microsoft Windows Hardware Compatibility Publisher -> BlackBerry Limited)
    R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Research in Motion Ltd)
    S3 Spyder4; C:\Windows\System32\DRIVERS\dccmtr.sys [15360 2011-06-02] (Microsoft Windows Hardware Compatibility Publisher -> Datacolor)
    S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
    S3 VBus; C:\Windows\System32\DRIVERS\NkVBus.sys [26400 2007-09-05] (Nikon Corporation) [File not signed]
    S3 avchv; system32\DRIVERS\avchv.sys [X]
    S3 mfeavfk01; \Device\mfeavfk01.sys [X]
    S3 NAVENG; \??\C:\Program Files (x86)\Norton Security\NortonData\22.8.0.50\Definitions\SDSDefs\20170918.019\ENG64.SYS [X]
    S3 NAVEX15; \??\C:\Program Files (x86)\Norton Security\NortonData\22.8.0.50\Definitions\SDSDefs\20170918.019\EX64.SYS [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One month (created) ===================

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2020-01-30 13:35 - 2020-01-30 13:36 - 000059462 _____ C:\Users\Jonathan\Desktop\FRST.txt
    2020-01-30 13:35 - 2020-01-30 13:35 - 000000000 ____D C:\Users\Jonathan\Desktop\FRST-OlderVersion
    2020-01-30 13:34 - 2020-01-30 13:36 - 000000000 ____D C:\FRST
    2020-01-29 23:16 - 2020-01-29 23:16 - 004571493 _____ C:\Users\Jonathan\Downloads\VHF.User.guide.v.0.9.6.0_2016.08.16_compressed.pdf
    2020-01-29 23:10 - 2020-01-29 23:10 - 000736430 _____ C:\Users\Jonathan\Downloads\cdc_26492_DS1 (1).pdf
    2020-01-29 22:54 - 2020-01-29 22:54 - 001039053 _____ C:\Users\Jonathan\Downloads\WHO_EVD_Guidance_Contact_15.1_eng.pdf
    2020-01-29 22:54 - 2020-01-29 22:54 - 000736430 _____ C:\Users\Jonathan\Downloads\cdc_26492_DS1.pdf
    2020-01-29 17:57 - 2020-01-29 17:57 - 000000000 ____D C:\MGADiagToolOutput
    2020-01-29 17:56 - 2020-01-29 17:56 - 000000000 ____D C:\ProgramData\Office Genuine Advantage
    2020-01-29 17:55 - 2020-01-29 17:55 - 002031992 _____ (Microsoft Corporation) C:\Users\Jonathan\Downloads\MGADiag.exe
    2020-01-29 17:55 - 2020-01-29 17:55 - 002031992 _____ (Microsoft Corporation) C:\Users\Jonathan\Downloads\MGADiag (1).exe
    2020-01-29 11:48 - 2020-01-29 11:48 - 000001116 _____ C:\Users\Public\Desktop\Avira.lnk
    2020-01-29 11:48 - 2020-01-29 11:48 - 000001116 _____ C:\ProgramData\Desktop\Avira.lnk
    2020-01-26 18:04 - 2020-01-26 18:04 - 000422169 _____ C:\Users\Jonathan\Downloads\1-s2.0-S1201971216311882-main (3).pdf
    2020-01-26 18:04 - 2020-01-26 18:04 - 000422169 _____ C:\Users\Jonathan\Downloads\1-s2.0-S1201971216311882-main (2).pdf
    2020-01-26 17:42 - 2020-01-26 17:42 - 000292423 _____ C:\Users\Jonathan\Downloads\1-s2.0-S2001037018301703-main.pdf
    2020-01-26 14:13 - 2020-01-26 14:13 - 000422169 _____ C:\Users\Jonathan\Downloads\1-s2.0-S1201971216311882-main.pdf
    2020-01-26 14:13 - 2020-01-26 14:13 - 000422169 _____ C:\Users\Jonathan\Downloads\1-s2.0-S1201971216311882-main (1).pdf
    2020-01-26 12:37 - 2020-01-26 12:37 - 002270936 _____ (Cermak Technologies, Inc.) C:\Users\Jonathan\Downloads\SysInfo.exe
    2020-01-26 12:11 - 2020-01-26 12:11 - 000000000 ____D C:\Users\Jonathan\AppData\Roaming\EQATEC Analytics
    2020-01-26 12:06 - 2020-01-26 12:06 - 000224408 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
    2020-01-26 12:06 - 2020-01-26 12:06 - 000106344 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
    2020-01-26 12:06 - 2020-01-26 12:06 - 000073584 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
    2020-01-26 12:05 - 2020-01-26 12:05 - 000278344 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
    2020-01-26 08:52 - 2020-01-30 13:35 - 002581504 _____ (Farbar) C:\Users\Jonathan\Desktop\FRST64.exe
    2020-01-26 08:52 - 2020-01-26 08:52 - 008237744 _____ (Malwarebytes) C:\Users\Jonathan\Downloads\adwcleaner_8.0.1.exe
    2020-01-26 08:52 - 2020-01-26 08:52 - 002580480 _____ (Farbar) C:\Users\Jonathan\Downloads\FRST64.exe
    2020-01-26 08:23 - 2020-01-26 08:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
    2020-01-23 20:48 - 2020-01-23 20:48 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
    2020-01-23 20:48 - 2020-01-23 20:48 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
    2020-01-23 20:48 - 2020-01-23 20:48 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
    2020-01-23 20:48 - 2020-01-23 20:48 - 000044552 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
    2020-01-22 23:55 - 2020-01-22 23:55 - 000000000 ____D C:\Users\Jonathan\AppData\Local\Logishrd
    2020-01-22 23:54 - 2020-01-22 23:54 - 000000000 ____D C:\Users\Jonathan\AppData\Roaming\sp6_log
    2020-01-22 18:39 - 2019-12-31 13:40 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
    2020-01-22 18:39 - 2019-12-31 13:32 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
    2020-01-20 20:30 - 2020-01-20 20:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
    2020-01-20 20:17 - 2020-01-20 20:17 - 000001707 _____ C:\Users\Public\Desktop\iTunes.lnk
    2020-01-20 20:17 - 2020-01-20 20:17 - 000001707 _____ C:\ProgramData\Desktop\iTunes.lnk
    2020-01-20 20:17 - 2020-01-20 20:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2020-01-20 20:17 - 2020-01-20 20:17 - 000000000 ____D C:\Program Files\iTunes
    2020-01-20 20:17 - 2020-01-20 20:17 - 000000000 ____D C:\Program Files\iPod
    2020-01-20 20:15 - 2020-01-20 20:15 - 000000000 ____D C:\Windows\system32\Tasks\Apple
    2020-01-20 20:15 - 2020-01-20 20:15 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
    2020-01-20 20:04 - 2020-01-03 14:42 - 004061624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2020-01-20 20:04 - 2020-01-03 14:42 - 003967416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2020-01-20 20:04 - 2020-01-03 14:41 - 001320248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2020-01-20 20:04 - 2020-01-03 14:38 - 000834048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
    2020-01-20 20:04 - 2020-01-03 14:37 - 005553888 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2020-01-20 20:04 - 2020-01-03 14:37 - 000709856 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
    2020-01-20 20:04 - 2020-01-03 14:37 - 000627424 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
    2020-01-20 20:04 - 2020-01-03 14:37 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
    2020-01-20 20:04 - 2020-01-03 14:37 - 000263904 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
    2020-01-20 20:04 - 2020-01-03 14:37 - 000096992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2020-01-20 20:04 - 2020-01-03 14:36 - 000155360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2020-01-20 20:04 - 2020-01-03 14:35 - 001671296 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2020-01-20 20:04 - 2020-01-03 14:33 - 001010688 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
    2020-01-20 20:04 - 2020-01-03 14:33 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
    2020-01-20 20:04 - 2020-01-03 14:01 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
    2020-01-20 20:04 - 2019-12-31 14:04 - 000492032 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe
    2020-01-20 20:04 - 2019-12-19 04:45 - 000390536 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2020-01-20 20:04 - 2019-12-19 03:48 - 000341896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2020-01-20 20:04 - 2019-12-17 13:39 - 025754624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2020-01-20 20:04 - 2019-12-17 11:53 - 005500928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2020-01-20 20:04 - 2019-12-17 11:52 - 020290048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2020-01-20 20:04 - 2019-12-17 11:52 - 000797184 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2020-01-20 20:04 - 2019-12-17 11:45 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2020-01-20 20:04 - 2019-12-17 11:27 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2020-01-20 20:04 - 2019-12-17 10:56 - 013838336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2020-01-20 20:04 - 2019-12-12 14:35 - 000271872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
    2020-01-20 20:04 - 2019-12-12 14:34 - 000253952 _____ (Microsoft) C:\Windows\SysWOW64\DShowRdpFilter.dll
    2020-01-20 20:04 - 2019-12-12 14:28 - 000301568 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
    2020-01-20 20:04 - 2019-12-12 14:27 - 000284160 _____ (Microsoft) C:\Windows\system32\DShowRdpFilter.dll
    2020-01-20 20:04 - 2019-12-12 14:07 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tsusbhub.sys
    2020-01-20 20:04 - 2019-12-12 14:07 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\LSCSHostPolicy.dll
    2020-01-20 20:04 - 2019-12-10 20:36 - 000375008 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
    2020-01-20 20:04 - 2019-12-10 19:38 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
    2020-01-20 20:04 - 2019-12-10 19:38 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
    2020-01-20 20:04 - 2019-12-10 19:38 - 000544768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiaaut.dll
    2020-01-20 20:04 - 2019-12-10 19:38 - 000364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
    2020-01-20 20:04 - 2019-12-10 19:38 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
    2020-01-20 20:04 - 2019-12-10 19:38 - 000328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsvcs.dll
    2020-01-20 20:04 - 2019-12-10 19:38 - 000203264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sti.dll
    2020-01-20 20:04 - 2019-12-10 19:38 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
    2020-01-20 20:04 - 2019-12-10 19:38 - 000113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiadss.dll
    2020-01-20 20:04 - 2019-12-10 19:38 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
    2020-01-20 20:04 - 2019-12-10 19:32 - 003165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2020-01-20 20:04 - 2019-12-10 19:32 - 002319360 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
    2020-01-20 20:04 - 2019-12-10 19:32 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
    2020-01-20 20:04 - 2019-12-10 19:32 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
    2020-01-20 20:04 - 2019-12-10 19:32 - 000670208 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll
    2020-01-20 20:04 - 2019-12-10 19:32 - 000583168 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
    2020-01-20 20:04 - 2019-12-10 19:32 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
    2020-01-20 20:04 - 2019-12-10 19:32 - 000486912 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
    2020-01-20 20:04 - 2019-12-10 19:32 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\shsvcs.dll
    2020-01-20 20:04 - 2019-12-10 19:32 - 000295424 _____ (Microsoft Corporation) C:\Windows\system32\sti.dll
    2020-01-20 20:04 - 2019-12-10 19:32 - 000191488 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
    2020-01-20 20:04 - 2019-12-10 19:32 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\sti_ci.dll
    2020-01-20 20:04 - 2019-12-10 19:32 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\wiadss.dll
    2020-01-20 20:04 - 2019-12-10 19:32 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
    2020-01-20 20:04 - 2019-12-10 19:32 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2020-01-20 20:04 - 2019-12-10 19:32 - 000067072 _____ (Microsoft Corporation) C:\Windows\system32\wiarpc.dll
    2020-01-20 20:04 - 2019-12-10 19:32 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\wiatrace.dll
    2020-01-20 20:04 - 2019-12-10 19:23 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
    2020-01-20 20:04 - 2019-12-10 19:22 - 000428544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
    2020-01-20 20:04 - 2019-12-10 19:22 - 000093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
    2020-01-20 20:04 - 2019-12-10 19:22 - 000012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiatrace.dll
    2020-01-20 20:04 - 2019-12-10 19:17 - 006136320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
    2020-01-20 20:04 - 2019-12-10 19:17 - 002651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2020-01-20 20:04 - 2019-12-10 19:16 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2020-01-20 20:04 - 2019-12-10 19:16 - 000042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
    2020-01-20 20:04 - 2019-12-10 19:15 - 000594432 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
    2020-01-20 20:04 - 2019-12-10 19:01 - 003233280 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2020-01-20 20:04 - 2019-12-10 18:56 - 000754176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
    2020-01-20 20:04 - 2019-12-10 17:17 - 007084032 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
    2020-01-20 20:03 - 2020-01-03 14:38 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
    2020-01-20 20:03 - 2020-01-03 14:38 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
    2020-01-20 20:03 - 2020-01-03 14:38 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2020-01-20 20:03 - 2020-01-03 14:38 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2020-01-20 20:03 - 2020-01-03 14:38 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2020-01-20 20:03 - 2020-01-03 14:38 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2020-01-20 20:03 - 2020-01-03 14:38 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
