Adware pop up "FLVTO.biz"

A

atlus1432

New Member
Thread author
Aug 7, 2019
3
I am unable to remove this annoying malware. I downloaded the 2 week trial of Malwrebytes and ran a scan but it was unable to detect the virus.

Please see attached - If I have omitted something , apologies in advance as I am a 1st time poster. Thanking you in advance

atlus

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-08-2019 02
Ran by atlus (08-08-2019 16:15:43)
Running from C:\Users\atlus\Downloads
Windows 10 Home Version 1803 17134.885 (X64) (2018-06-08 11:31:23)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2841152593-433718655-1887091617-500 - Administrator - Disabled)
atlus (S-1-5-21-2841152593-433718655-1887091617-1001 - Administrator - Enabled) => C:\Users\atlus
DefaultAccount (S-1-5-21-2841152593-433718655-1887091617-503 - Limited - Disabled)
Guest (S-1-5-21-2841152593-433718655-1887091617-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2841152593-433718655-1887091617-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Security (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Amazon Kindle (HKU\S-1-5-21-2841152593-433718655-1887091617-1001\...\Amazon Kindle) (Version: 1.25.1.52064 - Amazon)
ApoDispatch Install Configurator (HKLM\...\{ABDDDEE7-C266-403D-A4C7-5316B12A98E5}) (Version: 2.3.2101 - Nahimic) Hidden
AR8171 Driver Installation (HKLM-x32\...\{1E672F6A-B698-48A2-AE8C-427F97AF8F0E}) (Version: 1.0.0.34 - Rivet Networks)
AR8171 Drivers (HKLM\...\{DBB92BB8-0C89-488D-B6B4-74C6C03ABD13}) (Version: 1.0.0.34 - Rivet Networks) Hidden
Audacity 2.2.2 (HKLM-x32\...\Audacity_is1) (Version: 2.2.2 - Audacity Team)
AudioLaunchpad Install Configurator (HKLM\...\{5358C6D0-4456-40B4-8BE1-C7515AE660B6}) (Version: 2.3.2101 - Nahimic) Hidden
Backup and Sync from Google (HKLM\...\{768C0072-2FD2-4934-9824-B2A1E81AEA5D}) (Version: 3.45.5545.5747 - Google, Inc.)
Battery Calibration (HKLM-x32\...\{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1609.1901 - Micro-Star International Co., Ltd.) Hidden
Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1609.1901 - Micro-Star International Co., Ltd.)
BurnRecovery (HKLM-x32\...\{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1704.1801 - Application) Hidden
BurnRecovery (HKLM-x32\...\InstallShield_{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1704.1801 - Application)
Camtasia 2018 (HKLM\...\{B709B962-53AA-446A-A733-95D1A6C5DE50}) (Version: 18.0.7.4045 - TechSmith Corporation) Hidden
Camtasia 2018 (HKLM-x32\...\{5fd4f6d8-26d6-43b6-9b95-116b69ee0a69}) (Version: 18.0.7.4045 - TechSmith Corporation)
Camtasia 9 (HKLM\...\{9A1BFE8E-398E-497D-B3BE-C1D8688010FC}) (Version: 9.1.1.2546 - TechSmith Corporation) Hidden
Camtasia 9 (HKLM-x32\...\{d298a2fc-0b3a-45ab-9711-d5ca8a3bda00}) (Version: 9.1.1.2546 - TechSmith Corporation)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.3.3 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.6.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.15.23 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.3.0 - Canon Inc.)
Canon MX490 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX490_series) (Version: 1.02 - Canon Inc.)
Canon MX490 series On-screen Manual (HKLM-x32\...\Canon MX490 series On-screen Manual) (Version: 7.7.1 - Canon Inc.)
Canon MX490 series User Registration (HKLM-x32\...\Canon MX490 series User Registration) (Version: - ‭Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version: 1.6.0 - Canon Inc.)
CheckDevices Install Configurator (HKLM\...\{947A1173-AC2A-41FE-B10F-0604088F0521}) (Version: 2.3.2101 - Nahimic) Hidden
Cisco WebEx Meetings (HKU\S-1-5-21-2841152593-433718655-1887091617-1001\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 390.77 - NVIDIA Corporation) Hidden
Dragon Center (HKLM-x32\...\{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 1.2.1706.1501 - Micro-Star International Co., Ltd.) Hidden
Dragon Center (HKLM-x32\...\InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 1.2.1706.1501 - Micro-Star International Co., Ltd.)
Epic Games Launcher (HKLM-x32\...\{93BFE5DF-776E-436F-8693-DF1F72C0E3C1}) (Version: 1.1.151.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Excel Add-in (HKLM-x32\...\Hoadley Options Excel Add-in_is1) (Version: - Peter Hoadley)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Grammarly (HKU\S-1-5-21-2841152593-433718655-1887091617-1001\...\GrammarlyForWindows) (Version: 1.5.41 - Grammarly)
Help Desk (HKLM-x32\...\{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1706.1901 - Micro-Star International Co., Ltd.) Hidden
Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1706.1901 - Micro-Star International Co., Ltd.)
Hoadley Options Strategy Evaluation Tool (HKLM-x32\...\Hoadley Options Strategy Evaluation Tool_is1) (Version: - Peter Hoadley)
Hoadley Setup (HKLM-x32\...\{CE2B0332-72EF-42E6-B923-2B27F9CCFCC4}) (Version: 1.0.801 - Hoadley Trading & Investment Tools)
Hoadley Setup X64 (HKLM\...\{D4CEA714-2A25-45F5-A376-4977CDE51C27}) (Version: 1.0.1 - Hoadley Trading & Investment Tools)
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1028 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4708 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.7.0.1014 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{559FA847-377D-4926-80A3-ED9E014D363A}) (Version: 19.60.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{03929cf1-3ae4-4765-b8b3-32b8e2e26a8d}) (Version: 19.60.0 - Intel Corporation)
KB9X Radio Switch Driver (HKLM\...\97FE6BFA6A40EE4967381F4313B334031A3B6E03) (Version: 1.1.4.0 - ENE TECHNOLOGY INC.)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LauncherSetup Install (HKLM\...\{C0AF8952-0B19-4081-85D9-987DBF52FE41}) (Version: 2.3.2101 - Nahimic) Hidden
LiveSlides (HKLM-x32\...\{B452B231-8DFE-441A-A0CF-04F712785BA0}) (Version: 1.6.12 - LiveSlides)
Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.11901.20176 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2841152593-433718655-1887091617-1001\...\OneDriveSetup.exe) (Version: 19.123.0624.0005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40303 - Microsoft Corporation)
