[SOLVED] Windows 7 to Windows 10 upgrade crash

So I tried this in 2 different ways. The MediaCreationTool1909.exe file is small. When you start, it asks you to agree to the MS policy and begin to dl the ISO. After it dls it and prepares for installation and then checks for any updates. After it checks for updates it will ask you if want to keep and/or apps. It begins installation and then reboots at which it begins with working on updates. Both times it crashes at 30% when working on updates. The first time I disconnected the wifi adapter after the first reboot and during the second time I disconnected the wifi adapter before the reboot but after it dls the ISO (or whatever it is). I always get the same errors. The source of ile Download Windows 10
 
setuperr.log:

2019-12-20 14:16:25, Error [0x08085f] MIG MigHost: CMigPluginSurrogate::LoadAndRegisterServerInThreadContext: LoadLibraryExW(C:\$WINDOWS.~BT\Sources\ReplacementManifests\Microsoft-Windows-RasServer-MigPlugin\RasMigPlugin.dll, LOAD_WITH_ALTERED_SEARCH_PATH) failed gle=0x7f.[gle=0x0000007f]
2019-12-20 14:16:25, Error [0x080863] MIG MigHost: CMigPluginSurrogate::COMGenericThreadingHostThreadProc: LoadAndRegisterServerInThreadContext() failed hr=0x8007007f.[gle=0x0000007f]
2019-12-20 14:33:41, Error [0x08085f] MIG MigHost: CMigPluginSurrogate::LoadAndRegisterServerInThreadContext: LoadLibraryExW(C:\$WINDOWS.~BT\Sources\ReplacementManifests\Microsoft-Windows-RasServer-MigPlugin\RasMigPlugin.dll, LOAD_WITH_ALTERED_SEARCH_PATH) failed gle=0x7f.[gle=0x0000007f]
2019-12-20 14:33:41, Error [0x080863] MIG MigHost: CMigPluginSurrogate::COMGenericThreadingHostThreadProc: LoadAndRegisterServerInThreadContext() failed hr=0x8007007f.[gle=0x0000007f]

setupact.log:

2019-12-20 14:12:14, Info UI Determining whether we should run ConX or legacy setup
2019-12-20 14:12:14, Info UI Will launch ConX setup experience
2019-12-20 14:12:14, Info UI Initializing Media class driver for audio support
2019-12-20 14:12:14, Info UI Initializing media class driver status: 126
2019-12-20 14:12:14, Info UI Launching ConX setup experience
2019-12-20 14:12:14, Info UI Inspecting ConX Setup Cmdline
2019-12-20 14:12:14, Info UI Launching C:\ESD\Windows\Sources\SetupPrep.exe /DynamicUpdate Enable /Telemetry Enable /CorrelationVector YTbn0Q8WCU6n2++i.3
2019-12-20 14:16:25, Info MIG MigHost started with command line: {36E77B16-1663-4365-8665-7520CC905A57} /InitDoneEvent:MigHost.{36E77B16-1663-4365-8665-7520CC905A57}.Event /ParentPID:11780
2019-12-20 14:16:25, Info MIG MigHost: CMigPluginSurrogate::Init: Successfully initialized surrogate.
2019-12-20 14:16:25, Info MIG MigHost: Initialized successfully with CLSID[{36E77B16-1663-4365-8665-7520CC905A57}] and LogDir=[]
2019-12-20 14:16:25, Info MIG MigHost: CMigPluginSurrogate::LoadDllServer in progress: BinaryPath=[C:\$WINDOWS.~BT\Sources\ReplacementManifests\Microsoft-Windows-RasServer-MigPlugin\RasMigPlugin.dll], CLSID=[{D26AA4A5-92AD-48DB-8D59-95EF0DCE6939}], ApartmentThreadingModel=[0].
2019-12-20 14:16:25, Info MIG MigHost: CMigPluginSurrogate::COMGenericThreadingHostThreadProc: ThreadID=[0x2350], Server=[C:\$WINDOWS.~BT\Sources\ReplacementManifests\Microsoft-Windows-RasServer-MigPlugin\RasMigPlugin.dll], CLSID=[{D26AA4A5-92AD-48DB-8D59-95EF0DCE6939}], ApartmentThreadingModel=[0]
2019-12-20 14:16:25, Info MIG MigHost: CMigPluginSurrogate::LoadAndRegisterServerInThreadContext: Loaded server(C:\$WINDOWS.~BT\Sources\ReplacementManifests\Microsoft-Windows-RasServer-MigPlugin\RasMigPlugin.dll)
2019-12-20 14:16:25, Error [0x08085f] MIG MigHost: CMigPluginSurrogate::LoadAndRegisterServerInThreadContext: LoadLibraryExW(C:\$WINDOWS.~BT\Sources\ReplacementManifests\Microsoft-Windows-RasServer-MigPlugin\RasMigPlugin.dll, LOAD_WITH_ALTERED_SEARCH_PATH) failed gle=0x7f.[gle=0x0000007f]
2019-12-20 14:16:25, Info MIG MigHost: CMigPluginSurrogate::LoadAndRegisterServerInThreadContext: File is present, most likely it does not load on the current OS version
2019-12-20 14:16:25, Error [0x080863] MIG MigHost: CMigPluginSurrogate::COMGenericThreadingHostThreadProc: LoadAndRegisterServerInThreadContext() failed hr=0x8007007f.[gle=0x0000007f]
2019-12-20 14:16:25, Info MIG MigHost: CMigPluginSurrogate::LoadDllServer finished: Result=[0x8007007f].
2019-12-20 14:16:25, Info MIG MigHost: Exiting process.
2019-12-20 14:33:41, Info MIG MigHost started with command line: {E671F240-7B07-451C-814C-61708DAAF9BA} /InitDoneEvent:MigHost.{E671F240-7B07-451C-814C-61708DAAF9BA}.Event /ParentPID:11780
2019-12-20 14:33:41, Info MIG MigHost: CMigPluginSurrogate::Init: Successfully initialized surrogate.
2019-12-20 14:33:41, Info MIG MigHost: Initialized successfully with CLSID[{E671F240-7B07-451C-814C-61708DAAF9BA}] and LogDir=[]
2019-12-20 14:33:41, Info MIG MigHost: CMigPluginSurrogate::LoadDllServer in progress: BinaryPath=[C:\$WINDOWS.~BT\Sources\ReplacementManifests\Microsoft-Windows-RasServer-MigPlugin\RasMigPlugin.dll], CLSID=[{D26AA4A5-92AD-48DB-8D59-95EF0DCE6939}], ApartmentThreadingModel=[0].
2019-12-20 14:33:41, Info MIG MigHost: CMigPluginSurrogate::COMGenericThreadingHostThreadProc: ThreadID=[0x2894], Server=[C:\$WINDOWS.~BT\Sources\ReplacementManifests\Microsoft-Windows-RasServer-MigPlugin\RasMigPlugin.dll], CLSID=[{D26AA4A5-92AD-48DB-8D59-95EF0DCE6939}], ApartmentThreadingModel=[0]
2019-12-20 14:33:41, Info MIG MigHost: CMigPluginSurrogate::LoadAndRegisterServerInThreadContext: Loaded server(C:\$WINDOWS.~BT\Sources\ReplacementManifests\Microsoft-Windows-RasServer-MigPlugin\RasMigPlugin.dll)
2019-12-20 14:33:41, Error [0x08085f] MIG MigHost: CMigPluginSurrogate::LoadAndRegisterServerInThreadContext: LoadLibraryExW(C:\$WINDOWS.~BT\Sources\ReplacementManifests\Microsoft-Windows-RasServer-MigPlugin\RasMigPlugin.dll, LOAD_WITH_ALTERED_SEARCH_PATH) failed gle=0x7f.[gle=0x0000007f]
2019-12-20 14:33:41, Info MIG MigHost: CMigPluginSurrogate::LoadAndRegisterServerInThreadContext: File is present, most likely it does not load on the current OS version
2019-12-20 14:33:41, Error [0x080863] MIG MigHost: CMigPluginSurrogate::COMGenericThreadingHostThreadProc: LoadAndRegisterServerInThreadContext() failed hr=0x8007007f.[gle=0x0000007f]
2019-12-20 14:33:41, Info MIG MigHost: CMigPluginSurrogate::LoadDllServer finished: Result=[0x8007007f].
2019-12-20 14:33:41, Info MIG MigHost: Exiting process.
AudMig: No audio endpoint migration settings found 0x2
AudMig: No audio endpoint migration settings found 0x2
 
Please do the following, thanks!

Step#1 - FRST Scan

1. Please download Farbar Recovery Scan Tool and save it to your Desktop.
Note: You need to run the 64-bit Version so please ensure you download that one.
2. Right-click FRST64.exe and click Run as Administrator to run it as administrator. When the tool opens, click Yes to disclaimer.
3. Please ensure you place a check mark in the Addition.txt check box at the bottom of the form before running (if not already checked).
4. Press Scan button.
5. It will produce a log called FRST.txt in the same directory the tool is run from (which should now be the desktop)
6. Please attach the log back here.
7. Another log (Addition.txt - also located in the same directory as FRST64.exe) will be generated Please also attach that along with the FRST.txt in your reply.
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2019
Ran by honey (administrator) on HONEY-PC (Hewlett-Packard s5-1260) (20-12-2019 18:03:23)
Running from C:\Users\honey\Desktop
Loaded Profiles: honey (Available Profiles: honey)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Universal Media Server\jre-x64\bin\javaw.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe
(Realtek Semiconductor Corp -> ) C:\Windows\runSW.exe
(Realtek Semiconductor Corp -> Realtek) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe
(Realtek Semiconductor Corp. -> Realtek) C:\Windows\SwUSB.exe
(Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtWLan.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18381792 2017-08-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [3523848 2018-07-03] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
HKLM\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [97089184 2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKU\S-1-5-21-404867302-3797044342-2971219209-1000\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-404867302-3797044342-2971219209-1000\...\MountPoints2: D - D:\setup.exe
HKU\S-1-5-21-404867302-3797044342-2971219209-1000\...\MountPoints2: {7a10655e-39ff-11e4-8394-2c4138a9b7f0} - E:\windows\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A10B02 PID_0083
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-18] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2018-02-24]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Universal Media Server.lnk [2019-11-18]
ShortcutTarget: Universal Media Server.lnk -> C:\Program Files (x86)\Universal Media Server\UMS.exe (Universal Media Server) [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0169E1B7-B536-48FA-A750-B58928F20B33} - System32\Tasks\{8901AA4F-2288-4ACF-9472-878EB7698C53} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.1.0.105/en/go/help.faq.installer?source=lightinstaller&LastError=1618
Task: {0183A9F8-933B-47B8-986F-6513B4FB2AC1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-03] (Google Inc -> Google LLC)
Task: {041F0DED-8702-4908-89AE-C88475E8DD7D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {078FA5CA-8761-4E18-8FBB-C3AEF4ADB59E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe
Task: {12F62E2A-3043-4504-A301-97E00C546F15} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {263FF756-A709-40CC-99FC-A052A2E937DB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-03] (Google Inc -> Google LLC)
Task: {2DC79F64-4407-4283-AA4D-1292C88AF4F2} - System32\Tasks\HP AR Program Upload - e1a0300e7546429686aa7d5c9e0ea8177a0a873dbe314bbb8bc557fe6c28f58d => C:\Program Files\HP\HP Officejet Pro 8600\bin\HPRewards.exe [3513960 2012-10-17] (Hewlett Packard -> TODO: <Company name>)
Task: {305F5AF0-9A75-41A3-BDA3-E15CBD8CC81E} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_293_Plugin.exe [1457720 2019-11-14] (Adobe Inc. -> Adobe)
Task: {44C3EFD2-0B52-4D15-ADE3-3A5DC85B35B8} - System32\Tasks\{E55B9ED2-94A1-4B39-9585-D903BC8650A1} => C:\Windows\system32\pcalua.exe -a C:\Users\honey\AppData\Local\Temp\jre-8u111-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {4745E3C8-17A6-42B2-9576-24961492BF82} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1146000 2019-03-14] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
Task: {478D33AE-3A2A-4E54-A1F2-538CEE834478} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {49246421-C2C6-4F69-9ACF-97C9E23487AF} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\honey\Desktop\esetonlinescanner_enu.exe
Task: {4B39A3E9-CE9C-41F3-80F4-4FF4C87C0F9B} - System32\Tasks\AdobeAAMUpdater-1.0-honey-PC-honey => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {4B5F4A62-3DF3-4618-B3C7-5D180BEE9615} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_303_pepper.exe [1453112 2019-12-15] (Adobe Inc. -> Adobe)
Task: {4C6DF339-E900-40B4-9F24-64E2658DA688} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
Task: {504ADE8D-53AD-41F4-A150-C44AAE2FD32F} - System32\Tasks\HPCeeScheduleForhoney => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [99208 2016-06-24] (Hewlett-Packard Company -> HP Inc.)
Task: {523C4D4F-F771-45E1-96B9-8A244D3B83C9} - System32\Tasks\Opera scheduled Autoupdate 1469117722 => C:\Program Files (x86)\Opera\launcher.exe [1346584 2019-12-19] (Opera Software AS -> Opera Software)
Task: {52F7D3E4-D330-409B-9AF9-D737A2969E9B} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {53084F47-70A0-4A9E-93E3-115C4C67607E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2107800 2019-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {5D63E1DC-A72D-46DD-9512-A748D9BAB756} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2107800 2019-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {5EF6E241-505A-4C8E-A97A-6F59DE348FDC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe
Task: {5FBA0073-B46D-4B0D-8F6F-F0E55508EEB5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [155472 2019-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {632F136C-250C-4138-B30D-7E35E8319A70} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
Task: {6CA8AC4F-317B-4756-AD88-A86461E1F8C2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {730604AD-06A3-4AD4-A113-F558C83D3D57} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
Task: {7D091B18-36B8-48C9-83FB-70B265EA201E} - System32\Tasks\HP AR Program Upload - 2b96ef6ba8c74a0594e4f206f6677225c10cf07cd91845e98f608a5ba2578cd7 => C:\Program Files\HP\HP Officejet Pro 8600\bin\HPRewards.exe [3513960 2012-10-17] (Hewlett Packard -> TODO: <Company name>)
Task: {90A8B4A8-0405-4078-81AB-12A84C10B0A1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-12-15] (Adobe Inc. -> Adobe)
Task: {90BF968C-CFE1-45B6-B52A-22EA4D8595F4} - System32\Tasks\HP AR Program Upload - 67d6c50ffc9a43a5827c0a40a53c5a1705d9483298c9431aa1172cbd71400a1e => C:\Program Files\HP\HP Officejet Pro 8600\bin\HPRewards.exe [3513960 2012-10-17] (Hewlett Packard -> TODO: <Company name>)
Task: {A1D546F8-9713-4A74-A332-E2B175FEE622} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
Task: {A2F6D597-75CA-4EA1-A4CB-C66A4EA0736B} - System32\Tasks\{B84DD121-1A93-4031-9700-C7ECBD228184} => C:\Windows\system32\pcalua.exe -a G:\ubuntu\uninstall-wubi.exe -d G:\ubuntu
Task: {A7DEAD99-7A6B-46F5-A6CB-B54DD38F1E56} - System32\Tasks\{9EBA67BE-2107-430C-B5D5-5B6EA9059BBE} => C:\Windows\system32\pcalua.exe -a C:\Users\honey\Downloads\AcroRdrDC1801120035_en_US.exe -d C:\Users\honey\Downloads
Task: {AC816D34-2952-436D-B9BC-363AE853FA5D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {AE72DD1B-28D6-4DC6-B716-347772920CA0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {AFB3203A-7E38-4DDC-9D0A-7894B447E73C} - System32\Tasks\HP AR Program Upload - 1f0758f101f44b4f8cc64a7828fdf6aaf8eaff33dc114a2b8c6e284075e9a23f => C:\Program Files\HP\HP Officejet Pro 8600\bin\HPRewards.exe [3513960 2012-10-17] (Hewlett Packard -> TODO: <Company name>)
Task: {B26E3F61-F187-433D-8F72-D696B03F0606} - System32\Tasks\cFos\Registration Tasks\Open Browser => c:\program files\internet explorer\iexplore.exe "hxxp://www.cfos.de/en/cfosspeed/expiration.htm?sw-10.10.2238&days=-72&ret=11&raw=13&exp=103"
Task: {B68A74E4-7500-4630-82B1-20CC463480E0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {C6171948-1C4C-4E43-AC1B-173E1CAD2278} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {D02875D4-A4F0-4F01-9145-A4048DB1EA49} - System32\Tasks\{DBCAF028-317E-4857-8023-FE39612E1640} => C:\Users\honey\Downloads\kodi-18.4-Leia-x64.exe
Task: {D83FA1DB-6DFB-47F1-963C-6D01C3F1ABEF} - System32\Tasks\{F30508C4-188E-4C34-80DD-53D9F934F86B} => C:\Windows\system32\pcalua.exe -a C:\Users\honey\Downloads\AdobeAIRInstaller(1).exe -d C:\Users\honey\Downloads
Task: {D8CC42C7-E7F7-4067-8ECB-9F895F5AE254} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [862 2019-04-30] () [File not signed]
Task: {D9806E1D-5C57-4516-9A05-7CB28BA015B4} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {DB561C93-F22D-4104-9444-520B1A5843F7} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1724928 2019-11-16] () [File not signed]
Task: {DB9FCA76-61A5-4563-A92D-D7701A6AF0A9} - System32\Tasks\{482BA325-2BFA-4F56-84F0-B029EDAC71D4} => C:\Windows\system32\pcalua.exe -a C:\Users\honey\AppData\Local\Temp\jre-9.0.4_windows-x86_bin-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau <==== ATTENTION
Task: {F03334E7-0E8E-4FAA-A2ED-FFF773BE1E65} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\honey\Desktop\esetonlinescanner_enu.exe
Task: {F1334C95-C71D-4998-8D0E-1F45738519BD} - System32\Tasks\HP AR Program Upload - dfcb88f1f61d4f16bf90de32685894773c8ba217ebc74ddd85dc35ba23ed5138 => C:\Program Files\HP\HP Officejet Pro 8600\bin\HPRewards.exe [3513960 2012-10-17] (Hewlett Packard -> TODO: <Company name>)
Task: {F45925A8-ACC4-4487-A0F6-EA2514209988} - System32\Tasks\{89E853D0-A00E-4318-898F-019148F59109} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" -c /uninstall ENTERPRISE /dll OSETUP.DLL
Task: {FFE65709-78B1-44AE-9DA4-37F6F601F68B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [155472 2019-12-15] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\HPCeeScheduleForhoney.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{BF0ABBC0-88F4-403C-B7BA-108C549F8C42}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{FB95A44C-09DA-444F-9634-F38025F66432}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{FB95A44C-09DA-444F-9634-F38025F66432}: [DhcpNameServer] 192.168.1.1
HKLM\System\...\Parameters\PersistentRoutes: [0.0.0.0,0.0.0.0,192.168.1.1,1]

Internet Explorer:
==================
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-12-04] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2019-12-04] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-12-04] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2019-12-04] (Microsoft Corporation -> Microsoft Corporation)
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxps://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1504722108279
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2019-01-25] (Belarc, Inc. -> Belarc, Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-04] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: x85otvh9.default-1452453708882-1533826311977
FF ProfilePath: C:\Users\honey\AppData\Roaming\Mozilla\Firefox\Profiles\x85otvh9.default-1452453708882-1533826311977 [2019-12-20]
FF Session Restore: Mozilla\Firefox\Profiles\x85otvh9.default-1452453708882-1533826311977 -> is enabled.
FF Extension: (Mozilla add-on that supports the roll-out of DoH) - C:\Users\honey\AppData\Roaming\Mozilla\Firefox\Profiles\x85otvh9.default-1452453708882-1533826311977\Extensions\doh-rollout@mozilla.org.xpi [2019-12-18]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\honey\AppData\Roaming\Mozilla\Firefox\Profiles\x85otvh9.default-1452453708882-1533826311977\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2019-12-18]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\honey\AppData\Roaming\Mozilla\Firefox\Profiles\x85otvh9.default-1452453708882-1533826311977\Extensions\sp@avast.com.xpi [2019-11-29]
FF Extension: (Avast Online Security) - C:\Users\honey\AppData\Roaming\Mozilla\Firefox\Profiles\x85otvh9.default-1452453708882-1533826311977\Extensions\wrc@avast.com.xpi [2019-12-18]
FF Extension: (Bulk Image Downloader) - C:\Users\honey\AppData\Roaming\Mozilla\Firefox\Profiles\x85otvh9.default-1452453708882-1533826311977\Extensions\{524B8EF8-C312-11DB-8039-536F56D89593}.xpi [2019-02-18]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_293.dll [2019-11-14] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-12-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_293.dll [2019-11-14] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-12-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> bing.com
CHR StartupUrls: Default -> "hxxps://www.facebook.com/photo.php?fbid=1616609611923396&set=pcb.1616614325256258&type=3&theater","hxxps://www.facebook.com/otilia.larreamarriott","chrome://newtab/","hxxps://enelcaminocorrecto.blogspot.com/2014/06/efectos-cientificos-observados-al.html?m=1","hxxps://larepublica.pe/politica/1280908-cesar-hildebrandt-gesto-luego-le-pidieran-definir-alan-garcia-video","hxxps://larepublica.pe/politica/1280204-audios-cnm-comision-justicia-convoca-consejeros","hxxps://larepublica.pe/mundo/1280542-india-cinco-menores-violan-nina-8-anos-despues-ver-pornografia-celular-abuso-infantil-sahaspur","hxxps://www.google.com/search?q=QUE+ARDA+TROYA&oq=QUE+ARDA+TROYA&aqs=chrome..69i57j0l5.15224j0j7&sourceid=chrome&ie=UTF-8","chrome://newtab/","hxxps://www.facebook.com/otilia.larreamarriott","hxxps://www.facebook.com/katia.larrealatorre/posts/1896316593754057?comment_id=1897156217003428&notif_id=1532390651426407&notif_t=feed_comment_reply","hxxps://larepublica.pe/mundo/1284439-estados-unidos-diario-reduce-mitad-redaccion-vengan"
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Session Restore: Default -> is enabled.
CHR Notifications: Default -> hxxps://allfreecrochet.copush.com; hxxps://cocina-casera.com; hxxps://cuponidad.pe; hxxps://elcomercio.pe; hxxps://es.aleteia.org; hxxps://larepublica.os.tc; hxxps://perfecto.guru; hxxps://www.atv.pe; hxxps://www.facebook.com; hxxps://www.notifresh.com; hxxps://www.pinterest.com; hxxps://www.querecetas.com; hxxps://www.recetario-cocina.com; hxxps://www.tvguide.com; hxxps://zoocloud.co
CHR Profile: C:\Users\honey\AppData\Local\Google\Chrome\User Data\Default [2019-12-20]
CHR DownloadDir: C:\Users\honey\Downloads
CHR Extension: (Google Translate) - C:\Users\honey\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2019-12-15]
CHR Extension: (Session Manager) - C:\Users\honey\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbcnbpafconjjigibnhbfmmgdbbkcjfi [2019-08-03]
CHR Extension: (YouTube) - C:\Users\honey\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-08-03]
CHR Extension: (Bulk Image Downloader) - C:\Users\honey\AppData\Local\Google\Chrome\User Data\Default\Extensions\facoldpeadablbngjnohbmgaehknhcaj [2019-08-03]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\honey\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-12-18]
CHR Extension: (Terms of Service; Didn’t Read) - C:\Users\honey\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjdoplcnndgiblooccencgcggcoihigg [2019-08-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\honey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Peek-a-tab, Tabs Manager for Google Chromeâ„¢) - C:\Users\honey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnpdamdaknpnohmlbnmgphiodghbohop [2019-08-03]
CHR Extension: (Gmail) - C:\Users\honey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-08-03]
CHR Extension: (Chrome Media Router) - C:\Users\honey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-17]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