    2020-01-20 20:03 - 2020-01-03 14:38 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
    2020-01-20 20:03 - 2020-01-03 14:38 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
    2020-01-20 20:03 - 2020-01-03 14:38 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
    2020-01-20 20:03 - 2020-01-03 14:38 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
    2020-01-20 20:03 - 2020-01-03 14:38 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
    2020-01-20 20:03 - 2020-01-03 14:38 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2020-01-20 20:03 - 2020-01-03 14:38 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
    2020-01-20 20:03 - 2020-01-03 14:38 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
    2020-01-20 20:03 - 2020-01-03 14:38 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
    2020-01-20 20:03 - 2020-01-03 14:38 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
    2020-01-20 20:03 - 2020-01-03 14:37 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2020-01-20 20:03 - 2020-01-03 14:37 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
    2020-01-20 20:03 - 2020-01-03 14:37 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
    2020-01-20 20:03 - 2020-01-03 14:37 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2020-01-20 20:03 - 2020-01-03 14:37 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
    2020-01-20 20:03 - 2020-01-03 14:37 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:37 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:37 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:37 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:37 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:37 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:37 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:37 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:37 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:37 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:37 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:37 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:37 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:37 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:33 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:10 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
    2020-01-20 20:03 - 2020-01-03 14:09 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
    2020-01-20 20:03 - 2020-01-03 14:05 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
    2020-01-20 20:03 - 2020-01-03 14:05 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
    2020-01-20 20:03 - 2020-01-03 14:05 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
    2020-01-20 20:03 - 2020-01-03 14:04 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
    2020-01-20 20:03 - 2020-01-03 14:04 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
    2020-01-20 20:03 - 2020-01-03 14:04 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
    2020-01-20 20:03 - 2020-01-03 14:04 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
    2020-01-20 20:03 - 2020-01-03 14:04 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
    2020-01-20 20:03 - 2020-01-03 14:02 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
    2020-01-20 20:03 - 2020-01-03 14:02 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:02 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:02 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:02 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
    2020-01-20 20:03 - 2020-01-03 14:01 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
    2020-01-20 20:03 - 2020-01-03 14:00 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2020-01-20 20:03 - 2020-01-03 13:57 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
    2020-01-20 20:03 - 2020-01-03 13:57 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
    2020-01-20 20:03 - 2020-01-03 13:57 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
    2020-01-20 20:03 - 2020-01-03 13:57 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
    2020-01-20 20:03 - 2020-01-03 13:57 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
    2020-01-20 20:03 - 2020-01-03 13:56 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
    2020-01-20 20:03 - 2020-01-03 13:55 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2020-01-20 20:03 - 2020-01-03 13:55 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
    2020-01-20 20:03 - 2020-01-03 13:55 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
    2020-01-20 20:03 - 2020-01-03 13:55 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
    2020-01-20 20:03 - 2020-01-03 13:55 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
    2020-01-20 20:03 - 2020-01-03 13:55 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
    2020-01-20 20:03 - 2020-01-03 13:55 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2020-01-20 20:03 - 2019-12-17 12:18 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2020-01-20 20:03 - 2019-12-17 12:18 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2020-01-20 20:03 - 2019-12-17 12:06 - 002910720 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2020-01-20 20:03 - 2019-12-17 12:04 - 000580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2020-01-20 20:03 - 2019-12-17 12:04 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2020-01-20 20:03 - 2019-12-17 12:04 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2020-01-20 20:03 - 2019-12-17 12:04 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2020-01-20 20:03 - 2019-12-17 12:03 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2020-01-20 20:03 - 2019-12-17 11:57 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2020-01-20 20:03 - 2019-12-17 11:56 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2020-01-20 20:03 - 2019-12-17 11:54 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2020-01-20 20:03 - 2019-12-17 11:52 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2020-01-20 20:03 - 2019-12-17 11:52 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2020-01-20 20:03 - 2019-12-17 11:52 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2020-01-20 20:03 - 2019-12-17 11:49 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2020-01-20 20:03 - 2019-12-17 11:42 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2020-01-20 20:03 - 2019-12-17 11:37 - 000496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2020-01-20 20:03 - 2019-12-17 11:37 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2020-01-20 20:03 - 2019-12-17 11:36 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2020-01-20 20:03 - 2019-12-17 11:36 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2020-01-20 20:03 - 2019-12-17 11:36 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2020-01-20 20:03 - 2019-12-17 11:35 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
    2020-01-20 20:03 - 2019-12-17 11:35 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
    2020-01-20 20:03 - 2019-12-17 11:35 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2020-01-20 20:03 - 2019-12-17 11:33 - 002304000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2020-01-20 20:03 - 2019-12-17 11:32 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2020-01-20 20:03 - 2019-12-17 11:31 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2020-01-20 20:03 - 2019-12-17 11:30 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2020-01-20 20:03 - 2019-12-17 11:30 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2020-01-20 20:03 - 2019-12-17 11:29 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2020-01-20 20:03 - 2019-12-17 11:28 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2020-01-20 20:03 - 2019-12-17 11:27 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
    2020-01-20 20:03 - 2019-12-17 11:27 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2020-01-20 20:03 - 2019-12-17 11:26 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2020-01-20 20:03 - 2019-12-17 11:18 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2020-01-20 20:03 - 2019-12-17 11:18 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2020-01-20 20:03 - 2019-12-17 11:16 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2020-01-20 20:03 - 2019-12-17 11:16 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2020-01-20 20:03 - 2019-12-17 11:14 - 015445504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2020-01-20 20:03 - 2019-12-17 11:14 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2020-01-20 20:03 - 2019-12-17 11:14 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2020-01-20 20:03 - 2019-12-17 11:14 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
    2020-01-20 20:03 - 2019-12-17 11:14 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2020-01-20 20:03 - 2019-12-17 11:13 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
    2020-01-20 20:03 - 2019-12-17 11:11 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2020-01-20 20:03 - 2019-12-17 11:10 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2020-01-20 20:03 - 2019-12-17 11:09 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2020-01-20 20:03 - 2019-12-17 11:08 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
    2020-01-20 20:03 - 2019-12-17 11:04 - 004859392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2020-01-20 20:03 - 2019-12-17 11:03 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2020-01-20 20:03 - 2019-12-17 11:02 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
    2020-01-20 20:03 - 2019-12-17 11:01 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2020-01-20 20:03 - 2019-12-17 11:01 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2020-01-20 20:03 - 2019-12-17 11:00 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2020-01-20 20:03 - 2019-12-17 10:52 - 001566720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2020-01-20 20:03 - 2019-12-17 10:43 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2020-01-20 20:03 - 2019-12-17 10:41 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2020-01-20 20:03 - 2019-12-17 10:39 - 001331712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2020-01-20 20:03 - 2019-12-17 10:38 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2020-01-20 20:03 - 2019-12-12 14:28 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\tssrvlic.dll
    2020-01-20 20:03 - 2019-12-10 19:38 - 001549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
    2020-01-20 20:03 - 2019-12-10 19:38 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
    2020-01-20 20:03 - 2019-12-10 19:38 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
    2020-01-20 20:03 - 2019-12-10 19:38 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
    2020-01-20 20:03 - 2019-12-10 19:38 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
    2020-01-20 20:03 - 2019-12-10 19:38 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
    2020-01-20 20:03 - 2019-12-10 19:38 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
    2020-01-20 20:03 - 2019-12-10 19:32 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
    2020-01-20 20:03 - 2019-12-10 19:32 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
    2020-01-20 20:03 - 2019-12-10 19:32 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
    2020-01-20 20:03 - 2019-12-10 19:32 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
    2020-01-20 20:03 - 2019-12-10 19:32 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
    2020-01-20 20:03 - 2019-12-10 19:32 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
    2020-01-20 20:03 - 2019-12-10 19:32 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
    2020-01-20 20:03 - 2019-12-10 19:22 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
    2020-01-20 20:03 - 2019-12-10 19:22 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
    2020-01-20 20:03 - 2019-12-10 19:22 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
    2020-01-20 20:03 - 2019-12-10 19:22 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
    2020-01-20 20:03 - 2019-12-10 19:16 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2020-01-20 20:03 - 2019-12-10 19:16 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
    2020-01-20 20:03 - 2019-12-10 19:16 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
    2020-01-20 20:03 - 2019-12-10 19:15 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
    2020-01-20 20:03 - 2019-12-10 19:14 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
    2020-01-18 13:34 - 2020-01-18 13:34 - 006235727 _____ C:\Users\Jonathan\Downloads\Exago_User_Guide_v2018.1.pdf
    2020-01-18 13:34 - 2020-01-18 13:34 - 004197208 _____ C:\Users\Jonathan\Downloads\Exago_User_Guide_v2016.3.pdf
    2020-01-08 20:55 - 2020-01-08 20:56 - 138357299 _____ C:\Users\Jonathan\Downloads\wetransfer-422b1d.zip