MSI Feature Navigator (HKLM-x32\...\{2BD90BC2-5B5C-4493-8633-66D0CADF8B33}) (Version: 1.0.1703.1601 - Micro-Star International Co., Ltd.) Hidden
MSI Feature Navigator (HKLM-x32\...\InstallShield_{2BD90BC2-5B5C-4493-8633-66D0CADF8B33}) (Version: 1.0.1703.1601 - Micro-Star International Co., Ltd.)
MSI Remind Manager Service (HKLM-x32\...\{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.0.1705.3101 - Micro-Star International Co., Ltd.) Hidden
MSI Remind Manager Service (HKLM-x32\...\InstallShield_{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.0.1705.3101 - Micro-Star International Co., Ltd.)
MSI_OSET_Setup (HKLM-x32\...\{4822AB78-EFA4-4EBA-B195-55CF122C3302}) (Version: 11.0.112 - Peter Hoadley)
Nahimic 2 Audio Driver (HKLM\...\{C526A25E-AB3F-4E66-900B-ACF134FB093D}) (Version: 2.3.2101 - Nahimic) Hidden
Nahimic 2 Audio Driver (HKLM-x32\...\{38ca1b1f-9d48-476a-98a8-ef8d540ce051}) (Version: 2.3.21 - Nahimic)
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.4.48.00 - NETGEAR Inc.)
Norton Online Backup (HKLM-x32\...\{652C1CDF-C61D-4525-9348-8C272CC2DB24}) (Version: 2.10.2.7 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\NARA) (Version: 4.6.0.12 - Symantec Corporation) Hidden
Norton Security (HKLM-x32\...\NGC) (Version: 22.17.3.50 - Symantec Corporation)
NVIDIA GeForce Experience 3.5.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.5.0.70 - NVIDIA Corporation)
NVIDIA Graphics Driver 399.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 399.01 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.5.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.5.0 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.43.28287 - Electronic Arts, Inc.)
ProductDaemonSetup Install (HKLM\...\{34BEB8EF-E3F5-4FD0-82EB-F688A1E40FFE}) (Version: 2.3.2101 - Nahimic) Hidden
ProductNS Install Configurator (HKLM\...\{05ED5DB9-79BB-48F8-B8DA-A04C1E840FA6}) (Version: 2.3.2101 - Nahimic) Hidden
ReadySHARE Vault (HKLM-x32\...\ReadySHARE Vault) (Version: 7.0 - Genie9)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8172 - Realtek Semiconductor Corp.)
SCM (HKLM\...\{F6E94387-38E9-4D98-9FE1-038F575768BA}) (Version: 13.017.06089 - Application)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0360 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.5.0.70 - NVIDIA Corporation) Hidden
Sizing Options (HKLM-x32\...\{DFAB6DE8-E45F-4D5D-95C0-E54C58993F9F}) (Version: 3.0.1607.2201 - Application) Hidden
Sizing Options (HKLM-x32\...\InstallShield_{DFAB6DE8-E45F-4D5D-95C0-E54C58993F9F}) (Version: 3.0.1607.2201 - Application)
Snagit 2018 (HKLM\...\{F1B2BB45-BADD-45DA-83F1-23FEFE4662BD}) (Version: 18.2.2 - TechSmith Corporation)
Snagit 2019 (HKLM\...\{C4E5FC8D-D9CF-4FA1-B5BC-E8A327E9F4F6}) (Version: 19.1.2 - TechSmith Corporation) Hidden
Snagit 2019 (HKLM-x32\...\{e7360f27-8b39-4b3f-a1cd-c3f0ed162529}) (Version: 19.1.2.3596 - TechSmith Corporation)
SonicMapper Install Configurator (HKLM\...\{C2232191-A1E6-4255-A706-BBC8EF956F64}) (Version: 2.3.2101 - Nahimic) Hidden
STAR WARS™ Battlefront™ II (HKLM-x32\...\{8a882ce0-0c0b-4eb2-850c-28ebadab4f50}) (Version: 1.1.7.26356 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TC2000 v18 (HKLM-x32\...\{A6A526E4-A376-4772-897D-508FB2473C91}) (Version: 1.0.0 - Worden Brothers, Inc.) Hidden
TC2000 v18 (HKU\S-1-5-21-2841152593-433718655-1887091617-1001\...\TC2000 v18 1.0.0) (Version: 1.0.0 - Worden Brothers, Inc.)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.4.2669 - TeamViewer)
thinkorswim (HKU\S-1-5-21-2841152593-433718655-1887091617-1001\...\9968-4488-2169-7623) (Version: desktop - thinkorswim, Inc)
Trader Workstation (HKU\S-1-5-21-2841152593-433718655-1887091617-1001\...\5889-6375-8446-2021) (Version: stable (972.1t) 20190507 10:25:42 - Interactive Brokers LLC)
TriDef SmartCam (MSI) 2.1.2 (HKLM-x32\...\webcam-msi-pkg) (Version: 2.1.2 - Dynamic Digital Depth Australia Pty Ltd)
TWS API (HKLM-x32\...\{BFB69492-F72A-400E-AEEB-DA6567AF90CE}) (Version: 9.72.18 - IBG LLC)
UIInstallUpgrade (HKLM\...\{A8B178EB-1927-4FB7-9D02-78A5FDE9A6B6}) (Version: 2.3.2101 - Nahimic) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-2) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-3) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-4) (Version: 1.0.42.0 - LunarG, Inc.)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22329 - Microsoft Corporation)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.0.2.0_x64__tf1gferkr813w [2019-05-27] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_5.8.4.0_x86__kgqvnymyfvs32 [2019-07-16] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.145.300.0_x86__kgqvnymyfvs32 [2019-08-07] (king.com)
File Viewer Plus -> C:\Program Files\WindowsApps\SharpenedProductions.FileViewerPlus_3.2.0.0_x86__xkt78gamzntbr [2019-07-09] (Sharpened Productions)
Google -> C:\Program Files\WindowsApps\GoogleInc.GoogleSearch_2.1.19.0_x64__yfg5n0ztvskxp [2018-06-26] (Google Inc)
Grammarly for Microsoft Edge -> C:\Program Files\WindowsApps\Grammarly.GrammarlyforMicrosoftEdge_1.120.2309.0_neutral__zee0y2571dhse [2019-05-31] (Grammarly)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation) [MS Ad]
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.2.1.1_x86__h6adky7gbf63m [2019-08-07] (Gameloft.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.12124.0_x64__8wekyb3d8bbwe [2019-08-07] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-16] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.12.28.0_x64__8wekyb3d8bbwe [2019-07-11] (Microsoft Studios)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.0.0.0_x64__a2t3txkz9j1jw [2019-07-26] (MAGIX)
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2018-01-23] (Plex)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0 [2019-08-02] (Spotify AB)
SynMsiDApp -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynMsiDApp_19005.31005.0.0_x64__807d65c4rvak2 [2019-01-14] (Synaptics Incorporated)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [0GenieTimeLine-BackedUp] -> {88A8B1ED-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] () [File not signed]
ShellIconOverlayIdentifiers: [0GenieTimeLine-Excluded] -> {B77E8651-93B1-40CD-8ECF-6F33DAC805A0} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] () [File not signed]