Opera:
=======
OPR Notifications: hxxps://ibb.co; hxxps://my.jdownloader.org; hxxps://sirabee.com; hxxps://spectrum.pch.com; hxxps://www.facebook.com; hxxps://www.lindito.com; hxxps://www.personalcomputerfixes.com; hxxps://www.youtube.com
OPR Extension: (DuckDuckGo for Opera) - C:\Users\honey\AppData\Roaming\Opera Software\Opera Stable\Extensions\cfbekbndggmbdkfhjandenfihkdkndil [2019-04-03]
OPR Extension: (Bulk Image Downloader) - C:\Users\honey\AppData\Roaming\Opera Software\Opera Stable\Extensions\facoldpeadablbngjnohbmgaehknhcaj [2019-08-13]
OPR Extension: (MyJDownloader Browser Extension) - C:\Users\honey\AppData\Roaming\Opera Software\Opera Stable\Extensions\fbclnkmbcmdfamfeaagadifibbongnmf [2019-08-26]
OPR Extension: (ImTranslator: Translator, Dictionary, TTS) - C:\Users\honey\AppData\Roaming\Opera Software\Opera Stable\Extensions\glaedmooikiamindhmfcfccncmmdagge [2019-12-03]
OPR Extension: (Install Chrome Extensions) - C:\Users\honey\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2019-12-13]
OPR Extension: (Terms of Service; Didn’t Read) - C:\Users\honey\AppData\Roaming\Opera Software\Opera Stable\Extensions\lolkidmnimmcadfncfemieniekkkabcn [2019-06-06]
OPR Extension: (Amazon Assistant for Opera) - C:\Users\honey\AppData\Roaming\Opera Software\Opera Stable\Extensions\mmmbddcnnndpbdflpccgcknaaabgldak [2019-10-15]
OPR Extension: (Mate Translate – translator, dictionary) - C:\Users\honey\AppData\Roaming\Opera Software\Opera Stable\Extensions\ollghamalkmmhboihmhoaaobmamehjgn [2019-09-09]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [246784 2015-12-19] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11345992 2019-11-28] (Microsoft Corporation -> Microsoft Corporation)
S2 Digital Media Server; C:\Program Files (x86)\Universal Media Server\win32\service\wrapper.exe [384280 2019-10-17] (Tanuki Software Ltd. -> Tanuki Software, Ltd.)
S4 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
S4 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [4091112 2017-11-09] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2019-12-17] (Malwarebytes Inc -> Malwarebytes)
R2 RealtekWlanU; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe [48856 2014-05-19] (Realtek Semiconductor Corp -> Realtek)
S4 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2017-08-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S2 RTLDHCPService; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe [262360 2014-04-23] (Realtek Semiconductor Corp -> Realtek)
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2019-11-24] (Realtek Semiconductor Corp -> )
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S2 HPSupportSolutionsFrameworkService; "C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\DRIVERS\amdkmafd.sys [23240 2016-04-29] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [21634560 2015-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [665600 2015-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [65248 2015-04-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [118184 2018-05-14] (Alcorlink Corp. -> )
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [96256 2016-07-20] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R0 dcrypt; C:\Windows\System32\drivers\dcrypt.sys [210632 2014-07-09] (ReactOS Foundation -> )
R1 dokan1; C:\Windows\System32\DRIVERS\dokan1.sys [87424 2018-08-09] (D3L -> Dokan Project)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2019-12-17] (Malwarebytes Corporation -> Malwarebytes)
S3 fiddrv64; no ImagePath
R3 HCW723x; C:\Windows\System32\DRIVERS\HCW723x.sys [1847680 2012-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Hauppauge Computer Works, Inc.)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (3am.com(Test) -> HTC, Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-04-06] (Martin Malik - REALiX -> REALiX(tm))
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [216544 2019-12-17] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [224408 2019-12-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73584 2019-12-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [278344 2019-12-20] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [106344 2019-12-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [181304 2016-03-28] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 mirrorv3; C:\Windows\System32\DRIVERS\rminiv3.sys [5632 2017-12-07] (Microsoft Windows Hardware Compatibility Publisher -> Famatech International Corp.)
S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [2215056 2014-08-14] (MEDIATEK INC. -> MediaTek Inc.)
S3 netr28x; C:\Windows\System32\DRIVERS\netr28x.sys [2502288 2015-12-30] (MEDIATEK INC. -> MediaTek Inc.)
R1 npcap; C:\Windows\System32\DRIVERS\npcap.sys [69432 2019-09-04] (Insecure.Com LLC -> Insecure.Com LLC.)
S4 npcap_wifi; C:\Windows\System32\DRIVERS\npcap.sys [69432 2019-09-04] (Insecure.Com LLC -> Insecure.Com LLC.)
S3 npf; C:\Windows\System32\DRIVERS\npf.sys [69432 2019-09-04] (Insecure.Com LLC -> Insecure.Com LLC.)
S3 rspWhySoSlow; C:\Windows\System32\DRIVERS\rspWhy64.sys [28928 2016-12-17] (Daniel Terhell -> Resplendence Software Projects Sp.)
R3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [7715648 2018-03-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [43008 2018-07-18] (Intel Corporation -> )
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33960 2015-07-09] (Synaptics Incorporated -> Synaptics Incorporated)
S3 usbscan; C:\Windows\SysWOW64\DRIVERS\usbscan.sys [8944 1999-05-05] (Microsoft Corporation) [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-20 18:03 - 2019-12-20 18:04 - 000038085 _____ C:\Users\honey\Desktop\FRST.txt
2019-12-20 18:02 - 2019-12-20 18:04 - 000000000 ____D C:\FRST
2019-12-20 18:02 - 2019-12-20 18:02 - 002264064 _____ (Farbar) C:\Users\honey\Desktop\FRST64.exe
2019-12-20 14:56 - 2019-12-20 14:56 - 000278344 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-12-20 14:56 - 2019-12-20 14:56 - 000224408 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-12-20 14:56 - 2019-12-20 14:56 - 000106344 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-12-20 14:56 - 2019-12-20 14:56 - 000073584 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-12-20 14:12 - 2019-12-20 14:52 - 000000000 ___HD C:\$WINDOWS.~BT
2019-12-20 13:59 - 2019-12-20 13:59 - 000000000 ___HD C:\$Windows.~WS
2019-12-18 23:33 - 2019-12-18 23:36 - 000000000 ____D C:\Users\honey\Documents\SysnativeFileCollectionApp
2019-12-18 18:45 - 2019-12-18 18:45 - 000000000 ____D C:\Users\honey\Downloads\AIOBoot-v0.9.8.16
2019-12-18 18:33 - 2019-12-18 18:39 - 000000000 ____D C:\Users\honey\Downloads\videocacheview-x64
2019-12-18 12:34 - 2019-12-18 12:34 - 000000218 _____ C:\Users\honey\AppData\Local\recently-used.xbel
2019-12-18 12:14 - 2019-12-18 12:15 - 000014138 _____ C:\Users\honey\Downloads\Samsung_SSD_860_EVO_1TB_S3Z8NB0M318087W_2019-12-18.txt
2019-12-17 23:20 - 2019-12-18 12:34 - 000000000 ____D C:\Users\honey\AppData\Roaming\gsmartcontrol
2019-12-17 23:20 - 2019-12-17 23:20 - 000000000 ____D C:\Users\honey\Desktop\gsmartcontrol-1.1.3-win64
2019-12-17 21:16 - 2019-12-20 17:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-12-17 21:16 - 2019-12-17 21:16 - 000216544 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-12-17 21:16 - 2019-12-17 21:16 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-12-17 21:16 - 2019-12-17 21:16 - 000001908 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-12-17 21:16 - 2019-12-17 21:16 - 000001908 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2019-12-17 21:16 - 2019-12-17 21:16 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-12-17 21:15 - 2019-12-17 21:15 - 000000000 ____D C:\Program Files\Malwarebytes
2019-12-17 17:19 - 2019-12-17 17:19 - 000001195 _____ C:\Windows\CleanMem Setup Log.txt
2019-12-17 14:01 - 2019-12-17 14:01 - 000008192 _____ C:\Windows\system32\config\userdiff
2019-12-17 10:41 - 2019-12-20 14:34 - 000008192 __RSH C:\BOOTSECT.BAK
2019-12-17 10:40 - 2019-12-20 14:33 - 000000001 ___SH C:\BOOTNXT
2019-12-17 09:35 - 2019-12-20 14:12 - 000000000 ____D C:\ESD
2019-12-17 09:32 - 2019-12-17 09:32 - 019255000 _____ (Microsoft Corporation) C:\Users\honey\Downloads\MediaCreationTool1909.exe
2019-12-13 14:37 - 2019-12-13 14:37 - 000282158 _____ C:\TDSSKiller.2.8.16.0_13.12.2019_14.37.16_log.txt
2019-12-11 14:32 - 2019-11-14 20:58 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2019-12-11 14:32 - 2019-11-14 20:48 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2019-12-11 13:13 - 2019-12-06 00:27 - 000492032 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe
2019-12-11 13:13 - 2019-11-27 22:33 - 000710072 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-12-11 13:13 - 2019-11-27 22:32 - 004061616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-12-11 13:13 - 2019-11-27 22:32 - 003967416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-12-11 13:13 - 2019-11-27 22:32 - 001320248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-12-11 13:13 - 2019-11-27 22:32 - 000627664 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-12-11 13:13 - 2019-11-27 22:32 - 000264120 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-12-11 13:13 - 2019-11-27 22:32 - 000155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-12-11 13:13 - 2019-11-27 22:32 - 000097208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-12-11 13:13 - 2019-11-27 22:31 - 005554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-12-11 13:13 - 2019-11-27 22:31 - 001671504 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 001010176 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000834048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:04 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-12-11 13:13 - 2019-11-27 22:03 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-12-11 13:13 - 2019-11-27 22:00 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-12-11 13:13 - 2019-11-27 22:00 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-12-11 13:13 - 2019-11-27 22:00 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-12-11 13:13 - 2019-11-27 21:59 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-12-11 13:13 - 2019-11-27 21:58 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-12-11 13:13 - 2019-11-27 21:58 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-12-11 13:13 - 2019-11-27 21:58 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-12-11 13:13 - 2019-11-27 21:58 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-12-11 13:13 - 2019-11-27 21:57 - 003233280 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-12-11 13:13 - 2019-11-27 21:57 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-12-11 13:13 - 2019-11-27 21:57 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-12-11 13:13 - 2019-11-27 21:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 21:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 21:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 21:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 21:56 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-12-11 13:13 - 2019-11-27 21:56 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-12-11 13:13 - 2019-11-27 21:53 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-12-11 13:13 - 2019-11-27 21:53 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-12-11 13:13 - 2019-11-27 21:52 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-12-11 13:13 - 2019-11-27 21:52 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-12-11 13:13 - 2019-11-27 21:52 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-12-11 13:13 - 2019-11-27 21:52 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-12-11 13:13 - 2019-11-27 21:51 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-12-11 13:13 - 2019-11-27 21:51 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-12-11 13:13 - 2019-11-27 21:51 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-12-11 13:13 - 2019-11-27 21:51 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-12-11 13:13 - 2019-11-27 21:51 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-12-11 13:13 - 2019-11-27 21:51 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-12-11 13:13 - 2019-11-23 02:48 - 000390752 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-12-11 13:13 - 2019-11-23 01:57 - 000341896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-12-11 13:13 - 2019-11-20 21:16 - 000580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-12-11 13:13 - 2019-11-20 21:16 - 000496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-12-11 13:13 - 2019-11-20 19:48 - 000629984 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-12-11 13:13 - 2019-11-19 15:56 - 025753088 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-12-11 13:13 - 2019-11-19 15:44 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-12-11 13:13 - 2019-11-19 15:44 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-12-11 13:13 - 2019-11-19 15:31 - 002910720 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-12-11 13:13 - 2019-11-19 15:30 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-12-11 13:13 - 2019-11-19 15:29 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-12-11 13:13 - 2019-11-19 15:29 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-12-11 13:13 - 2019-11-19 15:29 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-12-11 13:13 - 2019-11-19 15:22 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-12-11 13:13 - 2019-11-19 15:21 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-12-11 13:13 - 2019-11-19 15:19 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-12-11 13:13 - 2019-11-19 15:18 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-12-11 13:13 - 2019-11-19 15:18 - 000797184 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-12-11 13:13 - 2019-11-19 15:18 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-12-11 13:13 - 2019-11-19 15:18 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-12-11 13:13 - 2019-11-19 15:17 - 005500928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-12-11 13:13 - 2019-11-19 15:10 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-12-11 13:13 - 2019-11-19 15:07 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-12-11 13:13 - 2019-11-19 15:01 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-12-11 13:13 - 2019-11-19 15:00 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-12-11 13:13 - 2019-11-19 15:00 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-12-11 13:13 - 2019-11-19 14:56 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-12-11 13:13 - 2019-11-19 14:56 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-12-11 13:13 - 2019-11-19 14:54 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-12-11 13:13 - 2019-11-19 14:52 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-12-11 13:13 - 2019-11-19 14:43 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-12-11 13:13 - 2019-11-19 14:41 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-12-11 13:13 - 2019-11-19 14:41 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-12-11 13:13 - 2019-11-19 14:39 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-12-11 13:13 - 2019-11-19 14:39 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-12-11 13:13 - 2019-11-19 14:36 - 015445504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-12-11 13:13 - 2019-11-19 14:26 - 004859392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-12-11 13:13 - 2019-11-19 14:15 - 001566720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-12-11 13:13 - 2019-11-19 14:04 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-12-11 13:13 - 2019-11-19 03:17 - 020290048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-12-11 13:13 - 2019-11-19 03:11 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-12-11 13:13 - 2019-11-19 02:59 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-12-11 13:13 - 2019-11-19 02:58 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-12-11 13:13 - 2019-11-19 02:58 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-12-11 13:13 - 2019-11-19 02:57 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-12-11 13:13 - 2019-11-19 02:56 - 002304000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-12-11 13:13 - 2019-11-19 02:53 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-12-11 13:13 - 2019-11-19 02:52 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-12-11 13:13 - 2019-11-19 02:50 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-12-11 13:13 - 2019-11-19 02:49 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-12-11 13:13 - 2019-11-19 02:49 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-12-11 13:13 - 2019-11-19 02:49 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-12-11 13:13 - 2019-11-19 02:40 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-12-11 13:13 - 2019-11-19 02:36 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-12-11 13:13 - 2019-11-19 02:36 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-12-11 13:13 - 2019-11-19 02:35 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-12-11 13:13 - 2019-11-19 02:33 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-12-11 13:13 - 2019-11-19 02:33 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-12-11 13:13 - 2019-11-19 02:31 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-12-11 13:13 - 2019-11-19 02:30 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-12-11 13:13 - 2019-11-19 02:26 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-12-11 13:13 - 2019-11-19 02:24 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-12-11 13:13 - 2019-11-19 02:23 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-12-11 13:13 - 2019-11-19 02:23 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-12-11 13:13 - 2019-11-19 02:22 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-12-11 13:13 - 2019-11-19 02:20 - 013838336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-12-11 13:13 - 2019-11-19 02:05 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-12-11 13:13 - 2019-11-19 02:01 - 001331712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-12-11 13:13 - 2019-11-19 02:00 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-12-11 13:13 - 2019-11-14 21:32 - 000311008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2019-12-11 13:13 - 2019-11-14 21:29 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-12-11 13:13 - 2019-11-14 21:29 - 001330176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2019-12-11 13:13 - 2019-11-14 21:29 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-12-11 13:13 - 2019-11-14 21:29 - 000479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2019-12-11 13:13 - 2019-11-14 21:29 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2019-12-11 13:13 - 2019-11-14 21:29 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2019-12-11 13:13 - 2019-11-14 21:29 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-12-11 13:13 - 2019-11-14 21:29 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-12-11 13:13 - 2019-11-14 21:29 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2019-12-11 13:13 - 2019-11-14 21:29 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2019-12-11 13:13 - 2019-11-14 21:25 - 000385248 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2019-12-11 13:13 - 2019-11-14 21:22 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-12-11 13:13 - 2019-11-14 21:22 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-12-11 13:13 - 2019-11-14 21:22 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-12-11 13:13 - 2019-11-14 21:22 - 000517632 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-12-11 13:13 - 2019-11-14 21:22 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-12-11 13:13 - 2019-11-14 21:22 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2019-12-11 13:13 - 2019-11-14 21:22 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2019-12-11 13:13 - 2019-11-14 21:22 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-12-11 13:13 - 2019-11-14 21:21 - 000623104 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2019-12-11 13:13 - 2019-11-14 21:21 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2019-12-11 13:13 - 2019-11-14 21:21 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-12-11 13:13 - 2019-11-14 21:21 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2019-12-11 13:13 - 2019-11-14 21:21 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2019-12-11 13:13 - 2019-11-14 21:21 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2019-12-11 13:13 - 2019-11-14 21:21 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-12-11 13:13 - 2019-11-14 21:06 - 000748544 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2019-12-11 13:13 - 2019-11-14 21:04 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-12-11 13:13 - 2019-11-14 20:59 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2019-12-11 13:13 - 2019-11-14 20:59 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2019-12-11 13:13 - 2019-11-14 20:45 - 000327680 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2019-12-11 13:13 - 2019-11-14 06:34 - 003187712 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-12-11 13:13 - 2019-11-05 16:25 - 000162016 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-12-11 13:13 - 2019-10-25 19:17 - 001717760 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-12-07 13:40 - 2019-12-07 13:40 - 000191276 _____ C:\Users\honey\Downloads\VZBill_12_28_2018.pdf
2019-12-07 13:40 - 2019-12-07 13:40 - 000190084 _____ C:\Users\honey\Downloads\VZBill_1_28_2019.pdf
2019-12-07 13:40 - 2019-12-07 13:40 - 000184648 _____ C:\Users\honey\Downloads\VZBill_2_27_2019.pdf
2019-12-05 19:28 - 2019-12-20 17:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Similarity Duplicate Image Finder
2019-12-05 19:28 - 2019-12-05 19:28 - 000000000 ____D C:\Program Files\Visual Similarity Duplicate Image Finder
2019-12-05 10:40 - 2019-12-05 10:40 - 001138744 _____ (Akeo Consulting) C:\Users\honey\Downloads\rufus-3.8.exe
2019-12-04 22:21 - 2019-12-04 22:22 - 016361472 _____ C:\Users\honey\Downloads\super_grub2_disk_hybrid_2.04s1.iso
2019-12-04 22:09 - 2019-12-20 17:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accord CD Ripper Free
2019-12-04 22:09 - 2019-12-04 22:09 - 000001260 _____ C:\Users\Public\Desktop\Accord CD Ripper Free.lnk
2019-12-04 22:09 - 2019-12-04 22:09 - 000001260 _____ C:\ProgramData\Desktop\Accord CD Ripper Free.lnk
2019-12-04 22:09 - 2019-12-04 22:09 - 000000000 ____D C:\Users\honey\AppData\Roaming\Accord CD Ripper Free
2019-12-04 22:09 - 2019-12-04 22:09 - 000000000 ____D C:\Program Files (x86)\Accord CD Ripper Free
2019-12-04 22:00 - 2019-12-04 22:00 - 000002018 _____ C:\Users\honey\Desktop\FileHippo App Manager.lnk
2019-12-04 22:00 - 2019-12-04 22:00 - 000000000 ____D C:\Program Files (x86)\Teams Installer
2019-12-04 22:00 - 2019-12-04 22:00 - 000000000 ____D C:\Program Files (x86)\FileHippo.com
2019-12-04 21:56 - 2019-12-20 17:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-12-04 21:56 - 2019-12-04 21:56 - 000002339 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2019-12-04 21:56 - 2019-12-04 21:56 - 000002334 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-12-04 21:56 - 2019-12-04 21:56 - 000002333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-12-04 21:56 - 2019-12-04 21:56 - 000002297 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-12-04 21:56 - 2019-12-04 21:56 - 000002296 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-12-04 21:56 - 2019-12-04 21:56 - 000002290 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-12-04 21:56 - 2019-12-04 21:56 - 000002284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-12-04 21:56 - 2019-12-04 21:56 - 000002276 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-12-04 21:55 - 2019-12-20 17:51 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-04 21:55 - 2019-12-04 21:55 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2019-12-04 21:42 - 2019-12-04 21:42 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-12-04 21:41 - 2019-12-04 21:41 - 000000000 ____D C:\Users\honey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Corporation
2019-12-04 14:45 - 2019-12-04 14:45 - 000000000 ____D C:\Users\honey\Downloads\licensecrawler
2019-12-04 14:36 - 2019-12-04 14:36 - 000000000 ____D C:\ProgramData\Caphyon
2019-12-04 14:35 - 2019-12-04 14:35 - 000000000 ____D C:\Users\honey\Downloads\ProductKeyDecryptor
2019-12-04 14:31 - 2019-12-04 14:32 - 000000000 ____D C:\Users\honey\Downloads\produkey-x64
2019-11-28 17:01 - 2019-11-28 17:01 - 000000000 ____D C:\Users\honey\AppData\Roaming\ImgBurn
2019-11-28 16:38 - 2019-12-20 17:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2019-11-28 16:38 - 2019-11-28 16:38 - 000001877 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2019-11-28 16:38 - 2019-11-28 16:38 - 000001865 _____ C:\Users\Public\Desktop\ImgBurn.lnk
2019-11-28 16:38 - 2019-11-28 16:38 - 000001865 _____ C:\ProgramData\Desktop\ImgBurn.lnk
2019-11-28 16:38 - 2019-11-28 16:38 - 000000000 ____D C:\Program Files (x86)\ImgBurn
2019-11-28 14:30 - 2019-11-28 14:30 - 000000000 ____D C:\Otilia
2019-11-28 14:26 - 2019-11-28 14:26 - 000000000 ____D C:\Users\honey\Downloads\VirtualDub2_43943
2019-11-28 14:17 - 2019-11-28 14:19 - 000000120 _____ C:\Users\honey\AppData\Roaming\FixVTS.ini
2019-11-28 14:16 - 2019-11-28 14:16 - 000000000 ____D C:\Users\honey\Downloads\FixVTS1.603
2019-11-28 14:13 - 2019-11-28 14:13 - 000000000 ____D C:\Users\honey\Downloads\GMVB1301
2019-11-28 14:03 - 2019-11-28 14:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO
2019-11-28 13:07 - 2019-11-28 13:07 - 000000000 ____D C:\FUNAI_DVD_VIDEO
2019-11-27 19:45 - 2019-11-27 19:45 - 000012476 _____ C:\Users\honey\Downloads\Detailed-System-Report.html
2019-11-26 14:46 - 2019-11-26 14:46 - 000220994 _____ C:\Users\honey\Downloads\2019--1-1--checkdownload-9390.pdf
2019-11-26 12:37 - 2019-11-26 12:37 - 000077824 _____ ( ) C:\Users\honey\Downloads\guiformat.exe
2019-11-25 21:37 - 2019-11-25 21:37 - 000000125 _____ C:\Users\honey\Documents\Windows.txt
2019-11-25 09:31 - 2019-11-25 09:31 - 000024064 _____ C:\Users\honey\Downloads\netsh_lan_wlan_04-24-09__jcgriff2__.exe
2019-11-24 22:57 - 2019-11-24 22:57 - 000042127 _____ C:\Windows\SysWOW64\MTB.txt
2019-11-24 22:25 - 2019-11-24 22:37 - 000000000 ____D C:\Users\honey\AppData\Local\FreeFixer
2019-11-24 22:25 - 2019-11-24 22:25 - 000000000 ____D C:\Users\honey\AppData\Roaming\FreeFixer
2019-11-24 19:15 - 2019-12-20 17:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REALTEK USB Wireless LAN Utility
2019-11-24 19:15 - 2019-11-24 19:15 - 000000000 ____D C:\Program Files (x86)\Cisco
2019-11-24 19:08 - 2019-11-24 19:08 - 000000512 _____ C:\Users\honey\Downloads\MBRCheck_MBR_Backup_11-24-19_19-08-28.bak
2019-11-23 20:22 - 2019-11-23 20:23 - 000454452 _____ C:\TDSSKiller.2.8.16.0_23.11.2019_20.22.56_log.txt
2019-11-23 20:21 - 2019-11-23 20:21 - 000004238 _____ C:\TDSSKiller.2.8.16.0_23.11.2019_20.21.04_log.txt
2019-11-23 20:19 - 2019-11-23 20:19 - 000143828 _____ C:\TDSSKiller.2.8.16.0_23.11.2019_20.19.13_log.txt
2019-11-22 17:05 - 2019-11-22 17:05 - 000000000 ____D C:\Users\honey\VirtualBox VMs
2019-11-22 16:58 - 2019-11-22 17:25 - 000000000 ____D C:\Users\honey\.VirtualBox
2019-11-22 16:58 - 2019-11-22 17:05 - 000000000 ____D C:\ProgramData\VirtualBox
2019-11-22 16:57 - 2019-11-22 16:57 - 000000000 ____D C:\Program Files\Oracle
2019-11-22 16:56 - 2019-11-22 16:56 - 000153040 _____ C:\Users\honey\AppData\Local\GDIPFONTCACHEV1.DAT
2019-11-22 16:42 - 2019-11-22 16:42 - 000062225 _____ C:\Users\honey\Downloads\PaymentHistoryCL5088629.pdf
2019-11-22 16:42 - 2019-11-22 16:42 - 000062216 _____ C:\Users\honey\Downloads\PaymentHistoryCL5025485.pdf
2019-11-22 16:42 - 2019-11-22 16:42 - 000061939 _____ C:\Users\honey\Downloads\PaymentHistoryCL5066255.pdf
2019-11-22 16:31 - 2019-11-22 16:31 - 000062314 _____ C:\Users\honey\Downloads\PaymentHistoryCL5025728.pdf
2019-11-22 13:52 - 2019-11-22 13:52 - 000000000 ____D C:\Users\honey\AppData\Roaming\Intel Corporation
2019-11-22 13:51 - 2019-11-22 13:51 - 000002395 _____ C:\Users\honey\Desktop\Intel® Processor Identification Utility.lnk
2019-11-22 13:51 - 2019-11-22 13:51 - 000000000 ____D C:\Users\honey\AppData\Local\Caphyon
2019-11-22 13:51 - 2019-11-22 13:51 - 000000000 ____D C:\Program Files (x86)\Intel Corporation
2019-11-22 13:30 - 2019-11-24 11:18 - 000000000 ___RD C:\Users\honey\Virtual Machines
2019-11-22 13:27 - 2019-11-22 13:28 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC
2019-11-22 13:27 - 2019-11-22 13:27 - 000000000 ____D C:\Program Files (x86)\Windows Virtual PC
2019-11-22 13:26 - 2010-11-20 08:34 - 000360832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpcvmm.sys
2019-11-22 13:26 - 2010-11-20 08:34 - 000194944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpchbus.sys
2019-11-22 13:26 - 2010-11-20 08:27 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\vpchbuspipe.dll
2019-11-22 13:26 - 2010-11-20 08:25 - 004514816 _____ (Microsoft Corporation) C:\Windows\system32\vpc.exe
2019-11-22 13:26 - 2010-11-20 08:25 - 002264064 _____ (Microsoft Corporation) C:\Windows\system32\VPCWizard.exe
2019-11-22 13:26 - 2010-11-20 08:25 - 001369600 _____ (Microsoft Corporation) C:\Windows\system32\VPCSettings.exe
2019-11-22 13:26 - 2010-11-20 06:37 - 001210368 _____ (Microsoft Corporation) C:\Windows\system32\VMWindow.exe
2019-11-22 13:26 - 2010-11-20 06:37 - 000936448 _____ (Microsoft Corporation) C:\Windows\system32\vmsal.exe
2019-11-22 13:26 - 2010-11-20 06:35 - 000562176 _____ (Microsoft Corporation) C:\Windows\system32\VMCPropertyHandler.dll
2019-11-22 13:26 - 2010-11-20 06:35 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpcusb.sys
2019-11-22 13:26 - 2010-11-20 06:35 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpcnfltr.sys
2019-11-22 13:26 - 2010-11-20 05:52 - 000793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vmsal.exe
2019-11-21 19:02 - 2019-12-20 17:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2019-11-21 19:02 - 2019-12-04 21:42 - 000000000 ____D C:\Program Files\MPC-HC
2019-11-21 19:01 - 2019-12-20 17:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAV Filters
2019-11-21 19:01 - 2019-12-20 17:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow x64
2019-11-21 19:01 - 2019-11-21 19:01 - 000000000 ____D C:\Program Files (x86)\LAV Filters
2019-11-21 19:01 - 2018-07-02 14:54 - 002739712 _____ (The Public) C:\Windows\system32\AviSynth.dll
2019-11-21 19:01 - 2018-07-02 14:51 - 002300928 _____ (Abysmal Software) C:\Windows\system32\DevIL.dll
2019-11-21 17:10 - 2019-11-21 17:10 - 000014038 _____ C:\Windows\Tweaking.com - Technicians Toolbox Setup Log.txt
2019-11-21 17:10 - 2019-11-21 17:10 - 000002250 _____ C:\Users\Public\Desktop\Tweaking.com - Technicians Toolbox.lnk
2019-11-21 17:10 - 2019-11-21 17:10 - 000002250 _____ C:\ProgramData\Desktop\Tweaking.com - Technicians Toolbox.lnk
2019-11-21 14:59 - 2019-11-21 14:59 - 000002103 _____ C:\Users\honey\Desktop\Tweaking.com - Hardware Identify.lnk
2019-11-21 14:40 - 2019-11-21 14:40 - 000000000 ____D C:\Users\honey\Downloads\0002-Realtek_WindowsDriver_1030.25.0701.2017
2019-11-21 13:39 - 2019-11-23 19:24 - 000007118 _____ C:\Users\honey\Downloads\aswMBR.txt
2019-11-20 17:34 - 2019-11-20 17:34 - 000022959 _____ C:\Users\honey\Downloads\New Text Document (15).txt
2019-11-20 11:50 - 2019-11-20 11:51 - 000470310 _____ C:\TDSSKiller.2.8.16.0_20.11.2019_11.50.20_log.txt
2019-11-20 11:48 - 2019-11-20 11:48 - 000000000 ____D C:\TDSSKiller_Quarantine
2019-11-20 11:45 - 2019-11-20 11:49 - 000428260 _____ C:\TDSSKiller.2.8.16.0_20.11.2019_11.45.37_log.txt
2019-11-20 09:51 - 2019-11-23 19:23 - 000000512 _____ C:\Users\honey\Downloads\MBR.dat