    ==================== One month (modified) ==================

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2020-01-30 13:37 - 2016-04-24 16:23 - 000000912 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
    2020-01-30 13:36 - 2017-09-05 23:47 - 000000000 ____D C:\Users\Jonathan\AppData\Roaming\gSyncit
    2020-01-30 12:51 - 2018-07-15 17:51 - 000000915 _____ C:\Windows\Tasks\EPSON SC-P800 Series Update {F144E462-C433-4052-A776-B4C793B39AC6}.job
    2020-01-30 12:51 - 2018-07-15 17:51 - 000000915 _____ C:\Windows\Tasks\EPSON SC-P800 Series Update {C73DC83A-DE0E-417D-B05B-26A0A95B5184}.job
    2020-01-30 12:33 - 2017-08-17 01:25 - 000000000 ____D C:\Users\Jonathan\AppData\Roaming\Slack
    2020-01-30 12:32 - 2019-11-06 10:54 - 000000000 ____D C:\Users\Jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies Inc
    2020-01-30 12:32 - 2017-08-17 01:25 - 000002142 _____ C:\Users\Jonathan\Desktop\Slack.lnk
    2020-01-30 12:32 - 2017-08-17 01:25 - 000000000 ____D C:\Users\Jonathan\AppData\Local\SquirrelTemp
    2020-01-30 12:32 - 2017-08-17 01:25 - 000000000 ____D C:\Users\Jonathan\AppData\Local\slack
    2020-01-30 11:37 - 2016-04-24 16:23 - 000000908 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
    2020-01-30 09:15 - 2018-09-08 23:34 - 000000000 ____D C:\Users\Public\Logi
    2020-01-29 22:40 - 2016-04-23 11:58 - 000000000 ____D C:\Users\Jonathan\AppData\Local\CutePDF Writer
    2020-01-29 18:08 - 2016-10-28 12:01 - 000000000 ____D C:\Users\Jonathan\Downloads\export
    2020-01-29 18:01 - 2009-07-14 15:45 - 000030896 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2020-01-29 18:01 - 2009-07-14 15:45 - 000030896 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2020-01-29 11:48 - 2016-07-27 20:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
    2020-01-29 11:48 - 2016-04-23 12:05 - 000000000 ____D C:\ProgramData\Package Cache
    2020-01-26 15:59 - 2016-09-26 12:23 - 000000000 ____D C:\Users\Jonathan\AppData\Local\NETGEARGenie
    2020-01-26 12:21 - 2016-04-23 16:32 - 000000000 ___RD C:\Users\Jonathan\Creative Cloud Files
    2020-01-26 12:21 - 2016-04-23 15:24 - 000000000 ____D C:\Users\Jonathan\AppData\Local\Adobe
    2020-01-26 12:18 - 2009-07-14 16:13 - 000787674 _____ C:\Windows\system32\PerfStringBackup.INI
    2020-01-26 12:18 - 2009-07-14 14:20 - 000000000 ____D C:\Windows\inf
    2020-01-26 12:11 - 2016-08-22 00:42 - 000000000 ____D C:\Users\Jonathan\AppData\Roaming\ON1
    2020-01-26 12:11 - 2016-08-22 00:42 - 000000000 ____D C:\ProgramData\ON1
    2020-01-26 12:05 - 2019-05-03 13:28 - 000000000 ____D C:\Users\Public\Speedup Sessions
    2020-01-26 12:05 - 2016-04-24 05:21 - 000000000 ____D C:\ProgramData\NVIDIA
    2020-01-26 12:05 - 2009-07-14 16:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
    2020-01-26 08:39 - 2016-04-26 19:12 - 000000000 ____D C:\Users\Jonathan\AppData\Roaming\Apple Computer
    2020-01-26 08:24 - 2016-04-24 16:23 - 000000000 ____D C:\Program Files (x86)\Dropbox
    2020-01-26 08:18 - 2019-12-21 17:23 - 000000000 ___HD C:\adobeTemp
    2020-01-26 08:14 - 2018-12-08 10:24 - 000003662 _____ C:\Windows\system32\Tasks\AviraSystemSpeedupUpdate
    2020-01-23 11:32 - 2016-04-24 16:23 - 000003908 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskMachineUA
    2020-01-23 11:32 - 2016-04-24 16:23 - 000003656 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskMachineCore
    2020-01-23 11:28 - 2016-04-23 11:14 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2020-01-23 11:28 - 2016-04-23 11:14 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2020-01-23 11:28 - 2016-04-23 11:14 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
    2020-01-22 23:55 - 2018-09-08 21:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
    2020-01-22 23:55 - 2018-09-08 21:20 - 000000000 ____D C:\Program Files\Common Files\LogiShrd
    2020-01-22 23:54 - 2018-09-08 21:20 - 000000000 ____D C:\ProgramData\LogiShrd
    2020-01-22 18:29 - 2019-12-17 00:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2020-01-22 18:29 - 2016-04-23 12:00 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2020-01-22 18:29 - 2009-07-14 15:45 - 005066144 _____ C:\Windows\system32\FNTCACHE.DAT
    2020-01-22 13:04 - 2019-07-04 01:40 - 000004444 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
    2020-01-22 13:04 - 2016-05-07 16:27 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2020-01-22 13:04 - 2016-05-07 16:27 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2020-01-22 13:04 - 2016-05-07 16:27 - 000004312 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
    2020-01-22 13:03 - 2016-05-07 16:27 - 000000000 ____D C:\Windows\system32\Macromed
    2020-01-22 13:03 - 2016-04-23 15:27 - 000000000 ____D C:\Windows\SysWOW64\Macromed
    2020-01-22 12:55 - 2018-03-18 12:54 - 000004474 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
    2020-01-20 20:30 - 2016-06-27 20:28 - 000000000 ____D C:\Program Files\Common Files\Apple
    2020-01-20 20:30 - 2016-04-25 16:25 - 000000000 ____D C:\Users\Jonathan\AppData\Local\Apple Computer
    2020-01-20 20:15 - 2016-04-25 16:23 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
    2020-01-20 20:13 - 2016-04-24 07:15 - 000000000 ____D C:\Windows\system32\MRT
    2020-01-20 20:07 - 2016-04-24 07:15 - 120202352 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2020-01-20 20:05 - 2016-04-23 11:22 - 000771540 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
    2020-01-12 21:55 - 2016-04-23 12:10 - 000000000 ____D C:\Users\Jonathan\AppData\Local\Microsoft Help

    ==================== Files in the root of some directories ========

    2016-12-04 20:18 - 2016-12-04 20:16 - 000102912 _____ (Microsoft Corporation) C:\Program Files (x86)\clipbrd.exe
    2017-06-14 14:06 - 2017-06-14 14:06 - 000000132 _____ () C:\Users\Jonathan\AppData\Roaming\Adobe PNG Format CS6 Prefs
    2017-11-14 17:23 - 2017-11-21 14:46 - 000000033 _____ () C:\Users\Jonathan\AppData\Roaming\AdobeWLCMCache.dat
    2018-01-24 17:27 - 2019-11-01 09:22 - 000000140 ____H () C:\Users\Jonathan\AppData\Roaming\aec490afc35d9cf7ba7709a6eebcdb18c8427fd3
    2018-04-04 01:44 - 2019-09-16 01:26 - 000000000 _____ () C:\Users\Jonathan\AppData\Roaming\Booms
    2018-01-24 17:27 - 2018-01-24 17:27 - 000000128 ____H () C:\Users\Jonathan\AppData\Roaming\ecf00c38dc807e105d881c433a6b455dd2c606b6
    2017-06-06 15:36 - 2017-06-07 17:09 - 000000046 _____ () C:\Users\Jonathan\AppData\Roaming\MCVi2UserDetail.ini
    2016-05-11 01:32 - 2016-06-09 01:33 - 000013615 _____ () C:\Users\Jonathan\AppData\Roaming\PS12_panel.log
    2017-02-14 09:04 - 2018-01-26 11:36 - 000005632 _____ () C:\Users\Jonathan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2016-11-16 10:01 - 2017-04-05 21:41 - 000000146 _____ () C:\Users\Jonathan\AppData\Local\Lockdir6
    2019-03-02 13:34 - 2019-03-02 13:34 - 000000000 _____ () C:\Users\Jonathan\AppData\Local\oobelibMkey.log
    2017-05-14 13:20 - 2017-05-14 13:20 - 000000000 _____ () C:\Users\Jonathan\AppData\Local\{09881251-8C24-4CFE-96A9-A07ADCF11BFC}
    2018-10-31 10:59 - 2018-10-31 10:59 - 000000000 _____ () C:\Users\Jonathan\AppData\Local\{19811DCF-BE31-4A59-A1E5-03DE33CB84AA}
    2016-12-28 09:37 - 2016-12-28 09:37 - 000000000 _____ () C:\Users\Jonathan\AppData\Local\{34A2F50C-2391-46AC-86DC-7FC06D070CD8}
    2017-02-25 08:38 - 2017-02-25 08:38 - 000000000 _____ () C:\Users\Jonathan\AppData\Local\{3795B21E-3972-4ADC-93D5-4920806DDB0C}
    2017-06-09 09:18 - 2017-06-09 09:18 - 000000000 _____ () C:\Users\Jonathan\AppData\Local\{3FD99C99-77E9-482D-AFF2-D5508D95E69B}
    2016-09-22 22:24 - 2016-09-22 22:24 - 000000000 _____ () C:\Users\Jonathan\AppData\Local\{4438AB81-3D87-4AFB-B489-0C89C169A716}
    2016-11-10 14:26 - 2016-11-10 14:26 - 000000000 _____ () C:\Users\Jonathan\AppData\Local\{4871CE4B-A769-4B7E-B087-B0067ADF4F56}
    2016-12-28 09:37 - 2016-12-28 09:37 - 000000000 _____ () C:\Users\Jonathan\AppData\Local\{59AFE5F4-FFD6-411C-B782-D8E898685FD2}
    2018-03-01 12:30 - 2018-03-01 12:30 - 000000000 _____ () C:\Users\Jonathan\AppData\Local\{92CF0C61-180B-4664-94B4-4F8B5397935C}
    2017-06-09 12:06 - 2017-06-09 12:06 - 000000000 _____ () C:\Users\Jonathan\AppData\Local\{9EBB93BA-E7A8-4542-B561-07FB57E848D7}
    2016-09-17 23:57 - 2016-09-17 23:57 - 000000000 _____ () C:\Users\Jonathan\AppData\Local\{DEBE17C3-E6B3-4CFA-AABF-21D06086C180}
    2018-03-01 12:29 - 2018-03-01 12:29 - 000000000 _____ () C:\Users\Jonathan\AppData\Local\{E831E62B-0847-4ADD-92E9-C329D41642CE}
    2016-09-22 22:27 - 2016-09-22 22:27 - 000000000 _____ () C:\Users\Jonathan\AppData\Local\{FBF31069-80F0-4CE6-8C6F-2D3A2F23F319}

    ==================== SigCheck ============================

    (There is no automatic fix for files that do not pass verification.)