ShellIconOverlayIdentifiers: [0GenieTimeLine-Folder] -> {CEAF16CE-C11C-4081-BE29-DDE7F45A59DB} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] () [File not signed]
ShellIconOverlayIdentifiers: [0GenieTimeLine-NotBackedUp] -> {88A8B1EE-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] () [File not signed]
ShellIconOverlayIdentifiers: [0GenieTimeLine-Pending ] -> {88A8B1EF-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] () [File not signed]
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-BackedUp] -> {88A8B1ED-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] () [File not signed]
ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-Excluded] -> {B77E8651-93B1-40CD-8ECF-6F33DAC805A0} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] () [File not signed]
ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-Folder] -> {CEAF16CE-C11C-4081-BE29-DDE7F45A59DB} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] () [File not signed]
ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-NotBackedUp] -> {88A8B1EE-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] () [File not signed]
ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-Pending ] -> {88A8B1EF-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] () [File not signed]
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-27] (Google LLC -> Google)
ContextMenuHandlers1: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files\TechSmith\Snagit 2018\DLLx64\SnagItShellExt64.dll [2018-09-13] (TechSmith Corporation -> TechSmith Corporation)
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.3.50\NavShExt.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers2: [Genie-Soft Timeline Backup Context Menu Extension] -> {D821600B-0B5D-4D7E-B1CC-034C652E8288} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineContextMenu.gtl [2016-12-18] (Genie9) [File not signed]
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.3.50\NavShExt.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers3: [Genie-Soft Timeline Backup Context Menu Extension] -> {D821600B-0B5D-4D7E-B1CC-034C652E8288} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineContextMenu.gtl [2016-12-18] (Genie9) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-27] (Google LLC -> Google)
ContextMenuHandlers4: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files\TechSmith\Snagit 2018\DLLx64\SnagItShellExt64.dll [2018-09-13] (TechSmith Corporation -> TechSmith Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxDTCM.dll [2017-06-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-08-13] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.3.50\NavShExt.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-01-24 22:25 - 2018-11-06 17:54 - 000170496 ____C () [File not signed] C:\Jts\.install4j\i4jinst.dll
2016-03-03 00:17 - 2016-03-03 00:17 - 000136704 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\airprintdll.dll
2016-03-03 00:17 - 2016-03-03 00:17 - 000146944 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\DiagnoseDll.dll
2016-01-14 22:06 - 2016-01-14 22:06 - 000057344 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\DiagnosePlugin.dll
2016-02-22 04:25 - 2016-02-22 04:25 - 000116224 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\DragonNetTool.dll
2015-08-24 04:41 - 2015-08-24 04:41 - 002360622 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\drivers\libntgr_api.dll
2017-12-01 02:18 - 2017-12-01 02:18 - 000650240 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Genie.dll
2017-08-03 03:08 - 2017-08-03 03:08 - 000168448 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Airprint.dll
2017-08-03 03:08 - 2017-08-03 03:08 - 000590848 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Internet.dll
2017-11-08 23:21 - 2017-11-08 23:21 - 006886400 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Map.dll
2017-08-03 03:18 - 2017-08-03 03:18 - 002976768 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_MyMedia.dll
2017-12-01 02:48 - 2017-12-01 02:48 - 000910848 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_NetworkProblem.dll
2017-11-08 23:22 - 2017-11-08 23:22 - 001241600 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_ParentalControl.dll
2017-11-09 23:38 - 2017-11-09 23:38 - 011869184 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Resource.dll
2017-11-08 23:22 - 2017-11-08 23:22 - 002569728 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_RouterConfiguration.dll
2017-11-08 23:31 - 2017-11-08 23:31 - 000246784 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Statistics.dll
2017-11-08 23:22 - 2017-11-08 23:22 - 000849408 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Ui.dll
2017-08-03 03:12 - 2017-08-03 03:12 - 000414720 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Wireless.dll
2017-10-30 02:12 - 2017-10-30 02:12 - 000633344 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_Update.dll
2017-08-03 03:12 - 2017-08-03 03:12 - 000433664 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_WirelessExport.dll
2014-12-21 12:07 - 2014-12-21 12:07 - 000119822 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libgcc_s_dw2-1.dll
2014-12-21 12:07 - 2014-12-21 12:07 - 001026062 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libstdc++-6.dll
2012-06-27 18:23 - 2012-06-27 18:23 - 000111616 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libvlc.dll
2012-06-27 18:23 - 2012-06-27 18:23 - 002285056 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libvlccore.dll
2016-03-03 00:17 - 2016-03-03 00:17 - 000074752 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\NetcardApi.dll
2012-06-27 18:23 - 2012-06-27 18:23 - 000219648 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\access\libdshow_plugin.dll
2012-06-27 18:23 - 2012-06-27 18:23 - 000049664 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\audio_output\libaout_directx_plugin.dll
2012-06-27 18:23 - 2012-06-27 18:23 - 000051200 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\audio_output\libwaveout_plugin.dll