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-20 17:51 - 2019-11-18 19:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Universal Media Server
2019-12-20 17:51 - 2019-11-05 14:45 - 000000000 ____D C:\Windows\SysWOW64\rserver30
2019-12-20 17:51 - 2019-11-02 08:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BleachBit
2019-12-20 17:51 - 2019-10-21 12:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fast Duplicate File Finder
2019-12-20 17:51 - 2019-10-21 12:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folder Size
2019-12-20 17:51 - 2019-10-08 14:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodi
2019-12-20 17:51 - 2019-09-23 13:52 - 000000000 ____D C:\Windows\SysWOW64\Npcap
2019-12-20 17:51 - 2019-09-23 13:52 - 000000000 ____D C:\Windows\system32\Npcap
2019-12-20 17:51 - 2019-09-23 13:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced IP Scanner v2
2019-12-20 17:51 - 2019-09-12 12:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\URLSnooper2
2019-12-20 17:51 - 2019-08-15 17:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Shrink
2019-12-20 17:51 - 2019-08-10 12:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellarium
2019-12-20 17:51 - 2019-07-23 13:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Product Key Finder
2019-12-20 17:51 - 2019-07-20 14:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2019-12-20 17:51 - 2019-06-25 17:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2019-12-20 17:51 - 2018-08-14 10:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Windows AIK
2019-12-20 17:51 - 2018-07-30 09:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2019-12-20 17:51 - 2018-07-30 09:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskCryptor
2019-12-20 17:51 - 2018-05-15 18:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard
2019-12-20 17:51 - 2018-04-12 13:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Backup and Restore
2019-12-20 17:51 - 2018-02-27 19:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2019-12-20 17:51 - 2018-02-21 13:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2019-12-20 17:51 - 2018-01-14 20:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhySoSlow
2019-12-20 17:51 - 2017-12-23 12:19 - 000000000 ____D C:\Windows\system32\RtlGina
2019-12-20 17:51 - 2017-12-23 12:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tenda Wireless
2019-12-20 17:51 - 2017-08-29 13:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2019-12-20 17:51 - 2016-10-09 19:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix
2019-12-20 17:51 - 2016-06-09 18:44 - 000000000 ____D C:\Windows\system32\appmgmt
2019-12-20 17:51 - 2016-04-29 12:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FUTURA 3
2019-12-20 17:51 - 2016-02-13 18:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2019-12-20 17:51 - 2015-11-13 11:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
2019-12-20 17:51 - 2015-11-13 11:32 - 000000000 ____D C:\Windows\system32\oodag
2019-12-20 17:51 - 2015-09-27 10:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Writer
2019-12-20 17:51 - 2015-09-21 18:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2019-12-20 17:51 - 2015-07-20 15:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScreenshotCaptor
2019-12-20 17:51 - 2015-06-29 19:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plustek OpticFilm 120 Beta5.0.2.0
2019-12-20 17:51 - 2015-06-17 10:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bulk Image Downloader
2019-12-20 17:51 - 2015-03-08 12:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bulk Rename Utility
2019-12-20 17:51 - 2015-03-06 12:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plustek OpticFilm 8200i V5.0.0
2019-12-20 17:51 - 2014-12-14 10:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweetAdder4
2019-12-20 17:51 - 2014-11-18 10:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HFSExplorer
2019-12-20 17:51 - 2014-11-14 10:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opanda
2019-12-20 17:51 - 2014-10-09 19:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CD Recovery Toolbox Free
2019-12-20 17:51 - 2014-09-21 11:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellar Phoenix Windows Data Recovery - Professional
2019-12-20 17:51 - 2014-07-21 14:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN
2019-12-20 17:51 - 2014-07-03 12:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iWisoft Flash SWF to Video Converter
2019-12-20 17:51 - 2014-04-10 19:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RentMaster
2019-12-20 17:51 - 2014-04-06 14:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar
2019-12-20 17:51 - 2014-04-01 16:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS1 General Ledger 2014.2
2019-12-20 17:51 - 2014-04-01 11:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DotNetBar for Windows Forms
2019-12-20 17:51 - 2014-03-30 13:55 - 000000000 ____D C:\Windows\SysWOW64\1033
2019-12-20 17:51 - 2014-03-30 13:55 - 000000000 ____D C:\Windows\system32\1033
2019-12-20 17:51 - 2014-03-30 13:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010 Express
2019-12-20 17:51 - 2014-03-29 18:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 6.0
2019-12-20 17:51 - 2014-02-07 10:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy HTML5 Video
2019-12-20 17:51 - 2014-01-27 10:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\d'peg! from SomeWare
2019-12-20 17:51 - 2014-01-22 18:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WOW Slider
2019-12-20 17:51 - 2014-01-05 18:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VisualLightBox
2019-12-20 17:51 - 2014-01-05 18:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FancyElements
2019-12-20 17:51 - 2014-01-03 06:09 - 000000000 ____D C:\Windows\system32\SPReview
2019-12-20 17:51 - 2014-01-03 06:09 - 000000000 ____D C:\Windows\system32\EventProviders
2019-12-20 17:51 - 2014-01-02 11:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-12-20 17:51 - 2014-01-02 10:37 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-12-20 17:51 - 2014-01-02 10:37 - 000000000 ____D C:\Windows\system32\Macromed
2019-12-20 17:51 - 2014-01-01 23:39 - 000000000 ____D C:\Windows\system32\MRT
2019-12-20 17:51 - 2014-01-01 23:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Disk Storage Format Tool 5.0
2019-12-20 17:51 - 2014-01-01 23:12 - 000000000 ____D C:\Program Files (x86)\ATI Technologies
2019-12-20 17:51 - 2014-01-01 21:41 - 000000000 ____D C:\Program Files (x86)\Intel
2019-12-20 17:51 - 2014-01-01 18:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2019-12-20 17:51 - 2009-07-14 02:46 - 000000000 ____D C:\Windows\ShellNew
2019-12-20 17:51 - 2009-07-14 02:45 - 000000000 ___RD C:\Users\Public\Recorded TV
2019-12-20 17:51 - 2009-07-14 00:37 - 000000000 ____D C:\Windows\SysWOW64\sysprep
2019-12-20 17:51 - 2009-07-14 00:32 - 000000000 ____D C:\Windows\Downloaded Program Files
2019-12-20 17:51 - 2009-07-13 22:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-12-20 17:51 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\SysWOW64\oobe
2019-12-20 17:51 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2019-12-20 17:51 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\NDF
2019-12-20 17:51 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\Msdtc
2019-12-20 17:51 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system
2019-12-20 17:51 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\Resources
2019-12-20 17:51 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\registration
2019-12-20 17:51 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\LiveKernelReports
2019-12-20 17:51 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\IME
2019-12-20 17:51 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\Help
2019-12-20 17:51 - 2009-07-13 22:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2019-12-20 17:23 - 2018-03-17 12:49 - 000003926 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{20D74601-D866-4B96-B4D0-83F83FBD47F5}
2019-12-20 17:00 - 2019-07-29 11:41 - 000000000 ____D C:\Users\honey\Downloads\Luis
2019-12-20 16:21 - 2018-09-26 09:20 - 000003186 _____ C:\Windows\system32\Tasks\HPCeeScheduleForhoney
2019-12-20 16:21 - 2018-09-26 09:20 - 000000332 _____ C:\Windows\Tasks\HPCeeScheduleForhoney.job
2019-12-20 15:06 - 2018-02-22 09:56 - 000000000 ____D C:\Users\honey\AppData\Local\Adobe
2019-12-20 15:04 - 2009-07-13 23:45 - 000022784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-12-20 15:04 - 2009-07-13 23:45 - 000022784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-12-20 15:02 - 2016-01-15 14:12 - 000811200 _____ C:\Windows\system32\perfh00A.dat
2019-12-20 15:02 - 2016-01-15 14:12 - 000183256 _____ C:\Windows\system32\perfc00A.dat
2019-12-20 15:02 - 2009-07-14 00:13 - 001857866 _____ C:\Windows\system32\PerfStringBackup.INI
2019-12-20 15:02 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2019-12-20 14:56 - 2019-11-18 19:50 - 000000000 ____D C:\ProgramData\UMS
2019-12-20 14:56 - 2015-10-20 19:52 - 000000093 _____ C:\HaxLogs.txt
2019-12-20 14:56 - 2009-07-14 00:09 - 000000000 ____D C:\Windows\system32\Tasks\WPD
2019-12-20 14:56 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-12-20 14:34 - 2016-05-05 14:20 - 000003754 _____ C:\Windows\diagerr.xml
2019-12-20 14:34 - 2016-05-05 14:20 - 000001908 _____ C:\Windows\diagwrn.xml
2019-12-20 14:12 - 2014-01-01 22:27 - 000000000 ____D C:\Windows\Panther
2019-12-20 14:00 - 2019-10-29 17:31 - 000000000 ____D C:\Users\honey\AppData\Local\JDownloader 2.0
2019-12-20 11:37 - 2018-01-24 12:40 - 000003846 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1469117722
2019-12-20 11:37 - 2016-07-21 11:14 - 000000000 ____D C:\Program Files (x86)\Opera
2019-12-19 13:47 - 2019-01-31 13:52 - 000002260 _____ C:\Users\honey\Downloads\New Text Document (11).txt
2019-12-19 13:46 - 2015-06-17 10:18 - 000000000 ____D C:\Users\honey\Documents\Bulk Image Downloader
2019-12-19 10:56 - 2014-09-05 13:50 - 009741238 _____ C:\Users\honey\Documents\untitled.fdff
2019-12-18 19:28 - 2015-06-17 10:09 - 000000000 ____D C:\Program Files (x86)\Bulk Image Downloader
2019-12-18 19:16 - 2016-11-18 14:03 - 000000000 ____D C:\Users\honey\AppData\LocalLow\Mozilla
2019-12-18 15:29 - 2019-08-03 16:43 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-18 15:29 - 2019-08-03 16:43 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-18 15:29 - 2019-08-03 16:43 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-12-17 21:16 - 2019-08-10 12:23 - 000000000 ____D C:\Users\honey\AppData\Local\cache
2019-12-17 19:52 - 2017-08-18 11:09 - 000001945 _____ C:\Windows\epplauncher.mif
2019-12-17 19:50 - 2019-06-25 17:38 - 000000994 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2019-12-17 19:50 - 2019-06-25 17:38 - 000000994 _____ C:\ProgramData\Desktop\Revo Uninstaller.lnk
2019-12-17 19:21 - 2015-10-28 10:16 - 000000000 ____D C:\Users\honey\AppData\Local\ElevatedDiagnostics
2019-12-17 14:31 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\oobe
2019-12-15 20:01 - 2019-11-09 11:35 - 000040076 _____ C:\Users\honey\Downloads\MTB.txt
2019-12-15 09:24 - 2018-05-31 10:46 - 000000000 ____D C:\Program Files\Microsoft Office
2019-12-15 09:13 - 2018-10-16 11:23 - 000004474 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-12-15 09:13 - 2018-03-09 11:56 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-12-15 09:13 - 2018-03-09 11:56 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-12-15 09:13 - 2018-03-09 11:56 - 000004324 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2019-12-13 15:21 - 2019-08-03 16:43 - 000003334 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-13 15:21 - 2019-08-03 16:43 - 000003206 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-12 19:53 - 2019-01-06 15:46 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-12-12 19:53 - 2015-10-28 12:49 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2019-12-11 18:15 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\rescache
2019-12-11 13:57 - 2016-05-17 20:58 - 003738904 _____ C:\Windows\system32\FNTCACHE.DAT
2019-12-11 13:26 - 2014-02-25 20:23 - 001841518 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-12-11 13:24 - 2019-09-23 13:50 - 000001026 _____ C:\Users\honey\advanced_ip_scanner_MAC.bin
2019-12-11 13:24 - 2019-09-23 13:50 - 000000015 _____ C:\Users\honey\advanced_ip_scanner_Comments.bin
2019-12-11 13:24 - 2019-09-23 13:50 - 000000015 _____ C:\Users\honey\advanced_ip_scanner_Aliases.bin
2019-12-11 13:13 - 2014-01-01 23:39 - 129221664 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-12-05 10:50 - 2015-05-24 09:28 - 000000000 ____D C:\Users\honey\Downloads\p95v285.win64
2019-12-05 10:46 - 2018-08-13 13:53 - 000000400 __RSH C:\ProgramData\ntuser.pol
2019-12-05 10:38 - 2014-07-21 14:12 - 000000000 ____D C:\Users\honey\Downloads\Otilia
2019-12-05 10:19 - 2018-08-09 09:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-12-04 22:00 - 2019-11-08 13:53 - 000002048 _____ C:\Users\honey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileHippo App Manager.lnk
2019-12-04 20:22 - 2014-01-15 16:21 - 000000000 ___RD C:\Users\honey\Documents\Scanned Documents
2019-12-04 10:22 - 2018-08-09 09:44 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-11-28 14:29 - 2019-08-15 17:34 - 000000000 ____D C:\ProgramData\DVD Shrink
2019-11-27 19:58 - 2014-12-05 15:39 - 000000000 ____D C:\ProgramData\Package Cache
2019-11-27 14:03 - 2018-05-31 19:39 - 000000000 ____D C:\SFCFix
2019-11-27 14:03 - 2016-01-25 18:38 - 000000000 ____D C:\Users\honey\AppData\Local\niemiro
2019-11-25 21:32 - 2018-01-14 20:03 - 000000000 ____D C:\Program Files\WhySoSlow
2019-11-25 12:38 - 2015-04-15 06:21 - 000000000 ____D C:\Users\honey\AppData\Local\CrashDumps
2019-11-24 22:53 - 2014-01-01 23:10 - 000000000 ____D C:\ProgramData\AVAST Software
2019-11-24 22:42 - 2015-11-13 11:38 - 000000000 ____D C:\Program Files\WhoCrashed
2019-11-24 19:15 - 2019-11-12 10:03 - 000002128 _____ C:\Users\Public\Desktop\REALTEK USB Wireless LAN Utility.lnk
2019-11-24 19:15 - 2019-11-12 10:03 - 000002128 _____ C:\ProgramData\Desktop\REALTEK USB Wireless LAN Utility.lnk
2019-11-24 19:14 - 2014-01-01 21:41 - 000000000 ____D C:\Program Files (x86)\Realtek
2019-11-24 19:02 - 2019-10-19 16:48 - 000500736 _____ (Realtek) C:\Windows\SwUSB.exe
2019-11-24 19:02 - 2019-10-19 16:48 - 000044760 _____ () C:\Windows\runSW.exe
2019-11-24 19:02 - 2014-01-01 23:12 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-11-24 18:39 - 2019-10-10 16:22 - 000002156 _____ C:\Users\honey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2019-11-24 18:39 - 2019-07-23 09:36 - 000003174 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-404867302-3797044342-2971219209-1000
2019-11-24 18:39 - 2019-07-23 09:36 - 000000000 ___RD C:\Users\honey\OneDrive
2019-11-24 11:25 - 2018-06-07 10:57 - 000003218 _____ C:\Windows\system32\Tasks\klcp_update
2019-11-24 11:18 - 2015-06-17 10:09 - 000000000 ____D C:\Users\honey\AppData\Roaming\BID
2019-11-24 11:18 - 2014-01-01 22:40 - 000000000 ____D C:\Users\honey
2019-11-24 11:18 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\security
2019-11-24 11:17 - 2014-07-18 18:43 - 000000000 ____D C:\Windows\Minidump
2019-11-23 21:27 - 2014-01-01 18:17 - 000000000 ____D C:\Users\honey\AppData\Roaming\HpUpdate
2019-11-22 16:45 - 2019-11-18 21:36 - 000000000 ____D C:\Users\honey\AppData\Roaming\vlc
2019-11-22 16:24 - 2015-09-08 10:22 - 000000000 ____D C:\Users\honey\.oracle_jre_usage
2019-11-22 16:23 - 2019-08-10 12:23 - 000000000 ____D C:\Users\honey\AppData\Roaming\Stellarium
2019-11-22 16:20 - 2019-11-02 08:22 - 000000000 ____D C:\Users\honey\.dbus-keyrings
2019-11-21 14:57 - 2019-08-23 13:04 - 001506308 _____ C:\Windows\Tweaking.com - Windows Repair Setup Log.txt
2019-11-21 14:57 - 2018-08-26 15:17 - 000002159 _____ C:\Users\honey\Desktop\Tweaking.com - Windows Repair.lnk

==================== Files in the root of some directories ========

2017-09-07 11:27 - 2017-09-07 11:58 - 007649280 _____ () C:\Program Files (x86)\GUT4730.tmp
2014-04-20 10:09 - 2016-04-08 19:25 - 000000132 _____ () C:\Users\honey\AppData\Roaming\Adobe PNG Format CS5 Prefs
2019-11-28 14:17 - 2019-11-28 14:19 - 000000120 _____ () C:\Users\honey\AppData\Roaming\FixVTS.ini
2015-01-13 13:26 - 2015-01-13 13:26 - 000099384 _____ () C:\Users\honey\AppData\Roaming\inst.exe
2015-01-13 13:26 - 2015-01-13 13:26 - 000007859 _____ () C:\Users\honey\AppData\Roaming\pcouffin.cat
2015-01-13 13:26 - 2015-01-13 13:26 - 000001167 _____ () C:\Users\honey\AppData\Roaming\pcouffin.inf
2015-01-13 13:26 - 2015-01-13 13:26 - 000082816 _____ (VSO Software) C:\Users\honey\AppData\Roaming\pcouffin.sys
2015-03-05 20:40 - 2019-10-16 19:03 - 000000163 _____ () C:\Users\honey\AppData\Roaming\PLGComp.ini
2015-01-08 13:20 - 2015-01-08 18:12 - 000000600 _____ () C:\Users\honey\AppData\Roaming\winscp.rnd
2014-01-06 21:06 - 2016-05-09 15:45 - 000001456 _____ () C:\Users\honey\AppData\Local\Adobe Save for Web 12.0 Prefs
2019-11-11 12:14 - 2019-11-11 12:14 - 000430165 _____ () C:\Users\honey\AppData\Local\ars.cache
2019-11-11 12:15 - 2019-11-11 12:15 - 001000672 _____ () C:\Users\honey\AppData\Local\census.cache
2014-04-05 17:18 - 2014-04-05 17:18 - 000220543 _____ () C:\Users\honey\AppData\Local\debuggee.mdmp
2015-07-20 15:48 - 2015-07-20 15:48 - 000000058 _____ () C:\Users\honey\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2019-11-11 11:22 - 2019-11-11 11:22 - 000000036 _____ () C:\Users\honey\AppData\Local\housecall.guid.cache
2014-09-30 15:29 - 2016-02-13 22:02 - 000000600 _____ () C:\Users\honey\AppData\Local\PUTTY.RND
2019-12-18 12:34 - 2019-12-18 12:34 - 000000218 _____ () C:\Users\honey\AppData\Local\recently-used.xbel
2017-12-27 10:35 - 2019-10-27 21:28 - 000007625 _____ () C:\Users\honey\AppData\Local\resmon.resmoncfg
2016-08-12 09:41 - 2016-08-12 09:47 - 000000000 _____ () C:\Users\honey\AppData\Local\{46640771-B048-4412-BD25-92639EF3890A}
2018-09-27 08:57 - 2018-09-27 08:57 - 000000000 _____ () C:\Users\honey\AppData\Local\{63CAEF5A-0DA1-4B1E-9444-74105835B8C6}
2018-12-21 10:12 - 2018-12-21 10:12 - 000000000 _____ () C:\Users\honey\AppData\Local\{6B5613CD-1521-4049-828C-4CDD5E0AC55C}
2018-12-21 10:12 - 2018-12-21 10:12 - 000000000 _____ () C:\Users\honey\AppData\Local\{6D1E2517-5415-44EB-A953-CBF3D1D8DA93}
2016-07-23 09:45 - 2016-07-23 09:45 - 000000000 _____ () C:\Users\honey\AppData\Local\{8219B69E-E1E9-4066-8B28-390A4A955369}
2015-01-01 09:27 - 2015-01-01 09:27 - 000000000 _____ () C:\Users\honey\AppData\Local\{88776969-F896-4B93-A57E-F32DE3EF4D36}
2018-09-27 08:57 - 2018-09-27 08:57 - 000000000 _____ () C:\Users\honey\AppData\Local\{8F1CBB7B-C05D-432B-ABEE-3037B0DA8502}
2016-08-12 09:41 - 2016-08-12 09:47 - 000000000 _____ () C:\Users\honey\AppData\Local\{B9D9E880-9DEF-4903-A9B5-544C31EA3A2D}

==================== FCheck ================================

(If an entry is included in the fixlist, the file/folder will be moved.)

FCheck: C:\Windows\SysWOW64\vfpodbc.dll [1998-06-15] <==== ATTENTION (zero byte File/Folder)