    LastRegBack: 2019-08-31 12:22
    ==================== End of FRST.txt ========================
     
  12. BondiJonno

    BondiJonno Thread Starter

    Joined:
    Jan 25, 2020
    Messages:
    21
    ADDITION.TXT
    ===================

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2020
    Ran by Jonathan (30-01-2020 13:40:33)
    Running from C:\Users\Jonathan\Desktop
    Windows 7 Ultimate Service Pack 1 (X64) (2016-04-23 00:10:44)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-1467402742-1454247715-597687806-500 - Administrator - Enabled) => C:\Users\Administrator
    GEEKLAND (S-1-5-21-1467402742-1454247715-597687806-1000 - Administrator - Enabled) => C:\Users\GEEKLAND
    Guest (S-1-5-21-1467402742-1454247715-597687806-501 - Limited - Enabled) => C:\Users\Guest
    HomeGroupUser$ (S-1-5-21-1467402742-1454247715-597687806-1004 - Limited - Enabled)
    Jonathan (S-1-5-21-1467402742-1454247715-597687806-1001 - Administrator - Enabled) => C:\Users\Jonathan
    Jonathan2 (S-1-5-21-1467402742-1454247715-597687806-1005 - Administrator - Enabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Avira Antivirus (Enabled - Up to date) {8EAC8D5C-B3AA-95AA-3DF1-2845CDD09CBE}
    AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
    AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
    AS: Avira Antivirus (Enabled - Up to date) {35CD6CB8-9590-9A24-0741-1337B657D603}
    AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
    7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
    Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
    Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.16 - Adobe Systems)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated)
    Adobe Bridge 2020 (HKLM-x32\...\KBRG_10_0_1) (Version: 10.0.1 - Adobe Systems Incorporated)
    Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.9.0.504 - Adobe Systems Incorporated)
    Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
    Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.321 - Adobe)
    Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.321 - Adobe)
    Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
    Adobe Lens Profile Downloader (HKLM-x32\...\AdobeLensProfileDownloader) (Version: 1.0.1 - Adobe Systems Incorporated)
    Adobe Lightroom Classic (HKLM-x32\...\LTRM_9_1) (Version: 9.1 - Adobe Systems Incorporated)
    Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_2) (Version: 21.0.2 - Adobe Systems Incorporated)
    Amazon Kindle (HKU\S-1-5-21-1467402742-1454247715-597687806-1001\...\Amazon Kindle) (Version: 1.20.1.47037 - Amazon)
    Apple Application Support (32-bit) (HKLM-x32\...\{C3A282C9-4C8B-4A63-B449-3A064FB378D7}) (Version: 8.2 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{CC046FB9-E84E-4092-B924-DBE33DA2BE75}) (Version: 8.2 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{45DDDFED-AABC-450C-B49C-5B4A5E547F5B}) (Version: 13.0.0.38 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
    Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
    Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 2.0.8.0000 - Asmedia Technology)
    ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.025 - ASUSTek Computer Inc.)
    Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
    Avira (HKLM-x32\...\{59bab6b1-f615-42c3-9614-8dc338ac8ed4}) (Version: 1.2.143.109 - Avira Operations GmbH & Co. KG)
    Avira (HKLM-x32\...\{82B6E5B0-3F76-446B-9FDE-0200B5B36B37}) (Version: 1.2.143.109 - Avira Operations GmbH & Co. KG) Hidden
    Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2001.1707 - Avira Operations GmbH & Co. KG)
    Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
    Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.31.1.20493 - Avira Operations GmbH & Co. KG)
    Avira Privacy Pal (HKLM-x32\...\{F2BC8305-DFBE-4C02-A906-9BBD8EE299A3}_is1) (Version: 1.7.2.1820 - Avira Operations GmbH & Co. KG)
    Avira Safe Shopping (HKLM-x32\...\{7EB58250-F316-40E3-B07E-6CB6ED714120}) (Version: 1.1.43.3959 - Avira Operations GmbH & Co. KG)
    Avira Software Updater (HKLM-x32\...\{3BEE2703-942D-401D-93E1-7950CCF54769}) (Version: 2.0.6.25416 - Avira Operations GmbH & Co. KG)
    Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.4.0.10836 - Avira Operations GmbH & Co. KG)
    AVS Video Converter 10.0.4 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 10.0.4.616 - Online Media Technologies Ltd.)
    bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
    BlackBerry 10 Desktop Software (Blend, Link, Drivers) (HKLM-x32\...\{c33e77db-89b5-4abf-a1d1-97f8b35347e1}) (Version: 1.2.0.52 - BlackBerry)
    BlackBerry Blend (HKLM-x32\...\{1DA42C01-4ED2-4B4E-B90C-18FCBA12FC41}) (Version: 1.2.0.50 - BlackBerry Ltd.) Hidden
    BlackBerry Communication Drivers (HKLM-x32\...\{46CD5A63-0C1F-45C3-B643-CA87A17275C0}) (Version: 8.0.0.143 - BlackBerry Ltd.) Hidden
    BlackBerry Device Drivers (HKLM-x32\...\{1F6490E5-7540-426D-BC1E-EB57B0BF0C38}) (Version: 8.0.0.143 - BlackBerry Ltd.) Hidden
    BlackBerry Link (HKLM-x32\...\{C42468F9-9812-4550-A54B-5DDB062EB10F}) (Version: 1.2.4.39 - BlackBerry) Hidden
    BlackBerry Link Remover (HKLM-x32\...\{44D65CAB-1BC8-47B7-BF5B-3EB8B6BB0276}) (Version: 1.2.4.0 - BlackBerry Ltd.) Hidden
    Blue Jeans (HKLM-x32\...\{6A61F200-8B14-401A-86EA-77F5DA79CF68}) (Version: 1.22.19 - Blue Jeans)
    Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
    Canon MP Navigator EX 1.0 (HKLM-x32\...\MP Navigator EX 1.0) (Version: - )
    CanoScan 8800F (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4805) (Version: - )
    CCleaner (HKLM\...\CCleaner) (Version: 5.30 - Piriform)
    Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
    Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
    Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
    Cisco WebEx Meetings (HKU\S-1-5-21-1467402742-1454247715-597687806-1001\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
    Color Network ScanGear Ver.2.71 (HKLM-x32\...\{4E5CA273-5771-450A-AFDD-C58DAD9205DC}) (Version: 2.71.0000 - CANON INC.)
    CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - Acro Software Inc.)
    D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
    DNG Codec by Ardfry Imaging, LLC (32 bit) (HKLM-x32\...\{2F3539EF-1DD3-4B11-9CB8-74EC3A8E588E}) (Version: 1.0.2.0 - Ardfry Imaging, LLC) Hidden
    DNG Codec by Ardfry Imaging, LLC (64 bit) (HKLM\...\{2B6222CE-10F0-4FBC-8B50-2CB562DEEA88}) (Version: 1.0.2.0 - Ardfry Imaging, LLC) Hidden
    DNG CODEC Version 1.1.0.0 (HKLM\...\Ardfry DNG CODEC_is1) (Version: 1.1.0.0 - Ardfry Imaging, LLC)
    Dropbox (HKLM-x32\...\Dropbox) (Version: 90.3.292 - Dropbox, Inc.)
    Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.297.1 - Dropbox, Inc.) Hidden
    DxO PhotoLab 2 (HKLM\...\{C6951B3C-B3F1-4B4E-AEFA-51BB6C944A39}) (Version: 2.1.1 - DxO)
    DxO PhotoLab 2 plug-in for Adobe Lightroom (HKLM-x32\...\{2E2FA6EE-39A0-4022-B125-DD0036195E46}) (Version: 1.0.46 - DxO Labs)
    Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
    EPSON SC-P800 Series Printer Uninstall (HKLM\...\EPSON SC-P800 Series) (Version: - SEIKO EPSON Corporation)
    Epson Software Updater (HKLM-x32\...\{1028AD34-EB8A-4136-9A93-27FC60FD0A40}) (Version: 4.4.11 - Seiko Epson Corporation)
    EXIF Date Changer v3.5.5 (HKLM-x32\...\{26CA1B07-BC53-4196-B9C2-A11C6F6F3E08}_is1) (Version: 3.5.5 - Rellik Software)
    FastPictureViewer Professional 1.9.360.0 (64-bit) (HKLM\...\{D8EB17EC-F072-4EBA-AC84-A3117D24DBE7}) (Version: 1.9.360.0 - Axel Rietschin Software Developments)
    FUJIFILM X Acquire (HKLM-x32\...\{DAD63F87-69A0-4388-BFB0-9C20457DB020}) (Version: - )
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
    Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.115 - Google Inc.) Hidden
    Google Video Support Plugin (HKU\S-1-5-21-1467402742-1454247715-597687806-1001\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 19.12.1000.0 - Google, LLC.)
    gSyncit (HKLM-x32\...\{A4DA060C-E4FA-4366-99EA-F4A7EAC5B3F2}) (Version: 5.2.44 - Fieldston Software)
    GWX Control Panel (HKLM-x32\...\UltimateOutsider_GwxControlPanel) (Version: - UltimateOutsider)
    HandBrake 0.10.5 (HKLM-x32\...\HandBrake) (Version: 0.10.5 - )
    iCloud (HKLM\...\{4E727621-3550-4CE0-883E-F27D7D7E0D2C}) (Version: 7.16.0.15 - Apple Inc.)
    Image Resizer for Windows (64 bit) (HKLM\...\{F61191DD-4B26-4533-9D66-7BC75635E8B9}) (Version: 3.1.0.0 - Brice Lambson) Hidden
    Image Resizer for Windows (HKLM-x32\...\{048b4d94-8250-4942-9035-e556bc757daf}) (Version: 3.1.0.3 - Brice Lambson)
    Image Resizer for Windows (HKLM-x32\...\{E694C379-D41D-471E-89C3-C13034AFB24C}) (Version: 3.1.0.0 - Brice Lambson) Hidden
    ImageMagick 6.9.10-3 Q16 (64-bit) (2018-06-25) (HKLM\...\ImageMagick 6.9.10 Q16 (64-bit)_is1) (Version: 6.9.10 - ImageMagick Studio LLC)
    ImageMagick 6.9.9-21 Q16 (64-bit) (2017-10-31) (HKLM\...\ImageMagick 6.9.9 Q16 (64-bit)_is1) (Version: 6.9.9 - ImageMagick Studio LLC)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
    Intel(R) Network Connections 23.5.1.0 (HKLM\...\PROSetDX) (Version: 23.5.1.0 - Intel)
    Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
    iSpring Free Cam 8 (HKLM-x32\...\{9E6D2789-25C1-4884-ACAA-32F187F96410}) (Version: 8.3.15297 - iSpring Solutions Inc.)
    iSpring River 8 (HKLM\...\{FD810660-AA81-4E1E-9D80-9D6D7C14140A}) (Version: 8.7.20205 - iSpring Solutions Inc.)
    iTunes (HKLM\...\{C3780170-801E-40BF-B942-F8931D901937}) (Version: 12.10.3.1 - Apple Inc.)
    LockHunter 3.1, 32/64 bit (HKLM\...\LockHunter_is1) (Version: - Crystal Rich Ltd)
    Logitech SetPoint 6.69 (HKLM\...\sp6) (Version: 6.69.123 - Logitech)
    Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
    MakeMKV v1.10.0 (HKLM-x32\...\MakeMKV) (Version: v1.10.0 - GuinpinSoft inc)
    Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
    Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
    Microsoft Camera Codec Pack (HKLM\...\{D553E8CC-5C56-4B06-AC1A-A443DFF31092}) (Version: 6.3.9723.0 - Microsoft Corporation)
    Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
    Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
    Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
    Momento 7.8.2 (HKLM-x32\...\Momento) (Version: - )
    Moo0 Disk Cleaner 1.23 (HKLM-x32\...\Moo0 DiskCleaner) (Version: - )
    Moo0 File Shredder 1.21 (HKLM-x32\...\Moo0 FileShredder) (Version: - )
    Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Mozilla Firefox 71.0 (x64 en-US) (HKLM\...\Mozilla Firefox 71.0 (x64 en-US)) (Version: 71.0 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.2 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
    NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.4.56.00 - NETGEAR Inc.)
    NETGEAR Powerline Utility (HKLM-x32\...\{2753B568-6F85-4E31-A114-A7F8D8606DDD}) (Version: 3.1.0.4 - NETGEAR Powerline) Hidden
    NETGEAR Powerline Utility (HKLM-x32\...\InstallShield_{2753B568-6F85-4E31-A114-A7F8D8606DDD}) (Version: 3.1.0.4 - NETGEAR Powerline)
    Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
    NirSoft Wireless Network Watcher (HKLM-x32\...\NirSoft Wireless Network Watcher) (Version: - )
    Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.6.2.17 - Symantec Corporation)
    NVIDIA 3D Vision Driver 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.35 - NVIDIA Corporation)
    NVIDIA Graphics Driver 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
    NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
    OLYMPUS Digital Camera Updater (HKLM-x32\...\{392427E9-9FA4-4CD2-99EB-FD53A12BDCDA}) (Version: 1.2.1 - Olympus Corporation)
    ON1 Resize 10 (HKLM\...\ON1 Resize 10 PE) (Version: 10.5.1 - ON1)
    Overlook Fing (HKLM-x32\...\Overlook Fing 2.2) (Version: 2.2 - Overlook)
    PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
    ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
    PhotoME (HKLM-x32\...\PhotoME_is1) (Version: 0.79R17 - Jens Duttke)
    Polar FlowSync version 3.0.0.1337 (HKLM-x32\...\{A1538F5C-7B65-4DB6-9FFB-FFC0DF2E85D8}_is1) (Version: 3.0.0.1337 - Polar Electro Oy)
    QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7982 - Realtek Semiconductor Corp.)
    RidNacs 2.0.3 (HKLM-x32\...\RidNacs_is1) (Version: - Stephan Plath)
    SD Card Formatter (HKLM-x32\...\{10C16E01-F739-4093-89A7-E570589FA0F6}) (Version: 5.0.0 - SD Association)
    Skype for Business Web App Plug-in (HKLM-x32\...\{37C8167B-B653-4955-A6E8-EBB8DE937DDD}) (Version: 15.8.20020.400 - Microsoft Corporation)
    Skype Meetings App (HKLM-x32\...\{E8E6D26B-382E-43C8-91BA-AB8DF2CD0C10}) (Version: 16.2.0.194 - Microsoft Corporation)
    Skype version 8.43 (HKLM-x32\...\Skype_is1) (Version: 8.43 - Skype Technologies S.A.)
    Slack (HKU\S-1-5-21-1467402742-1454247715-597687806-1001\...\slack) (Version: 4.3.2 - Slack Technologies Inc.)
    Sonic Radar (HKLM\...\{203BCA8C-BC00-4DD5-85DF-2F84DB803B57}) (Version: 1.2.001 - ASUSTeKcomputer.Inc)
    Sony RAW Driver (HKLM-x32\...\{166FCF01-AC98-4288-A01C-90BEB808C059}) (Version: 2.0.00.08130 - Sony Corporation)
    Spyder4Pro (HKLM-x32\...\Spyder4Pro) (Version: - )
    Stellar Phoenix Windows Data Recovery - Home (HKLM-x32\...\Stellar Phoenix Windows Data Recovery - Home_is1) (Version: 4.2.0.1 - Stellar Information Systems Ltd)
    Stellarium 0.18.1 (HKLM\...\Stellarium_is1) (Version: 0.18.1 - Stellarium team)
    Topaz DeNoise 5 (HKLM-x32\...\Topaz DeNoise 5) (Version: 5.1.0 - Topaz Labs, LLC)
    Topaz DeNoise 6 (HKLM-x32\...\Topaz DeNoise 6) (Version: 6.0.1 - Topaz Labs, LLC)
    Topaz DeNoise AI (HKU\S-1-5-21-1467402742-1454247715-597687806-1001\...\{6276d0f7-e8a7-4fa9-a88d-8f98f7789ff1}) (Version: 0.0.0 - Topaz Labs, LLC)
    Topaz Fusion Express 2 (HKLM-x32\...\Topaz Fusion Express 2) (Version: 2.1.3 - Topaz Labs, LLC)
    Topaz Studio (HKU\S-1-5-21-1467402742-1454247715-597687806-1001\...\{7320eda8-55f2-4f2a-af33-090d31bb0b2d}) (Version: 1.0.9 - Topaz Labs, LLC)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    VC_CRT_x64 (HKLM\...\{54F2237F-018C-483B-8884-9FC0D88840C3}) (Version: 1.02.0000 - Intel Corporation) Hidden
    VueScan x64 (HKLM\...\VueScan x64) (Version: - )
    Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
    WD Link (HKLM-x32\...\WD Link) (Version: 1.00.03 - Western Digital)
    WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4800 - Broadcom Corporation)
    WinDirStat 1.1.2 (HKU\S-1-5-21-1467402742-1454247715-597687806-1001\...\WinDirStat) (Version: - )
    Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
    Windows Driver Package - Polar Electro Oy (usbser) Ports (03/12/2015 6.0.2600.5) (HKLM\...\4C9F407EFEE71D7ED12BA7F50C69857CD776B651) (Version: 03/12/2015 6.0.2600.5 - Polar Electro Oy)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
    XAV5501 Firmware Upgrade Tool (HKLM-x32\...\{6CEE44D7-CC6C-466F-95A3-210BED57134C}) (Version: 2.0.0.2 - NETGEAR Powerline) Hidden
    XAV5501 Firmware Upgrade Tool (HKLM-x32\...\InstallShield_{6CEE44D7-CC6C-466F-95A3-210BED57134C}) (Version: 2.0.0.2 - NETGEAR Powerline)
    Zoom (HKU\S-1-5-21-1467402742-1454247715-597687806-1001\...\ZoomUMX) (Version: 4.5 - Zoom Video Communications, Inc.)