2012-06-27 18:23 - 2012-06-27 18:23 - 000051200 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\control\libhotkeys_plugin.dll
2012-06-27 18:23 - 2012-06-27 18:23 - 000037376 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\mmxext\libmemcpymmxext_plugin.dll
2012-06-27 18:23 - 2012-06-27 18:23 - 000070144 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\video_output\libdirectx_plugin.dll
2016-02-26 06:07 - 2016-02-26 06:07 - 000049152 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\QRCode.dll
2016-08-15 04:28 - 2016-08-15 04:28 - 001125888 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\qwt.dll
2017-11-08 23:22 - 2017-11-08 23:22 - 001685504 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\SvtNetworkTool.dll
2016-03-03 00:17 - 2016-03-03 00:17 - 000072192 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\SVTUtils.dll
2016-01-14 22:23 - 2016-01-14 22:23 - 000026112 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\WSetupApiPlugin.dll
2016-04-12 02:13 - 2016-04-12 02:13 - 000067072 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\WSetupDll.dll
2016-12-13 06:19 - 2016-12-13 06:19 - 000093696 ____C () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSCurl.dll
2016-12-13 06:19 - 2016-12-13 06:19 - 000089600 ____C () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSEncryption.dll
2018-01-28 14:50 - 2016-12-13 06:19 - 000089600 _____ () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSEncryption.gtl
2016-12-18 08:38 - 2016-12-18 08:38 - 000491520 ____C () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSIndexDB.dll
2016-12-13 06:19 - 2016-12-13 06:19 - 000058368 ____C () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSLibrariesManager.dll
2016-12-13 06:18 - 2016-12-13 06:18 - 000045568 ____C () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSLogging.dll
2018-01-28 14:50 - 2016-12-13 06:18 - 000045568 _____ () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSLogging.gtl
2018-01-28 14:50 - 2016-12-18 08:38 - 000163328 _____ () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl
2016-12-18 08:38 - 2016-12-18 08:38 - 000332800 ____C () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\OnlineHandler.dll
2016-12-18 08:38 - 2016-12-18 08:38 - 000087552 ____C () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\QueueManager.dll
2013-02-03 07:40 - 2013-02-03 07:40 - 000011264 ____C () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\RWLock.dll
2016-12-18 08:38 - 2016-12-18 08:38 - 000211968 ____C () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\Settings.dll
2018-01-28 14:50 - 2016-12-18 08:38 - 000211968 _____ () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\Settings.gtl
2012-02-02 05:16 - 2012-02-02 05:16 - 000740864 ____C () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\sqlite3.dll
2016-12-18 08:38 - 2016-12-18 08:38 - 000063488 ____C () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\XBalloonMsgDll.dll
2018-08-14 14:49 - 2018-08-14 14:49 - 001874432 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2019\cairo.dll
2018-08-14 14:49 - 2018-08-14 14:49 - 000790528 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2019\fontconfig.dll
2018-08-14 14:49 - 2018-08-14 14:49 - 001041920 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2019\harfbuzz-vs14.dll
2018-08-14 14:49 - 2018-08-14 14:49 - 000060928 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2019\iconv.dll
2018-12-11 15:09 - 2018-12-11 15:09 - 000790016 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2019\libhpdf.dll
2017-11-02 16:36 - 2017-11-02 16:36 - 000252928 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2019\libpng16.dll
2018-08-14 14:49 - 2018-08-14 14:49 - 001294336 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2019\libxml2.dll
2017-10-18 09:43 - 2017-10-18 09:43 - 010857984 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2019\opencv_core300.dll
2017-10-18 09:43 - 2017-10-18 09:43 - 025250304 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2019\opencv_imgproc300.dll
2017-11-02 16:36 - 2017-11-02 16:36 - 000086016 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2019\zlib1.dll
2015-05-26 05:42 - 2015-05-26 05:42 - 000491520 ____C (Artpol Software) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSZipEng.dll
2018-01-28 14:50 - 2015-05-26 05:42 - 000491520 _____ (Artpol Software) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSZipEng.gtl
2019-06-27 12:34 - 2017-07-05 13:43 - 000561152 ____C (CANON INC. ) [File not signed] C:\Program Files (x86)\Canon\Quick Menu\CCL.dll
2019-06-27 12:34 - 2014-07-30 14:49 - 000008192 ____C (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_ENU.DLL
2019-06-27 12:34 - 2014-07-30 14:47 - 000104960 ____C (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_IMG.dll
2014-05-15 18:16 - 2014-05-15 18:16 - 000248320 ____C (Canon INC.) [File not signed] C:\Program Files (x86)\Canon\IJPLM\IJPLMCOM.DLL
2019-06-27 12:34 - 2017-07-05 13:49 - 000593920 ____C (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\Quick Menu\CNQMMWRP.dll
2018-04-21 17:58 - 2014-08-06 13:25 - 000375296 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2017-11-02 16:36 - 2017-11-02 16:36 - 000092672 _____ (Free Software Foundation) [File not signed] C:\Program Files\TechSmith\Snagit 2019\intl.dll
2016-12-18 08:38 - 2016-12-18 08:38 - 001353728 ____C (Genie9) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineAgent.exe
2016-12-18 08:38 - 2016-12-18 08:38 - 000174592 ____C (Genie9) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSOnlineProtocol.dll
2016-12-18 08:38 - 2016-12-18 08:38 - 000090624 ____C (Genie9) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSUpdater.dll
2016-12-13 06:19 - 2016-12-13 06:19 - 000648704 ____C (Genie-Soft) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GenieAFX.dll
2016-12-13 06:18 - 2016-12-13 06:18 - 000029184 ____C (Genie-soft) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSEnManager.dll
2016-12-13 06:18 - 2016-12-13 06:18 - 000113152 ____C (Genie-soft) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSGlobalMFC.dll
2016-12-13 06:19 - 2016-12-13 06:19 - 000036352 ____C (Genie-soft) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSSEMGR.dll