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-12-19 13:11
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2019
Ran by honey (20-12-2019 18:05:15)
Running from C:\Users\honey\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2014-01-02 03:40:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-404867302-3797044342-2971219209-500 - Administrator - Disabled)
Guest (S-1-5-21-404867302-3797044342-2971219209-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-404867302-3797044342-2971219209-1021 - Limited - Enabled)
honey (S-1-5-21-404867302-3797044342-2971219209-1000 - Administrator - Enabled) => C:\Users\honey
VUSR_HONEY-PC (S-1-5-21-404867302-3797044342-2971219209-1004 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3D Youtube Downloader - Batch (x64) (HKU\S-1-5-21-404867302-3797044342-2971219209-1000\...\3D Youtube Downloader - Batch (x64)) (Version: 2.10.14 - 3DYD Soft)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 3.02.03.0 - Ralink)
A1 Sitemap Generator (HKLM-x32\...\8FA512B2AB9F48E48319F817302934AC_is1) (Version: 2.2.0 - Microsys)
Accord CD Ripper Free 6.9.1 (HKLM-x32\...\8BF2152B-6835-4FF3-A2EC-5BDAB46DCDFF_is1) (Version: - Accmeware Corporation)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.021.20058 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.293 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.293 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.303 - Adobe)
Advanced IP Scanner 2.5 (HKLM-x32\...\{816038FA-53B2-4F36-A9F2-8F6B8B81C7B0}) (Version: 2.5.3850 - Famatech)
AdWords Editor (HKLM-x32\...\{64427C94-5A22-4743-8772-B2D9B9FD5283}) (Version: 11.0.3 - Google)
AMD Catalyst Install Manager (HKLM\...\{D2A53F8D-3924-E600-6023-883B255E3812}) (Version: 3.0.842.0 - Advanced Micro Devices, Inc.)
AVI to DVD Converter (HKLM-x32\...\AVI to DVD Converter) (Version: 3.0.26.0314 - Xilisoft)
Belarc Advisor 9.0 (HKLM-x32\...\Belarc Advisor) (Version: 9.0.0.0 - Belarc Inc.)
BleachBit 3.0 (HKLM-x32\...\BleachBit) (Version: 3.0 - BleachBit)
BS1 General Ledger 2014.2 (HKLM-x32\...\BS1 General Ledger 2014.2_is1) (Version: - Davis Software)
Bulk Image Downloader v5.56.0.0 (HKLM-x32\...\Bulk Image Downloader_is1) (Version: 5.56 - Antibody Software)
Bulk Rename Utility 2.7.1.3 (HKLM-x32\...\Bulk Rename Utility_is1) (Version: - TGRMN Software)
CD Recovery Toolbox Free 2.1 (HKLM-x32\...\CD Recovery Toolbox Free_is1) (Version: - Recovery Toolbox, Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper)
CuteFTP 8 Professional (HKLM-x32\...\{91F34319-08DE-457a-99C0-0BCDFAC145B9}) (Version: 8.3.4 - GlobalSCAPE)
davehope.co.uk Product Key Finder (HKLM-x32\...\Product Key Finder_is1) (Version: - davehope.co.uk)
DiskCryptor 1.1 (HKLM\...\DiskCryptor_is1) (Version: 1.1 - hxxp://diskcryptor.net/)
DMG Extractor (HKU\S-1-5-21-404867302-3797044342-2971219209-1000\...\DMG Extractor) (Version: 1.3.15.0 - Reincubate Ltd)
Dokan Library 1.2.0.1000 (x64) (HKLM\...\{65A3A964-3DC3-0102-0000-180809151012}) (Version: 1.2.0.1000 - Dokany Project) Hidden
Dokan Library 1.2.0.1000 Bundle (HKLM-x32\...\{c2f619b0-68fd-4433-970e-cd66cd7a2775}) (Version: 1.2.0.1000 - Dokany Project)
DotNetBar for Windows Forms (HKLM-x32\...\{316FC9F6-6343-42AC-BC26-6337C9CD1A8E}) (Version: 10.0.0.3 - DevComponents)
dpeg Cicada (HKLM-x32\...\dpeg_Cicada) (Version: - )
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
Easy HTML5 Video (HKLM-x32\...\Easy HTML5 Video_is1) (Version: - )
FancyElements (HKLM-x32\...\FancyElements_is1) (Version: - )
Fast Duplicate File Finder 5.4.0.1 (HKLM-x32\...\{AFECFED6-0A43-488F-8511-1DC6B52F31C3}_is1) (Version: 5.4.0.1 - MindGems, Inc.)
ffdshow x64 v1.3.4533 [2014-09-29] (HKLM\...\ffdshow64_is1) (Version: 1.3.4533.0 - )
FileASSASSIN (HKLM-x32\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com)
FileZilla Client 3.27.1 (HKLM-x32\...\FileZilla Client) (Version: 3.27.1 - Tim Kosse)
Folder Size 4.2.0.0 (HKLM-x32\...\{2DFA85ED-588F-4CE3-A175-29E52C3804A8}_is1) (Version: 4.2.0.0 - MindGems, Inc.)
FUTURA CE-250 Software (HKLM-x32\...\{4C31E401-C8D5-4133-8B29-DE5D6B8B9DB0}) (Version: 3.0.0.4 - Default Company Name) Hidden
FUTURA CE-250 Software (HKLM-x32\...\{A8C74A7C-F2F4-4F6C-90AA-6C351570419F}) (Version: 3.0.0.4 - )
Golden Records Vinyl to CD Converter (HKLM-x32\...\Golden) (Version: - NCH Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HandBrake 1.2.2 (HKLM-x32\...\HandBrake) (Version: 1.2.2 - )
HFSExplorer 0.22.1 (HKLM-x32\...\HFSExplorer) (Version: 0.22.1 - Catacombae Software)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8600 Basic Device Software (HKLM\...\{77d93eea-f5c2-4db5-9c2d-25bc5a2e0ec9}) (Version: 28.0.1316.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Help (HKLM-x32\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard)
HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{2BF5E9CC-C55D-4B0F-ACAF-FFE77F333CD8}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
HydraVision (HKLM-x32\...\{91F7C67B-C1A2-F1DB-C286-7F56A07C6B49}) (Version: 4.2.212.0 - Advanced Micro Devices, Inc.) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Chipset Device Software (HKLM-x32\...\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}) (Version: 10.0.27 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{FA9F8623-B4C9-452D-A989-CC3AC01A4E27}) (Version: 1.1.5 - Intel Corporation)
Intel® Processor Identification Utility (HKLM-x32\...\{E080C732-360E-4B05-BD68-3F7BF14EEBAA}) (Version: 6.1.0731 - Intel Corporation) Hidden
Intel® Processor Identification Utility (HKU\S-1-5-21-404867302-3797044342-2971219209-1000\...\Intel® Processor Identification Utility 6.1.0731) (Version: 6.1.0731 - Intel Corporation)
iWisoft Flash SWF to Video Converter 3.4 (HKLM-x32\...\iWisoft Flash SWF to Video Converter_is1) (Version: 3.4.0 - www.flash-swf-converter.com)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
K-Lite Mega Codec Pack 15.2.6 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 15.2.6 - KLCP)
Kodi (HKU\S-1-5-21-404867302-3797044342-2971219209-1000\...\Kodi) (Version: - XBMC Foundation)
LAV Filters 0.74.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.74.1 - Hendrik Leppkes)
Macrium Reflect Free Edition (HKLM\...\{1A399324-9784-4384-927F-0FEA922BC516}) (Version: 7.1.3317 - Paramount Software (UK) Ltd.) Hidden
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 7.1 - Paramount Software (UK) Ltd.)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
MediaInfo 19.09 (HKLM\...\MediaInfo) (Version: 19.09 - MediaArea.net)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office 365 Business - en-us (HKLM\...\O365BusinessRetail - en-us) (Version: 16.0.12228.20364 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-404867302-3797044342-2971219209-1000\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{2738C4AA-420E-4E13-ADEF-B5AB250E3EF1}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - ENU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 6.0 Enterprise Edition (HKLM-x32\...\Visual Studio 6.0 Enterprise Edition) (Version: - )
Microsoft Web Publishing Wizard 1.53 (HKLM-x32\...\WebPost) (Version: - )
MixPad Multitrack Recording Software (HKLM-x32\...\MixPad) (Version: 3.69 - NCH Software)
MKVToolNix 40.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 40.0.0 - Moritz Bunkus)
Mozilla Firefox 71.0 (x64 en-US) (HKLM\...\Mozilla Firefox 71.0 (x64 en-US)) (Version: 71.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 61.0.2 - Mozilla)
MPC-HC 1.8.8 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.8.8 - MPC-HC Team)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.8.1 - Notepad++ Team)
Npcap 0.9983 (HKLM-x32\...\NpcapInst) (Version: 0.9983 - Nmap Project)
Numerology Calculator (HKLM-x32\...\Numerology Calculator_is1) (Version: 3.41 - )
Numerology Calculator Select (HKLM-x32\...\Numerology Calculator Select_is1) (Version: 1.41 - )
Numerology Healing Tones (HKLM-x32\...\Numerology Healing Tones_is1) (Version: 1.50 - )
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Opanda IExif 2.3 (HKLM-x32\...\Opanda IExif_is1) (Version: 2.3 - Opanda Studio)
Opanda PowerExif 1.2 Professional Trial (HKLM-x32\...\Opanda PowerExif Professional Trial_is1) (Version: 1.2 - Opanda Studio)
Opera Stable 65.0.3467.78 (HKLM-x32\...\Opera 65.0.3467.78) (Version: 65.0.3467.78 - Opera Software)
OpticFilm 120 (HKLM-x32\...\{AD13719F-9FE1-46C2-AB8B-716B5F256BF8}) (Version: 5.0.2 - )
OpticFilm 8200i (HKLM-x32\...\{086AA359-A8F0-46BB-B66D-21AE29420B81}) (Version: 5.0.0 - )
PxMergeModule (HKLM-x32\...\{024521CF-C07E-4F8E-8481-0D75695E03AF}) (Version: 1.00.0000 - Your Company Name) Hidden
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: 1.00.0267 - REALTEK Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Registry Backup and Restore (HKLM\...\Registry Backup and Restore_is1) (Version: - Acelogix)
RentMaster (HKLM-x32\...\RentMaster) (Version: 11.2.0 - )
Revo Uninstaller 2.1.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.1 - VS Revo Group, Ltd.)
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.1 - Samsung)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.3.1.2010 - Samsung Electronics)
Screenshot Captor 4.12.0 (HKLM-x32\...\ScreenshotCaptor_is1) (Version: - )
SilverFast 8.5.0r7 (64bit) (HKLM-x32\...\SilverFast 8 x64) (Version: 8.5.0r7 - LaserSoft Imaging AG)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Stellar Phoenix Windows Data Recovery - Professional (HKLM-x32\...\Stellar Phoenix Windows Data Recovery - Professional_is1) (Version: 6.0.0.0 - Stellar Information Systems Ltd)
Stellarium 0.19.1.1 (HKLM\...\Stellarium_is1) (Version: 0.19.1.1 - Stellarium team)
Sublime Text Build 3047 (HKLM-x32\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
Switch Sound File Converter (HKLM-x32\...\Switch) (Version: 4.65 - NCH Software)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.2.0.32462 - Microsoft Corporation)
Tweaking.com - Hardware Identify (HKLM-x32\...\Tweaking.com - Hardware Identify) (Version: 2.5.0 - Tweaking.com)
Tweaking.com - Simple System Tweaker (HKLM-x32\...\Tweaking.com - Simple System Tweaker) (Version: 2.2.0 - Tweaking.com)
Tweaking.com - Technicians Toolbox (HKLM-x32\...\Tweaking.com - Technicians Toolbox) (Version: 1.2.0 - Tweaking.com)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 4.7.0 - Tweaking.com)
TweetAdder4 (HKLM-x32\...\{911174C5-85BF-4972-B5E0-4882B32E9396}_is1) (Version: 4.1.140929 - TweetAdder.com)
Universal Media Server (HKLM-x32\...\Universal Media Server) (Version: 9.1.0 - Universal Media Server)
URL Snooper v2.42.01 (HKLM-x32\...\URLSnooper 2_is1) (Version: - DonationCoder.com)
USB Disk Storage Format Tool 5.0 (HKLM\...\USB Disk Storage Format Tool_is1) (Version: - Authorsoft Corporation)
Visual Similarity Duplicate Image Finder Demo 7.5.0.1 (HKLM-x32\...\{72D6BE71-2A6F-4D01-809E-A3174D1738A0}_is1) (Version: 7.5.0.1 - MindGems, Inc.)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
VisualLightBox (HKLM-x32\...\VisualLightBox_is1) (Version: - )
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.2.0.13 - VSO Software)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 5.96 - NCH Software)
WhoCrashed 5.03 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
WhySoSlow 1.00 (HKLM\...\WhySoSlowHome_is1) (Version: - Resplendence Software Projects Sp.)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
Windows Automated Installation Kit (HKLM\...\{31E8F586-4EF7-4500-844D-BA8756474FF1}) (Version: 2.0.0.0 - Microsoft Corporation)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
WinSCP 5.9.6 (HKLM-x32\...\winscp3_is1) (Version: 5.9.6 - Martin Prikryl)
Wireshark 3.0.5 64-bit (HKLM-x32\...\Wireshark) (Version: 3.0.5 - The Wireshark developer community, hxxps://www.wireshark.org)
WOW Slider (HKLM-x32\...\WOW Slider_is1) (Version: - )

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-08-15] (Notepad++ -> )
ContextMenuHandlers1-x32: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files (x86)\Bulk Rename Utility\BRUhere.dll [2014-06-24] (TGRMN Software -> Bulk Rename Utility)
ContextMenuHandlers1-x32: [CuteFTP 8 Professional] -> {8f7261d0-d2b9-11d2-9909-00605205b24c} => C:\Program Files (x86)\GlobalSCAPE\CuteFTP 8 Professional\CuteShell.dll [2010-05-19] (GlobalSCAPE, Inc.) [File not signed]
ContextMenuHandlers1: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll -> No File
ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2017-10-01] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2-x32: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files (x86)\Bulk Rename Utility\BRUhere.dll [2014-06-24] (TGRMN Software -> Bulk Rename Utility)
ContextMenuHandlers2-x32: [CuteFTP 8 Professional] -> {8f7261d0-d2b9-11d2-9909-00605205b24c} => C:\Program Files (x86)\GlobalSCAPE\CuteFTP 8 Professional\CuteShell.dll [2010-05-19] (GlobalSCAPE, Inc.) [File not signed]
ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2017-10-01] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
ContextMenuHandlers3-x32: [FAExt] -> {05672D66-9736-42F5-8BEB-FA1DD3CA51C4} => C:\Program Files (x86)\FileASSASSIN\FileASSASSINExt.dll [2007-03-30] (Malwarebytes) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-17] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4-x32: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files (x86)\Bulk Rename Utility\BRUhere.dll [2014-06-24] (TGRMN Software -> Bulk Rename Utility)
ContextMenuHandlers4-x32: [CuteFTP 8 Professional] -> {8f7261d0-d2b9-11d2-9909-00605205b24c} => C:\Program Files (x86)\GlobalSCAPE\CuteFTP 8 Professional\CuteShell.dll [2010-05-19] (GlobalSCAPE, Inc.) [File not signed]
ContextMenuHandlers4: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll -> No File
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2011-10-24] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-17] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [475936 2007-05-10] (Logitech Inc -> Logitech Inc.)
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [127488 2014-09-29] () [File not signed]
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [416544 2007-05-10] (Logitech Inc -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [180224 2008-12-04] () [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-11-24 19:14 - 2012-08-08 21:56 - 000863232 _____ ( Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\P2PLib.dll
2019-11-24 19:14 - 2013-02-27 17:17 - 000221184 _____ () [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\EnumDevLib.dll
2014-01-01 21:41 - 2011-09-09 04:28 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2015-11-23 10:18 - 2019-02-21 11:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2014-01-01 21:41 - 2011-09-09 04:28 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2019-12-20 14:56 - 2019-12-20 14:56 - 000247296 _____ (Java(TM) Native Access (JNA)) [File not signed] C:\Users\honey\AppData\Local\Temp\jna-99461947\jna2932296372392998736.dll
2019-10-19 16:48 - 2012-02-14 19:37 - 000594432 _____ (Realtek Semiconductor Corp. ) [File not signed] C:\Windows\system32\Rtlihvs.dll
2019-11-24 19:14 - 2015-03-26 10:39 - 000552960 _____ (Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlLib.dll
2019-11-24 19:14 - 2012-09-13 09:25 - 000200704 _____ (Realtek) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\IpLib.dll
2019-11-24 19:14 - 2015-02-05 13:58 - 000098304 _____ (Realtek) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlICS.dll
2019-11-24 19:14 - 2015-03-30 10:39 - 000274432 _____ (Realtek) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlIhvOid.dll
2019-11-24 19:14 - 2012-06-22 16:01 - 000044544 _____ (Realtek) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlQRCode.dll
2019-11-24 19:14 - 2009-07-23 17:32 - 001122304 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\LIBEAY32.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\honey\Local Settings:oK6ap3JWZyZX1kkco [2422]
AlternateDataStreams: C:\Users\honey\AppData\Local:oK6ap3JWZyZX1kkco [2422]
AlternateDataStreams: C:\Users\honey\AppData\Local\Application Data:oK6ap3JWZyZX1kkco [2422]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\58101699.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\58101699.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\plsapp => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-404867302-3797044342-2971219209-1000\...\sharepoint.com -> hxxps://teatrolatea-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2017-09-07 11:16 - 000000855 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost

2019-10-03 18:49 - 2019-10-03 19:24 - 000000508 _____ C:\Windows\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\AMD APP\bin\x86_64;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files\Windows Imaging
HKU\S-1-5-21-404867302-3797044342-2971219209-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\honey\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: BstHdAndroidSvc => 3
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: BstHdUpdaterSvc => 2
MSCONFIG\Services: EaseUS Agent => 2
MSCONFIG\Services: ESRV_SVC_QUEENCREEK => 2
MSCONFIG\Services: Guard Agent => 2
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: hpqcaslwmiex => 3
MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2
MSCONFIG\Services: Intel(R) SUR QC SAM => 3
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: MacriumService => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: MediatekRegistryWriter => 2
MSCONFIG\Services: MediatekRegistryWriter64 => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: Realtek87B => 2
MSCONFIG\Services: ReflectService.exe => 2
MSCONFIG\Services: RtkAudioService => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: SystemUsageReportSvc_QUEENCREEK => 2
MSCONFIG\Services: USER_ESRV_SVC_QUEENCREEK => 3
MSCONFIG\Services: VyprVPN => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Tenda Wireless Utility.lnk => C:\Windows\pss\Tenda Wireless Utility.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^honey^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - .lnk => C:\Windows\pss\Monitor Ink Alerts - .lnk.Startup
MSCONFIG\startupfolder: C:^Users^honey^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk => C:\Windows\pss\Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk.Startup

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{C16FBD02-A15A-42E1-AD7D-46997BB5A44A}C:\program files (x86)\globalscape\cuteftp 8 professional\ftpte.exe] => (Block) C:\program files (x86)\globalscape\cuteftp 8 professional\ftpte.exe (GlobalSCAPE, Inc.) [File not signed]
FirewallRules: [UDP Query User{7704C02C-071A-4768-A663-3C89233091D1}C:\program files (x86)\globalscape\cuteftp 8 professional\ftpte.exe] => (Block) C:\program files (x86)\globalscape\cuteftp 8 professional\ftpte.exe (GlobalSCAPE, Inc.) [File not signed]
FirewallRules: [TCP Query User{EB8831FF-2188-42B1-B92C-832DD4E16393}C:\program files (x86)\microsoft visual studio\common\tools\vs-ent98\vanalyzr\varpc.exe] => (Allow) C:\program files (x86)\microsoft visual studio\common\tools\vs-ent98\vanalyzr\varpc.exe No File
FirewallRules: [UDP Query User{4988F528-BA77-467F-B0B4-5B3CD2686D08}C:\program files (x86)\microsoft visual studio\common\tools\vs-ent98\vanalyzr\varpc.exe] => (Allow) C:\program files (x86)\microsoft visual studio\common\tools\vs-ent98\vanalyzr\varpc.exe No File
FirewallRules: [TCP Query User{756FCE78-EDC6-4B00-B8FF-BA2EEBB92B72}C:\apache24\bin\httpd.exe] => (Allow) C:\apache24\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [UDP Query User{FC03FF4C-54E2-4E65-92F9-6990136FCA33}C:\apache24\bin\httpd.exe] => (Allow) C:\apache24\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [{454ED93C-8BBA-44CA-BBC0-AF45A8DD69BC}] => (Allow) C:\Users\honey\Downloads\Tech tool store tools\TechToolStore64.exe (Alfredo Anibal Santos Silva -> Carifred)
FirewallRules: [{7D86FE7D-A561-4763-B8F9-B2A33B0B64D0}] => (Allow) C:\Users\honey\Downloads\Tech tool store tools\TechToolStore64.exe (Alfredo Anibal Santos Silva -> Carifred)
FirewallRules: [{52FC53AF-F179-4382-A4E0-E60D397D0E18}] => (Allow) C:\Users\honey\Downloads\Tech tool store tools\TechToolStore64.exe (Alfredo Anibal Santos Silva -> Carifred)
FirewallRules: [TCP Query User{02D439D2-6A2E-4A22-959B-2FE402DBE1F0}C:\users\honey\downloads\digitalnotewallet_win32_1.0.12-beta\digitalnotewallet-win32\digitalnotewallet.exe] => (Allow) C:\users\honey\downloads\digitalnotewallet_win32_1.0.12-beta\digitalnotewallet-win32\digitalnotewallet.exe () [File not signed]
FirewallRules: [UDP Query User{3ED4978A-DEDD-4E7E-BC38-9312CBC5D8ED}C:\users\honey\downloads\digitalnotewallet_win32_1.0.12-beta\digitalnotewallet-win32\digitalnotewallet.exe] => (Allow) C:\users\honey\downloads\digitalnotewallet_win32_1.0.12-beta\digitalnotewallet-win32\digitalnotewallet.exe () [File not signed]
FirewallRules: [TCP Query User{E4299DE6-951E-495B-81C9-1B2720D79B27}C:\users\honey\downloads\monero-win-x86-v0.11.0.0\monero-v0.11.0.0\monerod.exe] => (Allow) C:\users\honey\downloads\monero-win-x86-v0.11.0.0\monero-v0.11.0.0\monerod.exe No File
FirewallRules: [UDP Query User{30DE5082-F81C-4AE0-A51F-B16BA47A308D}C:\users\honey\downloads\monero-win-x86-v0.11.0.0\monero-v0.11.0.0\monerod.exe] => (Allow) C:\users\honey\downloads\monero-win-x86-v0.11.0.0\monero-v0.11.0.0\monerod.exe No File
FirewallRules: [{BA7BB4B1-6369-40DB-8961-38F8E06ABF22}] => (Allow) C:\Program Files (x86)\Tenda\Common\RaUI.exe (SHENZHEN JIXIANG TENDA TECHNOLOGY CO.,LTD -> Tenda Inc.) [File not signed]
FirewallRules: [{6CD25C81-77F0-4A0D-8478-C08FD6D51DAE}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{9ECF3F6A-C86A-4BE3-BFCB-8D5A4AA7DEA5}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{1D853698-C05B-43FF-AD3B-BD0C3404BD62}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{A17A2D1E-1EBA-41FA-98BE-D1D36FFF593D}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{554E8BB8-F0E2-4A63-8684-E8D87ECA2245}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{2FE3BEC6-97B1-43C7-A013-6270FB5A3D18}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{29BDF56D-CCE2-4E1E-8F96-E0C7586903CA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{91A3B001-8CB3-42E6-A001-C320A0734736}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{89F5F9A0-836D-4D72-A1E3-C8794D85D565}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{43E673C5-C03C-4166-A4B4-25207973D5C1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F11422D4-7366-41F9-A1A5-ADCB77696873}] => (Allow) LPort=53
FirewallRules: [TCP Query User{E1D6E0BF-FD3D-43F5-B898-E07121BB33B1}C:\users\honey\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\honey\appdata\local\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [UDP Query User{18237FC1-4FDB-4528-B8E7-952A9DEA571E}C:\users\honey\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\honey\appdata\local\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [{001B500E-8ECE-4673-80E1-BF0E7CE97D69}] => (Allow) LPort=53
FirewallRules: [{C634B0D2-B044-4344-A7D0-C65177F0D87D}] => (Allow) C:\Program Files (x86)\Universal Media Server\jre-x64\bin\javaw.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe No File
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe No File
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe No File
FirewallRules: [{285586F2-2CBB-43A4-8E99-2C9152A21A40}] => (Allow) C:\PROGRA~2\REALTEK\USBWIR~1\RtWlan.exe (Realtek Semiconductor Corp.) [File not signed]
FirewallRules: [{1017A4A2-1E23-459A-80F6-CE55DCF46039}] => (Allow) LPort=1542
FirewallRules: [{648FCD61-D6EE-46B7-A0D9-9F75C85C9F11}] => (Allow) LPort=1542
FirewallRules: [{2517FF93-7400-4519-8FF1-F9C444FD51E3}] => (Allow) LPort=53
FirewallRules: [{63C713B1-6428-46EA-9BE7-2212E1052EB4}] => (Allow) C:\PROGRA~2\REALTEK\USBWIR~1\Rtldhcp.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{78E4AC92-B592-40C4-8C89-DAC08C752055}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{16EA68F0-4ACA-4CD2-88D1-701901B6B334}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{AEB47065-DD7B-444D-A686-840131FA9C2E}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{C6DE48E5-D420-4837-AB1F-F4A21AD70B2B}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{9E988CBB-4642-4E15-92B7-2141399FB9F7}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{BC15C9C5-8994-41A9-9BB7-2A383C67ACAD}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{1A100735-CD1D-48A3-BC02-76DC9DF84CCF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AC0F569C-8515-4ACB-A24C-AEE06BABCBA9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EAAF525E-6DAA-4BD7-9452-7617675A677C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E620ED74-3261-46F9-B79D-729D61296D22}] => (Allow) C:\Program Files (x86)\Opera\65.0.3467.72\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{A0309022-2D32-411D-A467-BDDC5CA5DB1F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{BF1D924D-33DF-46E1-A28B-E891CAF6C41A}] => (Allow) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software)

==================== Restore Points =========================

20-12-2019 17:41:56 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============

Name: Realtek PCIe GbE Family Controller
Description: Realtek PCIe GbE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: 802.11n Wireless LAN Card
Description: 802.11n Wireless LAN Card
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Ralink Technology, Corp.
Service: netr28x
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (12/20/2019 04:08:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Windows\avastSS.scr".
Dependent Assembly Avast.VC140.CRT,processorArchitecture="x86",publicKeyToken="fcc99ee6193ebbca",type="win32",version="14.0.23918.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (12/20/2019 02:52:43 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: honey-PC)
Description: Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.

Error: (12/20/2019 02:52:43 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: honey-PC)
Description: Windows has backed up this user profile. Windows will automatically try to use the backup profile the next time this user logs on.

Error: (12/20/2019 02:52:43 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1502) (User: honey-PC)
Description: Windows cannot load the locally stored profile. Possible causes of this error include insufficient security rights or a corrupt local profile.

DETAIL - The process cannot access the file because it is being used by another process.

Error: (12/20/2019 02:52:43 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.

DETAIL - The process cannot access the file because it is being used by another process.
for C:\Users\honey\ntuser.dat

Error: (12/17/2019 09:16:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MBAMInstallerService.exe, version: 4.0.0.130, time stamp: 0x5daf8771
Faulting module name: ole32.dll, version: 6.1.7601.24537, time stamp: 0x5dce0bdd
Exception code: 0xc0000005
Fault offset: 0x0000000000040cc2
Faulting process id: 0x1f58
Faulting application start time: 0x01d5b54914992d7d
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe
Faulting module path: C:\Windows\system32\ole32.dll
Report Id: 62df49c5-213c-11ea-9785-be15c5687214

Error: (12/04/2019 10:00:52 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x407; CorrelationId: {C9EEB761-B83D-48FE-912F-93059069135D}

Error: (11/25/2019 12:38:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dpeg.exe, version: 6.20.0.12, time stamp: 0x492f6939
Faulting module name: ntdll.dll, version: 6.1.7601.24535, time stamp: 0x5dc1e8db
Exception code: 0xc0000005
Fault offset: 0x0002e466
Faulting process id: 0x1b28
Faulting application start time: 0x01d5a3b71f53aed6
Faulting application path: C:\Program Files (x86)\SomeWare\dpeg v6\dpeg.exe
Faulting module path: C:\Windows\SysWOW64\ntdll.dll
Report Id: 60cfaf28-0faa-11ea-9a0a-e4bddb6f1795


System errors:
=============
Error: (12/20/2019 02:58:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Support Solutions Framework Service service failed to start due to the following error:
The system cannot find the file specified.

Error: (12/20/2019 02:57:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s).

Error: (12/20/2019 02:56:32 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
amdkmafd

Error: (12/20/2019 02:56:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Universal Media Server service terminated unexpectedly. It has done this 1 time(s).

Error: (12/20/2019 02:56:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Realtek DHCP Service service terminated unexpectedly. It has done this 1 time(s).

Error: (12/20/2019 02:54:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Support Solutions Framework Service service failed to start due to the following error:
The system cannot find the file specified.

Error: (12/20/2019 02:52:39 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
amdkmafd

Error: (12/20/2019 02:52:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Universal Media Server service terminated unexpectedly. It has done this 1 time(s).


Windows Defender:
===================================
Date: 2016-05-10 13:39:29.816
Description:
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid=37020&name=SoftwareBundler:Win32/Stallmonitz&threatid=225956
Name:SoftwareBundler:Win32/Stallmonitz
ID:225956
Severity:High
Category:Software Bundler
Path Found:containerfile:C:\Users\honey\Desktop\BlueStacks-SplitInstaller_native.exe;file:C:\Users\honey\Desktop\BlueStacks-SplitInstaller_native.exe->(nsis-instdata)
Detection Type:Concrete
Detection Source:System
Status:Unknown
Process Name:c:\program files\windows defender\MpCmdRun.exe

Date: 2015-05-14 02:55:17.260
Description:
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid=37020&name=SoftwareBundler:Win32/WinOptimizer&threatid=206677
Name:SoftwareBundler:Win32/WinOptimizer
ID:206677
Severity:High
Category:Software Bundler
Path Found:containerfile:C:\ProgramData\Optimizer\program\newver_10_1.7.0.0.exe;containerfile:C:\ProgramData\Optimizer\program\newver_25_1.7.1.0.exe;containerfile:C:\ProgramData\Optimizer\program\newver_37_1.7.3.0.exe;containerfile:C:\ProgramData\Optimizer\program\newver_38_1.6.9.0.exe;containerfile:C:\ProgramData\Optimizer\program\newver_54_1.7.2.0.exe;containerfile:C:\ProgramData\Optimizer\program\newver_83_1.7.3.0.exe;containerfile:C:\ProgramData\Optimizer\program\newver_95_1.7.2.0.exe;file:C:\Program Files (x86)\Software Update Services\software-update-services.exe;file:C:\Program Files (x86)\YouTube Downloader Services\A1\config\load_config.ini;file:C:\Program Files (x86)\YouTube Downloader Services\A1\load_config.ini;file:C:\Program Files (x86)\YouTube Downloader Services\A1\vmnet.exe;file:C:\Program Files (x86)\YouTube Downloader Services\A1\winphp.exe;file:C:\Program Files (x86)\YouTube Downloader Services\A1\youtubeserv.exe;file:C:\Program Files (x86)\YouTube Downloader Services\A2\config\load_config.ini;file:
Detection Type:Concrete
Detection Source:System
Status:Unknown
Process Name:c:\program files\windows defender\MpCmdRun.exe

Date: 2015-02-13 12:56:09.110
Description:
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid=37020&name=SoftwareBundler:Win32/WinOptimizer&threatid=206677
Name:SoftwareBundler:Win32/WinOptimizer
ID:206677
Severity:High
Category:Software Bundler
Path Found:file:C:\Program Files (x86)\YouTube Downloader Services\A2\youtubeserv.exe;process:pid:2072,ProcessStart:130683102609928583;service:YouTubeDownload_A2
Detection Type:Concrete
Detection Source:System
Status:Unknown
Process Name:C:\Windows\System32\svchost.exe

Date: 2015-02-13 12:45:18.333
Description:
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid=37020&name=SoftwareBundler:Win32/WinOptimizer&threatid=206677
Name:SoftwareBundler:Win32/WinOptimizer
ID:206677
Severity:High
Category:Software Bundler
Path Found:file:C:\Program Files (x86)\YouTube Downloader Services\A2\youtubeserv.exe;process:pid:2072,ProcessStart:130683102609928583
Detection Type:Concrete
Detection Source:System
Status:Unknown
Process Name:C:\Windows\System32\svchost.exe

Date: 2014-11-29 22:00:49.112
Description:
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid=37020&name=SoftwareBundler:Win32/WinOptimizer&threatid=206677
Name:SoftwareBundler:Win32/WinOptimizer
ID:206677
Severity:High
Category:Software Bundler
Path Found:file:C:\Program Files (x86)\YouTube Downloader Services\P2\vmnet.exe;process:pid:6068
Detection Type:Concrete
Detection Source:Real-Time Protection
Status:Unknown
Process Name:

Date: 2016-08-06 12:31:33.975
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version:
Update Source:User
Signature Type:
Update Type:
Current Engine Version:
Previous Engine Version:1.1.12902.0
Error code:0x8050a003
Error description:This package does not contain up-to-date definition files for this program. For more information, see Help and Support.

Date: 2016-08-01 13:30:57.462
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80096010
Error description:The digital signature of the object did not verify.
Signature version:1.225.2702.0
Engine version:1.1.12902.0

Date: 2016-07-19 10:23:40.259
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version:
Update Source:User
Signature Type:
Update Type:
Current Engine Version:
Previous Engine Version:1.1.12902.0
Error code:0x8050a003
Error description:This package does not contain up-to-date definition files for this program. For more information, see Help and Support.

Date: 2016-06-26 10:42:27.755
Description:
%1 engine has been terminated due to an unexpected error.
Failure Type:%5
Exception code:%6
Resource:%3

Date: 2016-05-15 16:17:59.424
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x800700c1
Error description:Windows Defender is not a valid Win32 application.
Signature version:1.219.1406.0
Engine version:1.1.12706.0

CodeIntegrity:
===================================

Date: 2016-08-27 13:29:06.372
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-27 11:58:09.638
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-27 11:54:47.297
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmdag.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-27 11:54:47.204
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-27 11:54:29.778
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-27 11:54:29.607
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-27 11:42:13.553
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-27 11:37:20.645
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmdag.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: AMI 7.16 03/23/2012
Motherboard: Foxconn 2ABF
Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 97%
Total physical RAM: 8172.83 MB
Available physical RAM: 210.4 MB
Total Virtual: 16343.81 MB
Available Virtual: 7390.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:600.29 GB) (Free:135.4 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (System Reserved) (Fixed) (Total:130.86 GB) (Free:55.37 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (Backup) (Fixed) (Total:200.36 GB) (Free:50.93 GB) NTFS


==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 981B9614)
Partition 1: (Active) - (Size=600.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=130.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=200.4 GB) - (Type=05)

==================== End of Addition.txt =======================
 
Please uninstall Macrium Reflect from the system and execute the following fix:

Step#1 - FRST Fix
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
1. Please download Farbar Recovery Scan Tool and save it to your Desktop.
Note: You need to run the 64-bit Version so please ensure you download that one.
2. Download the attached fixlist.txt and save it to the Desktop.
Note. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work (in this case...the desktop).
3. Run FRST64 by Right-Clicking on the file and choosing Run as administrator.
4. Press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
5. When finished FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents of it in your reply.
 

Attachments

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-12-2019
Ran by honey (20-12-2019 20:27:45) Run:1
Running from C:\Users\honey\Downloads
Loaded Profiles: honey (Available Profiles: honey)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
HKLM\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKU\S-1-5-21-404867302-3797044342-2971219209-1000\...\MountPoints2: D - D:\setup.exe
HKU\S-1-5-21-404867302-3797044342-2971219209-1000\...\MountPoints2: {7a10655e-39ff-11e4-8394-2c4138a9b7f0} - E:\windows\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A10B02 PID_0083
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
Task: {478D33AE-3A2A-4E54-A1F2-538CEE834478} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {49246421-C2C6-4F69-9ACF-97C9E23487AF} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\honey\Desktop\esetonlinescanner_enu.exe
C:\Program Files\AVAST Software
C:\Users\honey\Desktop\esetonlinescanner_enu.exe
Task: {730604AD-06A3-4AD4-A113-F558C83D3D57} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
C:\Program Files\Common Files\Avast Software
Task: {DB9FCA76-61A5-4563-A92D-D7701A6AF0A9} - System32\Tasks\{482BA325-2BFA-4F56-84F0-B029EDAC71D4} => C:\Windows\system32\pcalua.exe -a C:\Users\honey\AppData\Local\Temp\jre-9.0.4_windows-x86_bin-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau <==== ATTENTION
Task: {F03334E7-0E8E-4FAA-A2ED-FFF773BE1E65} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\honey\Desktop\esetonlinescanner_enu.exe
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\honey\AppData\Roaming\Mozilla\Firefox\Profiles\x85otvh9.default-1452453708882-1533826311977\Extensions\sp@avast.com.xpi [2019-11-29]
FF Extension: (Avast Online Security) - C:\Users\honey\AppData\Roaming\Mozilla\Firefox\Profiles\x85otvh9.default-1452453708882-1533826311977\Extensions\wrc@avast.com.xpi [2019-12-18]
C:\ProgramData\AVAST Software
EmptyTemp:
*****************

"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AvastUI.exe" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\MemCheckBoxInRunDlg" => removed successfully
HKU\S-1-5-21-404867302-3797044342-2971219209-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D => removed successfully
HKU\S-1-5-21-404867302-3797044342-2971219209-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7a10655e-39ff-11e4-8394-2c4138a9b7f0} => removed successfully
"ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{478D33AE-3A2A-4E54-A1F2-538CEE834478}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{478D33AE-3A2A-4E54-A1F2-538CEE834478}" => removed successfully
C:\Windows\System32\Tasks\Avast Emergency Update => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Emergency Update" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{49246421-C2C6-4F69-9ACF-97C9E23487AF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49246421-C2C6-4F69-9ACF-97C9E23487AF}" => removed successfully
C:\Windows\System32\Tasks\EOSv3 Scheduler onTime => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onTime" => removed successfully
"C:\Program Files\AVAST Software" => not found
"C:\Users\honey\Desktop\esetonlinescanner_enu.exe" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{730604AD-06A3-4AD4-A113-F558C83D3D57}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{730604AD-06A3-4AD4-A113-F558C83D3D57}" => removed successfully
C:\Windows\System32\Tasks\Avast Software\Overseer => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Software\Overseer" => removed successfully
"C:\Program Files\Common Files\Avast Software" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DB9FCA76-61A5-4563-A92D-D7701A6AF0A9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB9FCA76-61A5-4563-A92D-D7701A6AF0A9}" => removed successfully
C:\Windows\System32\Tasks\{482BA325-2BFA-4F56-84F0-B029EDAC71D4} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{482BA325-2BFA-4F56-84F0-B029EDAC71D4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F03334E7-0E8E-4FAA-A2ED-FFF773BE1E65}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F03334E7-0E8E-4FAA-A2ED-FFF773BE1E65}" => removed successfully
C:\Windows\System32\Tasks\EOSv3 Scheduler onLogOn => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onLogOn" => removed successfully
C:\Users\honey\AppData\Roaming\Mozilla\Firefox\Profiles\x85otvh9.default-1452453708882-1533826311977\Extensions\sp@avast.com.xpi => moved successfully
C:\Users\honey\AppData\Roaming\Mozilla\Firefox\Profiles\x85otvh9.default-1452453708882-1533826311977\Extensions\wrc@avast.com.xpi => moved successfully
C:\ProgramData\AVAST Software => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 51308171 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 285959 B
Edge => 0 B
Chrome => 350378264 B
Firefox => 606788 B
Opera => 535856940 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 84264 B
honey => 6925485 B

RecycleBin => 2274528 B
EmptyTemp: => 911.8 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:29:02 ====
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2019
Ran by Test (20-12-2019 20:50:10)
Running from C:\Users\Test\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2014-01-02 03:40:03)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================
Administrator (S-1-5-21-404867302-3797044342-2971219209-500 - Administrator - Disabled)
Guest (S-1-5-21-404867302-3797044342-2971219209-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-404867302-3797044342-2971219209-1021 - Limited - Enabled)
honey (S-1-5-21-404867302-3797044342-2971219209-1000 - Administrator - Enabled) => C:\Users\honey
Test (S-1-5-21-404867302-3797044342-2971219209-1022 - Administrator - Enabled) => C:\Users\Test
VUSR_HONEY-PC (S-1-5-21-404867302-3797044342-2971219209-1004 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 3.02.03.0 - Ralink)
A1 Sitemap Generator (HKLM-x32\...\8FA512B2AB9F48E48319F817302934AC_is1) (Version: 2.2.0 - Microsys)
Accord CD Ripper Free 6.9.1 (HKLM-x32\...\8BF2152B-6835-4FF3-A2EC-5BDAB46DCDFF_is1) (Version: - Accmeware Corporation)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.021.20058 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.293 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.303 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.303 - Adobe)
Advanced IP Scanner 2.5 (HKLM-x32\...\{816038FA-53B2-4F36-A9F2-8F6B8B81C7B0}) (Version: 2.5.3850 - Famatech)
AdWords Editor (HKLM-x32\...\{64427C94-5A22-4743-8772-B2D9B9FD5283}) (Version: 11.0.3 - Google)
AMD Catalyst Install Manager (HKLM\...\{D2A53F8D-3924-E600-6023-883B255E3812}) (Version: 3.0.842.0 - Advanced Micro Devices, Inc.)
AVI to DVD Converter (HKLM-x32\...\AVI to DVD Converter) (Version: 3.0.26.0314 - Xilisoft)
Belarc Advisor 9.0 (HKLM-x32\...\Belarc Advisor) (Version: 9.0.0.0 - Belarc Inc.)
BleachBit 3.0 (HKLM-x32\...\BleachBit) (Version: 3.0 - BleachBit)
BS1 General Ledger 2014.2 (HKLM-x32\...\BS1 General Ledger 2014.2_is1) (Version: - Davis Software)
Bulk Image Downloader v5.56.0.0 (HKLM-x32\...\Bulk Image Downloader_is1) (Version: 5.56 - Antibody Software)
Bulk Rename Utility 2.7.1.3 (HKLM-x32\...\Bulk Rename Utility_is1) (Version: - TGRMN Software)
CD Recovery Toolbox Free 2.1 (HKLM-x32\...\CD Recovery Toolbox Free_is1) (Version: - Recovery Toolbox, Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper)
CuteFTP 8 Professional (HKLM-x32\...\{91F34319-08DE-457a-99C0-0BCDFAC145B9}) (Version: 8.3.4 - GlobalSCAPE)
davehope.co.uk Product Key Finder (HKLM-x32\...\Product Key Finder_is1) (Version: - davehope.co.uk)
DiskCryptor 1.1 (HKLM\...\DiskCryptor_is1) (Version: 1.1 - hxxp://diskcryptor.net/)
Dokan Library 1.2.0.1000 (x64) (HKLM\...\{65A3A964-3DC3-0102-0000-180809151012}) (Version: 1.2.0.1000 - Dokany Project) Hidden
Dokan Library 1.2.0.1000 Bundle (HKLM-x32\...\{c2f619b0-68fd-4433-970e-cd66cd7a2775}) (Version: 1.2.0.1000 - Dokany Project)
DotNetBar for Windows Forms (HKLM-x32\...\{316FC9F6-6343-42AC-BC26-6337C9CD1A8E}) (Version: 10.0.0.3 - DevComponents)
dpeg Cicada (HKLM-x32\...\dpeg_Cicada) (Version: - )
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
Easy HTML5 Video (HKLM-x32\...\Easy HTML5 Video_is1) (Version: - )
FancyElements (HKLM-x32\...\FancyElements_is1) (Version: - )
Fast Duplicate File Finder 5.4.0.1 (HKLM-x32\...\{AFECFED6-0A43-488F-8511-1DC6B52F31C3}_is1) (Version: 5.4.0.1 - MindGems, Inc.)
ffdshow x64 v1.3.4533 [2014-09-29] (HKLM\...\ffdshow64_is1) (Version: 1.3.4533.0 - )
FileASSASSIN (HKLM-x32\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com)
FileZilla Client 3.27.1 (HKLM-x32\...\FileZilla Client) (Version: 3.27.1 - Tim Kosse)
Folder Size 4.2.0.0 (HKLM-x32\...\{2DFA85ED-588F-4CE3-A175-29E52C3804A8}_is1) (Version: 4.2.0.0 - MindGems, Inc.)
FUTURA CE-250 Software (HKLM-x32\...\{4C31E401-C8D5-4133-8B29-DE5D6B8B9DB0}) (Version: 3.0.0.4 - Default Company Name) Hidden
FUTURA CE-250 Software (HKLM-x32\...\{A8C74A7C-F2F4-4F6C-90AA-6C351570419F}) (Version: 3.0.0.4 - )
Golden Records Vinyl to CD Converter (HKLM-x32\...\Golden) (Version: - NCH Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HandBrake 1.2.2 (HKLM-x32\...\HandBrake) (Version: 1.2.2 - )
HFSExplorer 0.22.1 (HKLM-x32\...\HFSExplorer) (Version: 0.22.1 - Catacombae Software)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8600 Basic Device Software (HKLM\...\{77d93eea-f5c2-4db5-9c2d-25bc5a2e0ec9}) (Version: 28.0.1316.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Help (HKLM-x32\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard)
HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{2BF5E9CC-C55D-4B0F-ACAF-FFE77F333CD8}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
HydraVision (HKLM-x32\...\{91F7C67B-C1A2-F1DB-C286-7F56A07C6B49}) (Version: 4.2.212.0 - Advanced Micro Devices, Inc.) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Chipset Device Software (HKLM-x32\...\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}) (Version: 10.0.27 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{FA9F8623-B4C9-452D-A989-CC3AC01A4E27}) (Version: 1.1.5 - Intel Corporation)
Intel® Processor Identification Utility (HKLM-x32\...\{E080C732-360E-4B05-BD68-3F7BF14EEBAA}) (Version: 6.1.0731 - Intel Corporation) Hidden
iWisoft Flash SWF to Video Converter 3.4 (HKLM-x32\...\iWisoft Flash SWF to Video Converter_is1) (Version: 3.4.0 - www.flash-swf-converter.com)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
K-Lite Mega Codec Pack 15.2.6 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 15.2.6 - KLCP)
LAV Filters 0.74.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.74.1 - Hendrik Leppkes)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
MediaInfo 19.09 (HKLM\...\MediaInfo) (Version: 19.09 - MediaArea.net)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office 365 Business - en-us (HKLM\...\O365BusinessRetail - en-us) (Version: 16.0.12228.20364 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{2738C4AA-420E-4E13-ADEF-B5AB250E3EF1}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-404867302-3797044342-2971219209-1022\...\Teams) (Version: 1.2.00.32462 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - ENU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 6.0 Enterprise Edition (HKLM-x32\...\Visual Studio 6.0 Enterprise Edition) (Version: - )
Microsoft Web Publishing Wizard 1.53 (HKLM-x32\...\WebPost) (Version: - )
MixPad Multitrack Recording Software (HKLM-x32\...\MixPad) (Version: 3.69 - NCH Software)
MKVToolNix 40.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 40.0.0 - Moritz Bunkus)
Mozilla Firefox 71.0 (x64 en-US) (HKLM\...\Mozilla Firefox 71.0 (x64 en-US)) (Version: 71.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 61.0.2 - Mozilla)
MPC-HC 1.8.8 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.8.8 - MPC-HC Team)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.8.1 - Notepad++ Team)
Npcap 0.9983 (HKLM-x32\...\NpcapInst) (Version: 0.9983 - Nmap Project)
Numerology Calculator (HKLM-x32\...\Numerology Calculator_is1) (Version: 3.41 - )
Numerology Calculator Select (HKLM-x32\...\Numerology Calculator Select_is1) (Version: 1.41 - )
Numerology Healing Tones (HKLM-x32\...\Numerology Healing Tones_is1) (Version: 1.50 - )
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Opanda IExif 2.3 (HKLM-x32\...\Opanda IExif_is1) (Version: 2.3 - Opanda Studio)
Opanda PowerExif 1.2 Professional Trial (HKLM-x32\...\Opanda PowerExif Professional Trial_is1) (Version: 1.2 - Opanda Studio)
Opera Stable 65.0.3467.78 (HKLM-x32\...\Opera 65.0.3467.78) (Version: 65.0.3467.78 - Opera Software)
OpticFilm 120 (HKLM-x32\...\{AD13719F-9FE1-46C2-AB8B-716B5F256BF8}) (Version: 5.0.2 - )
OpticFilm 8200i (HKLM-x32\...\{086AA359-A8F0-46BB-B66D-21AE29420B81}) (Version: 5.0.0 - )
PxMergeModule (HKLM-x32\...\{024521CF-C07E-4F8E-8481-0D75695E03AF}) (Version: 1.00.0000 - Your Company Name) Hidden
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: 1.00.0267 - REALTEK Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Registry Backup and Restore (HKLM\...\Registry Backup and Restore_is1) (Version: - Acelogix)
RentMaster (HKLM-x32\...\RentMaster) (Version: 11.2.0 - )
Revo Uninstaller 2.1.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.1 - VS Revo Group, Ltd.)
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.1 - Samsung)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.3.1.2010 - Samsung Electronics)
Screenshot Captor 4.12.0 (HKLM-x32\...\ScreenshotCaptor_is1) (Version: - )
SilverFast 8.5.0r7 (64bit) (HKLM-x32\...\SilverFast 8 x64) (Version: 8.5.0r7 - LaserSoft Imaging AG)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Stellar Phoenix Windows Data Recovery - Professional (HKLM-x32\...\Stellar Phoenix Windows Data Recovery - Professional_is1) (Version: 6.0.0.0 - Stellar Information Systems Ltd)
Stellarium 0.19.1.1 (HKLM\...\Stellarium_is1) (Version: 0.19.1.1 - Stellarium team)
Sublime Text Build 3047 (HKLM-x32\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
Switch Sound File Converter (HKLM-x32\...\Switch) (Version: 4.65 - NCH Software)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.2.0.32462 - Microsoft Corporation)
Tweaking.com - Hardware Identify (HKLM-x32\...\Tweaking.com - Hardware Identify) (Version: 2.5.0 - Tweaking.com)
Tweaking.com - Simple System Tweaker (HKLM-x32\...\Tweaking.com - Simple System Tweaker) (Version: 2.2.0 - Tweaking.com)
Tweaking.com - Technicians Toolbox (HKLM-x32\...\Tweaking.com - Technicians Toolbox) (Version: 1.2.0 - Tweaking.com)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 4.7.0 - Tweaking.com)
TweetAdder4 (HKLM-x32\...\{911174C5-85BF-4972-B5E0-4882B32E9396}_is1) (Version: 4.1.140929 - TweetAdder.com)
Universal Media Server (HKLM-x32\...\Universal Media Server) (Version: 9.1.0 - Universal Media Server)
URL Snooper v2.42.01 (HKLM-x32\...\URLSnooper 2_is1) (Version: - DonationCoder.com)
USB Disk Storage Format Tool 5.0 (HKLM\...\USB Disk Storage Format Tool_is1) (Version: - Authorsoft Corporation)
Visual Similarity Duplicate Image Finder Demo 7.5.0.1 (HKLM-x32\...\{72D6BE71-2A6F-4D01-809E-A3174D1738A0}_is1) (Version: 7.5.0.1 - MindGems, Inc.)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
VisualLightBox (HKLM-x32\...\VisualLightBox_is1) (Version: - )
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.2.0.13 - VSO Software)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 5.96 - NCH Software)
WhoCrashed 5.03 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
WhySoSlow 1.00 (HKLM\...\WhySoSlowHome_is1) (Version: - Resplendence Software Projects Sp.)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
Windows Automated Installation Kit (HKLM\...\{31E8F586-4EF7-4500-844D-BA8756474FF1}) (Version: 2.0.0.0 - Microsoft Corporation)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
WinSCP 5.9.6 (HKLM-x32\...\winscp3_is1) (Version: 5.9.6 - Martin Prikryl)
Wireshark 3.0.5 64-bit (HKLM-x32\...\Wireshark) (Version: 3.0.5 - The Wireshark developer community, hxxps://www.wireshark.org)
WOW Slider (HKLM-x32\...\WOW Slider_is1) (Version: - )
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-404867302-3797044342-2971219209-1022_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Test\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19296.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-404867302-3797044342-2971219209-1022_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Test\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19296.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-08-15] (Notepad++ -> )
ContextMenuHandlers1-x32: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files (x86)\Bulk Rename Utility\BRUhere.dll [2014-06-24] (TGRMN Software -> Bulk Rename Utility)
ContextMenuHandlers1-x32: [CuteFTP 8 Professional] -> {8f7261d0-d2b9-11d2-9909-00605205b24c} => C:\Program Files (x86)\GlobalSCAPE\CuteFTP 8 Professional\CuteShell.dll [2010-05-19] (GlobalSCAPE, Inc.) [File not signed]
ContextMenuHandlers1: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2-x32: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files (x86)\Bulk Rename Utility\BRUhere.dll [2014-06-24] (TGRMN Software -> Bulk Rename Utility)
ContextMenuHandlers2-x32: [CuteFTP 8 Professional] -> {8f7261d0-d2b9-11d2-9909-00605205b24c} => C:\Program Files (x86)\GlobalSCAPE\CuteFTP 8 Professional\CuteShell.dll [2010-05-19] (GlobalSCAPE, Inc.) [File not signed]
ContextMenuHandlers3-x32: [FAExt] -> {05672D66-9736-42F5-8BEB-FA1DD3CA51C4} => C:\Program Files (x86)\FileASSASSIN\FileASSASSINExt.dll [2007-03-30] (Malwarebytes) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-17] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4-x32: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files (x86)\Bulk Rename Utility\BRUhere.dll [2014-06-24] (TGRMN Software -> Bulk Rename Utility)
ContextMenuHandlers4-x32: [CuteFTP 8 Professional] -> {8f7261d0-d2b9-11d2-9909-00605205b24c} => C:\Program Files (x86)\GlobalSCAPE\CuteFTP 8 Professional\CuteShell.dll [2010-05-19] (GlobalSCAPE, Inc.) [File not signed]
ContextMenuHandlers4: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll -> No File
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2011-10-24] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-17] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [475936 2007-05-10] (Logitech Inc -> Logitech Inc.)
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [127488 2014-09-29] () [File not signed]
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [416544 2007-05-10] (Logitech Inc -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [180224 2008-12-04] () [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-11-24 19:14 - 2012-08-08 21:56 - 000863232 _____ ( Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\P2PLib.dll
2011-04-11 19:20 - 2011-04-11 19:20 - 000098304 _____ () [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-04-11 19:20 - 2011-04-11 19:20 - 000028672 _____ () [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingResources.dll
2019-11-24 19:14 - 2013-02-27 17:17 - 000221184 _____ () [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\EnumDevLib.dll
2011-10-24 04:12 - 2011-10-24 04:12 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Actions.CCAA.Shared.dll
2011-10-24 04:13 - 2011-10-24 04:13 - 000006656 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.DPPE.Shared.dll
2011-10-24 04:12 - 2011-10-24 04:12 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.EEU.Shared.dll
2011-10-24 04:12 - 2011-10-24 04:12 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.GD.Shared.dll
2011-10-24 04:12 - 2011-10-24 04:12 - 000007168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Hotkeys.Shared.dll
2011-10-24 04:12 - 2011-10-24 04:12 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.REG.Shared.dll
2011-10-24 04:13 - 2011-10-24 04:13 - 000044032 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Source.Kit.Server.dll
2011-10-24 04:12 - 2011-10-24 04:12 - 000006656 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.WinMessages.Shared.dll
2011-10-24 04:12 - 2011-10-24 04:12 - 000034816 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.dll
2011-10-24 04:12 - 2011-10-24 04:12 - 000006144 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.Shared.dll
2011-10-24 04:12 - 2011-10-24 04:12 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\APM.Foundation.dll
2011-10-24 04:12 - 2011-10-24 04:12 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ATICCCom.dll
2011-10-24 04:13 - 2011-10-24 04:13 - 000021504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.Implementation.dll
2011-10-24 04:16 - 2011-10-24 04:16 - 000033280 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Dashboard.dll
2011-10-24 04:16 - 2011-10-24 04:16 - 000014848 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Runtime.dll
2011-10-24 04:13 - 2011-10-24 04:13 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Shared.dll
2011-10-24 04:16 - 2011-10-24 04:16 - 000018944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUOverDrive.Fuel.Shared.dll
2011-10-24 04:14 - 2011-10-24 04:14 - 000253952 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeskMan.HydraVision.Dashboard.dll
2011-10-24 04:13 - 2011-10-24 04:13 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeskMan.HydraVision.Shared.dll
2011-10-24 04:14 - 2011-10-24 04:14 - 000094208 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Grid.HydraVision.Dashboard.dll
2011-10-24 04:13 - 2011-10-24 04:13 - 000010240 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Grid.HydraVision.Shared.dll
2011-10-24 04:15 - 2011-10-24 04:15 - 000111104 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MDProp.HydraVision.Dashboard.dll
2011-10-24 04:13 - 2011-10-24 04:13 - 000010240 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MDProp.HydraVision.Shared.dll
2011-10-24 04:15 - 2011-10-24 04:15 - 000250880 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MultiDesk.HydraVision.Dashboard.dll
2011-10-24 04:13 - 2011-10-24 04:13 - 000009728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MultiDesk.HydraVision.Shared.dll
2011-10-24 04:13 - 2011-10-24 04:13 - 000050688 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.OverDrive5.Graphics.Shared.dll
2011-10-24 04:14 - 2011-10-24 04:14 - 000096768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Settings.HydraVision.Dashboard.dll
2011-10-24 04:14 - 2011-10-24 04:14 - 000014848 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Settings.HydraVision.Shared.dll
2011-10-24 04:14 - 2011-10-24 04:14 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Dashboard.dll
2011-10-24 04:14 - 2011-10-24 04:14 - 000019968 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Runtime.dll
2011-10-24 04:14 - 2011-10-24 04:14 - 000010752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Shared.dll
2011-10-24 04:12 - 2011-10-24 04:12 - 000172032 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.dll
2011-10-24 04:12 - 2011-10-24 04:12 - 001003520 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.Shared.dll
2011-10-24 04:13 - 2011-10-24 04:13 - 000008192 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Dashboard.dll
2011-10-24 04:13 - 2011-10-24 04:13 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Runtime.dll
2011-10-24 04:13 - 2011-10-24 04:13 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Shared.dll
2011-10-24 04:16 - 2011-10-24 04:16 - 000007680 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Dashboard.dll
2011-10-24 04:16 - 2011-10-24 04:16 - 000011264 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Runtime.dll
2011-10-24 04:16 - 2011-10-24 04:16 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Shared.dll
2011-10-24 04:16 - 2011-10-24 04:16 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.HydraVision.Aspects.Runtime.dll
2011-10-24 04:12 - 2011-10-24 04:12 - 000007680 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.dll
2011-10-24 04:14 - 2011-10-24 04:14 - 000060928 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.ProfileManager2.dll
2011-10-24 04:12 - 2011-10-24 04:12 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.dll
2011-10-24 04:12 - 2011-10-24 04:12 - 001286144 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.Private.dll
2011-10-24 04:12 - 2011-10-24 04:12 - 000007168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Extension.EEU.dll
2011-10-24 04:12 - 2011-10-24 04:12 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.dll
2011-10-24 04:12 - 2011-10-24 04:12 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.Private.dll
2011-10-24 04:12 - 2011-10-24 04:12 - 000286720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Client.dll
2011-10-24 04:12 - 2011-10-24 04:12 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.dll
2011-10-24 04:12 - 2011-10-24 04:12 - 000029184 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Private.dll
2011-10-24 04:13 - 2011-10-24 04:13 - 000018432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.XManifest.dll
2011-06-08 04:26 - 2011-06-08 04:26 - 000020992 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CoreAudioApi.dll
2011-10-24 04:12 - 2011-10-24 04:12 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.dll
2011-10-24 04:14 - 2011-10-24 04:14 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Fuel.Foundation.dll
2011-10-24 04:12 - 2011-10-24 04:12 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.dll
2011-10-24 04:13 - 2011-10-24 04:13 - 000047104 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.dll
2011-10-24 04:12 - 2011-10-24 04:12 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.Private.dll
2011-10-24 04:12 - 2011-10-24 04:12 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Private.dll
2011-10-24 04:12 - 2011-10-24 04:12 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.Foundation.dll
2011-10-24 04:13 - 2011-10-24 04:13 - 000095744 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.Implementation.dll
2011-10-24 04:12 - 2011-10-24 04:12 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\NEWAEM.Foundation.dll
2011-06-30 07:48 - 2011-06-30 07:48 - 000085504 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll
2011-10-24 04:12 - 2011-10-24 04:12 - 000065536 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\APM.Server.dll
2011-10-24 04:12 - 2011-10-24 04:12 - 000036352 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.Private.dll
2011-10-24 04:12 - 2011-10-24 04:12 - 000376832 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.dll
2011-10-24 04:12 - 2011-10-24 04:12 - 000057344 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.dll
2009-06-17 08:27 - 2009-06-17 08:27 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll
2011-10-24 04:12 - 2011-10-24 04:12 - 000294912 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Implementation.default_Localization.dll
2011-10-24 04:12 - 2011-10-24 04:12 - 000439296 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Private.dll
2011-10-24 04:14 - 2011-10-24 04:14 - 000168960 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Implementation.dll
2011-10-24 04:12 - 2011-10-24 04:12 - 000008704 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Private.dll
2011-10-24 04:12 - 2011-10-24 04:12 - 000294912 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.dll
2011-10-24 04:12 - 2011-10-24 04:12 - 000180224 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Shared.dll
2014-01-01 21:41 - 2011-09-09 04:28 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2010-03-04 03:27 - 2010-03-04 03:27 - 000016384 _____ (ATI Technologies Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Foundation.dll
2009-04-22 15:13 - 2009-04-22 15:13 - 000045056 _____ (ATI Technologies Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0601.dll
2014-01-01 21:41 - 2011-09-09 04:28 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2019-12-20 20:45 - 2019-12-20 20:45 - 000247296 ____N (Java(TM) Native Access (JNA)) [File not signed] C:\Users\Test\AppData\Local\Temp\jna-2603186\jna8140841831880520463.dll
2019-10-19 16:48 - 2012-02-14 19:37 - 000594432 _____ (Realtek Semiconductor Corp. ) [File not signed] C:\Windows\system32\Rtlihvs.dll
2019-11-24 19:14 - 2015-03-26 10:39 - 000552960 _____ (Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlLib.dll
2019-11-24 19:14 - 2012-09-13 09:25 - 000200704 _____ (Realtek) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\IpLib.dll
2019-11-24 19:14 - 2015-02-05 13:58 - 000098304 _____ (Realtek) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlICS.dll
2019-11-24 19:14 - 2015-03-30 10:39 - 000274432 _____ (Realtek) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlIhvOid.dll
2019-11-24 19:14 - 2012-06-22 16:01 - 000044544 _____ (Realtek) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlQRCode.dll
2019-11-24 19:14 - 2009-07-23 17:32 - 001122304 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\LIBEAY32.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\honey\Local Settings:oK6ap3JWZyZX1kkco [2422]
AlternateDataStreams: C:\Users\honey\AppData\Local:oK6ap3JWZyZX1kkco [2422]
AlternateDataStreams: C:\Users\honey\AppData\Local\Application Data:oK6ap3JWZyZX1kkco [2422]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\58101699.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\58101699.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\plsapp => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:34 - 2017-09-07 11:16 - 000000855 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
2019-10-03 18:49 - 2019-10-03 19:24 - 000000508 _____ C:\Windows\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\AMD APP\bin\x86_64;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files\Windows Imaging
HKU\S-1-5-21-404867302-3797044342-2971219209-1022\Control Panel\Desktop\\Wallpaper -> C:\Users\Test\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: BstHdAndroidSvc => 3
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: BstHdUpdaterSvc => 2
MSCONFIG\Services: EaseUS Agent => 2
MSCONFIG\Services: ESRV_SVC_QUEENCREEK => 2
MSCONFIG\Services: Guard Agent => 2
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: hpqcaslwmiex => 3
MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2
MSCONFIG\Services: Intel(R) SUR QC SAM => 3
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: MacriumService => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: MediatekRegistryWriter => 2
MSCONFIG\Services: MediatekRegistryWriter64 => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: Realtek87B => 2
MSCONFIG\Services: ReflectService.exe => 2
MSCONFIG\Services: RtkAudioService => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: SystemUsageReportSvc_QUEENCREEK => 2
MSCONFIG\Services: USER_ESRV_SVC_QUEENCREEK => 3
MSCONFIG\Services: VyprVPN => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Tenda Wireless Utility.lnk => C:\Windows\pss\Tenda Wireless Utility.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^honey^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - .lnk => C:\Windows\pss\Monitor Ink Alerts - .lnk.Startup
MSCONFIG\startupfolder: C:^Users^honey^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk => C:\Windows\pss\Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk.Startup
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{C16FBD02-A15A-42E1-AD7D-46997BB5A44A}C:\program files (x86)\globalscape\cuteftp 8 professional\ftpte.exe] => (Block) C:\program files (x86)\globalscape\cuteftp 8 professional\ftpte.exe (GlobalSCAPE, Inc.) [File not signed]
FirewallRules: [UDP Query User{7704C02C-071A-4768-A663-3C89233091D1}C:\program files (x86)\globalscape\cuteftp 8 professional\ftpte.exe] => (Block) C:\program files (x86)\globalscape\cuteftp 8 professional\ftpte.exe (GlobalSCAPE, Inc.) [File not signed]
FirewallRules: [TCP Query User{EB8831FF-2188-42B1-B92C-832DD4E16393}C:\program files (x86)\microsoft visual studio\common\tools\vs-ent98\vanalyzr\varpc.exe] => (Allow) C:\program files (x86)\microsoft visual studio\common\tools\vs-ent98\vanalyzr\varpc.exe No File
FirewallRules: [UDP Query User{4988F528-BA77-467F-B0B4-5B3CD2686D08}C:\program files (x86)\microsoft visual studio\common\tools\vs-ent98\vanalyzr\varpc.exe] => (Allow) C:\program files (x86)\microsoft visual studio\common\tools\vs-ent98\vanalyzr\varpc.exe No File
FirewallRules: [TCP Query User{756FCE78-EDC6-4B00-B8FF-BA2EEBB92B72}C:\apache24\bin\httpd.exe] => (Allow) C:\apache24\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [UDP Query User{FC03FF4C-54E2-4E65-92F9-6990136FCA33}C:\apache24\bin\httpd.exe] => (Allow) C:\apache24\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [{454ED93C-8BBA-44CA-BBC0-AF45A8DD69BC}] => (Allow) C:\Users\honey\Downloads\Tech tool store tools\TechToolStore64.exe (Alfredo Anibal Santos Silva -> Carifred)
FirewallRules: [{7D86FE7D-A561-4763-B8F9-B2A33B0B64D0}] => (Allow) C:\Users\honey\Downloads\Tech tool store tools\TechToolStore64.exe (Alfredo Anibal Santos Silva -> Carifred)
FirewallRules: [{52FC53AF-F179-4382-A4E0-E60D397D0E18}] => (Allow) C:\Users\honey\Downloads\Tech tool store tools\TechToolStore64.exe (Alfredo Anibal Santos Silva -> Carifred)
FirewallRules: [TCP Query User{02D439D2-6A2E-4A22-959B-2FE402DBE1F0}C:\users\honey\downloads\digitalnotewallet_win32_1.0.12-beta\digitalnotewallet-win32\digitalnotewallet.exe] => (Allow) C:\users\honey\downloads\digitalnotewallet_win32_1.0.12-beta\digitalnotewallet-win32\digitalnotewallet.exe () [File not signed]
FirewallRules: [UDP Query User{3ED4978A-DEDD-4E7E-BC38-9312CBC5D8ED}C:\users\honey\downloads\digitalnotewallet_win32_1.0.12-beta\digitalnotewallet-win32\digitalnotewallet.exe] => (Allow) C:\users\honey\downloads\digitalnotewallet_win32_1.0.12-beta\digitalnotewallet-win32\digitalnotewallet.exe () [File not signed]
FirewallRules: [TCP Query User{E4299DE6-951E-495B-81C9-1B2720D79B27}C:\users\honey\downloads\monero-win-x86-v0.11.0.0\monero-v0.11.0.0\monerod.exe] => (Allow) C:\users\honey\downloads\monero-win-x86-v0.11.0.0\monero-v0.11.0.0\monerod.exe No File
FirewallRules: [UDP Query User{30DE5082-F81C-4AE0-A51F-B16BA47A308D}C:\users\honey\downloads\monero-win-x86-v0.11.0.0\monero-v0.11.0.0\monerod.exe] => (Allow) C:\users\honey\downloads\monero-win-x86-v0.11.0.0\monero-v0.11.0.0\monerod.exe No File
FirewallRules: [{BA7BB4B1-6369-40DB-8961-38F8E06ABF22}] => (Allow) C:\Program Files (x86)\Tenda\Common\RaUI.exe (SHENZHEN JIXIANG TENDA TECHNOLOGY CO.,LTD -> Tenda Inc.) [File not signed]
FirewallRules: [{6CD25C81-77F0-4A0D-8478-C08FD6D51DAE}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{9ECF3F6A-C86A-4BE3-BFCB-8D5A4AA7DEA5}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{1D853698-C05B-43FF-AD3B-BD0C3404BD62}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{A17A2D1E-1EBA-41FA-98BE-D1D36FFF593D}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{554E8BB8-F0E2-4A63-8684-E8D87ECA2245}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{2FE3BEC6-97B1-43C7-A013-6270FB5A3D18}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{29BDF56D-CCE2-4E1E-8F96-E0C7586903CA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{91A3B001-8CB3-42E6-A001-C320A0734736}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{89F5F9A0-836D-4D72-A1E3-C8794D85D565}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{43E673C5-C03C-4166-A4B4-25207973D5C1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F11422D4-7366-41F9-A1A5-ADCB77696873}] => (Allow) LPort=53
FirewallRules: [TCP Query User{E1D6E0BF-FD3D-43F5-B898-E07121BB33B1}C:\users\honey\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\honey\appdata\local\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [UDP Query User{18237FC1-4FDB-4528-B8E7-952A9DEA571E}C:\users\honey\appdata\local\jdownloader 2.0\jdownloader2.exe] => (Allow) C:\users\honey\appdata\local\jdownloader 2.0\jdownloader2.exe (Appwork GmbH -> AppWork GmbH)
FirewallRules: [{001B500E-8ECE-4673-80E1-BF0E7CE97D69}] => (Allow) LPort=53
FirewallRules: [{C634B0D2-B044-4344-A7D0-C65177F0D87D}] => (Allow) C:\Program Files (x86)\Universal Media Server\jre-x64\bin\javaw.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe No File
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe No File
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe No File
FirewallRules: [{285586F2-2CBB-43A4-8E99-2C9152A21A40}] => (Allow) C:\PROGRA~2\REALTEK\USBWIR~1\RtWlan.exe (Realtek Semiconductor Corp.) [File not signed]
FirewallRules: [{1017A4A2-1E23-459A-80F6-CE55DCF46039}] => (Allow) LPort=1542
FirewallRules: [{648FCD61-D6EE-46B7-A0D9-9F75C85C9F11}] => (Allow) LPort=1542
FirewallRules: [{2517FF93-7400-4519-8FF1-F9C444FD51E3}] => (Allow) LPort=53
FirewallRules: [{63C713B1-6428-46EA-9BE7-2212E1052EB4}] => (Allow) C:\PROGRA~2\REALTEK\USBWIR~1\Rtldhcp.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{78E4AC92-B592-40C4-8C89-DAC08C752055}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{16EA68F0-4ACA-4CD2-88D1-701901B6B334}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{AEB47065-DD7B-444D-A686-840131FA9C2E}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{C6DE48E5-D420-4837-AB1F-F4A21AD70B2B}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{9E988CBB-4642-4E15-92B7-2141399FB9F7}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{BC15C9C5-8994-41A9-9BB7-2A383C67ACAD}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{1A100735-CD1D-48A3-BC02-76DC9DF84CCF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AC0F569C-8515-4ACB-A24C-AEE06BABCBA9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EAAF525E-6DAA-4BD7-9452-7617675A677C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E620ED74-3261-46F9-B79D-729D61296D22}] => (Allow) C:\Program Files (x86)\Opera\65.0.3467.72\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{A0309022-2D32-411D-A467-BDDC5CA5DB1F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{BF1D924D-33DF-46E1-A28B-E891CAF6C41A}] => (Allow) C:\Program Files (x86)\Opera\65.0.3467.78\opera.exe (Opera Software AS -> Opera Software)
==================== Restore Points =========================