    ==================== Custom CLSID (Whitelisted): ==============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-1467402742-1454247715-597687806-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Jonathan\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-1467402742-1454247715-597687806-1001_Classes\CLSID\{3E3AD4BD-346A-460A-80E8-90699B75C00B}\InprocServer32 -> C:\Users\Jonathan\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.194\GatewayActiveX-x64.dll (Microsoft Corporation -> Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-1467402742-1454247715-597687806-1001_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\Jonathan\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll (Google LLC -> Google LLC)
    CustomCLSID: HKU\S-1-5-21-1467402742-1454247715-597687806-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Jonathan\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-1467402742-1454247715-597687806-1001_Classes\CLSID\{7ECF6F97-B4F3-4168-9835-F59C06D7875F}\InprocServer32 -> C:\Users\Jonathan\AppData\Local\Microsoft\SkypeForBusinessPlugin\15.8.20020.400\GatewayActiveX-x64.dll (Microsoft Corporation -> Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-1467402742-1454247715-597687806-1001_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\Jonathan\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-1467402742-1454247715-597687806-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\Jonathan\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-1467402742-1454247715-597687806-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Jonathan\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-1467402742-1454247715-597687806-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\Jonathan\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-1467402742-1454247715-597687806-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
    CustomCLSID: HKU\S-1-5-21-1467402742-1454247715-597687806-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Jonathan\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll (Google LLC -> Google LLC)
    CustomCLSID: HKU\S-1-5-21-1467402742-1454247715-597687806-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Jonathan\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-1467402742-1454247715-597687806-1001_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\Jonathan\AppData\Local\Google\Update\1.3.35.302\psuser_64.dll => No File
    ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
    ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
    ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
    ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-18] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-18] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-18] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-18] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-18] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-18] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-18] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-18] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-18] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-18] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-18] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-18] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-18] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-18] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-18] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-18] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-18] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-18] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-18] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-18] (Dropbox, Inc -> Dropbox, Inc.)
    ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-01-01] (Igor Pavlov) [File not signed]
    ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
    ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2019-12-03] (Adobe Inc. -> Adobe Systems Inc.)
    ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-18] (Dropbox, Inc -> Dropbox, Inc.)
    ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
    ContextMenuHandlers1: [Image Resizer] -> {51B4D7E5-7568-4234-B4BB-47FB3C016A69} => C:\Program Files\Image Resizer for Windows\ShellExtensions.dll [2018-04-11] (Open Source Developer, Brice Lambson -> Brice Lambson)
    ContextMenuHandlers1: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2013-11-21] (Crystal Rich Ltd -> Crystal Rich Ltd)
    ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-12-09] (Apple Inc. -> Apple Inc.)
    ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-11-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
    ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
    ContextMenuHandlers2: [ARSD.FastPictureViewer] -> {B4F3C99C-6099-4617-8052-82ABF04C2F6E} => C:\Program Files\FastPictureViewer\FastPictureViewer.dll [2017-10-07] (Axel Rietschin -> Axel Rietschin Software Developments)
    ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
    ContextMenuHandlers2: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2013-11-21] (Crystal Rich Ltd -> Crystal Rich Ltd)
    ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
    ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-01-01] (Igor Pavlov) [File not signed]
    ContextMenuHandlers4: [ARSD.FastPictureViewer] -> {B4F3C99C-6099-4617-8052-82ABF04C2F6E} => C:\Program Files\FastPictureViewer\FastPictureViewer.dll [2017-10-07] (Axel Rietschin -> Axel Rietschin Software Developments)
    ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-18] (Dropbox, Inc -> Dropbox, Inc.)
    ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
    ContextMenuHandlers4: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2013-11-21] (Crystal Rich Ltd -> Crystal Rich Ltd)
    ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
    ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-18] (Dropbox, Inc -> Dropbox, Inc.)
    ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
    ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
    ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-01-01] (Igor Pavlov) [File not signed]
    ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
    ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2019-12-03] (Adobe Inc. -> Adobe Systems Inc.)
    ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
    ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-11-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

    ==================== Codecs (Whitelisted) ====================

    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)

    WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
    WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
    WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
    ShortcutWithArgument: C:\Users\Jonathan\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> –in-process-plugins
    ShortcutWithArgument: C:\Users\Jonathan\Desktop\Nulab Digital Express.lnk -> C:\ProgramData\Oracle\Java\javapath\javaws.exe (Oracle Corporation) -> -localfile -J-Djnlp.application.href=hxxp://www.nulab.com.au/webstart_NuDE/NuDe.jnlp "C:\Users\Jonathan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\dba987b-4b81542b"

    ==================== Loaded Modules (Whitelisted) =============

    2016-04-23 11:17 - 2020-01-26 12:05 - 000034304 _____ () [File not signed] C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
    2015-03-19 13:22 - 2015-03-19 13:22 - 000094208 _____ () [File not signed] C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\libxpmux.dll
    2016-03-03 15:17 - 2016-03-03 15:17 - 000136704 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\airprintdll.dll
    2016-03-03 15:17 - 2016-03-03 15:17 - 000146944 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\DiagnoseDll.dll
    2016-01-15 13:06 - 2016-01-15 13:06 - 000057344 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\DiagnosePlugin.dll
    2016-02-22 19:25 - 2016-02-22 19:25 - 000116224 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\DragonNetTool.dll
    2015-08-24 19:41 - 2015-08-24 19:41 - 002360622 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\drivers\libntgr_api.dll
    2018-08-09 17:07 - 2018-08-09 17:07 - 000706560 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Genie.dll
    2018-07-20 15:31 - 2018-07-20 15:31 - 000168448 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Airprint.dll
    2018-07-20 15:31 - 2018-07-20 15:31 - 000591872 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Internet.dll
    2018-08-06 17:45 - 2018-08-06 17:45 - 006901248 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Map.dll
    2018-07-20 15:36 - 2018-07-20 15:36 - 002980352 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_MyMedia.dll
    2018-07-24 17:36 - 2018-07-24 17:36 - 000964096 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_NetworkProblem.dll
    2018-07-20 15:33 - 2018-07-20 15:33 - 001257984 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_ParentalControl.dll
    2018-07-20 21:50 - 2018-07-20 21:50 - 011971072 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Resource.dll
    2018-07-24 18:59 - 2018-07-24 18:59 - 002669056 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_RouterConfiguration.dll
    2018-08-09 17:07 - 2018-08-09 17:07 - 000270848 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Statistics.dll
    2018-08-09 17:07 - 2018-08-09 17:07 - 000887296 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Ui.dll
    2018-07-20 15:33 - 2018-07-20 15:33 - 000422400 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Wireless.dll
    2018-07-20 15:34 - 2018-07-20 15:34 - 000633344 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_Update.dll
    2018-07-20 15:33 - 2018-07-20 15:33 - 000433664 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_WirelessExport.dll
    2014-12-22 03:07 - 2014-12-22 03:07 - 000119822 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libgcc_s_dw2-1.dll
    2014-12-22 03:07 - 2014-12-22 03:07 - 001026062 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libstdc++-6.dll
    2012-06-28 09:23 - 2012-06-28 09:23 - 000111616 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libvlc.dll
    2012-06-28 09:23 - 2012-06-28 09:23 - 002285056 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libvlccore.dll
    2016-03-03 15:17 - 2016-03-03 15:17 - 000074752 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\NetcardApi.dll
    2012-06-28 09:23 - 2012-06-28 09:23 - 000219648 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\access\libdshow_plugin.dll
    2012-06-28 09:23 - 2012-06-28 09:23 - 000049664 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\audio_output\libaout_directx_plugin.dll
    2012-06-28 09:23 - 2012-06-28 09:23 - 000051200 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\audio_output\libwaveout_plugin.dll
    2012-06-28 09:23 - 2012-06-28 09:23 - 000051200 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\control\libhotkeys_plugin.dll
    2012-06-28 09:23 - 2012-06-28 09:23 - 001235456 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\misc\libxml_plugin.dll
    2012-06-28 09:23 - 2012-06-28 09:23 - 000037376 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\mmxext\libmemcpymmxext_plugin.dll
    2012-06-28 09:23 - 2012-06-28 09:23 - 000070144 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\video_output\libdirectx_plugin.dll
    2016-02-26 21:07 - 2016-02-26 21:07 - 000049152 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\QRCode.dll
    2016-08-15 19:28 - 2016-08-15 19:28 - 001125888 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\qwt.dll
    2018-08-06 17:46 - 2018-08-06 17:46 - 001698304 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\SvtNetworkTool.dll
    2016-03-03 15:17 - 2016-03-03 15:17 - 000072192 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\SVTUtils.dll
    2016-01-15 13:23 - 2016-01-15 13:23 - 000026112 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\WSetupApiPlugin.dll
    2016-04-12 17:13 - 2016-04-12 17:13 - 000067072 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\WSetupDll.dll
    2019-03-18 23:47 - 2018-09-17 03:26 - 001348096 _____ () [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\polar20.dll
    2019-03-18 23:47 - 2018-05-29 01:27 - 000071168 _____ () [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\zlib.dll
    2018-08-30 06:57 - 2018-08-30 06:57 - 000144896 _____ () [File not signed] C:\Program Files\Common Files\Logishrd\LAClient\libssh2.dll
    2018-08-30 06:57 - 2018-08-30 06:57 - 000077824 _____ () [File not signed] C:\Program Files\Common Files\Logishrd\LAClient\zlib.dll
    2016-04-23 12:08 - 2012-10-02 01:00 - 000183808 _____ (Fuji Xerox Co., Ltd.) [File not signed] C:\Windows\System32\FXZWSLBI.DLL
    2016-04-23 12:08 - 2012-11-12 21:49 - 000074240 _____ (Fuji Xerox Co., Ltd.) [File not signed] C:\Windows\system32\spool\DRIVERS\x64\3\fxxwskdm.dll
    2016-04-23 12:08 - 2012-11-20 18:20 - 000575488 _____ (Fuji Xerox Co., Ltd.) [File not signed] C:\Windows\system32\spool\DRIVERS\x64\3\fxxwszim.dll
    2016-04-23 12:08 - 2012-11-20 18:31 - 009316864 _____ (Fuji Xerox Co., Ltd.) [File not signed] C:\Windows\system32\spool\DRIVERS\x64\3\fxxwszir.xrs
    2016-04-23 12:08 - 2012-11-20 18:30 - 000904704 _____ (Fuji Xerox Co., Ltd.) [File not signed] C:\Windows\system32\spool\DRIVERS\x64\3\fxxwsziu.dll
    2016-04-23 12:08 - 2012-11-12 21:28 - 000075296 _____ (Fuji Xerox Co.,Ltd.) [File not signed] C:\Windows\system32\spool\DRIVERS\x64\3\fxxwsz.xrs
    2016-04-23 12:39 - 2016-01-01 01:15 - 000077312 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
    2013-08-07 15:24 - 2013-08-07 15:24 - 000514048 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
    2013-08-07 15:24 - 2013-08-07 15:24 - 000286720 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
    2008-08-25 23:50 - 2008-08-25 23:50 - 000155648 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA6\1033\VBE6INTL.DLL
    2019-03-28 00:48 - 2019-03-28 00:48 - 000115200 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
    2016-04-23 16:39 - 2016-04-23 16:39 - 000245760 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcm90.dll
    2016-04-23 16:40 - 2016-04-23 16:40 - 000225280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
    2014-12-22 03:07 - 2014-12-22 03:07 - 000049152 _____ (MingW-W64 Project. All rights reserved.) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libwinpthread-1.dll
    2013-02-19 17:46 - 2013-02-19 17:46 - 000220160 _____ (NETGEAR Inc.) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\drivers\NETGEAR_PLC_L2_API.dll
    2018-06-18 01:28 - 2018-03-24 10:05 - 000880024 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
    2018-06-18 01:28 - 2018-03-24 10:05 - 000343728 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll
    2014-03-24 13:32 - 2014-03-24 13:32 - 000060273 _____ (Open Source Software community project) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\pthreadGC2.dll
    2019-03-18 23:47 - 2018-09-17 03:27 - 000381440 _____ (Polar Electro Oy) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\wslib.dll
    2017-06-10 15:12 - 2017-06-10 15:12 - 001426432 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Fieldston Software\gSyncit\System.Data.SQLite.dll
    2020-01-20 20:56 - 2020-01-20 20:56 - 000913920 _____ (ServiceStack) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\ServiceStack.Text\fb8b5ddcc0ad83257424f5a41accc8e3\ServiceStack.Text.ni.dll
    2018-08-30 06:57 - 2018-08-30 06:57 - 000355840 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files\Common Files\Logishrd\LAClient\LIBCURL.dll
    2019-03-18 23:47 - 2015-04-30 02:20 - 025338368 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\icudt54.dll
    2019-03-18 23:47 - 2015-04-30 02:20 - 002056704 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\icuin54.dll
    2019-03-18 23:47 - 2015-04-30 02:20 - 001425408 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\icuuc54.dll
    2013-02-11 12:35 - 2013-02-11 12:35 - 001178624 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\LIBEAY32.dll
    2013-02-11 12:35 - 2013-02-11 12:35 - 000269824 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\ssleay32.dll
    2018-08-30 06:57 - 2018-08-30 06:57 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Common Files\Logishrd\LAClient\LIBEAY32.dll
    2018-08-30 06:57 - 2018-08-30 06:57 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Common Files\Logishrd\LAClient\SSLEAY32.dll
    2015-10-13 06:44 - 2015-10-13 06:44 - 000033280 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qgif.dll
    2015-10-13 06:45 - 2015-10-13 06:45 - 000034816 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qico.dll
    2015-10-13 06:45 - 2015-10-13 06:45 - 000246784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qjpeg.dll
    2015-10-13 06:58 - 2015-10-13 06:58 - 000366592 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qmng.dll
    2015-10-13 06:48 - 2015-10-13 06:48 - 000028672 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qsvg.dll
    2015-10-13 06:58 - 2015-10-13 06:58 - 000027648 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qtga.dll
    2015-10-13 06:58 - 2015-10-13 06:58 - 000433664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qtiff.dll
    2015-10-13 06:58 - 2015-10-13 06:58 - 000027136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qwbmp.dll
    2015-10-13 06:46 - 2015-10-13 06:46 - 001413632 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\platforms\qwindows.dll
    2015-10-13 06:47 - 2015-10-13 06:47 - 000044544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\printsupport\windowsprintersupport.dll
    2015-11-19 15:54 - 2015-11-19 15:54 - 005391360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Core.dll
    2015-10-13 06:31 - 2015-10-13 06:31 - 005334528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Gui.dll
    2015-10-13 06:26 - 2015-10-13 06:26 - 001528832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Network.dll
    2015-10-13 06:42 - 2015-10-13 06:42 - 000334848 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5OpenGL.dll
    2016-04-13 13:52 - 2016-04-13 13:52 - 000357888 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5PrintSupport.dll
    2015-10-13 06:48 - 2015-10-13 06:48 - 000331776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Svg.dll
    2015-10-13 06:37 - 2015-10-13 06:37 - 006541824 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Widgets.dll
    2015-10-13 06:25 - 2015-10-13 06:25 - 000237056 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Xml.dll
    2019-03-18 23:47 - 2015-10-12 12:20 - 000991232 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\platforms\qwindows.dll
    2019-03-18 23:47 - 2018-05-29 08:46 - 004621312 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5Core.dll
    2019-03-18 23:47 - 2015-10-12 12:15 - 004860928 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5Gui.dll
    2019-03-18 23:47 - 2015-10-12 12:32 - 000563712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5Multimedia.dll
    2019-03-18 23:47 - 2015-10-12 12:34 - 000082432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5MultimediaWidgets.dll
    2019-03-18 23:47 - 2015-10-12 12:14 - 000845312 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5Network.dll
    2019-03-18 23:47 - 2015-10-12 12:19 - 000272896 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5OpenGL.dll
    2019-03-18 23:47 - 2015-10-12 12:34 - 000166400 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5Positioning.dll
    2019-03-18 23:47 - 2015-10-12 12:19 - 000267264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5PrintSupport.dll
    2019-03-18 23:47 - 2015-10-12 12:24 - 002588672 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5Qml.dll
    2019-03-18 23:47 - 2015-10-12 12:26 - 002430976 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5Quick.dll
    2019-03-18 23:47 - 2015-10-12 16:03 - 001144832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5Script.dll
    2019-03-18 23:47 - 2015-10-12 12:31 - 000148480 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5Sensors.dll
    2019-03-18 23:47 - 2015-10-12 12:13 - 000154112 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5Sql.dll
    2019-03-18 23:47 - 2015-10-12 12:39 - 000080384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5WebChannel.dll
    2019-03-18 23:47 - 2015-10-12 13:55 - 017406464 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5WebKit.dll
    2019-03-18 23:47 - 2015-10-12 14:10 - 000198656 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5WebKitWidgets.dll
    2019-03-18 23:47 - 2015-10-12 12:17 - 004420096 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5Widgets.dll
    2019-03-18 23:47 - 2015-10-12 12:13 - 000150016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Polar\Polar FlowSync\Qt5Xml.dll