2016-12-13 06:19 - 2016-12-13 06:19 - 000152064 ____C (Genie-Soft) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSSMTP.dll
2016-01-08 14:28 - 2016-01-08 14:28 - 000356352 _____ (hxxp://hunspell.sourceforge.net/) [File not signed] C:\Program Files\TechSmith\Snagit 2019\libhunspell.dll
2017-05-16 18:58 - 2017-05-16 18:58 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll
2017-05-16 18:58 - 2017-05-16 18:58 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
2015-06-11 22:35 - 2015-06-11 22:35 - 000047816 ____C (MICRO-STAR INTERNATIONAL CO., LTD -> www.internals.com) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\WinIo64.dll
2017-06-08 12:37 - 2017-06-08 12:37 - 000301848 ____C (Micro-Star International CO., LTD. -> ) [File not signed] C:\Program Files (x86)\SCM\SCM.exe
2017-06-15 17:06 - 2017-06-15 17:06 - 005122840 ____C (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe
2017-06-08 12:37 - 2017-06-08 12:37 - 000160768 _____ (Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\SCM\MSIService.exe
2017-06-08 12:37 - 2017-06-08 12:37 - 001598464 _____ (Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\SCM\MSIWmiAcpi.dll
2014-12-21 12:07 - 2014-12-21 12:07 - 000049152 ____C (MingW-W64 Project. All rights reserved.) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libwinpthread-1.dll
2013-02-19 02:46 - 2013-02-19 02:46 - 000220160 ____C (NETGEAR Inc.) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\drivers\NETGEAR_PLC_L2_API.dll
2014-03-23 22:32 - 2014-03-23 22:32 - 000060273 ____C (Open Source Software community project) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\pthreadGC2.dll
2017-11-02 16:36 - 2017-11-02 16:36 - 000288768 _____ (Red Hat Software) [File not signed] C:\Program Files\TechSmith\Snagit 2019\pango-1.0.dll
2017-11-02 16:36 - 2017-11-02 16:36 - 000588800 _____ (Red Hat Software) [File not signed] C:\Program Files\TechSmith\Snagit 2019\pangocairo-1.0.dll
2017-11-02 16:36 - 2017-11-02 16:36 - 000615424 _____ (Red Hat Software) [File not signed] C:\Program Files\TechSmith\Snagit 2019\pangoft2-1.0.dll
2017-11-02 16:36 - 2017-11-02 16:36 - 000066048 _____ (Red Hat Software) [File not signed] C:\Program Files\TechSmith\Snagit 2019\pangowin32-1.0.dll
2012-02-02 05:16 - 2012-02-02 05:16 - 003501056 ____C (Terra Informatica Software, Inc., British Columbia, Canada.) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\htmlayout.dll
2012-02-02 05:16 - 2012-02-02 05:16 - 000222720 ____C (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\libcurl.dll
2017-11-02 16:36 - 2017-11-02 16:36 - 001328128 _____ (The GLib developer community) [File not signed] C:\Program Files\TechSmith\Snagit 2019\glib-2.0.dll
2017-11-02 16:36 - 2017-11-02 16:36 - 000276480 _____ (The GLib developer community) [File not signed] C:\Program Files\TechSmith\Snagit 2019\gobject-2.0.dll
2013-02-10 21:35 - 2013-02-10 21:35 - 001178624 ____C (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\LIBEAY32.dll
2013-02-10 21:35 - 2013-02-10 21:35 - 000269824 ____C (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\ssleay32.dll
2018-02-18 21:11 - 2019-06-11 08:21 - 001277440 ____C (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2018-02-18 21:11 - 2019-06-11 08:22 - 000279040 ____C (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2012-02-02 05:16 - 2012-02-02 05:16 - 001558016 ____C (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\LIBEAY32.dll
2012-02-02 05:16 - 2012-02-02 05:16 - 000301568 ____C (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\SSLEAY32.dll
2015-10-12 15:44 - 2015-10-12 15:44 - 000033280 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qgif.dll
2015-10-12 15:45 - 2015-10-12 15:45 - 000034816 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qico.dll
2015-10-12 15:45 - 2015-10-12 15:45 - 000246784 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qjpeg.dll
2015-10-12 15:58 - 2015-10-12 15:58 - 000366592 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qmng.dll
2015-10-12 15:48 - 2015-10-12 15:48 - 000028672 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qsvg.dll
2015-10-12 15:58 - 2015-10-12 15:58 - 000027648 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qtga.dll
2015-10-12 15:58 - 2015-10-12 15:58 - 000433664 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qtiff.dll
2015-10-12 15:58 - 2015-10-12 15:58 - 000027136 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qwbmp.dll
2015-10-12 15:46 - 2015-10-12 15:46 - 001413632 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\platforms\qwindows.dll
2015-10-12 15:47 - 2015-10-12 15:47 - 000044544 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\printsupport\windowsprintersupport.dll
2015-11-19 00:54 - 2015-11-19 00:54 - 005391360 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Core.dll
2015-10-12 15:31 - 2015-10-12 15:31 - 005334528 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Gui.dll
2015-10-12 15:26 - 2015-10-12 15:26 - 001528832 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Network.dll
2015-10-12 15:42 - 2015-10-12 15:42 - 000334848 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5OpenGL.dll
2016-04-12 22:52 - 2016-04-12 22:52 - 000357888 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5PrintSupport.dll
2015-10-12 15:48 - 2015-10-12 15:48 - 000331776 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Svg.dll
2015-10-12 15:37 - 2015-10-12 15:37 - 006541824 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Widgets.dll
2015-10-12 15:25 - 2015-10-12 15:25 - 000237056 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Xml.dll
2018-02-18 21:11 - 2019-07-12 09:23 - 001611264 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2018-12-22 09:13 - 2019-07-12 09:23 - 005487104 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2018-12-22 09:13 - 2019-07-12 09:23 - 005841920 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2018-12-22 09:13 - 2019-07-12 09:23 - 001179136 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2018-12-22 09:13 - 2019-07-12 09:23 - 005089792 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2018-12-22 09:13 - 2019-07-12 09:23 - 000184832 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\atlus\OneDrive\Documents\cache:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\atlus\OneDrive\Documents\Camtasia:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\atlus\OneDrive\Documents\My Kindle Content:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\atlus\OneDrive\Documents\TC:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\atlus\OneDrive\Documents\YouTubeDownloads:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\Public\AppData:CSM [468]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 17:03 - 2017-03-18 17:01 - 000000824 ____C C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2841152593-433718655-1887091617-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{1539A94A-704C-4A0B-A86F-E6A934019B86}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{AC0731BA-7FF0-44AD-9E72-A11BDF315BA8}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{04667F5F-E408-454D-90CE-59E6024F105E}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{B990F12A-9C50-4915-91DB-C36430D788CF}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{4728E94B-6996-41CF-8112-D8B5991A4D9B}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{3C0EB273-24F6-4F9D-86E3-520739CFB9D5}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{C1C9AF95-754F-410C-BD8F-F58016EB11AF}C:\jts\tws.exe] => (Allow) C:\jts\tws.exe (Interactive Brokers Group, Inc. -> Interactive Brokers LLC)
FirewallRules: [TCP Query User{0D0F8764-2F12-46AD-B8B4-9180914228D4}C:\jts\tws.exe] => (Allow) C:\jts\tws.exe (Interactive Brokers Group, Inc. -> Interactive Brokers LLC)
FirewallRules: [{48D70421-EF8C-42C1-8130-AC0C95174BBF}] => (Block) C:\program files (x86)\netgear genie\bin\netgeargenie.exe (Netgear Incorporated -> NETGEAR Inc.)
FirewallRules: [{9375787C-9267-4D00-AC63-AF4B83EE3329}] => (Block) C:\program files (x86)\netgear genie\bin\netgeargenie.exe (Netgear Incorporated -> NETGEAR Inc.)
FirewallRules: [UDP Query User{CC13E7E3-6CA3-4DF6-925B-5F0733D6FA62}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe (Netgear Incorporated -> NETGEAR Inc.)
FirewallRules: [TCP Query User{4C3E5BA4-57F5-4047-9444-91D288AF0439}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe (Netgear Incorporated -> NETGEAR Inc.)
FirewallRules: [{04F09750-A3FD-456B-AD84-94008A98540D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Golf Club VR\golfvr.exe () [File not signed]
FirewallRules: [{B50B1C21-7C93-4E06-8FB2-568B00C95A52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Golf Club VR\golfvr.exe () [File not signed]
FirewallRules: [{FA8E4AF3-6CF9-499C-A9E6-6CB7A4952526}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{977961A1-D994-4858-B0E8-BC7DB6F194F0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{39053CCF-6463-42ED-B21D-5380CDF93D63}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{3CF8A87E-9C1C-4E6D-8F04-55A1BBA71776}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{214551BB-0013-4A16-8AFC-93C865E29EEE}] => (Allow) LPort=8318
FirewallRules: [{D624A299-A9EC-461E-A585-A877018B30E0}] => (Allow) LPort=8298
FirewallRules: [{F742CA52-A298-4208-AD2F-B2D8457ABCBE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{C991143B-427E-41C0-A2CC-7393C4F45E7C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{559F0704-3DF5-4DBB-8901-00B610B04439}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{0E7CE527-7025-4EBD-9329-6A730A870948}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{E2B6BE40-3DB2-4C0E-B480-2152143A875C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B1F8BBEC-7145-44FE-AB1E-7DFD4F7A8FDD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B783FA74-8D14-417D-BF3B-1B187041C5C6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4559AFBB-EC3E-4924-9C5C-4B741F780460}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E09198C6-BB9F-4870-B591-587C41E9FF71}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F2A50501-49F0-4881-8E1E-5495072AD8AF}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{16E26D06-E4C8-4DD9-A035-F23E08B53A50}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{2F36C96D-B867-45AC-89D1-3F0C0A778601}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8068796A-8D07-4C9F-BA52-33FCCBE8D07E}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{9DFB6FE1-339F-4240-A45F-B22CE2192E86}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{F1109FFF-89FC-43F5-BFBA-CFCF4498098D}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{C2655607-252B-4DF6-A8D5-DC76735460E1}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{BFAF9B33-A031-45C0-B23D-438D64BF52CF}] => (Allow) LPort=8299
FirewallRules: [{AE6808ED-A718-4BB5-A75A-B15E47E2D260}] => (Allow) LPort=8319
FirewallRules: [{6E183971-645D-4974-B2F0-D6953CE0B173}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BE4BDC04-67AE-407A-8DC1-1AF4A813BDC4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{B0DD6AA2-F700-4561-B6DA-1FAD61A999A8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{80C80D15-737D-4368-AFE8-6F4E762F1E0B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{30372D1D-8915-4FCA-B205-F5D86DD73C1E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{2302093C-EAF3-4A44-B19F-D363C862D65C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{AF23154E-BECE-4ED1-81EB-59F8F7FEFDF2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D562217C-4C8C-459C-AF1D-BF6AF4BBCE6C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{535B34B4-9B82-42AB-BE71-72E57564F2A9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4ED280F1-180F-434D-9966-E9B15A38632B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AE333D64-D655-4648-9B22-631CB37175CF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{82141681-2E62-490C-8986-A5E2EDB848F8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{73243E14-F42C-4260-A173-CA3AF27F94C4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7AA9AFD9-D0D4-4F57-9B0F-13152AFF9483}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/05/2019 08:08:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LockApp.exe version 10.0.17134.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 31a8

Start Time: 01d54979fc9b8bd0

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe

Report Id: 62842796-6eb5-458f-b962-191843405b0c

Faulting package full name: Microsoft.LockApp_10.0.17134.1_neutral__cw5n1h2txyewy

Faulting package-relative application ID: WindowsDefaultLockScreen

Error: (08/05/2019 01:54:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GenieTimelineService.exe, version: 7.0.1.100, time stamp: 0x5856675f
Faulting module name: ntdll.dll, version: 10.0.17134.799, time stamp: 0x7f828745
Exception code: 0xc0000005
Fault offset: 0x0000000000024989
Faulting process id: 0x50a4
Faulting application start time: 0x01d54ba14a4b5992
Faulting application path: C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: a86ca4ba-bb72-476d-8ec1-907f196f59df
Faulting package full name:
Faulting package-relative application ID:

Error: (08/05/2019 11:20:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GenieTimelineService.exe, version: 7.0.1.100, time stamp: 0x5856675f
Faulting module name: ntdll.dll, version: 10.0.17134.799, time stamp: 0x7f828745
Exception code: 0xc0000005
Fault offset: 0x0000000000024989
Faulting process id: 0x1cf4
Faulting application start time: 0x01d54b9e5fbda344
Faulting application path: C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 105b2e85-8398-4fec-b61f-13affbe9ace6
Faulting package full name:
Faulting package-relative application ID:

Error: (08/05/2019 10:59:29 AM) (Source: COM) (EventID: 10031) (User: )
Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {41FD88F7-F295-4D39-91AC-A85F3149A05B} was rejected

Error: (08/05/2019 10:59:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GenieTimelineService.exe, version: 7.0.1.100, time stamp: 0x5856675f
Faulting module name: ntdll.dll, version: 10.0.17134.799, time stamp: 0x7f828745
Exception code: 0xc0000005
Fault offset: 0x0000000000024989
Faulting process id: 0x34b0
Faulting application start time: 0x01d549b73fd2550d
Faulting application path: C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: eb40c0d4-761d-4041-bbdc-ac2fd513746b
Faulting package full name:
Faulting package-relative application ID:

Error: (08/03/2019 12:52:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GenieTimelineService.exe, version: 7.0.1.100, time stamp: 0x5856675f
Faulting module name: ntdll.dll, version: 10.0.17134.799, time stamp: 0x7f828745
Exception code: 0xc0000005
Fault offset: 0x0000000000024989
Faulting process id: 0x47ac
Faulting application start time: 0x01d5497fd59f45b0
Faulting application path: C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: b8b5e19e-6866-4cfa-a92c-90ca3fc2c3ee
Faulting package full name:
Faulting package-relative application ID:

Error: (08/02/2019 06:15:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GenieTimelineService.exe, version: 7.0.1.100, time stamp: 0x5856675f
Faulting module name: ntdll.dll, version: 10.0.17134.799, time stamp: 0x7f828745
Exception code: 0xc0000005
Fault offset: 0x0000000000024989
Faulting process id: 0x1048
Faulting application start time: 0x01d54979f76ea6e8
Faulting application path: C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 9f5ed924-496c-4a5f-958b-da72087dd516
Faulting package full name:
Faulting package-relative application ID:

Error: (08/02/2019 05:33:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ZeroConfigService.exe, version: 19.60.0.0, time stamp: 0x58d16fa6
Faulting module name: ZeroConfigService.exe, version: 19.60.0.0, time stamp: 0x58d16fa6
Exception code: 0xc0000409
Fault offset: 0x000000000022af80
Faulting process id: 0x1198
Faulting application start time: 0x01d53fc117c0c810
Faulting application path: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
Faulting module path: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
Report Id: d6e5de62-46e2-4c9c-8bdc-f66980777f6b
Faulting package full name:
Faulting package-relative application ID:


System errors:
=============
Error: (08/08/2019 02:33:14 PM) (Source: DCOM) (EventID: 10016) (User: MSI)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
and APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
to the user MSI\atlus SID (S-1-5-21-2841152593-433718655-1887091617-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.

Error: (08/08/2019 02:33:14 PM) (Source: DCOM) (EventID: 10016) (User: MSI)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
and APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
to the user MSI\atlus SID (S-1-5-21-2841152593-433718655-1887091617-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.

Error: (08/08/2019 10:33:41 AM) (Source: DCOM) (EventID: 10016) (User: MSI)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
and APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
to the user MSI\atlus SID (S-1-5-21-2841152593-433718655-1887091617-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.

Error: (08/08/2019 06:34:09 AM) (Source: DCOM) (EventID: 10016) (User: MSI)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
and APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
to the user MSI\atlus SID (S-1-5-21-2841152593-433718655-1887091617-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.

Error: (08/07/2019 12:40:45 PM) (Source: DCOM) (EventID: 10016) (User: MSI)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
and APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
to the user MSI\atlus SID (S-1-5-21-2841152593-433718655-1887091617-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.

Error: (08/07/2019 10:33:01 AM) (Source: DCOM) (EventID: 10016) (User: MSI)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
and APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
to the user MSI\atlus SID (S-1-5-21-2841152593-433718655-1887091617-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.

Error: (08/07/2019 09:49:16 AM) (Source: DCOM) (EventID: 10016) (User: MSI)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
and APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
to the user MSI\atlus SID (S-1-5-21-2841152593-433718655-1887091617-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.

Error: (08/06/2019 10:11:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


Windows Defender:
===================================
Date: 2019-06-09 10:14:43.785
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {348D6BF0-9490-4C66-B223-C4793BFB6A24}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-06-05 17:22:18.206
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {68638A97-4816-4E9B-B1C2-90788622BF1D}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-06-05 17:14:18.592
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {5D97F875-80B0-401A-B7DF-1E11DECAD2AF}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-05-17 09:39:05.922
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {968FFC42-D574-4161-9678-3C99B1550858}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-05-17 09:04:13.970
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {6AB7AF03-5B6F-436E-B8BA-BA4170B9DD44}
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===================================

Date: 2019-08-07 13:11:20.716
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.

Date: 2019-08-07 13:11:20.711
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.

Date: 2019-08-07 13:11:14.651
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.

Date: 2019-08-07 13:11:14.643
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.

Date: 2019-08-07 08:23:08.260
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.

Date: 2019-08-07 08:23:08.256
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.

Date: 2019-08-06 08:51:10.308
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.

Date: 2019-08-06 08:51:10.301
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. E16J9IMS.31A 07/11/2017
Motherboard: Micro-Star International Co., Ltd. MS-16J9
Processor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
Percentage of memory in use: 88%
Total physical RAM: 8111.84 MB
Available physical RAM: 896.14 MB
Total Virtual: 17327.84 MB
Available Virtual: 4460.39 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:143.08 GB) (Free:8.77 GB) NTFS
Drive d: (Data) (Fixed) (Total:72.33 GB) (Free:43.98 GB) NTFS

\\?\Volume{d6722152-ccfa-45ae-a00c-0470ebdaab59}\ (WinRE tools) (Fixed) (Total:0.88 GB) (Free:0.46 GB) NTFS
\\?\Volume{350436c9-bbe1-426b-bab7-b63a274088b9}\ (BIOS_RVY) (Fixed) (Total:21.77 GB) (Free:1.1 GB) NTFS
\\?\Volume{a2a6bbd3-f82f-425d-85df-44dbe7b08fbb}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: E4F6F460)

Partition: GPT.

==================== End of Addition.txt ============================







Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 8/5/19
Scan Time: 11:00 AM
Log File: bc5353d7-b791-11e9-a00f-4ccc6adf6900.json

-Software Information-
Version: 3.8.3.2965
Components Version: 1.0.613
Update Package Version: 1.0.11870
License: Expired

-System Information-
OS: Windows 10 (Build 17134.885)
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 302565
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 5 min, 20 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)
 
TwinHeadedEagle

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
Hi,



FRST.gif
Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.
  • Right-click on
    FRST.gif
    icon and select
    RunAsAdmin.jpg
    Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Make sure that Addition.txt option is checked.

    2873ryc.png

  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please attach report into your next reply.
 
A

atlus1432

New Member
Thread author
Aug 7, 2019
3
Hi TwinHeaad, as per your request please see the 2 attached files that were produced from the Farbar tool scan.

awaiting any further instructions

Thanks Again
atlus


edited
 
Last edited by a moderator:
A

atlus1432

New Member
Thread author
Aug 7, 2019
3
Hi TwinHead - just was following up to see if there were any updates ??
I know youre probably extremely busy

Thanks again in advance for any assistance !
 

Similar threads

F
    • Like
  • Locked
Service Host: Network List Service...Virus?
Replies
11
Views
1,817
Windows Malware Removal Help & Support
nasdaq
nasdaq
J
  • Locked
I need help with a Malware Spanish logs
Replies
2
Views
1,821
Windows Malware Removal Help & Support
nasdaq
nasdaq
K
  • Locked
PowerShell/MaleficAms Powershell Infection Please Help
Replies
2
Views
1,962
Windows Malware Removal Help & Support
nasdaq
nasdaq

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top