==================== Faulty Device Manager Devices ============
Name: Realtek PCIe GbE Family Controller
Description: Realtek PCIe GbE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: 802.11n Wireless LAN Card
Description: 802.11n Wireless LAN Card
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Ralink Technology, Corp.
Service: netr28x
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: ========================
Application errors:
==================
Error: (12/20/2019 04:08:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Windows\avastSS.scr".
Dependent Assembly Avast.VC140.CRT,processorArchitecture="x86",publicKeyToken="fcc99ee6193ebbca",type="win32",version="14.0.23918.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (12/20/2019 02:52:43 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: honey-PC)
Description: Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.
Error: (12/20/2019 02:52:43 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: honey-PC)
Description: Windows has backed up this user profile. Windows will automatically try to use the backup profile the next time this user logs on.
Error: (12/20/2019 02:52:43 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1502) (User: honey-PC)
Description: Windows cannot load the locally stored profile. Possible causes of this error include insufficient security rights or a corrupt local profile.
DETAIL - The process cannot access the file because it is being used by another process.
Error: (12/20/2019 02:52:43 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights.
DETAIL - The process cannot access the file because it is being used by another process.
for C:\Users\honey\ntuser.dat
Error: (12/17/2019 09:16:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MBAMInstallerService.exe, version: 4.0.0.130, time stamp: 0x5daf8771
Faulting module name: ole32.dll, version: 6.1.7601.24537, time stamp: 0x5dce0bdd
Exception code: 0xc0000005
Fault offset: 0x0000000000040cc2
Faulting process id: 0x1f58
Faulting application start time: 0x01d5b54914992d7d
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\MBAMInstallerService.exe
Faulting module path: C:\Windows\system32\ole32.dll
Report Id: 62df49c5-213c-11ea-9785-be15c5687214
Error: (12/04/2019 10:00:52 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x407; CorrelationId: {C9EEB761-B83D-48FE-912F-93059069135D}
Error: (11/25/2019 12:38:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: dpeg.exe, version: 6.20.0.12, time stamp: 0x492f6939
Faulting module name: ntdll.dll, version: 6.1.7601.24535, time stamp: 0x5dc1e8db
Exception code: 0xc0000005
Fault offset: 0x0002e466
Faulting process id: 0x1b28
Faulting application start time: 0x01d5a3b71f53aed6
Faulting application path: C:\Program Files (x86)\SomeWare\dpeg v6\dpeg.exe
Faulting module path: C:\Windows\SysWOW64\ntdll.dll
Report Id: 60cfaf28-0faa-11ea-9a0a-e4bddb6f1795

System errors:
=============
Error: (12/20/2019 08:47:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Support Solutions Framework Service service failed to start due to the following error:
The system cannot find the file specified.
Error: (12/20/2019 08:47:16 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 20.
Error: (12/20/2019 08:45:18 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
amdkmafd
Error: (12/20/2019 08:45:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Universal Media Server service terminated unexpectedly. It has done this 1 time(s).
Error: (12/20/2019 08:45:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Realtek DHCP Service service terminated unexpectedly. It has done this 1 time(s).
Error: (12/20/2019 08:34:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s).
Error: (12/20/2019 08:31:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Support Solutions Framework Service service failed to start due to the following error:
The system cannot find the file specified.
Error: (12/20/2019 08:29:54 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
amdkmafd

Windows Defender:
===================================
Date: 2016-05-10 13:39:29.816
Description:
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
SoftwareBundler:Win32/Stallmonitz threat description - Microsoft Security Intelligence
Name:SoftwareBundler:Win32/Stallmonitz
ID:225956
Severity:High
Category:Software Bundler
Path Found:containerfile:C:\Users\honey\Desktop\BlueStacks-SplitInstaller_native.exe;file:C:\Users\honey\Desktop\BlueStacks-SplitInstaller_native.exe->(nsis-instdata)
Detection Type:Concrete
Detection Source:System
Status:Unknown
Process Name:c:\program files\windows defender\MpCmdRun.exe
Date: 2015-05-14 02:55:17.260
Description:
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
SoftwareBundler:Win32/WinOptimizer threat description - Microsoft Security Intelligence
Name:SoftwareBundler:Win32/WinOptimizer
ID:206677
Severity:High
Category:Software Bundler
Path Found:containerfile:C:\ProgramData\Optimizer\program\newver_10_1.7.0.0.exe;containerfile:C:\ProgramData\Optimizer\program\newver_25_1.7.1.0.exe;containerfile:C:\ProgramData\Optimizer\program\newver_37_1.7.3.0.exe;containerfile:C:\ProgramData\Optimizer\program\newver_38_1.6.9.0.exe;containerfile:C:\ProgramData\Optimizer\program\newver_54_1.7.2.0.exe;containerfile:C:\ProgramData\Optimizer\program\newver_83_1.7.3.0.exe;containerfile:C:\ProgramData\Optimizer\program\newver_95_1.7.2.0.exe;file:C:\Program Files (x86)\Software Update Services\software-update-services.exe;file:C:\Program Files (x86)\YouTube Downloader Services\A1\config\load_config.ini;file:C:\Program Files (x86)\YouTube Downloader Services\A1\load_config.ini;file:C:\Program Files (x86)\YouTube Downloader Services\A1\vmnet.exe;file:C:\Program Files (x86)\YouTube Downloader Services\A1\winphp.exe;file:C:\Program Files (x86)\YouTube Downloader Services\A1\youtubeserv.exe;file:C:\Program Files (x86)\YouTube Downloader Services\A2\config\load_config.ini;file:
Detection Type:Concrete
Detection Source:System
Status:Unknown
Process Name:c:\program files\windows defender\MpCmdRun.exe
Date: 2015-02-13 12:56:09.110
Description:
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
SoftwareBundler:Win32/WinOptimizer threat description - Microsoft Security Intelligence
Name:SoftwareBundler:Win32/WinOptimizer
ID:206677
Severity:High
Category:Software Bundler
Path Found:file:C:\Program Files (x86)\YouTube Downloader Services\A2\youtubeserv.exe;process:pid:2072,ProcessStart:130683102609928583;service:YouTubeDownload_A2
Detection Type:Concrete
Detection Source:System
Status:Unknown
Process Name:C:\Windows\System32\svchost.exe
Date: 2015-02-13 12:45:18.333
Description:
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
SoftwareBundler:Win32/WinOptimizer threat description - Microsoft Security Intelligence
Name:SoftwareBundler:Win32/WinOptimizer
ID:206677
Severity:High
Category:Software Bundler
Path Found:file:C:\Program Files (x86)\YouTube Downloader Services\A2\youtubeserv.exe;process:pid:2072,ProcessStart:130683102609928583
Detection Type:Concrete
Detection Source:System
Status:Unknown
Process Name:C:\Windows\System32\svchost.exe
Date: 2014-11-29 22:00:49.112
Description:
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
SoftwareBundler:Win32/WinOptimizer threat description - Microsoft Security Intelligence
Name:SoftwareBundler:Win32/WinOptimizer
ID:206677
Severity:High
Category:Software Bundler
Path Found:file:C:\Program Files (x86)\YouTube Downloader Services\P2\vmnet.exe;process:pid:6068
Detection Type:Concrete
Detection Source:Real-Time Protection
Status:Unknown
Process Name:
Date: 2016-08-06 12:31:33.975
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version:
Update Source:User
Signature Type:
Update Type:
Current Engine Version:
Previous Engine Version:1.1.12902.0
Error code:0x8050a003
Error description:This package does not contain up-to-date definition files for this program. For more information, see Help and Support.
Date: 2016-08-01 13:30:57.462
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80096010
Error description:The digital signature of the object did not verify.
Signature version:1.225.2702.0
Engine version:1.1.12902.0
Date: 2016-07-19 10:23:40.259
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version:
Update Source:User
Signature Type:
Update Type:
Current Engine Version:
Previous Engine Version:1.1.12902.0
Error code:0x8050a003
Error description:This package does not contain up-to-date definition files for this program. For more information, see Help and Support.
Date: 2016-06-26 10:42:27.755
Description:
%1 engine has been terminated due to an unexpected error.
Failure Type:%5
Exception code:%6
Resource:%3
Date: 2016-05-15 16:17:59.424
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x800700c1
Error description:Windows Defender is not a valid Win32 application.
Signature version:1.219.1406.0
Engine version:1.1.12706.0
CodeIntegrity:
===================================
Date: 2016-08-27 13:29:06.372
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-27 11:58:09.638
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-27 11:54:47.297
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmdag.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-27 11:54:47.204
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-27 11:54:29.778
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-27 11:54:29.607
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-27 11:42:13.553
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-27 11:37:20.645
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmdag.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: AMI 7.16 03/23/2012
Motherboard: Foxconn 2ABF
Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 43%
Total physical RAM: 8172.83 MB
Available physical RAM: 4627.13 MB
Total Virtual: 16343.81 MB
Available Virtual: 12517.93 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:600.29 GB) (Free:141.99 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (System Reserved) (Fixed) (Total:130.86 GB) (Free:55.37 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (Backup) (Fixed) (Total:200.36 GB) (Free:50.93 GB) NTFS

==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 981B9614)
Partition 1: (Active) - (Size=600.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=130.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=200.4 GB) - (Type=05)
==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2019
Ran by Test (administrator) on HONEY-PC (Hewlett-Packard s5-1260) (20-12-2019 20:48:45)
Running from C:\Users\Test\Downloads
Loaded Profiles: Test (Available Profiles: honey & Test)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe) C:\Windows\System32\Macromed\Flash\FlashUtil64_32_0_0_293_ActiveX.exe
(Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Universal Media Server\jre-x64\bin\javaw.exe
(Realtek Semiconductor Corp -> ) C:\Windows\runSW.exe
(Realtek Semiconductor Corp -> Realtek) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe
(Realtek Semiconductor Corp. -> Realtek) C:\Windows\SwUSB.exe
(Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtWLan.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18381792 2017-08-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [97089184 2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-404867302-3797044342-2971219209-1022\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Test\AppData\Local\Microsoft\Teams\Update.exe [2323232 2019-12-20] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-18] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2018-02-24]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Universal Media Server.lnk [2019-11-18]
ShortcutTarget: Universal Media Server.lnk -> C:\Program Files (x86)\Universal Media Server\UMS.exe (Universal Media Server) [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0169E1B7-B536-48FA-A750-B58928F20B33} - System32\Tasks\{8901AA4F-2288-4ACF-9472-878EB7698C53} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.1.0.105/en/go/help.faq.installer?source=lightinstaller&LastError=1618
Task: {0183A9F8-933B-47B8-986F-6513B4FB2AC1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-03] (Google Inc -> Google LLC)
Task: {041F0DED-8702-4908-89AE-C88475E8DD7D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {078FA5CA-8761-4E18-8FBB-C3AEF4ADB59E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe
Task: {12F62E2A-3043-4504-A301-97E00C546F15} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {263FF756-A709-40CC-99FC-A052A2E937DB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-03] (Google Inc -> Google LLC)
Task: {2DC79F64-4407-4283-AA4D-1292C88AF4F2} - System32\Tasks\HP AR Program Upload - e1a0300e7546429686aa7d5c9e0ea8177a0a873dbe314bbb8bc557fe6c28f58d => C:\Program Files\HP\HP Officejet Pro 8600\bin\HPRewards.exe [3513960 2012-10-17] (Hewlett Packard -> TODO: <Company name>)
Task: {305F5AF0-9A75-41A3-BDA3-E15CBD8CC81E} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_303_Plugin.exe [1457720 2019-12-20] (Adobe Inc. -> Adobe)
Task: {44C3EFD2-0B52-4D15-ADE3-3A5DC85B35B8} - System32\Tasks\{E55B9ED2-94A1-4B39-9585-D903BC8650A1} => C:\Windows\system32\pcalua.exe -a C:\Users\honey\AppData\Local\Temp\jre-8u111-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {4745E3C8-17A6-42B2-9576-24961492BF82} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1146000 2019-03-14] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
Task: {4B39A3E9-CE9C-41F3-80F4-4FF4C87C0F9B} - System32\Tasks\AdobeAAMUpdater-1.0-honey-PC-honey => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {4B5F4A62-3DF3-4618-B3C7-5D180BEE9615} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_303_pepper.exe [1453112 2019-12-15] (Adobe Inc. -> Adobe)
Task: {4C6DF339-E900-40B4-9F24-64E2658DA688} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
Task: {504ADE8D-53AD-41F4-A150-C44AAE2FD32F} - System32\Tasks\HPCeeScheduleForhoney => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [99208 2016-06-24] (Hewlett-Packard Company -> HP Inc.)
Task: {523C4D4F-F771-45E1-96B9-8A244D3B83C9} - System32\Tasks\Opera scheduled Autoupdate 1469117722 => C:\Program Files (x86)\Opera\launcher.exe [1346584 2019-12-19] (Opera Software AS -> Opera Software)
Task: {52F7D3E4-D330-409B-9AF9-D737A2969E9B} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {53084F47-70A0-4A9E-93E3-115C4C67607E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2107800 2019-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {5D63E1DC-A72D-46DD-9512-A748D9BAB756} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2107800 2019-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {5EF6E241-505A-4C8E-A97A-6F59DE348FDC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe
Task: {5FBA0073-B46D-4B0D-8F6F-F0E55508EEB5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [155472 2019-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {632F136C-250C-4138-B30D-7E35E8319A70} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
Task: {6CA8AC4F-317B-4756-AD88-A86461E1F8C2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {7D091B18-36B8-48C9-83FB-70B265EA201E} - System32\Tasks\HP AR Program Upload - 2b96ef6ba8c74a0594e4f206f6677225c10cf07cd91845e98f608a5ba2578cd7 => C:\Program Files\HP\HP Officejet Pro 8600\bin\HPRewards.exe [3513960 2012-10-17] (Hewlett Packard -> TODO: <Company name>)
Task: {84C833F2-2E19-4A7F-84CD-1C7A3FCD54D6} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-404867302-3797044342-2971219209-1000 => C:\Users\Test\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {90A8B4A8-0405-4078-81AB-12A84C10B0A1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-12-20] (Adobe Inc. -> Adobe)
Task: {90BF968C-CFE1-45B6-B52A-22EA4D8595F4} - System32\Tasks\HP AR Program Upload - 67d6c50ffc9a43a5827c0a40a53c5a1705d9483298c9431aa1172cbd71400a1e => C:\Program Files\HP\HP Officejet Pro 8600\bin\HPRewards.exe [3513960 2012-10-17] (Hewlett Packard -> TODO: <Company name>)
Task: {A1D546F8-9713-4A74-A332-E2B175FEE622} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
Task: {A2F6D597-75CA-4EA1-A4CB-C66A4EA0736B} - System32\Tasks\{B84DD121-1A93-4031-9700-C7ECBD228184} => C:\Windows\system32\pcalua.exe -a G:\ubuntu\uninstall-wubi.exe -d G:\ubuntu
Task: {A7DEAD99-7A6B-46F5-A6CB-B54DD38F1E56} - System32\Tasks\{9EBA67BE-2107-430C-B5D5-5B6EA9059BBE} => C:\Windows\system32\pcalua.exe -a C:\Users\honey\Downloads\AcroRdrDC1801120035_en_US.exe -d C:\Users\honey\Downloads
Task: {AC816D34-2952-436D-B9BC-363AE853FA5D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {AE72DD1B-28D6-4DC6-B716-347772920CA0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {AFB3203A-7E38-4DDC-9D0A-7894B447E73C} - System32\Tasks\HP AR Program Upload - 1f0758f101f44b4f8cc64a7828fdf6aaf8eaff33dc114a2b8c6e284075e9a23f => C:\Program Files\HP\HP Officejet Pro 8600\bin\HPRewards.exe [3513960 2012-10-17] (Hewlett Packard -> TODO: <Company name>)
Task: {B26E3F61-F187-433D-8F72-D696B03F0606} - System32\Tasks\cFos\Registration Tasks\Open Browser => c:\program files\internet explorer\iexplore.exe "hxxp://www.cfos.de/en/cfosspeed/expiration.htm?sw-10.10.2238&days=-72&ret=11&raw=13&exp=103"
Task: {B68A74E4-7500-4630-82B1-20CC463480E0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {C6171948-1C4C-4E43-AC1B-173E1CAD2278} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {D02875D4-A4F0-4F01-9145-A4048DB1EA49} - System32\Tasks\{DBCAF028-317E-4857-8023-FE39612E1640} => C:\Users\honey\Downloads\kodi-18.4-Leia-x64.exe
Task: {D83FA1DB-6DFB-47F1-963C-6D01C3F1ABEF} - System32\Tasks\{F30508C4-188E-4C34-80DD-53D9F934F86B} => C:\Windows\system32\pcalua.exe -a C:\Users\honey\Downloads\AdobeAIRInstaller(1).exe -d C:\Users\honey\Downloads
Task: {D8CC42C7-E7F7-4067-8ECB-9F895F5AE254} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [862 2019-04-30] () [File not signed]
Task: {D9806E1D-5C57-4516-9A05-7CB28BA015B4} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {DB561C93-F22D-4104-9444-520B1A5843F7} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1724928 2019-11-16] () [File not signed]
Task: {F1334C95-C71D-4998-8D0E-1F45738519BD} - System32\Tasks\HP AR Program Upload - dfcb88f1f61d4f16bf90de32685894773c8ba217ebc74ddd85dc35ba23ed5138 => C:\Program Files\HP\HP Officejet Pro 8600\bin\HPRewards.exe [3513960 2012-10-17] (Hewlett Packard -> TODO: <Company name>)
Task: {F45925A8-ACC4-4487-A0F6-EA2514209988} - System32\Tasks\{89E853D0-A00E-4318-898F-019148F59109} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" -c /uninstall ENTERPRISE /dll OSETUP.DLL
Task: {FFE65709-78B1-44AE-9DA4-37F6F601F68B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [155472 2019-12-15] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\HPCeeScheduleForhoney.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{BF0ABBC0-88F4-403C-B7BA-108C549F8C42}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{FB95A44C-09DA-444F-9634-F38025F66432}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{FB95A44C-09DA-444F-9634-F38025F66432}: [DhcpNameServer] 192.168.1.1
HKLM\System\...\Parameters\PersistentRoutes: [0.0.0.0,0.0.0.0,192.168.1.1,1]
Internet Explorer:
==================
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-12-04] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2019-12-04] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-12-04] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2019-12-04] (Microsoft Corporation -> Microsoft Corporation)
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxps://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1504722108279
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2019-01-25] (Belarc, Inc. -> Belarc, Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-04] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_303.dll [2019-12-20] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-12-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_303.dll [2019-12-20] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-12-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [246784 2015-12-19] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11345992 2019-11-28] (Microsoft Corporation -> Microsoft Corporation)
S2 Digital Media Server; C:\Program Files (x86)\Universal Media Server\win32\service\wrapper.exe [384280 2019-10-17] (Tanuki Software Ltd. -> Tanuki Software, Ltd.)
S4 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2019-12-17] (Malwarebytes Inc -> Malwarebytes)
R2 RealtekWlanU; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe [48856 2014-05-19] (Realtek Semiconductor Corp -> Realtek)
S4 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2017-08-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S2 RTLDHCPService; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe [262360 2014-04-23] (Realtek Semiconductor Corp -> Realtek)
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2019-11-24] (Realtek Semiconductor Corp -> )
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S2 HPSupportSolutionsFrameworkService; "C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 amdkmafd; C:\Windows\System32\DRIVERS\amdkmafd.sys [23240 2016-04-29] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [21634560 2015-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [665600 2015-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [65248 2015-04-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [118184 2018-05-14] (Alcorlink Corp. -> )
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [96256 2016-07-20] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R0 dcrypt; C:\Windows\System32\drivers\dcrypt.sys [210632 2014-07-09] (ReactOS Foundation -> )
R1 dokan1; C:\Windows\System32\DRIVERS\dokan1.sys [87424 2018-08-09] (D3L -> Dokan Project)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2019-12-17] (Malwarebytes Corporation -> Malwarebytes)
S3 fiddrv64; no ImagePath
R3 HCW723x; C:\Windows\System32\DRIVERS\HCW723x.sys [1847680 2012-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Hauppauge Computer Works, Inc.)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (3am.com(Test) -> HTC, Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-04-06] (Martin Malik - REALiX -> REALiX(tm))
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [216544 2019-12-17] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [224408 2019-12-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73584 2019-12-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [278344 2019-12-20] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [106344 2019-12-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [181304 2016-03-28] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 mirrorv3; C:\Windows\System32\DRIVERS\rminiv3.sys [5632 2017-12-07] (Microsoft Windows Hardware Compatibility Publisher -> Famatech International Corp.)
S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [2215056 2014-08-14] (MEDIATEK INC. -> MediaTek Inc.)
S3 netr28x; C:\Windows\System32\DRIVERS\netr28x.sys [2502288 2015-12-30] (MEDIATEK INC. -> MediaTek Inc.)
R1 npcap; C:\Windows\System32\DRIVERS\npcap.sys [69432 2019-09-04] (Insecure.Com LLC -> Insecure.Com LLC.)
S4 npcap_wifi; C:\Windows\System32\DRIVERS\npcap.sys [69432 2019-09-04] (Insecure.Com LLC -> Insecure.Com LLC.)
S3 npf; C:\Windows\System32\DRIVERS\npf.sys [69432 2019-09-04] (Insecure.Com LLC -> Insecure.Com LLC.)
S3 rspWhySoSlow; C:\Windows\System32\DRIVERS\rspWhy64.sys [28928 2016-12-17] (Daniel Terhell -> Resplendence Software Projects Sp.)
R3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [7715648 2018-03-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [43008 2018-07-18] (Intel Corporation -> )
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33960 2015-07-09] (Synaptics Incorporated -> Synaptics Incorporated)
S3 usbscan; C:\Windows\SysWOW64\DRIVERS\usbscan.sys [8944 1999-05-05] (Microsoft Corporation) [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-20 20:48 - 2019-12-20 20:49 - 000027532 _____ C:\Users\Test\Downloads\FRST.txt
2019-12-20 20:47 - 2019-12-20 20:47 - 002264064 _____ (Farbar) C:\Users\Test\Downloads\FRST64.exe
2019-12-20 20:47 - 2019-12-20 20:47 - 000153040 _____ C:\Users\Test\AppData\Local\GDIPFONTCACHEV1.DAT
2019-12-20 20:46 - 2019-12-20 20:46 - 000000000 ____D C:\Users\Test\AppData\Roaming\ATI
2019-12-20 20:46 - 2019-12-20 20:46 - 000000000 ____D C:\Users\Test\AppData\Local\fontconfig
2019-12-20 20:46 - 2019-12-20 20:46 - 000000000 ____D C:\Users\Test\AppData\Local\ATI
2019-12-20 20:45 - 2019-12-20 20:46 - 000000000 ____D C:\Users\Test\AppData\Local\SquirrelTemp
2019-12-20 20:45 - 2019-12-20 20:45 - 000278344 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-12-20 20:45 - 2019-12-20 20:45 - 000224408 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-12-20 20:45 - 2019-12-20 20:45 - 000106344 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-12-20 20:45 - 2019-12-20 20:45 - 000073584 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-12-20 20:45 - 2019-12-20 20:45 - 000002282 _____ C:\Users\Test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2019-12-20 20:45 - 2019-12-20 20:45 - 000002274 _____ C:\Users\Test\Desktop\Microsoft Teams.lnk
2019-12-20 20:45 - 2019-12-20 20:45 - 000001373 _____ C:\Users\Test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2019-12-20 20:45 - 2019-12-20 20:45 - 000000020 ___SH C:\Users\Test\ntuser.ini
2019-12-20 20:45 - 2019-12-20 20:45 - 000000000 ___RD C:\Users\Test\Virtual Machines
2019-12-20 20:45 - 2019-12-20 20:45 - 000000000 ____D C:\Users\Test\AppData\Roaming\Microsoft Teams
2019-12-20 20:45 - 2019-12-20 20:45 - 000000000 ____D C:\Users\Test\AppData\Roaming\Adobe
2019-12-20 20:45 - 2019-12-20 20:45 - 000000000 ____D C:\Users\Test\AppData\LocalLow\IGDump
2019-12-20 20:45 - 2019-12-20 20:45 - 000000000 ____D C:\Users\Test\AppData\Local\VirtualStore
2019-12-20 20:45 - 2019-12-20 20:45 - 000000000 ____D C:\Users\Test\AppData\Local\mbamtray
2019-12-20 20:45 - 2019-12-20 20:45 - 000000000 ____D C:\Users\Test\AppData\Local\Google
2019-12-20 20:45 - 2019-12-20 20:45 - 000000000 ____D C:\Users\Test
2019-12-20 20:45 - 2018-04-06 11:05 - 000000000 ____D C:\Users\Test\AppData\Roaming\IObit
2019-12-20 20:45 - 2018-02-21 13:40 - 000000000 ____D C:\Users\Test\AppData\Roaming\Sun
2019-12-20 20:45 - 2014-11-12 22:17 - 000000000 ____D C:\Users\Test\Documents\Visual Studio 2010
2019-12-20 20:45 - 2014-11-12 22:09 - 000000000 ____D C:\Users\Test\AppData\Local\Microsoft Help
2019-12-20 20:45 - 2014-01-02 12:21 - 000000000 ____D C:\Users\Test\AppData\Roaming\Macromedia
2019-12-20 20:45 - 2009-07-14 02:45 - 000000000 ____D C:\Users\Test\AppData\Roaming\Media Center Programs
2019-12-20 20:27 - 2019-12-20 20:29 - 000006472 _____ C:\Users\honey\Downloads\Fixlog.txt
2019-12-20 18:02 - 2019-12-20 20:49 - 000000000 ____D C:\FRST
2019-12-20 18:02 - 2019-12-20 18:02 - 002264064 _____ (Farbar) C:\Users\honey\Downloads\FRST64.exe
2019-12-20 14:12 - 2019-12-20 14:52 - 000000000 ___HD C:\$WINDOWS.~BT
2019-12-20 13:59 - 2019-12-20 13:59 - 000000000 ___HD C:\$Windows.~WS
2019-12-18 23:33 - 2019-12-18 23:36 - 000000000 ____D C:\Users\honey\Documents\SysnativeFileCollectionApp
2019-12-18 18:45 - 2019-12-18 18:45 - 000000000 ____D C:\Users\honey\Downloads\AIOBoot-v0.9.8.16
2019-12-18 18:33 - 2019-12-18 18:39 - 000000000 ____D C:\Users\honey\Downloads\videocacheview-x64
2019-12-18 12:34 - 2019-12-18 12:34 - 000000218 _____ C:\Users\honey\AppData\Local\recently-used.xbel
2019-12-17 23:20 - 2019-12-18 12:34 - 000000000 ____D C:\Users\honey\AppData\Roaming\gsmartcontrol
2019-12-17 23:20 - 2019-12-17 23:20 - 000000000 ____D C:\Users\honey\Desktop\gsmartcontrol-1.1.3-win64
2019-12-17 21:16 - 2019-12-20 17:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-12-17 21:16 - 2019-12-17 21:16 - 000216544 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-12-17 21:16 - 2019-12-17 21:16 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-12-17 21:16 - 2019-12-17 21:16 - 000001908 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-12-17 21:16 - 2019-12-17 21:16 - 000001908 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2019-12-17 21:16 - 2019-12-17 21:16 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-12-17 21:15 - 2019-12-17 21:15 - 000000000 ____D C:\Program Files\Malwarebytes
2019-12-17 17:19 - 2019-12-17 17:19 - 000001195 _____ C:\Windows\CleanMem Setup Log.txt
2019-12-17 14:01 - 2019-12-17 14:01 - 000008192 _____ C:\Windows\system32\config\userdiff
2019-12-17 10:41 - 2019-12-20 14:34 - 000008192 __RSH C:\BOOTSECT.BAK
2019-12-17 10:40 - 2019-12-20 14:33 - 000000001 ___SH C:\BOOTNXT
2019-12-17 09:35 - 2019-12-20 14:12 - 000000000 ____D C:\ESD
2019-12-17 09:32 - 2019-12-17 09:32 - 019255000 _____ (Microsoft Corporation) C:\Users\honey\Downloads\MediaCreationTool1909.exe
2019-12-13 14:37 - 2019-12-13 14:37 - 000282158 _____ C:\TDSSKiller.2.8.16.0_13.12.2019_14.37.16_log.txt
2019-12-11 14:32 - 2019-11-14 20:58 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2019-12-11 14:32 - 2019-11-14 20:48 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2019-12-11 13:13 - 2019-12-06 00:27 - 000492032 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe
2019-12-11 13:13 - 2019-11-27 22:33 - 000710072 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-12-11 13:13 - 2019-11-27 22:32 - 004061616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-12-11 13:13 - 2019-11-27 22:32 - 003967416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-12-11 13:13 - 2019-11-27 22:32 - 001320248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-12-11 13:13 - 2019-11-27 22:32 - 000627664 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-12-11 13:13 - 2019-11-27 22:32 - 000264120 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-12-11 13:13 - 2019-11-27 22:32 - 000155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-12-11 13:13 - 2019-11-27 22:32 - 000097208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-12-11 13:13 - 2019-11-27 22:31 - 005554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-12-11 13:13 - 2019-11-27 22:31 - 001671504 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 001010176 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000834048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:29 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:28 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 22:04 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-12-11 13:13 - 2019-11-27 22:03 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-12-11 13:13 - 2019-11-27 22:00 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-12-11 13:13 - 2019-11-27 22:00 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-12-11 13:13 - 2019-11-27 22:00 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-12-11 13:13 - 2019-11-27 21:59 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-12-11 13:13 - 2019-11-27 21:58 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-12-11 13:13 - 2019-11-27 21:58 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-12-11 13:13 - 2019-11-27 21:58 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-12-11 13:13 - 2019-11-27 21:58 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-12-11 13:13 - 2019-11-27 21:57 - 003233280 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-12-11 13:13 - 2019-11-27 21:57 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-12-11 13:13 - 2019-11-27 21:57 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-12-11 13:13 - 2019-11-27 21:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 21:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 21:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 21:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-12-11 13:13 - 2019-11-27 21:56 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-12-11 13:13 - 2019-11-27 21:56 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-12-11 13:13 - 2019-11-27 21:53 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-12-11 13:13 - 2019-11-27 21:53 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-12-11 13:13 - 2019-11-27 21:52 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-12-11 13:13 - 2019-11-27 21:52 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-12-11 13:13 - 2019-11-27 21:52 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-12-11 13:13 - 2019-11-27 21:52 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-12-11 13:13 - 2019-11-27 21:51 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-12-11 13:13 - 2019-11-27 21:51 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-12-11 13:13 - 2019-11-27 21:51 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-12-11 13:13 - 2019-11-27 21:51 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-12-11 13:13 - 2019-11-27 21:51 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-12-11 13:13 - 2019-11-27 21:51 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-12-11 13:13 - 2019-11-23 02:48 - 000390752 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-12-11 13:13 - 2019-11-23 01:57 - 000341896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-12-11 13:13 - 2019-11-20 21:16 - 000580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-12-11 13:13 - 2019-11-20 21:16 - 000496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-12-11 13:13 - 2019-11-20 19:48 - 000629984 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-12-11 13:13 - 2019-11-19 15:56 - 025753088 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-12-11 13:13 - 2019-11-19 15:44 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-12-11 13:13 - 2019-11-19 15:44 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-12-11 13:13 - 2019-11-19 15:31 - 002910720 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-12-11 13:13 - 2019-11-19 15:30 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-12-11 13:13 - 2019-11-19 15:29 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-12-11 13:13 - 2019-11-19 15:29 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-12-11 13:13 - 2019-11-19 15:29 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-12-11 13:13 - 2019-11-19 15:22 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-12-11 13:13 - 2019-11-19 15:21 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-12-11 13:13 - 2019-11-19 15:19 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-12-11 13:13 - 2019-11-19 15:18 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-12-11 13:13 - 2019-11-19 15:18 - 000797184 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-12-11 13:13 - 2019-11-19 15:18 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-12-11 13:13 - 2019-11-19 15:18 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-12-11 13:13 - 2019-11-19 15:17 - 005500928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-12-11 13:13 - 2019-11-19 15:10 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-12-11 13:13 - 2019-11-19 15:07 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-12-11 13:13 - 2019-11-19 15:01 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-12-11 13:13 - 2019-11-19 15:00 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-12-11 13:13 - 2019-11-19 15:00 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-12-11 13:13 - 2019-11-19 14:56 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-12-11 13:13 - 2019-11-19 14:56 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-12-11 13:13 - 2019-11-19 14:54 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-12-11 13:13 - 2019-11-19 14:52 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-12-11 13:13 - 2019-11-19 14:43 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-12-11 13:13 - 2019-11-19 14:41 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-12-11 13:13 - 2019-11-19 14:41 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-12-11 13:13 - 2019-11-19 14:39 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-12-11 13:13 - 2019-11-19 14:39 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-12-11 13:13 - 2019-11-19 14:36 - 015445504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-12-11 13:13 - 2019-11-19 14:26 - 004859392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-12-11 13:13 - 2019-11-19 14:15 - 001566720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-12-11 13:13 - 2019-11-19 14:04 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-12-11 13:13 - 2019-11-19 03:17 - 020290048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-12-11 13:13 - 2019-11-19 03:11 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-12-11 13:13 - 2019-11-19 02:59 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-12-11 13:13 - 2019-11-19 02:58 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-12-11 13:13 - 2019-11-19 02:58 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-12-11 13:13 - 2019-11-19 02:57 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-12-11 13:13 - 2019-11-19 02:56 - 002304000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-12-11 13:13 - 2019-11-19 02:53 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-12-11 13:13 - 2019-11-19 02:52 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-12-11 13:13 - 2019-11-19 02:50 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-12-11 13:13 - 2019-11-19 02:49 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-12-11 13:13 - 2019-11-19 02:49 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-12-11 13:13 - 2019-11-19 02:49 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-12-11 13:13 - 2019-11-19 02:40 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-12-11 13:13 - 2019-11-19 02:36 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-12-11 13:13 - 2019-11-19 02:36 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-12-11 13:13 - 2019-11-19 02:35 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-12-11 13:13 - 2019-11-19 02:33 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-12-11 13:13 - 2019-11-19 02:33 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-12-11 13:13 - 2019-11-19 02:31 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-12-11 13:13 - 2019-11-19 02:30 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-12-11 13:13 - 2019-11-19 02:26 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-12-11 13:13 - 2019-11-19 02:24 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-12-11 13:13 - 2019-11-19 02:23 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-12-11 13:13 - 2019-11-19 02:23 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-12-11 13:13 - 2019-11-19 02:22 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-12-11 13:13 - 2019-11-19 02:20 - 013838336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-12-11 13:13 - 2019-11-19 02:05 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-12-11 13:13 - 2019-11-19 02:01 - 001331712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-12-11 13:13 - 2019-11-19 02:00 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-12-11 13:13 - 2019-11-14 21:32 - 000311008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2019-12-11 13:13 - 2019-11-14 21:29 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-12-11 13:13 - 2019-11-14 21:29 - 001330176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2019-12-11 13:13 - 2019-11-14 21:29 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-12-11 13:13 - 2019-11-14 21:29 - 000479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2019-12-11 13:13 - 2019-11-14 21:29 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2019-12-11 13:13 - 2019-11-14 21:29 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2019-12-11 13:13 - 2019-11-14 21:29 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-12-11 13:13 - 2019-11-14 21:29 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-12-11 13:13 - 2019-11-14 21:29 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2019-12-11 13:13 - 2019-11-14 21:29 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2019-12-11 13:13 - 2019-11-14 21:25 - 000385248 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2019-12-11 13:13 - 2019-11-14 21:22 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-12-11 13:13 - 2019-11-14 21:22 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-12-11 13:13 - 2019-11-14 21:22 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-12-11 13:13 - 2019-11-14 21:22 - 000517632 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-12-11 13:13 - 2019-11-14 21:22 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-12-11 13:13 - 2019-11-14 21:22 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2019-12-11 13:13 - 2019-11-14 21:22 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2019-12-11 13:13 - 2019-11-14 21:22 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-12-11 13:13 - 2019-11-14 21:21 - 000623104 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2019-12-11 13:13 - 2019-11-14 21:21 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2019-12-11 13:13 - 2019-11-14 21:21 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-12-11 13:13 - 2019-11-14 21:21 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2019-12-11 13:13 - 2019-11-14 21:21 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2019-12-11 13:13 - 2019-11-14 21:21 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2019-12-11 13:13 - 2019-11-14 21:21 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-12-11 13:13 - 2019-11-14 21:06 - 000748544 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2019-12-11 13:13 - 2019-11-14 21:04 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-12-11 13:13 - 2019-11-14 20:59 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2019-12-11 13:13 - 2019-11-14 20:59 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2019-12-11 13:13 - 2019-11-14 20:45 - 000327680 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2019-12-11 13:13 - 2019-11-14 06:34 - 003187712 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-12-11 13:13 - 2019-11-05 16:25 - 000162016 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-12-11 13:13 - 2019-10-25 19:17 - 001717760 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-12-07 13:40 - 2019-12-07 13:40 - 000191276 _____ C:\Users\honey\Downloads\VZBill_12_28_2018.pdf
2019-12-07 13:40 - 2019-12-07 13:40 - 000190084 _____ C:\Users\honey\Downloads\VZBill_1_28_2019.pdf
2019-12-07 13:40 - 2019-12-07 13:40 - 000184648 _____ C:\Users\honey\Downloads\VZBill_2_27_2019.pdf
2019-12-05 19:28 - 2019-12-20 17:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Similarity Duplicate Image Finder
2019-12-05 19:28 - 2019-12-05 19:28 - 000000000 ____D C:\Program Files\Visual Similarity Duplicate Image Finder
2019-12-05 10:40 - 2019-12-05 10:40 - 001138744 _____ (Akeo Consulting) C:\Users\honey\Downloads\rufus-3.8.exe
2019-12-04 22:21 - 2019-12-04 22:22 - 016361472 _____ C:\Users\honey\Downloads\super_grub2_disk_hybrid_2.04s1.iso
2019-12-04 22:09 - 2019-12-20 17:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accord CD Ripper Free
2019-12-04 22:09 - 2019-12-04 22:09 - 000001260 _____ C:\Users\Public\Desktop\Accord CD Ripper Free.lnk
2019-12-04 22:09 - 2019-12-04 22:09 - 000001260 _____ C:\ProgramData\Desktop\Accord CD Ripper Free.lnk
2019-12-04 22:09 - 2019-12-04 22:09 - 000000000 ____D C:\Users\honey\AppData\Roaming\Accord CD Ripper Free
2019-12-04 22:09 - 2019-12-04 22:09 - 000000000 ____D C:\Program Files (x86)\Accord CD Ripper Free
2019-12-04 22:00 - 2019-12-04 22:00 - 000002018 _____ C:\Users\honey\Desktop\FileHippo App Manager.lnk
2019-12-04 22:00 - 2019-12-04 22:00 - 000000000 ____D C:\Program Files (x86)\Teams Installer
2019-12-04 22:00 - 2019-12-04 22:00 - 000000000 ____D C:\Program Files (x86)\FileHippo.com
2019-12-04 21:56 - 2019-12-20 17:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-12-04 21:56 - 2019-12-04 21:56 - 000002339 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2019-12-04 21:56 - 2019-12-04 21:56 - 000002334 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-12-04 21:56 - 2019-12-04 21:56 - 000002333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-12-04 21:56 - 2019-12-04 21:56 - 000002297 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-12-04 21:56 - 2019-12-04 21:56 - 000002296 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-12-04 21:56 - 2019-12-04 21:56 - 000002290 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-12-04 21:56 - 2019-12-04 21:56 - 000002284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-12-04 21:56 - 2019-12-04 21:56 - 000002276 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-12-04 21:55 - 2019-12-20 17:51 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-04 21:55 - 2019-12-04 21:55 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2019-12-04 21:42 - 2019-12-04 21:42 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-12-04 21:41 - 2019-12-04 21:41 - 000000000 ____D C:\Users\honey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Corporation
2019-12-04 14:45 - 2019-12-04 14:45 - 000000000 ____D C:\Users\honey\Downloads\licensecrawler
2019-12-04 14:36 - 2019-12-04 14:36 - 000000000 ____D C:\ProgramData\Caphyon
2019-12-04 14:35 - 2019-12-04 14:35 - 000000000 ____D C:\Users\honey\Downloads\ProductKeyDecryptor
2019-12-04 14:31 - 2019-12-04 14:32 - 000000000 ____D C:\Users\honey\Downloads\produkey-x64
2019-11-28 17:01 - 2019-11-28 17:01 - 000000000 ____D C:\Users\honey\AppData\Roaming\ImgBurn
2019-11-28 16:38 - 2019-12-20 17:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2019-11-28 16:38 - 2019-11-28 16:38 - 000001877 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2019-11-28 16:38 - 2019-11-28 16:38 - 000001865 _____ C:\Users\Public\Desktop\ImgBurn.lnk
2019-11-28 16:38 - 2019-11-28 16:38 - 000001865 _____ C:\ProgramData\Desktop\ImgBurn.lnk
2019-11-28 16:38 - 2019-11-28 16:38 - 000000000 ____D C:\Program Files (x86)\ImgBurn
2019-11-28 14:30 - 2019-11-28 14:30 - 000000000 ____D C:\Otilia
2019-11-28 14:26 - 2019-11-28 14:26 - 000000000 ____D C:\Users\honey\Downloads\VirtualDub2_43943
2019-11-28 14:17 - 2019-11-28 14:19 - 000000120 _____ C:\Users\honey\AppData\Roaming\FixVTS.ini
2019-11-28 14:16 - 2019-11-28 14:16 - 000000000 ____D C:\Users\honey\Downloads\FixVTS1.603
2019-11-28 14:13 - 2019-11-28 14:13 - 000000000 ____D C:\Users\honey\Downloads\GMVB1301
2019-11-28 14:03 - 2019-11-28 14:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO
2019-11-28 13:07 - 2019-11-28 13:07 - 000000000 ____D C:\FUNAI_DVD_VIDEO
2019-11-27 19:45 - 2019-11-27 19:45 - 000012476 _____ C:\Users\honey\Downloads\Detailed-System-Report.html
2019-11-26 14:46 - 2019-11-26 14:46 - 000220994 _____ C:\Users\honey\Downloads\2019--1-1--checkdownload-9390.pdf
2019-11-26 12:37 - 2019-11-26 12:37 - 000077824 _____ ( ) C:\Users\honey\Downloads\guiformat.exe
2019-11-25 21:37 - 2019-11-25 21:37 - 000000125 _____ C:\Users\honey\Documents\Windows.txt
2019-11-25 09:31 - 2019-11-25 09:31 - 000024064 _____ C:\Users\honey\Downloads\netsh_lan_wlan_04-24-09__jcgriff2__.exe
2019-11-24 22:57 - 2019-11-24 22:57 - 000042127 _____ C:\Windows\SysWOW64\MTB.txt
2019-11-24 22:25 - 2019-11-24 22:37 - 000000000 ____D C:\Users\honey\AppData\Local\FreeFixer
2019-11-24 22:25 - 2019-11-24 22:25 - 000000000 ____D C:\Users\honey\AppData\Roaming\FreeFixer
2019-11-24 19:15 - 2019-12-20 17:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REALTEK USB Wireless LAN Utility
2019-11-24 19:15 - 2019-11-24 19:15 - 000000000 ____D C:\Program Files (x86)\Cisco
2019-11-24 19:08 - 2019-11-24 19:08 - 000000512 _____ C:\Users\honey\Downloads\MBRCheck_MBR_Backup_11-24-19_19-08-28.bak
2019-11-23 20:22 - 2019-11-23 20:23 - 000454452 _____ C:\TDSSKiller.2.8.16.0_23.11.2019_20.22.56_log.txt
2019-11-23 20:21 - 2019-11-23 20:21 - 000004238 _____ C:\TDSSKiller.2.8.16.0_23.11.2019_20.21.04_log.txt
2019-11-23 20:19 - 2019-11-23 20:19 - 000143828 _____ C:\TDSSKiller.2.8.16.0_23.11.2019_20.19.13_log.txt
2019-11-22 17:05 - 2019-11-22 17:05 - 000000000 ____D C:\Users\honey\VirtualBox VMs
2019-11-22 16:58 - 2019-11-22 17:25 - 000000000 ____D C:\Users\honey\.VirtualBox
2019-11-22 16:58 - 2019-11-22 17:05 - 000000000 ____D C:\ProgramData\VirtualBox
2019-11-22 16:57 - 2019-11-22 16:57 - 000000000 ____D C:\Program Files\Oracle
2019-11-22 16:56 - 2019-11-22 16:56 - 000153040 _____ C:\Users\honey\AppData\Local\GDIPFONTCACHEV1.DAT
2019-11-22 16:42 - 2019-11-22 16:42 - 000062225 _____ C:\Users\honey\Downloads\PaymentHistoryCL5088629.pdf
2019-11-22 16:42 - 2019-11-22 16:42 - 000062216 _____ C:\Users\honey\Downloads\PaymentHistoryCL5025485.pdf
2019-11-22 16:42 - 2019-11-22 16:42 - 000061939 _____ C:\Users\honey\Downloads\PaymentHistoryCL5066255.pdf
2019-11-22 16:31 - 2019-11-22 16:31 - 000062314 _____ C:\Users\honey\Downloads\PaymentHistoryCL5025728.pdf
2019-11-22 13:52 - 2019-11-22 13:52 - 000000000 ____D C:\Users\honey\AppData\Roaming\Intel Corporation
2019-11-22 13:51 - 2019-11-22 13:51 - 000002395 _____ C:\Users\honey\Desktop\Intel® Processor Identification Utility.lnk
2019-11-22 13:51 - 2019-11-22 13:51 - 000000000 ____D C:\Users\honey\AppData\Local\Caphyon
2019-11-22 13:51 - 2019-11-22 13:51 - 000000000 ____D C:\Program Files (x86)\Intel Corporation
2019-11-22 13:30 - 2019-11-24 11:18 - 000000000 ___RD C:\Users\honey\Virtual Machines
2019-11-22 13:27 - 2019-11-22 13:28 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC
2019-11-22 13:27 - 2019-11-22 13:27 - 000000000 ____D C:\Program Files (x86)\Windows Virtual PC
2019-11-22 13:26 - 2010-11-20 08:34 - 000360832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpcvmm.sys
2019-11-22 13:26 - 2010-11-20 08:34 - 000194944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpchbus.sys
2019-11-22 13:26 - 2010-11-20 08:27 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\vpchbuspipe.dll
2019-11-22 13:26 - 2010-11-20 08:25 - 004514816 _____ (Microsoft Corporation) C:\Windows\system32\vpc.exe
2019-11-22 13:26 - 2010-11-20 08:25 - 002264064 _____ (Microsoft Corporation) C:\Windows\system32\VPCWizard.exe
2019-11-22 13:26 - 2010-11-20 08:25 - 001369600 _____ (Microsoft Corporation) C:\Windows\system32\VPCSettings.exe
2019-11-22 13:26 - 2010-11-20 06:37 - 001210368 _____ (Microsoft Corporation) C:\Windows\system32\VMWindow.exe
2019-11-22 13:26 - 2010-11-20 06:37 - 000936448 _____ (Microsoft Corporation) C:\Windows\system32\vmsal.exe
2019-11-22 13:26 - 2010-11-20 06:35 - 000562176 _____ (Microsoft Corporation) C:\Windows\system32\VMCPropertyHandler.dll
2019-11-22 13:26 - 2010-11-20 06:35 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpcusb.sys
2019-11-22 13:26 - 2010-11-20 06:35 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpcnfltr.sys
2019-11-22 13:26 - 2010-11-20 05:52 - 000793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vmsal.exe
2019-11-21 19:02 - 2019-12-20 17:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2019-11-21 19:02 - 2019-12-04 21:42 - 000000000 ____D C:\Program Files\MPC-HC
2019-11-21 19:01 - 2019-12-20 17:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAV Filters
2019-11-21 19:01 - 2019-12-20 17:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow x64
2019-11-21 19:01 - 2019-11-21 19:01 - 000000000 ____D C:\Program Files (x86)\LAV Filters
2019-11-21 19:01 - 2018-07-02 14:54 - 002739712 _____ (The Public) C:\Windows\system32\AviSynth.dll
2019-11-21 19:01 - 2018-07-02 14:51 - 002300928 _____ (Abysmal Software) C:\Windows\system32\DevIL.dll
2019-11-21 17:10 - 2019-11-21 17:10 - 000014038 _____ C:\Windows\Tweaking.com - Technicians Toolbox Setup Log.txt
2019-11-21 17:10 - 2019-11-21 17:10 - 000002250 _____ C:\Users\Public\Desktop\Tweaking.com - Technicians Toolbox.lnk
2019-11-21 17:10 - 2019-11-21 17:10 - 000002250 _____ C:\ProgramData\Desktop\Tweaking.com - Technicians Toolbox.lnk
2019-11-21 14:59 - 2019-11-21 14:59 - 000002103 _____ C:\Users\honey\Desktop\Tweaking.com - Hardware Identify.lnk
2019-11-21 14:40 - 2019-11-21 14:40 - 000000000 ____D C:\Users\honey\Downloads\0002-Realtek_WindowsDriver_1030.25.0701.2017
2019-11-21 13:39 - 2019-11-23 19:24 - 000007118 _____ C:\Users\honey\Downloads\aswMBR.txt
2019-11-20 17:34 - 2019-11-20 17:34 - 000022959 _____ C:\Users\honey\Downloads\New Text Document (15).txt
2019-11-20 11:50 - 2019-11-20 11:51 - 000470310 _____ C:\TDSSKiller.2.8.16.0_20.11.2019_11.50.20_log.txt
2019-11-20 11:48 - 2019-11-20 11:48 - 000000000 ____D C:\TDSSKiller_Quarantine
2019-11-20 11:45 - 2019-11-20 11:49 - 000428260 _____ C:\TDSSKiller.2.8.16.0_20.11.2019_11.45.37_log.txt
2019-11-20 09:51 - 2019-11-23 19:23 - 000000512 _____ C:\Users\honey\Downloads\MBR.dat
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-20 20:45 - 2019-11-18 19:50 - 000000000 ____D C:\ProgramData\UMS
2019-12-20 20:45 - 2015-10-20 19:52 - 000000093 _____ C:\HaxLogs.txt
2019-12-20 20:45 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-12-20 20:38 - 2009-07-13 23:45 - 000022784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-12-20 20:38 - 2009-07-13 23:45 - 000022784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-12-20 20:36 - 2016-01-15 14:12 - 000811200 _____ C:\Windows\system32\perfh00A.dat
2019-12-20 20:36 - 2016-01-15 14:12 - 000183256 _____ C:\Windows\system32\perfc00A.dat
2019-12-20 20:36 - 2009-07-14 00:13 - 001857866 _____ C:\Windows\system32\PerfStringBackup.INI
2019-12-20 20:36 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2019-12-20 20:32 - 2018-03-13 16:27 - 000004462 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-12-20 20:32 - 2018-03-09 11:56 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-12-20 20:32 - 2018-03-09 11:56 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-12-20 20:32 - 2018-03-09 11:56 - 000004324 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2019-12-20 20:32 - 2018-02-22 09:56 - 000000000 ____D C:\Users\honey\AppData\Local\Adobe
2019-12-20 20:32 - 2014-01-02 10:37 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-12-20 20:32 - 2014-01-02 10:37 - 000000000 ____D C:\Windows\system32\Macromed
2019-12-20 20:28 - 2019-10-29 17:31 - 000000000 ____D C:\Users\honey\AppData\Local\JDownloader 2.0
2019-12-20 20:27 - 2019-08-03 13:43 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2019-12-20 20:25 - 2016-02-22 12:05 - 000000000 ____D C:\ProgramData\Macrium
2019-12-20 20:24 - 2016-02-22 12:07 - 000000000 ____D C:\Program Files\Macrium
2019-12-20 20:18 - 2019-07-29 11:41 - 000000000 ____D C:\Users\honey\Downloads\Luis
2019-12-20 19:19 - 2018-03-17 12:49 - 000003926 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{20D74601-D866-4B96-B4D0-83F83FBD47F5}
2019-12-20 17:51 - 2019-11-18 19:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Universal Media Server
2019-12-20 17:51 - 2019-11-05 14:45 - 000000000 ____D C:\Windows\SysWOW64\rserver30
2019-12-20 17:51 - 2019-11-02 08:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BleachBit
2019-12-20 17:51 - 2019-10-21 12:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fast Duplicate File Finder
2019-12-20 17:51 - 2019-10-21 12:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folder Size
2019-12-20 17:51 - 2019-10-08 14:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodi
2019-12-20 17:51 - 2019-09-23 13:52 - 000000000 ____D C:\Windows\SysWOW64\Npcap
2019-12-20 17:51 - 2019-09-23 13:52 - 000000000 ____D C:\Windows\system32\Npcap
2019-12-20 17:51 - 2019-09-23 13:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced IP Scanner v2
2019-12-20 17:51 - 2019-09-12 12:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\URLSnooper2
2019-12-20 17:51 - 2019-08-15 17:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Shrink
2019-12-20 17:51 - 2019-08-10 12:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellarium
2019-12-20 17:51 - 2019-07-23 13:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Product Key Finder
2019-12-20 17:51 - 2019-07-20 14:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2019-12-20 17:51 - 2019-06-25 17:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2019-12-20 17:51 - 2018-08-14 10:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Windows AIK
2019-12-20 17:51 - 2018-07-30 09:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2019-12-20 17:51 - 2018-07-30 09:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskCryptor
2019-12-20 17:51 - 2018-05-15 18:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard
2019-12-20 17:51 - 2018-04-12 13:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Backup and Restore
2019-12-20 17:51 - 2018-02-27 19:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2019-12-20 17:51 - 2018-02-21 13:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2019-12-20 17:51 - 2018-01-14 20:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhySoSlow
2019-12-20 17:51 - 2017-12-23 12:19 - 000000000 ____D C:\Windows\system32\RtlGina
2019-12-20 17:51 - 2017-12-23 12:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tenda Wireless
2019-12-20 17:51 - 2017-08-29 13:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2019-12-20 17:51 - 2016-10-09 19:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix
2019-12-20 17:51 - 2016-06-09 18:44 - 000000000 ____D C:\Windows\system32\appmgmt
2019-12-20 17:51 - 2016-04-29 12:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FUTURA 3
2019-12-20 17:51 - 2016-02-13 18:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2019-12-20 17:51 - 2015-11-13 11:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
2019-12-20 17:51 - 2015-11-13 11:32 - 000000000 ____D C:\Windows\system32\oodag
2019-12-20 17:51 - 2015-09-27 10:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Writer
2019-12-20 17:51 - 2015-09-21 18:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2019-12-20 17:51 - 2015-07-20 15:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScreenshotCaptor
2019-12-20 17:51 - 2015-06-29 19:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plustek OpticFilm 120 Beta5.0.2.0
2019-12-20 17:51 - 2015-06-17 10:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bulk Image Downloader
2019-12-20 17:51 - 2015-03-08 12:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bulk Rename Utility
2019-12-20 17:51 - 2015-03-06 12:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plustek OpticFilm 8200i V5.0.0
2019-12-20 17:51 - 2014-12-14 10:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweetAdder4
2019-12-20 17:51 - 2014-11-18 10:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HFSExplorer
2019-12-20 17:51 - 2014-11-14 10:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opanda
2019-12-20 17:51 - 2014-10-09 19:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CD Recovery Toolbox Free
2019-12-20 17:51 - 2014-09-21 11:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellar Phoenix Windows Data Recovery - Professional
2019-12-20 17:51 - 2014-07-21 14:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN
2019-12-20 17:51 - 2014-07-03 12:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iWisoft Flash SWF to Video Converter
2019-12-20 17:51 - 2014-04-10 19:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RentMaster
2019-12-20 17:51 - 2014-04-06 14:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar
2019-12-20 17:51 - 2014-04-01 16:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS1 General Ledger 2014.2
2019-12-20 17:51 - 2014-04-01 11:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DotNetBar for Windows Forms
2019-12-20 17:51 - 2014-03-30 13:55 - 000000000 ____D C:\Windows\SysWOW64\1033
2019-12-20 17:51 - 2014-03-30 13:55 - 000000000 ____D C:\Windows\system32\1033
2019-12-20 17:51 - 2014-03-30 13:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010 Express
2019-12-20 17:51 - 2014-03-29 18:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 6.0
2019-12-20 17:51 - 2014-02-07 10:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy HTML5 Video
2019-12-20 17:51 - 2014-01-27 10:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\d'peg! from SomeWare
2019-12-20 17:51 - 2014-01-22 18:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WOW Slider
2019-12-20 17:51 - 2014-01-05 18:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VisualLightBox
2019-12-20 17:51 - 2014-01-05 18:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FancyElements
2019-12-20 17:51 - 2014-01-03 06:09 - 000000000 ____D C:\Windows\system32\SPReview
2019-12-20 17:51 - 2014-01-03 06:09 - 000000000 ____D C:\Windows\system32\EventProviders
2019-12-20 17:51 - 2014-01-02 11:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-12-20 17:51 - 2014-01-01 23:39 - 000000000 ____D C:\Windows\system32\MRT
2019-12-20 17:51 - 2014-01-01 23:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Disk Storage Format Tool 5.0
2019-12-20 17:51 - 2014-01-01 23:12 - 000000000 ____D C:\Program Files (x86)\ATI Technologies
2019-12-20 17:51 - 2014-01-01 21:41 - 000000000 ____D C:\Program Files (x86)\Intel
2019-12-20 17:51 - 2014-01-01 18:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2019-12-20 17:51 - 2009-07-14 02:46 - 000000000 ____D C:\Windows\ShellNew
2019-12-20 17:51 - 2009-07-14 02:45 - 000000000 ___RD C:\Users\Public\Recorded TV
2019-12-20 17:51 - 2009-07-14 00:37 - 000000000 ____D C:\Windows\SysWOW64\sysprep
2019-12-20 17:51 - 2009-07-14 00:32 - 000000000 ____D C:\Windows\Downloaded Program Files
2019-12-20 17:51 - 2009-07-13 22:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-12-20 17:51 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\SysWOW64\oobe
2019-12-20 17:51 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2019-12-20 17:51 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\NDF
2019-12-20 17:51 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\Msdtc
2019-12-20 17:51 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system
2019-12-20 17:51 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\Resources
2019-12-20 17:51 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\registration
2019-12-20 17:51 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\LiveKernelReports
2019-12-20 17:51 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\IME
2019-12-20 17:51 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\Help
2019-12-20 17:51 - 2009-07-13 22:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2019-12-20 16:21 - 2018-09-26 09:20 - 000003186 _____ C:\Windows\system32\Tasks\HPCeeScheduleForhoney
2019-12-20 16:21 - 2018-09-26 09:20 - 000000332 _____ C:\Windows\Tasks\HPCeeScheduleForhoney.job
2019-12-20 14:56 - 2009-07-14 00:09 - 000000000 ____D C:\Windows\system32\Tasks\WPD
2019-12-20 14:34 - 2016-05-05 14:20 - 000003754 _____ C:\Windows\diagerr.xml
2019-12-20 14:34 - 2016-05-05 14:20 - 000001908 _____ C:\Windows\diagwrn.xml
2019-12-20 14:12 - 2014-01-01 22:27 - 000000000 ____D C:\Windows\Panther
2019-12-20 11:37 - 2018-01-24 12:40 - 000003846 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1469117722
2019-12-20 11:37 - 2016-07-21 11:14 - 000000000 ____D C:\Program Files (x86)\Opera
2019-12-19 13:47 - 2019-01-31 13:52 - 000002260 _____ C:\Users\honey\Downloads\New Text Document (11).txt
2019-12-19 13:46 - 2015-06-17 10:18 - 000000000 ____D C:\Users\honey\Documents\Bulk Image Downloader
2019-12-19 10:56 - 2014-09-05 13:50 - 009741238 _____ C:\Users\honey\Documents\untitled.fdff
2019-12-18 19:28 - 2015-06-17 10:09 - 000000000 ____D C:\Program Files (x86)\Bulk Image Downloader
2019-12-18 19:16 - 2016-11-18 14:03 - 000000000 ____D C:\Users\honey\AppData\LocalLow\Mozilla
2019-12-18 15:29 - 2019-08-03 16:43 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-18 15:29 - 2019-08-03 16:43 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-18 15:29 - 2019-08-03 16:43 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-12-17 21:16 - 2019-08-10 12:23 - 000000000 ____D C:\Users\honey\AppData\Local\cache
2019-12-17 19:52 - 2017-08-18 11:09 - 000001945 _____ C:\Windows\epplauncher.mif
2019-12-17 19:50 - 2019-06-25 17:38 - 000000994 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2019-12-17 19:50 - 2019-06-25 17:38 - 000000994 _____ C:\ProgramData\Desktop\Revo Uninstaller.lnk
2019-12-17 19:21 - 2015-10-28 10:16 - 000000000 ____D C:\Users\honey\AppData\Local\ElevatedDiagnostics
2019-12-17 14:31 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\oobe
2019-12-15 20:01 - 2019-11-09 11:35 - 000040076 _____ C:\Users\honey\Downloads\MTB.txt
2019-12-15 09:24 - 2018-05-31 10:46 - 000000000 ____D C:\Program Files\Microsoft Office
2019-12-15 09:13 - 2018-10-16 11:23 - 000004474 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-12-13 15:21 - 2019-08-03 16:43 - 000003334 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-13 15:21 - 2019-08-03 16:43 - 000003206 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-12 19:53 - 2019-01-06 15:46 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-12-12 19:53 - 2015-10-28 12:49 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2019-12-11 18:15 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\rescache
2019-12-11 13:57 - 2016-05-17 20:58 - 003738904 _____ C:\Windows\system32\FNTCACHE.DAT
2019-12-11 13:26 - 2014-02-25 20:23 - 001841518 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-12-11 13:24 - 2019-09-23 13:50 - 000001026 _____ C:\Users\honey\advanced_ip_scanner_MAC.bin
2019-12-11 13:24 - 2019-09-23 13:50 - 000000015 _____ C:\Users\honey\advanced_ip_scanner_Comments.bin
2019-12-11 13:24 - 2019-09-23 13:50 - 000000015 _____ C:\Users\honey\advanced_ip_scanner_Aliases.bin
2019-12-11 13:13 - 2014-01-01 23:39 - 129221664 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-12-05 10:50 - 2015-05-24 09:28 - 000000000 ____D C:\Users\honey\Downloads\p95v285.win64
2019-12-05 10:46 - 2018-08-13 13:53 - 000000400 __RSH C:\ProgramData\ntuser.pol
2019-12-05 10:38 - 2014-07-21 14:12 - 000000000 ____D C:\Users\honey\Downloads\Otilia
2019-12-05 10:19 - 2018-08-09 09:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-12-04 22:00 - 2019-11-08 13:53 - 000002048 _____ C:\Users\honey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileHippo App Manager.lnk
2019-12-04 20:22 - 2014-01-15 16:21 - 000000000 ___RD C:\Users\honey\Documents\Scanned Documents
2019-12-04 10:22 - 2018-08-09 09:44 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-11-28 14:29 - 2019-08-15 17:34 - 000000000 ____D C:\ProgramData\DVD Shrink
2019-11-27 19:58 - 2014-12-05 15:39 - 000000000 ____D C:\ProgramData\Package Cache
2019-11-27 14:03 - 2018-05-31 19:39 - 000000000 ____D C:\SFCFix
2019-11-27 14:03 - 2016-01-25 18:38 - 000000000 ____D C:\Users\honey\AppData\Local\niemiro
2019-11-25 21:32 - 2018-01-14 20:03 - 000000000 ____D C:\Program Files\WhySoSlow
2019-11-25 12:38 - 2015-04-15 06:21 - 000000000 ____D C:\Users\honey\AppData\Local\CrashDumps
2019-11-24 22:42 - 2015-11-13 11:38 - 000000000 ____D C:\Program Files\WhoCrashed
2019-11-24 19:15 - 2019-11-12 10:03 - 000002128 _____ C:\Users\Public\Desktop\REALTEK USB Wireless LAN Utility.lnk
2019-11-24 19:15 - 2019-11-12 10:03 - 000002128 _____ C:\ProgramData\Desktop\REALTEK USB Wireless LAN Utility.lnk
2019-11-24 19:14 - 2014-01-01 21:41 - 000000000 ____D C:\Program Files (x86)\Realtek
2019-11-24 19:02 - 2019-10-19 16:48 - 000500736 _____ (Realtek) C:\Windows\SwUSB.exe
2019-11-24 19:02 - 2019-10-19 16:48 - 000044760 _____ () C:\Windows\runSW.exe
2019-11-24 19:02 - 2014-01-01 23:12 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-11-24 18:39 - 2019-10-10 16:22 - 000002156 _____ C:\Users\honey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2019-11-24 18:39 - 2019-07-23 09:36 - 000003174 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-404867302-3797044342-2971219209-1000
2019-11-24 18:39 - 2019-07-23 09:36 - 000000000 ___RD C:\Users\honey\OneDrive
2019-11-24 11:25 - 2018-06-07 10:57 - 000003218 _____ C:\Windows\system32\Tasks\klcp_update
2019-11-24 11:18 - 2015-06-17 10:09 - 000000000 ____D C:\Users\honey\AppData\Roaming\BID
2019-11-24 11:18 - 2014-01-01 22:40 - 000000000 ____D C:\Users\honey
2019-11-24 11:18 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\security
2019-11-24 11:17 - 2014-07-18 18:43 - 000000000 ____D C:\Windows\Minidump
2019-11-23 21:27 - 2014-01-01 18:17 - 000000000 ____D C:\Users\honey\AppData\Roaming\HpUpdate
2019-11-22 16:45 - 2019-11-18 21:36 - 000000000 ____D C:\Users\honey\AppData\Roaming\vlc
2019-11-22 16:24 - 2015-09-08 10:22 - 000000000 ____D C:\Users\honey\.oracle_jre_usage
2019-11-22 16:23 - 2019-08-10 12:23 - 000000000 ____D C:\Users\honey\AppData\Roaming\Stellarium
2019-11-22 16:20 - 2019-11-02 08:22 - 000000000 ____D C:\Users\honey\.dbus-keyrings
2019-11-21 14:57 - 2019-08-23 13:04 - 001506308 _____ C:\Windows\Tweaking.com - Windows Repair Setup Log.txt
2019-11-21 14:57 - 2018-08-26 15:17 - 000002159 _____ C:\Users\honey\Desktop\Tweaking.com - Windows Repair.lnk
==================== Files in the root of some directories ========
2017-09-07 11:27 - 2017-09-07 11:58 - 007649280 _____ () C:\Program Files (x86)\GUT4730.tmp
==================== FCheck ================================
(If an entry is included in the fixlist, the file/folder will be moved.)
FCheck: C:\Windows\SysWOW64\vfpodbc.dll [1998-06-15] <==== ATTENTION (zero byte File/Folder)
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2019-12-19 13:11
==================== End of FRST.txt ========================
 
Yes. I have everything set up. But I'll do it tomorrow morning. I don't have the time now.
 
OK. It worked. As of this moment Win 10 has started and is updating the OS. I must confess that after I created the local administrator account I deleted it. So I created a new one and then followed your instructions. I guess it didn't matter since it worked. Since I am new to Win 10 I don't know if it will restore my printer drivers. Thank You.
 
You must log in or register to reply here.

Has Sysnative Forums helped you? Please consider donating to help us support the site!

Back
Top