    ==================== Alternate Data Streams (Whitelisted) ========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\ProgramData:iSpring River 8 [140]
    AlternateDataStreams: C:\ProgramData:iSpring Solutions [128]
    AlternateDataStreams: C:\Users\All Users:iSpring River 8 [140]
    AlternateDataStreams: C:\Users\All Users:iSpring Solutions [128]
    AlternateDataStreams: C:\ProgramData\Application Data:iSpring River 8 [140]
    AlternateDataStreams: C:\ProgramData\Application Data:iSpring Solutions [128]
    AlternateDataStreams: C:\ProgramData\TEMP:2683706C [352]
    AlternateDataStreams: C:\Users\Jonathan\Application Data:iSpring River 8 [140]
    AlternateDataStreams: C:\Users\Jonathan\Application Data:iSpring Solutions [128]
    AlternateDataStreams: C:\Users\Jonathan\Desktop\camera gear.doc:com.dropbox.attributes [420]
    AlternateDataStreams: C:\Users\Jonathan\Desktop\Recent Items.lnk:com.dropbox.attributes [168]
    AlternateDataStreams: C:\Users\Jonathan\AppData\Roaming:iSpring River 8 [140]
    AlternateDataStreams: C:\Users\Jonathan\AppData\Roaming:iSpring Solutions [128]
    AlternateDataStreams: C:\Users\Jonathan\AppData\Local\Temp:731DZnHyTiiLxUwy74bnLH [2204]
    AlternateDataStreams: C:\Users\Jonathan\AppData\Local\Temp:lSIkXdZDVyYBohDpnIZm [2308]

    ==================== Safe Mode (Whitelisted) ==================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

    ==================== Association (Whitelisted) =================

    ==================== Internet Explorer trusted/restricted ==========

    ==================== Hosts content: =========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-14 13:34 - 2009-06-11 08:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

    ==================== Other Areas ===========================

    (Currently there is no automatic fix for this section.)

    HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\ImageMagick-6.9.10-Q16;C:\Program Files\ImageMagick-6.9.9-Q16;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Common Files\Apple\Internet Services\
    HKU\S-1-5-21-1467402742-1454247715-597687806-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jonathan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 192.168.0.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (If an entry is included in the fixlist, it will be removed.)

    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SpyderUtility.lnk => C:\Windows\pss\SpyderUtility.lnk.CommonStartup
    MSCONFIG\startupreg: AdobeBridge =>
    MSCONFIG\startupreg: Nikon Message Center 2 => "C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe" -s
    MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

    ==================== FirewallRules (Whitelisted) ================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{76F13773-178A-4BAD-8780-C95105985392}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{0D0720B6-92AD-416F-8EB2-540AF6735BEC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [TCP Query User{A242CE8C-2A70-4990-91AF-40DBBA2062E6}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => (Allow) C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe (BlackBerry Ltd. -> BlackBerry Limited)
    FirewallRules: [UDP Query User{2D2E5575-681D-46DA-B9CA-93600B2855E3}C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe] => (Allow) C:\program files (x86)\common files\research in motion\tunnel manager\peermanager.exe (BlackBerry Ltd. -> BlackBerry Limited)
    FirewallRules: [{2D350EB5-92A2-45AA-846B-CF738A2B411A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{9FB10EC4-D66A-4B12-ADB7-124589922D1D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{0230381D-B7BB-4CE9-A765-DBA31FDDBF1D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{F6EAD2DF-FF0E-47D0-AAB6-4B689CDDC7E0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{9D18AF0E-8671-4650-87C1-157D004ABD22}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe (Microsoft Corporation) [File not signed]
    FirewallRules: [{5A8A938A-B07D-42BE-A0AE-57572904691B}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe (Microsoft Corporation) [File not signed]
    FirewallRules: [{E0BD4EFC-5950-4D2D-A4E2-4F0487AA8BC5}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe (Microsoft Corporation) [File not signed]
    FirewallRules: [{A3B62D77-36D6-41CC-93F8-08F840C7EA2C}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe (Microsoft Corporation) [File not signed]
    FirewallRules: [{5ECB7666-B02F-4747-9391-ECC62A659FE8}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{B20E242F-5403-4155-9254-B8B50776A51A}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{580F9F8B-7836-4555-BF43-2E595504DADE}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{B82E8129-0F6C-4928-8F82-2359E45200B6}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{435FA4DE-B1DE-4DFC-A32D-2CD5AB15ACFA}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{F4DD1852-17E0-40D4-A6C5-9EBB1643E60D}] => (Allow) LPort=2869
    FirewallRules: [{9BE5CEE0-DCDC-41BC-B998-86AD560F0EF9}] => (Allow) LPort=1900
    FirewallRules: [TCP Query User{7DE160FB-9CC3-4BB4-9959-80A4B2F53069}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe (NETGEAR TAIWAN CO., LTD -> NETGEAR Inc.)
    FirewallRules: [UDP Query User{8880C6D4-5EA4-4D9E-B75C-EE04EE3FD3C1}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe (NETGEAR TAIWAN CO., LTD -> NETGEAR Inc.)
    FirewallRules: [TCP Query User{C9490198-D221-4FCD-B42D-2E729643F63E}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe (NETGEAR TAIWAN CO., LTD -> NETGEAR Inc.)
    FirewallRules: [UDP Query User{4605B8E3-F44D-4766-9006-DA2EAEA4C6E6}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe (NETGEAR TAIWAN CO., LTD -> NETGEAR Inc.)
    FirewallRules: [{BB29D791-FBF9-43E8-934C-CA016D78B26F}] => (Allow) C:\Program Files (x86)\Canon\Color Network ScanGear\SgTool.exe (CANON INC.) [File not signed]
    FirewallRules: [{CC4BC522-A834-4E83-B350-FCF5B83904EB}] => (Allow) C:\Program Files (x86)\Canon\Color Network ScanGear\SgTool.exe (CANON INC.) [File not signed]
    FirewallRules: [{E432D786-59E0-463A-873F-B36DFE5689E8}] => (Allow) LPort=56338
    FirewallRules: [TCP Query User{47AB4CDB-0C9C-484E-A2C1-47D842A39F49}C:\users\jonathan\appdata\local\blue jeans\app\bluejeans.exe] => (Allow) C:\users\jonathan\appdata\local\blue jeans\app\bluejeans.exe (Blue Jeans Network -> Blue Jeans)
    FirewallRules: [UDP Query User{E8651A3F-B7BD-4382-88E6-1BA34A063EA2}C:\users\jonathan\appdata\local\blue jeans\app\bluejeans.exe] => (Allow) C:\users\jonathan\appdata\local\blue jeans\app\bluejeans.exe (Blue Jeans Network -> Blue Jeans)
    FirewallRules: [TCP Query User{C0152FEA-A5CD-4703-A085-55A34184730A}C:\users\jonathan\appdata\local\blue jeans\app\bluejeans.exe] => (Block) C:\users\jonathan\appdata\local\blue jeans\app\bluejeans.exe (Blue Jeans Network -> Blue Jeans)
    FirewallRules: [UDP Query User{44C1B242-0C45-4F8D-8F63-196EA57C406E}C:\users\jonathan\appdata\local\blue jeans\app\bluejeans.exe] => (Block) C:\users\jonathan\appdata\local\blue jeans\app\bluejeans.exe (Blue Jeans Network -> Blue Jeans)
    FirewallRules: [{7BF612B1-3D08-4536-A794-C25F9EFF19F7}] => (Allow) C:\Program Files\VueScan\vuescan.exe (Hamrick Software -> Hamrick Software)
    FirewallRules: [{D40BF57F-5E5E-4989-A2D6-9A079C4E60B2}] => (Allow) C:\Program Files\VueScan\vuescan.exe (Hamrick Software -> Hamrick Software)
    FirewallRules: [TCP Query User{ECA2DD7A-2D85-4A42-9525-C53FD45464D0}C:\users\jonathan\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.194\pluginhost.exe] => (Allow) C:\users\jonathan\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.194\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [UDP Query User{64FFF1EB-2596-455F-965E-303DD1F4FB68}C:\users\jonathan\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.194\pluginhost.exe] => (Allow) C:\users\jonathan\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.194\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [TCP Query User{0738840B-9CDA-4EEF-BD1F-AFD372CF4EE0}C:\users\jonathan\appdata\local\microsoft\skypeforbusinessplugin\15.8.20020.400\pluginhost.exe] => (Block) C:\users\jonathan\appdata\local\microsoft\skypeforbusinessplugin\15.8.20020.400\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [UDP Query User{D89278A5-9C18-4581-94F7-C6396AA14F6A}C:\users\jonathan\appdata\local\microsoft\skypeforbusinessplugin\15.8.20020.400\pluginhost.exe] => (Block) C:\users\jonathan\appdata\local\microsoft\skypeforbusinessplugin\15.8.20020.400\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{D3DCD875-BAEF-4965-AFDE-36D1263ECF4B}] => (Allow) tunmgr.exe No File
    FirewallRules: [{356F7AB6-3DD9-4374-9415-9CEF46D1A1F8}] => (Allow) tunmgr.exe No File
    FirewallRules: [{A534E6CB-2AB0-4E9B-A3CB-47F37696F1C9}] => (Allow) mDNSResponder.exe No File
    FirewallRules: [{2B5E4A9F-4EC4-4DD6-BEA5-4CF10D1D5B79}] => (Allow) mDNSResponder.exe No File
    FirewallRules: [{7A206937-DFBF-4597-B883-8B9689D112D4}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe (BlackBerry Ltd. -> )
    FirewallRules: [{48C2E2AD-0395-4C72-B784-CFCE68F108FD}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\tunnel manager\PeerManager.exe (BlackBerry Ltd. -> BlackBerry Limited)
    FirewallRules: [{1FA83932-FC6B-4815-9060-5BE2A5889300}] => (Allow) C:\Program Files (x86)\BlackBerry\BlackBerry Blend\desktopinvokeproxy.exe (BlackBerry Ltd. -> BlackBerry Limited. All rights reserved)
    FirewallRules: [TCP Query User{24A04705-7CBD-4B41-BAE1-2C3304D475C7}C:\users\jonathan\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\jonathan\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe No File
    FirewallRules: [UDP Query User{BCFCBB81-E0BF-4DE4-B2AC-367A57C5A28B}C:\users\jonathan\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\jonathan\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe No File
    FirewallRules: [{380F163E-531E-4DDD-B61F-D77DB5394979}] => (Allow) LPort=5354
    FirewallRules: [{F08DF9B0-B289-4864-9CDF-3096EA487971}] => (Allow) LPort=5354
    FirewallRules: [{9BB6FE0C-6585-49B5-9635-E6F836DF5810}] => (Allow) LPort=5354
    FirewallRules: [{CDDDA13E-B5E5-4D98-A630-6AE6626AFFE2}] => (Allow) LPort=5354
    FirewallRules: [{AA4296A0-9383-4C70-BBDC-83FF4DCE05CA}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{6DADC58E-9A89-4B4C-BC73-A135BE8F76FB}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{F2DD54C4-9D6D-405B-86CE-07C9361E9F01}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{3E59C088-EE86-4A8C-B0A7-11D76B0A73BD}] => (Allow) C:\Program Files (x86)\FUJIFILM\XAcquire\XAcquire.exe (FUJIFILM Corporation -> FUJIFILM Corporation)
    FirewallRules: [{0D7F9617-2AE8-4D75-A964-D3841F148217}] => (Allow) C:\Users\Jonathan\AppData\Roaming\Zoom\bin_00\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
    FirewallRules: [{42ACC765-2D41-4585-9FD7-FC2F70E66D26}] => (Allow) C:\Users\Jonathan\AppData\Roaming\Zoom\bin_00\airhost.exe No File
    FirewallRules: [{B1363DB4-B0B4-49CB-B66B-26A2161C7552}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{037EFD27-273B-44C8-980A-2578913B87E1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
    FirewallRules: [{9FB7CC8F-1D59-434A-AAE1-C34FA57EFA5F}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
    FirewallRules: [{A1230267-711F-4771-B8DA-4458422D9960}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
    FirewallRules: [{4D873D59-2C1F-4DC0-821B-8186D109401A}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
    FirewallRules: [{F78EE811-827E-43D5-88D0-3061B0039BB7}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
    FirewallRules: [TCP Query User{DBA6968C-25DE-499B-ABCF-E0750AA069A3}C:\program files\on1\on1 resize 10\on1 resize 10.exe] => (Block) C:\program files\on1\on1 resize 10\on1 resize 10.exe (ON1, Inc. -> ON1, Inc.)
    FirewallRules: [UDP Query User{7465FC3D-A111-419D-9B8A-356A855F00B4}C:\program files\on1\on1 resize 10\on1 resize 10.exe] => (Block) C:\program files\on1\on1 resize 10\on1 resize 10.exe (ON1, Inc. -> ON1, Inc.)

    ==================== Restore Points =========================

    ATTENTION: System Restore is disabled (Total:894.03 GB) (Free:498.6 GB) (56%)

    ==================== Faulty Device Manager Devices ============

    Name: AMDA00 Interface
    Description: AMDA00 Interface
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: ASUSTeK Computer Inc.
    Service: WUDFRd
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

    Name: Broadcom 802.11ac Network Adapter
    Description: Broadcom 802.11ac Network Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Broadcom
    Service: BCM43XX
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


    ==================== Event log errors: ========================

    Application errors:
    ==================
    Error: (01/30/2020 12:17:01 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: Avira.SystemSpeedup.Maintenance.exe, version: 6.4.0.10836, time stamp: 0x5e1738c5
    Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
    Exception code: 0xc0000409
    Fault offset: 0x04398640
    Faulting process id: 0x24bd8
    Faulting application start time: 0x01d5d70af9369cda
    Faulting application path: C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Maintenance.exe
    Faulting module path: unknown
    Report Id: 37803cff-42fe-11ea-815c-54271ebdb358

    Error: (01/30/2020 11:54:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 19 176.0.168.192.in-addr.arpa. PTR GEEKLAND-PC.local.

    Error: (01/30/2020 11:54:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: mDNSCoreReceiveResponse: Received from 192.168.0.176:5353 21 176.0.168.192.in-addr.arpa. PTR GEEKLAND-PC-2.local.

    Error: (01/30/2020 11:54:16 AM) (Source: RIM MDNS) (EventID: 100) (User: )
    Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 19 176.0.168.192.in-addr.arpa. PTR GEEKLAND-PC.local.

    Error: (01/30/2020 11:54:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 19 176.0.168.192.in-addr.arpa. PTR GEEKLAND-PC.local.

    Error: (01/30/2020 11:54:16 AM) (Source: RIM MDNS) (EventID: 100) (User: )
    Description: mDNSCoreReceiveResponse: Received from 192.168.0.176:5353 21 176.0.168.192.in-addr.arpa. PTR GEEKLAND-PC-2.local.

    Error: (01/30/2020 11:54:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: mDNSCoreReceiveResponse: Received from 192.168.0.176:5353 21 176.0.168.192.in-addr.arpa. PTR GEEKLAND-PC-2.local.

    Error: (01/30/2020 11:39:28 AM) (Source: RIM MDNS) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 9407


    System errors:
    =============
    Error: (01/30/2020 11:54:32 AM) (Source: srv) (EventID: 2017) (User: )
    Description: The server was unable to allocate from the system nonpaged pool because the server reached the configured limit for nonpaged pool allocations.

    Error: (01/30/2020 11:54:02 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

    Error: (01/30/2020 10:30:01 AM) (Source: srv) (EventID: 2017) (User: )
    Description: The server was unable to allocate from the system nonpaged pool because the server reached the configured limit for nonpaged pool allocations.

    Error: (01/30/2020 09:15:52 AM) (Source: srv) (EventID: 2017) (User: )
    Description: The server was unable to allocate from the system nonpaged pool because the server reached the configured limit for nonpaged pool allocations.

    Error: (01/29/2020 09:45:28 PM) (Source: srv) (EventID: 2017) (User: )
    Description: The server was unable to allocate from the system nonpaged pool because the server reached the configured limit for nonpaged pool allocations.

    Error: (01/29/2020 08:23:36 PM) (Source: srv) (EventID: 2017) (User: )
    Description: The server was unable to allocate from the system nonpaged pool because the server reached the configured limit for nonpaged pool allocations.

    Error: (01/29/2020 06:37:18 PM) (Source: srv) (EventID: 2017) (User: )
    Description: The server was unable to allocate from the system nonpaged pool because the server reached the configured limit for nonpaged pool allocations.

    Error: (01/29/2020 06:37:03 PM) (Source: Microsoft Antimalware) (EventID: 3002) (User: )
    Description: Microsoft Antimalware Real-Time Protection feature has encountered an error and failed.

    Feature: On Access

    Error Code: 0x80004005

    Error description: Unspecified error

    Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.


    Windows Defender:
    ===================================
    Date: 2016-09-30 12:15:01.745
    Description:
    Windows Defender scan has been stopped before completion.
    Scan ID:{70B3EBE4-3ADE-4E53-9F15-67E98C1D405D}
    Scan Type:AntiSpyware
    Scan Parameters:Full Scan

    Date: 2016-09-30 12:09:10.132
    Description:
    Windows Defender scan has been stopped before completion.
    Scan ID:{A9898F37-2CF5-412D-A5A2-9D9E437D8463}
    Scan Type:AntiSpyware
    Scan Parameters:Quick Scan

    ==================== Memory info ===========================

    BIOS: American Megatrends Inc. 0801 07/04/2014
    Motherboard: ASUSTeK COMPUTER INC. RAMPAGE IV BLACK EDITION
    Processor: Intel(R) Core(TM) i7-3930K CPU @ 3.20GHz
    Percentage of memory in use: 32%
    Total physical RAM: 32706.89 MB
    Available physical RAM: 22117.79 MB
    Total Virtual: 65411.93 MB
    Available Virtual: 45536.06 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:894.03 GB) (Free:498.59 GB) NTFS
    Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS ==>[system with boot components (obtained from drive)]
    Drive e: () (Fixed) (Total:931.41 GB) (Free:148.61 GB) NTFS
    Drive f: (SuperMulti) (CDROM) (Total:0.09 GB) (Free:0 GB) CDFS
    Drive g: (Data Mirror) (Fixed) (Total:2794.39 GB) (Free:458.24 GB) NTFS


    ==================== MBR & Partition Table ====================

    ==========================================================
    Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 1525D3C1)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

    ==========================================================
    Disk: 1 (Protective MBR) (Size: 894.3 GB) (Disk ID: 00000000)

    Partition: GPT.

    ==========================================================
    Disk: 2 (Protective MBR) (Size: 2794.5 GB) (Disk ID: 00000000)

    Partition: GPT.

    ==========================================================
    Disk: 3 (MBR Code: Windows 7/8/10) (Size: 2794.5 GB) (Disk ID: AC5649DB)

    Partition: GPT.

    ==================== End of Addition.txt =======================
     
  13. iMacg3

    iMacg3 Malware Specialist

    Joined:
    Nov 3, 2018
    Messages:
    726
    Hi BondiJonno,

    Sorry for the delay. Currently going over your logs and will get back to you with further instructions soon.
     
  14. BondiJonno

    BondiJonno Thread Starter

    Joined:
    Jan 25, 2020
    Messages:
    21
    Thanks iMacg3!
     
  15. iMacg3

    iMacg3 Malware Specialist

    Joined:
    Nov 3, 2018
    Messages:
    726
    Hi BondiJonno,

    Can you copy and paste the full file path of the file Avira detects as malicious into your reply?
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Short URL to this thread: https://techguy.org/1239272

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice