Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Adware pop up "FLVTO.biz"
Message
<blockquote data-quote="atlus1432" data-source="post: 828504" data-attributes="member: 81552"><p>I am unable to remove this annoying malware. I downloaded the 2 week trial of Malwrebytes and ran a scan but it was unable to detect the virus. </p><p></p><p>Please see attached - If I have omitted something , apologies in advance as I am a 1st time poster. Thanking you in advance </p><p></p><p>atlus</p><p></p><p>Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-08-2019 02</p><p>Ran by atlus (08-08-2019 16:15:43)</p><p>Running from C:\Users\atlus\Downloads</p><p>Windows 10 Home Version 1803 17134.885 (X64) (2018-06-08 11:31:23)</p><p>Boot Mode: Normal</p><p>==========================================================</p><p></p><p></p><p>==================== Accounts: =============================</p><p></p><p>Administrator (S-1-5-21-2841152593-433718655-1887091617-500 - Administrator - Disabled)</p><p>atlus (S-1-5-21-2841152593-433718655-1887091617-1001 - Administrator - Enabled) => C:\Users\atlus</p><p>DefaultAccount (S-1-5-21-2841152593-433718655-1887091617-503 - Limited - Disabled)</p><p>Guest (S-1-5-21-2841152593-433718655-1887091617-501 - Limited - Disabled)</p><p>WDAGUtilityAccount (S-1-5-21-2841152593-433718655-1887091617-504 - Limited - Disabled)</p><p></p><p>==================== Security Center ========================</p><p></p><p>(If an entry is included in the fixlist, it will be removed.)</p><p></p><p>AV: Norton Security (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}</p><p>AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}</p><p>AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}</p><p>FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}</p><p></p><p>==================== Installed Programs ======================</p><p></p><p>(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)</p><p></p><p>Amazon Kindle (HKU\S-1-5-21-2841152593-433718655-1887091617-1001\...\Amazon Kindle) (Version: 1.25.1.52064 - Amazon)</p><p>ApoDispatch Install Configurator (HKLM\...\{ABDDDEE7-C266-403D-A4C7-5316B12A98E5}) (Version: 2.3.2101 - Nahimic) Hidden</p><p>AR8171 Driver Installation (HKLM-x32\...\{1E672F6A-B698-48A2-AE8C-427F97AF8F0E}) (Version: 1.0.0.34 - Rivet Networks)</p><p>AR8171 Drivers (HKLM\...\{DBB92BB8-0C89-488D-B6B4-74C6C03ABD13}) (Version: 1.0.0.34 - Rivet Networks) Hidden</p><p>Audacity 2.2.2 (HKLM-x32\...\Audacity_is1) (Version: 2.2.2 - Audacity Team)</p><p>AudioLaunchpad Install Configurator (HKLM\...\{5358C6D0-4456-40B4-8BE1-C7515AE660B6}) (Version: 2.3.2101 - Nahimic) Hidden</p><p>Backup and Sync from Google (HKLM\...\{768C0072-2FD2-4934-9824-B2A1E81AEA5D}) (Version: 3.45.5545.5747 - Google, Inc.)</p><p>Battery Calibration (HKLM-x32\...\{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1609.1901 - Micro-Star International Co., Ltd.) Hidden</p><p>Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1609.1901 - Micro-Star International Co., Ltd.)</p><p>BurnRecovery (HKLM-x32\...\{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1704.1801 - Application) Hidden</p><p>BurnRecovery (HKLM-x32\...\InstallShield_{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1704.1801 - Application)</p><p>Camtasia 2018 (HKLM\...\{B709B962-53AA-446A-A733-95D1A6C5DE50}) (Version: 18.0.7.4045 - TechSmith Corporation) Hidden</p><p>Camtasia 2018 (HKLM-x32\...\{5fd4f6d8-26d6-43b6-9b95-116b69ee0a69}) (Version: 18.0.7.4045 - TechSmith Corporation)</p><p>Camtasia 9 (HKLM\...\{9A1BFE8E-398E-497D-B3BE-C1D8688010FC}) (Version: 9.1.1.2546 - TechSmith Corporation) Hidden</p><p>Camtasia 9 (HKLM-x32\...\{d298a2fc-0b3a-45ab-9711-d5ca8a3bda00}) (Version: 9.1.1.2546 - TechSmith Corporation)</p><p>Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)</p><p>Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.3.3 - Canon Inc.)</p><p>Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.6.0 - Canon Inc.)</p><p>Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.15.23 - Canon Inc.)</p><p>Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.3.0 - Canon Inc.)</p><p>Canon MX490 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX490_series) (Version: 1.02 - Canon Inc.)</p><p>Canon MX490 series On-screen Manual (HKLM-x32\...\Canon MX490 series On-screen Manual) (Version: 7.7.1 - Canon Inc.)</p><p>Canon MX490 series User Registration (HKLM-x32\...\Canon MX490 series User Registration) (Version: - Canon Inc.)</p><p>Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.1 - Canon Inc.)</p><p>Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)</p><p>Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)</p><p>Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)</p><p>Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version: 1.6.0 - Canon Inc.)</p><p>CheckDevices Install Configurator (HKLM\...\{947A1173-AC2A-41FE-B10F-0604088F0521}) (Version: 2.3.2101 - Nahimic) Hidden</p><p>Cisco WebEx Meetings (HKU\S-1-5-21-2841152593-433718655-1887091617-1001\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)</p><p>DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 390.77 - NVIDIA Corporation) Hidden</p><p>Dragon Center (HKLM-x32\...\{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 1.2.1706.1501 - Micro-Star International Co., Ltd.) Hidden</p><p>Dragon Center (HKLM-x32\...\InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 1.2.1706.1501 - Micro-Star International Co., Ltd.)</p><p>Epic Games Launcher (HKLM-x32\...\{93BFE5DF-776E-436F-8693-DF1F72C0E3C1}) (Version: 1.1.151.0 - Epic Games, Inc.)</p><p>Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden</p><p>Excel Add-in (HKLM-x32\...\Hoadley Options Excel Add-in_is1) (Version: - Peter Hoadley)</p><p>Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC)</p><p>Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden</p><p>Grammarly (HKU\S-1-5-21-2841152593-433718655-1887091617-1001\...\GrammarlyForWindows) (Version: 1.5.41 - Grammarly)</p><p>Help Desk (HKLM-x32\...\{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1706.1901 - Micro-Star International Co., Ltd.) Hidden</p><p>Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1706.1901 - Micro-Star International Co., Ltd.)</p><p>Hoadley Options Strategy Evaluation Tool (HKLM-x32\...\Hoadley Options Strategy Evaluation Tool_is1) (Version: - Peter Hoadley)</p><p>Hoadley Setup (HKLM-x32\...\{CE2B0332-72EF-42E6-B923-2B27F9CCFCC4}) (Version: 1.0.801 - Hoadley Trading & Investment Tools)</p><p>Hoadley Setup X64 (HKLM\...\{D4CEA714-2A25-45F5-A376-4977CDE51C27}) (Version: 1.0.1 - Hoadley Trading & Investment Tools)</p><p>Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden</p><p>Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1028 - Intel Corporation)</p><p>Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4708 - Intel Corporation)</p><p>Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.7.0.1014 - Intel Corporation)</p><p>Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{559FA847-377D-4926-80A3-ED9E014D363A}) (Version: 19.60.0 - Intel Corporation)</p><p>Intel® PROSet/Wireless Software (HKLM-x32\...\{03929cf1-3ae4-4765-b8b3-32b8e2e26a8d}) (Version: 19.60.0 - Intel Corporation)</p><p>KB9X Radio Switch Driver (HKLM\...\97FE6BFA6A40EE4967381F4313B334031A3B6E03) (Version: 1.1.4.0 - ENE TECHNOLOGY INC.)</p><p>Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden</p><p>LauncherSetup Install (HKLM\...\{C0AF8952-0B19-4081-85D9-987DBF52FE41}) (Version: 2.3.2101 - Nahimic) Hidden</p><p>LiveSlides (HKLM-x32\...\{B452B231-8DFE-441A-A0CF-04F712785BA0}) (Version: 1.6.12 - LiveSlides)</p><p>Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)</p><p>Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)</p><p>Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.11901.20176 - Microsoft Corporation)</p><p>Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)</p><p>Microsoft OneDrive (HKU\S-1-5-21-2841152593-433718655-1887091617-1001\...\OneDriveSetup.exe) (Version: 19.123.0624.0005 - Microsoft Corporation)</p><p>Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)</p><p>Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40303 - Microsoft Corporation)</p><p>MSI Feature Navigator (HKLM-x32\...\{2BD90BC2-5B5C-4493-8633-66D0CADF8B33}) (Version: 1.0.1703.1601 - Micro-Star International Co., Ltd.) Hidden</p><p>MSI Feature Navigator (HKLM-x32\...\InstallShield_{2BD90BC2-5B5C-4493-8633-66D0CADF8B33}) (Version: 1.0.1703.1601 - Micro-Star International Co., Ltd.)</p><p>MSI Remind Manager Service (HKLM-x32\...\{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.0.1705.3101 - Micro-Star International Co., Ltd.) Hidden</p><p>MSI Remind Manager Service (HKLM-x32\...\InstallShield_{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.0.1705.3101 - Micro-Star International Co., Ltd.)</p><p>MSI_OSET_Setup (HKLM-x32\...\{4822AB78-EFA4-4EBA-B195-55CF122C3302}) (Version: 11.0.112 - Peter Hoadley)</p><p>Nahimic 2 Audio Driver (HKLM\...\{C526A25E-AB3F-4E66-900B-ACF134FB093D}) (Version: 2.3.2101 - Nahimic) Hidden</p><p>Nahimic 2 Audio Driver (HKLM-x32\...\{38ca1b1f-9d48-476a-98a8-ef8d540ce051}) (Version: 2.3.21 - Nahimic)</p><p>NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.4.48.00 - NETGEAR Inc.)</p><p>Norton Online Backup (HKLM-x32\...\{652C1CDF-C61D-4525-9348-8C272CC2DB24}) (Version: 2.10.2.7 - Symantec Corporation)</p><p>Norton Online Backup (HKLM-x32\...\NARA) (Version: 4.6.0.12 - Symantec Corporation) Hidden</p><p>Norton Security (HKLM-x32\...\NGC) (Version: 22.17.3.50 - Symantec Corporation)</p><p>NVIDIA GeForce Experience 3.5.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.5.0.70 - NVIDIA Corporation)</p><p>NVIDIA Graphics Driver 399.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 399.01 - NVIDIA Corporation)</p><p>NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)</p><p>NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.5.0.70 - NVIDIA Corporation) Hidden</p><p>NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.5.0 - NVIDIA Corporation) Hidden</p><p>Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden</p><p>Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden</p><p>Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden</p><p>Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden</p><p>Origin (HKLM-x32\...\Origin) (Version: 10.5.43.28287 - Electronic Arts, Inc.)</p><p>ProductDaemonSetup Install (HKLM\...\{34BEB8EF-E3F5-4FD0-82EB-F688A1E40FFE}) (Version: 2.3.2101 - Nahimic) Hidden</p><p>ProductNS Install Configurator (HKLM\...\{05ED5DB9-79BB-48F8-B8DA-A04C1E840FA6}) (Version: 2.3.2101 - Nahimic) Hidden</p><p>ReadySHARE Vault (HKLM-x32\...\ReadySHARE Vault) (Version: 7.0 - Genie9)</p><p>Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconductor Corp.)</p><p>Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8172 - Realtek Semiconductor Corp.)</p><p>SCM (HKLM\...\{F6E94387-38E9-4D98-9FE1-038F575768BA}) (Version: 13.017.06089 - Application)</p><p>SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0360 - NVIDIA Corporation) Hidden</p><p>SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.5.0.70 - NVIDIA Corporation) Hidden</p><p>Sizing Options (HKLM-x32\...\{DFAB6DE8-E45F-4D5D-95C0-E54C58993F9F}) (Version: 3.0.1607.2201 - Application) Hidden</p><p>Sizing Options (HKLM-x32\...\InstallShield_{DFAB6DE8-E45F-4D5D-95C0-E54C58993F9F}) (Version: 3.0.1607.2201 - Application)</p><p>Snagit 2018 (HKLM\...\{F1B2BB45-BADD-45DA-83F1-23FEFE4662BD}) (Version: 18.2.2 - TechSmith Corporation)</p><p>Snagit 2019 (HKLM\...\{C4E5FC8D-D9CF-4FA1-B5BC-E8A327E9F4F6}) (Version: 19.1.2 - TechSmith Corporation) Hidden</p><p>Snagit 2019 (HKLM-x32\...\{e7360f27-8b39-4b3f-a1cd-c3f0ed162529}) (Version: 19.1.2.3596 - TechSmith Corporation)</p><p>SonicMapper Install Configurator (HKLM\...\{C2232191-A1E6-4255-A706-BBC8EF956F64}) (Version: 2.3.2101 - Nahimic) Hidden</p><p>STAR WARS™ Battlefront™ II (HKLM-x32\...\{8a882ce0-0c0b-4eb2-850c-28ebadab4f50}) (Version: 1.1.7.26356 - Electronic Arts)</p><p>Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)</p><p>TC2000 v18 (HKLM-x32\...\{A6A526E4-A376-4772-897D-508FB2473C91}) (Version: 1.0.0 - Worden Brothers, Inc.) Hidden</p><p>TC2000 v18 (HKU\S-1-5-21-2841152593-433718655-1887091617-1001\...\TC2000 v18 1.0.0) (Version: 1.0.0 - Worden Brothers, Inc.)</p><p>TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.4.2669 - TeamViewer)</p><p>thinkorswim (HKU\S-1-5-21-2841152593-433718655-1887091617-1001\...\9968-4488-2169-7623) (Version: desktop - thinkorswim, Inc)</p><p>Trader Workstation (HKU\S-1-5-21-2841152593-433718655-1887091617-1001\...\5889-6375-8446-2021) (Version: stable (972.1t) 20190507 10:25:42 - Interactive Brokers LLC)</p><p>TriDef SmartCam (MSI) 2.1.2 (HKLM-x32\...\webcam-msi-pkg) (Version: 2.1.2 - Dynamic Digital Depth Australia Pty Ltd)</p><p>TWS API (HKLM-x32\...\{BFB69492-F72A-400E-AEEB-DA6567AF90CE}) (Version: 9.72.18 - IBG LLC)</p><p>UIInstallUpgrade (HKLM\...\{A8B178EB-1927-4FB7-9D02-78A5FDE9A6B6}) (Version: 2.3.2101 - Nahimic) Hidden</p><p>Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)</p><p>Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.) Hidden</p><p>Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-2) (Version: 1.0.42.0 - LunarG, Inc.) Hidden</p><p>Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-3) (Version: 1.0.42.0 - LunarG, Inc.) Hidden</p><p>Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-4) (Version: 1.0.42.0 - LunarG, Inc.)</p><p>Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22329 - Microsoft Corporation)</p><p></p><p>Packages:</p><p>=========</p><p>Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.0.2.0_x64__tf1gferkr813w [2019-05-27] (Autodesk Inc.)</p><p>Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_5.8.4.0_x86__kgqvnymyfvs32 [2019-07-16] (king.com)</p><p>Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.145.300.0_x86__kgqvnymyfvs32 [2019-08-07] (king.com)</p><p>File Viewer Plus -> C:\Program Files\WindowsApps\SharpenedProductions.FileViewerPlus_3.2.0.0_x86__xkt78gamzntbr [2019-07-09] (Sharpened Productions)</p><p>Google -> C:\Program Files\WindowsApps\GoogleInc.GoogleSearch_2.1.19.0_x64__yfg5n0ztvskxp [2018-06-26] (Google Inc)</p><p>Grammarly for Microsoft Edge -> C:\Program Files\WindowsApps\Grammarly.GrammarlyforMicrosoftEdge_1.120.2309.0_neutral__zee0y2571dhse [2019-05-31] (Grammarly)</p><p>Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation) [MS Ad]</p><p>March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.2.1.1_x86__h6adky7gbf63m [2019-08-07] (Gameloft.)</p><p>Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]</p><p>Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]</p><p>Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.12124.0_x64__8wekyb3d8bbwe [2019-08-07] (Microsoft Corporation) [MS Ad]</p><p>Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-16] (Microsoft Studios) [MS Ad]</p><p>Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.12.28.0_x64__8wekyb3d8bbwe [2019-07-11] (Microsoft Studios)</p><p>MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad]</p><p>Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.0.0.0_x64__a2t3txkz9j1jw [2019-07-26] (MAGIX)</p><p>Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2018-01-23] (Plex)</p><p>Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0 [2019-08-02] (Spotify AB)</p><p>SynMsiDApp -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynMsiDApp_19005.31005.0.0_x64__807d65c4rvak2 [2019-01-14] (Synaptics Incorporated)</p><p></p><p>==================== Custom CLSID (Whitelisted): ==========================</p><p></p><p>(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)</p><p>ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)</p><p>ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)</p><p>ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)</p><p>ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)</p><p>ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)</p><p>ShellIconOverlayIdentifiers: [0GenieTimeLine-BackedUp] -> {88A8B1ED-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] () [File not signed]</p><p>ShellIconOverlayIdentifiers: [0GenieTimeLine-Excluded] -> {B77E8651-93B1-40CD-8ECF-6F33DAC805A0} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] () [File not signed]</p><p>ShellIconOverlayIdentifiers: [0GenieTimeLine-Folder] -> {CEAF16CE-C11C-4081-BE29-DDE7F45A59DB} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] () [File not signed]</p><p>ShellIconOverlayIdentifiers: [0GenieTimeLine-NotBackedUp] -> {88A8B1EE-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] () [File not signed]</p><p>ShellIconOverlayIdentifiers: [0GenieTimeLine-Pending ] -> {88A8B1EF-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] () [File not signed]</p><p>ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)</p><p>ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)</p><p>ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)</p><p>ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-BackedUp] -> {88A8B1ED-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] () [File not signed]</p><p>ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-Excluded] -> {B77E8651-93B1-40CD-8ECF-6F33DAC805A0} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] () [File not signed]</p><p>ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-Folder] -> {CEAF16CE-C11C-4081-BE29-DDE7F45A59DB} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] () [File not signed]</p><p>ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-NotBackedUp] -> {88A8B1EE-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] () [File not signed]</p><p>ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-Pending ] -> {88A8B1EF-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] () [File not signed]</p><p>ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)</p><p>ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-27] (Google LLC -> Google)</p><p>ContextMenuHandlers1: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files\TechSmith\Snagit 2018\DLLx64\SnagItShellExt64.dll [2018-09-13] (TechSmith Corporation -> TechSmith Corporation)</p><p>ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.3.50\NavShExt.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)</p><p>ContextMenuHandlers2: [Genie-Soft Timeline Backup Context Menu Extension] -> {D821600B-0B5D-4D7E-B1CC-034C652E8288} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineContextMenu.gtl [2016-12-18] (Genie9) [File not signed]</p><p>ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.3.50\NavShExt.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)</p><p>ContextMenuHandlers3: [Genie-Soft Timeline Backup Context Menu Extension] -> {D821600B-0B5D-4D7E-B1CC-034C652E8288} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineContextMenu.gtl [2016-12-18] (Genie9) [File not signed]</p><p>ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)</p><p>ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-27] (Google LLC -> Google)</p><p>ContextMenuHandlers4: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files\TechSmith\Snagit 2018\DLLx64\SnagItShellExt64.dll [2018-09-13] (TechSmith Corporation -> TechSmith Corporation)</p><p>ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File</p><p>ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxDTCM.dll [2017-06-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)</p><p>ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-08-13] (NVIDIA Corporation -> NVIDIA Corporation)</p><p>ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)</p><p>ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)</p><p>ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.3.50\NavShExt.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation)</p><p></p><p>==================== Shortcuts & WMI ========================</p><p></p><p>(The entries could be listed to be restored or removed.)</p><p></p><p></p><p>==================== Loaded Modules (Whitelisted) ==============</p><p></p><p>2018-01-24 22:25 - 2018-11-06 17:54 - 000170496 ____C () [File not signed] C:\Jts\.install4j\i4jinst.dll</p><p>2016-03-03 00:17 - 2016-03-03 00:17 - 000136704 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\airprintdll.dll</p><p>2016-03-03 00:17 - 2016-03-03 00:17 - 000146944 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\DiagnoseDll.dll</p><p>2016-01-14 22:06 - 2016-01-14 22:06 - 000057344 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\DiagnosePlugin.dll</p><p>2016-02-22 04:25 - 2016-02-22 04:25 - 000116224 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\DragonNetTool.dll</p><p>2015-08-24 04:41 - 2015-08-24 04:41 - 002360622 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\drivers\libntgr_api.dll</p><p>2017-12-01 02:18 - 2017-12-01 02:18 - 000650240 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Genie.dll</p><p>2017-08-03 03:08 - 2017-08-03 03:08 - 000168448 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Airprint.dll</p><p>2017-08-03 03:08 - 2017-08-03 03:08 - 000590848 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Internet.dll</p><p>2017-11-08 23:21 - 2017-11-08 23:21 - 006886400 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Map.dll</p><p>2017-08-03 03:18 - 2017-08-03 03:18 - 002976768 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_MyMedia.dll</p><p>2017-12-01 02:48 - 2017-12-01 02:48 - 000910848 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_NetworkProblem.dll</p><p>2017-11-08 23:22 - 2017-11-08 23:22 - 001241600 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_ParentalControl.dll</p><p>2017-11-09 23:38 - 2017-11-09 23:38 - 011869184 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Resource.dll</p><p>2017-11-08 23:22 - 2017-11-08 23:22 - 002569728 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_RouterConfiguration.dll</p><p>2017-11-08 23:31 - 2017-11-08 23:31 - 000246784 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Statistics.dll</p><p>2017-11-08 23:22 - 2017-11-08 23:22 - 000849408 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Ui.dll</p><p>2017-08-03 03:12 - 2017-08-03 03:12 - 000414720 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Wireless.dll</p><p>2017-10-30 02:12 - 2017-10-30 02:12 - 000633344 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_Update.dll</p><p>2017-08-03 03:12 - 2017-08-03 03:12 - 000433664 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_WirelessExport.dll</p><p>2014-12-21 12:07 - 2014-12-21 12:07 - 000119822 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libgcc_s_dw2-1.dll</p><p>2014-12-21 12:07 - 2014-12-21 12:07 - 001026062 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libstdc++-6.dll</p><p>2012-06-27 18:23 - 2012-06-27 18:23 - 000111616 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libvlc.dll</p><p>2012-06-27 18:23 - 2012-06-27 18:23 - 002285056 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libvlccore.dll</p><p>2016-03-03 00:17 - 2016-03-03 00:17 - 000074752 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\NetcardApi.dll</p><p>2012-06-27 18:23 - 2012-06-27 18:23 - 000219648 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\access\libdshow_plugin.dll</p><p>2012-06-27 18:23 - 2012-06-27 18:23 - 000049664 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\audio_output\libaout_directx_plugin.dll</p><p>2012-06-27 18:23 - 2012-06-27 18:23 - 000051200 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\audio_output\libwaveout_plugin.dll</p><p>2012-06-27 18:23 - 2012-06-27 18:23 - 000051200 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\control\libhotkeys_plugin.dll</p><p>2012-06-27 18:23 - 2012-06-27 18:23 - 000037376 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\mmxext\libmemcpymmxext_plugin.dll</p><p>2012-06-27 18:23 - 2012-06-27 18:23 - 000070144 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\video_output\libdirectx_plugin.dll</p><p>2016-02-26 06:07 - 2016-02-26 06:07 - 000049152 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\QRCode.dll</p><p>2016-08-15 04:28 - 2016-08-15 04:28 - 001125888 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\qwt.dll</p><p>2017-11-08 23:22 - 2017-11-08 23:22 - 001685504 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\SvtNetworkTool.dll</p><p>2016-03-03 00:17 - 2016-03-03 00:17 - 000072192 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\SVTUtils.dll</p><p>2016-01-14 22:23 - 2016-01-14 22:23 - 000026112 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\WSetupApiPlugin.dll</p><p>2016-04-12 02:13 - 2016-04-12 02:13 - 000067072 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\WSetupDll.dll</p><p>2016-12-13 06:19 - 2016-12-13 06:19 - 000093696 ____C () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSCurl.dll</p><p>2016-12-13 06:19 - 2016-12-13 06:19 - 000089600 ____C () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSEncryption.dll</p><p>2018-01-28 14:50 - 2016-12-13 06:19 - 000089600 _____ () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSEncryption.gtl</p><p>2016-12-18 08:38 - 2016-12-18 08:38 - 000491520 ____C () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSIndexDB.dll</p><p>2016-12-13 06:19 - 2016-12-13 06:19 - 000058368 ____C () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSLibrariesManager.dll</p><p>2016-12-13 06:18 - 2016-12-13 06:18 - 000045568 ____C () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSLogging.dll</p><p>2018-01-28 14:50 - 2016-12-13 06:18 - 000045568 _____ () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSLogging.gtl</p><p>2018-01-28 14:50 - 2016-12-18 08:38 - 000163328 _____ () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl</p><p>2016-12-18 08:38 - 2016-12-18 08:38 - 000332800 ____C () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\OnlineHandler.dll</p><p>2016-12-18 08:38 - 2016-12-18 08:38 - 000087552 ____C () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\QueueManager.dll</p><p>2013-02-03 07:40 - 2013-02-03 07:40 - 000011264 ____C () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\RWLock.dll</p><p>2016-12-18 08:38 - 2016-12-18 08:38 - 000211968 ____C () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\Settings.dll</p><p>2018-01-28 14:50 - 2016-12-18 08:38 - 000211968 _____ () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\Settings.gtl</p><p>2012-02-02 05:16 - 2012-02-02 05:16 - 000740864 ____C () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\sqlite3.dll</p><p>2016-12-18 08:38 - 2016-12-18 08:38 - 000063488 ____C () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\XBalloonMsgDll.dll</p><p>2018-08-14 14:49 - 2018-08-14 14:49 - 001874432 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2019\cairo.dll</p><p>2018-08-14 14:49 - 2018-08-14 14:49 - 000790528 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2019\fontconfig.dll</p><p>2018-08-14 14:49 - 2018-08-14 14:49 - 001041920 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2019\harfbuzz-vs14.dll</p><p>2018-08-14 14:49 - 2018-08-14 14:49 - 000060928 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2019\iconv.dll</p><p>2018-12-11 15:09 - 2018-12-11 15:09 - 000790016 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2019\libhpdf.dll</p><p>2017-11-02 16:36 - 2017-11-02 16:36 - 000252928 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2019\libpng16.dll</p><p>2018-08-14 14:49 - 2018-08-14 14:49 - 001294336 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2019\libxml2.dll</p><p>2017-10-18 09:43 - 2017-10-18 09:43 - 010857984 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2019\opencv_core300.dll</p><p>2017-10-18 09:43 - 2017-10-18 09:43 - 025250304 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2019\opencv_imgproc300.dll</p><p>2017-11-02 16:36 - 2017-11-02 16:36 - 000086016 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2019\zlib1.dll</p><p>2015-05-26 05:42 - 2015-05-26 05:42 - 000491520 ____C (Artpol Software) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSZipEng.dll</p><p>2018-01-28 14:50 - 2015-05-26 05:42 - 000491520 _____ (Artpol Software) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSZipEng.gtl</p><p>2019-06-27 12:34 - 2017-07-05 13:43 - 000561152 ____C (CANON INC. ) [File not signed] C:\Program Files (x86)\Canon\Quick Menu\CCL.dll</p><p>2019-06-27 12:34 - 2014-07-30 14:49 - 000008192 ____C (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_ENU.DLL</p><p>2019-06-27 12:34 - 2014-07-30 14:47 - 000104960 ____C (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_IMG.dll</p><p>2014-05-15 18:16 - 2014-05-15 18:16 - 000248320 ____C (Canon INC.) [File not signed] C:\Program Files (x86)\Canon\IJPLM\IJPLMCOM.DLL</p><p>2019-06-27 12:34 - 2017-07-05 13:49 - 000593920 ____C (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\Quick Menu\CNQMMWRP.dll</p><p>2018-04-21 17:58 - 2014-08-06 13:25 - 000375296 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL</p><p>2017-11-02 16:36 - 2017-11-02 16:36 - 000092672 _____ (Free Software Foundation) [File not signed] C:\Program Files\TechSmith\Snagit 2019\intl.dll</p><p>2016-12-18 08:38 - 2016-12-18 08:38 - 001353728 ____C (Genie9) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineAgent.exe</p><p>2016-12-18 08:38 - 2016-12-18 08:38 - 000174592 ____C (Genie9) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSOnlineProtocol.dll</p><p>2016-12-18 08:38 - 2016-12-18 08:38 - 000090624 ____C (Genie9) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSUpdater.dll</p><p>2016-12-13 06:19 - 2016-12-13 06:19 - 000648704 ____C (Genie-Soft) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GenieAFX.dll</p><p>2016-12-13 06:18 - 2016-12-13 06:18 - 000029184 ____C (Genie-soft) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSEnManager.dll</p><p>2016-12-13 06:18 - 2016-12-13 06:18 - 000113152 ____C (Genie-soft) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSGlobalMFC.dll</p><p>2016-12-13 06:19 - 2016-12-13 06:19 - 000036352 ____C (Genie-soft) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSSEMGR.dll</p><p>2016-12-13 06:19 - 2016-12-13 06:19 - 000152064 ____C (Genie-Soft) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSSMTP.dll</p><p>2016-01-08 14:28 - 2016-01-08 14:28 - 000356352 _____ (hxxp://hunspell.sourceforge.net/) [File not signed] C:\Program Files\TechSmith\Snagit 2019\libhunspell.dll</p><p>2017-05-16 18:58 - 2017-05-16 18:58 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll</p><p>2017-05-16 18:58 - 2017-05-16 18:58 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll</p><p>2015-06-11 22:35 - 2015-06-11 22:35 - 000047816 ____C (MICRO-STAR INTERNATIONAL CO., LTD -> <a href="http://www.internals.com" target="_blank">www.internals.com</a>) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\WinIo64.dll</p><p>2017-06-08 12:37 - 2017-06-08 12:37 - 000301848 ____C (Micro-Star International CO., LTD. -> ) [File not signed] C:\Program Files (x86)\SCM\SCM.exe</p><p>2017-06-15 17:06 - 2017-06-15 17:06 - 005122840 ____C (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe</p><p>2017-06-08 12:37 - 2017-06-08 12:37 - 000160768 _____ (Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\SCM\MSIService.exe</p><p>2017-06-08 12:37 - 2017-06-08 12:37 - 001598464 _____ (Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\SCM\MSIWmiAcpi.dll</p><p>2014-12-21 12:07 - 2014-12-21 12:07 - 000049152 ____C (MingW-W64 Project. All rights reserved.) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libwinpthread-1.dll</p><p>2013-02-19 02:46 - 2013-02-19 02:46 - 000220160 ____C (NETGEAR Inc.) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\drivers\NETGEAR_PLC_L2_API.dll</p><p>2014-03-23 22:32 - 2014-03-23 22:32 - 000060273 ____C (Open Source Software community project) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\pthreadGC2.dll</p><p>2017-11-02 16:36 - 2017-11-02 16:36 - 000288768 _____ (Red Hat Software) [File not signed] C:\Program Files\TechSmith\Snagit 2019\pango-1.0.dll</p><p>2017-11-02 16:36 - 2017-11-02 16:36 - 000588800 _____ (Red Hat Software) [File not signed] C:\Program Files\TechSmith\Snagit 2019\pangocairo-1.0.dll</p><p>2017-11-02 16:36 - 2017-11-02 16:36 - 000615424 _____ (Red Hat Software) [File not signed] C:\Program Files\TechSmith\Snagit 2019\pangoft2-1.0.dll</p><p>2017-11-02 16:36 - 2017-11-02 16:36 - 000066048 _____ (Red Hat Software) [File not signed] C:\Program Files\TechSmith\Snagit 2019\pangowin32-1.0.dll</p><p>2012-02-02 05:16 - 2012-02-02 05:16 - 003501056 ____C (Terra Informatica Software, Inc., British Columbia, Canada.) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\htmlayout.dll</p><p>2012-02-02 05:16 - 2012-02-02 05:16 - 000222720 ____C (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\libcurl.dll</p><p>2017-11-02 16:36 - 2017-11-02 16:36 - 001328128 _____ (The GLib developer community) [File not signed] C:\Program Files\TechSmith\Snagit 2019\glib-2.0.dll</p><p>2017-11-02 16:36 - 2017-11-02 16:36 - 000276480 _____ (The GLib developer community) [File not signed] C:\Program Files\TechSmith\Snagit 2019\gobject-2.0.dll</p><p>2013-02-10 21:35 - 2013-02-10 21:35 - 001178624 ____C (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\LIBEAY32.dll</p><p>2013-02-10 21:35 - 2013-02-10 21:35 - 000269824 ____C (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\ssleay32.dll</p><p>2018-02-18 21:11 - 2019-06-11 08:21 - 001277440 ____C (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll</p><p>2018-02-18 21:11 - 2019-06-11 08:22 - 000279040 ____C (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll</p><p>2012-02-02 05:16 - 2012-02-02 05:16 - 001558016 ____C (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\LIBEAY32.dll</p><p>2012-02-02 05:16 - 2012-02-02 05:16 - 000301568 ____C (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\SSLEAY32.dll</p><p>2015-10-12 15:44 - 2015-10-12 15:44 - 000033280 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qgif.dll</p><p>2015-10-12 15:45 - 2015-10-12 15:45 - 000034816 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qico.dll</p><p>2015-10-12 15:45 - 2015-10-12 15:45 - 000246784 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qjpeg.dll</p><p>2015-10-12 15:58 - 2015-10-12 15:58 - 000366592 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qmng.dll</p><p>2015-10-12 15:48 - 2015-10-12 15:48 - 000028672 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qsvg.dll</p><p>2015-10-12 15:58 - 2015-10-12 15:58 - 000027648 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qtga.dll</p><p>2015-10-12 15:58 - 2015-10-12 15:58 - 000433664 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qtiff.dll</p><p>2015-10-12 15:58 - 2015-10-12 15:58 - 000027136 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qwbmp.dll</p><p>2015-10-12 15:46 - 2015-10-12 15:46 - 001413632 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\platforms\qwindows.dll</p><p>2015-10-12 15:47 - 2015-10-12 15:47 - 000044544 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\printsupport\windowsprintersupport.dll</p><p>2015-11-19 00:54 - 2015-11-19 00:54 - 005391360 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Core.dll</p><p>2015-10-12 15:31 - 2015-10-12 15:31 - 005334528 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Gui.dll</p><p>2015-10-12 15:26 - 2015-10-12 15:26 - 001528832 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Network.dll</p><p>2015-10-12 15:42 - 2015-10-12 15:42 - 000334848 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5OpenGL.dll</p><p>2016-04-12 22:52 - 2016-04-12 22:52 - 000357888 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5PrintSupport.dll</p><p>2015-10-12 15:48 - 2015-10-12 15:48 - 000331776 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Svg.dll</p><p>2015-10-12 15:37 - 2015-10-12 15:37 - 006541824 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Widgets.dll</p><p>2015-10-12 15:25 - 2015-10-12 15:25 - 000237056 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Xml.dll</p><p>2018-02-18 21:11 - 2019-07-12 09:23 - 001611264 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll</p><p>2018-12-22 09:13 - 2019-07-12 09:23 - 005487104 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll</p><p>2018-12-22 09:13 - 2019-07-12 09:23 - 005841920 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll</p><p>2018-12-22 09:13 - 2019-07-12 09:23 - 001179136 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll</p><p>2018-12-22 09:13 - 2019-07-12 09:23 - 005089792 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll</p><p>2018-12-22 09:13 - 2019-07-12 09:23 - 000184832 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll</p><p></p><p>==================== Alternate Data Streams (Whitelisted) =========</p><p></p><p>(If an entry is included in the fixlist, only the ADS will be removed.)</p><p></p><p>AlternateDataStreams: C:\Users\atlus\OneDrive\Documents\cache:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]</p><p>AlternateDataStreams: C:\Users\atlus\OneDrive\Documents\Camtasia:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]</p><p>AlternateDataStreams: C:\Users\atlus\OneDrive\Documents\My Kindle Content:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]</p><p>AlternateDataStreams: C:\Users\atlus\OneDrive\Documents\TC:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]</p><p>AlternateDataStreams: C:\Users\atlus\OneDrive\Documents\YouTubeDownloads:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]</p><p>AlternateDataStreams: C:\Users\Public\AppData:CSM [468]</p><p></p><p>==================== Safe Mode (Whitelisted) ===================</p><p></p><p>(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)</p><p></p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"</p><p></p><p>==================== Association (Whitelisted) ===============</p><p></p><p>(If an entry is included in the fixlist, the registry item will be restored to default or removed.)</p><p></p><p></p><p>==================== Internet Explorer trusted/restricted ===============</p><p></p><p>(If an entry is included in the fixlist, it will be removed from the registry.)</p><p></p><p></p><p>==================== Hosts content: ===============================</p><p></p><p>(If needed Hosts: directive could be included in the fixlist to reset Hosts.)</p><p></p><p>2017-03-18 17:03 - 2017-03-18 17:01 - 000000824 ____C C:\WINDOWS\system32\drivers\etc\hosts</p><p></p><p></p><p>==================== Other Areas ============================</p><p></p><p>(Currently there is no automatic fix for this section.)</p><p></p><p>HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\</p><p>HKU\S-1-5-21-2841152593-433718655-1887091617-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg</p><p>DNS Servers: 192.168.1.1</p><p>HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)</p><p>HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )</p><p>Windows Firewall is enabled.</p><p></p><p>==================== MSCONFIG/TASK MANAGER disabled items ==</p><p></p><p>If an entry is included in the fixlist, it will be removed.</p><p></p><p></p><p>==================== FirewallRules (Whitelisted) ===============</p><p></p><p>(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>FirewallRules: [UDP Query User{1539A94A-704C-4A0B-A86F-E6A934019B86}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)</p><p>FirewallRules: [TCP Query User{AC0731BA-7FF0-44AD-9E72-A11BDF315BA8}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)</p><p>FirewallRules: [UDP Query User{04667F5F-E408-454D-90CE-59E6024F105E}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)</p><p>FirewallRules: [TCP Query User{B990F12A-9C50-4915-91DB-C36430D788CF}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)</p><p>FirewallRules: [UDP Query User{4728E94B-6996-41CF-8112-D8B5991A4D9B}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)</p><p>FirewallRules: [TCP Query User{3C0EB273-24F6-4F9D-86E3-520739CFB9D5}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)</p><p>FirewallRules: [UDP Query User{C1C9AF95-754F-410C-BD8F-F58016EB11AF}C:\jts\tws.exe] => (Allow) C:\jts\tws.exe (Interactive Brokers Group, Inc. -> Interactive Brokers LLC)</p><p>FirewallRules: [TCP Query User{0D0F8764-2F12-46AD-B8B4-9180914228D4}C:\jts\tws.exe] => (Allow) C:\jts\tws.exe (Interactive Brokers Group, Inc. -> Interactive Brokers LLC)</p><p>FirewallRules: [{48D70421-EF8C-42C1-8130-AC0C95174BBF}] => (Block) C:\program files (x86)\netgear genie\bin\netgeargenie.exe (Netgear Incorporated -> NETGEAR Inc.)</p><p>FirewallRules: [{9375787C-9267-4D00-AC63-AF4B83EE3329}] => (Block) C:\program files (x86)\netgear genie\bin\netgeargenie.exe (Netgear Incorporated -> NETGEAR Inc.)</p><p>FirewallRules: [UDP Query User{CC13E7E3-6CA3-4DF6-925B-5F0733D6FA62}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe (Netgear Incorporated -> NETGEAR Inc.)</p><p>FirewallRules: [TCP Query User{4C3E5BA4-57F5-4047-9444-91D288AF0439}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe (Netgear Incorporated -> NETGEAR Inc.)</p><p>FirewallRules: [{04F09750-A3FD-456B-AD84-94008A98540D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Golf Club VR\golfvr.exe () [File not signed]</p><p>FirewallRules: [{B50B1C21-7C93-4E06-8FB2-568B00C95A52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Golf Club VR\golfvr.exe () [File not signed]</p><p>FirewallRules: [{FA8E4AF3-6CF9-499C-A9E6-6CB7A4952526}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File</p><p>FirewallRules: [{977961A1-D994-4858-B0E8-BC7DB6F194F0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File</p><p>FirewallRules: [{39053CCF-6463-42ED-B21D-5380CDF93D63}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)</p><p>FirewallRules: [{3CF8A87E-9C1C-4E6D-8F04-55A1BBA71776}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)</p><p>FirewallRules: [{214551BB-0013-4A16-8AFC-93C865E29EEE}] => (Allow) LPort=8318</p><p>FirewallRules: [{D624A299-A9EC-461E-A585-A877018B30E0}] => (Allow) LPort=8298</p><p>FirewallRules: [{F742CA52-A298-4208-AD2F-B2D8457ABCBE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)</p><p>FirewallRules: [{C991143B-427E-41C0-A2CC-7393C4F45E7C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)</p><p>FirewallRules: [{559F0704-3DF5-4DBB-8901-00B610B04439}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)</p><p>FirewallRules: [{0E7CE527-7025-4EBD-9329-6A730A870948}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)</p><p>FirewallRules: [{E2B6BE40-3DB2-4C0E-B480-2152143A875C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)</p><p>FirewallRules: [{B1F8BBEC-7145-44FE-AB1E-7DFD4F7A8FDD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)</p><p>FirewallRules: [{B783FA74-8D14-417D-BF3B-1B187041C5C6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)</p><p>FirewallRules: [{4559AFBB-EC3E-4924-9C5C-4B741F780460}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)</p><p>FirewallRules: [{E09198C6-BB9F-4870-B591-587C41E9FF71}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)</p><p>FirewallRules: [{F2A50501-49F0-4881-8E1E-5495072AD8AF}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )</p><p>FirewallRules: [{16E26D06-E4C8-4DD9-A035-F23E08B53A50}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)</p><p>FirewallRules: [{2F36C96D-B867-45AC-89D1-3F0C0A778601}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)</p><p>FirewallRules: [{8068796A-8D07-4C9F-BA52-33FCCBE8D07E}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)</p><p>FirewallRules: [{9DFB6FE1-339F-4240-A45F-B22CE2192E86}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)</p><p>FirewallRules: [{F1109FFF-89FC-43F5-BFBA-CFCF4498098D}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)</p><p>FirewallRules: [{C2655607-252B-4DF6-A8D5-DC76735460E1}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)</p><p>FirewallRules: [{BFAF9B33-A031-45C0-B23D-438D64BF52CF}] => (Allow) LPort=8299</p><p>FirewallRules: [{AE6808ED-A718-4BB5-A75A-B15E47E2D260}] => (Allow) LPort=8319</p><p>FirewallRules: [{6E183971-645D-4974-B2F0-D6953CE0B173}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)</p><p>FirewallRules: [{BE4BDC04-67AE-407A-8DC1-1AF4A813BDC4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)</p><p>FirewallRules: [{B0DD6AA2-F700-4561-B6DA-1FAD61A999A8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)</p><p>FirewallRules: [{80C80D15-737D-4368-AFE8-6F4E762F1E0B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)</p><p>FirewallRules: [{30372D1D-8915-4FCA-B205-F5D86DD73C1E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)</p><p>FirewallRules: [{2302093C-EAF3-4A44-B19F-D363C862D65C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)</p><p>FirewallRules: [{AF23154E-BECE-4ED1-81EB-59F8F7FEFDF2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)</p><p>FirewallRules: [{D562217C-4C8C-459C-AF1D-BF6AF4BBCE6C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)</p><p>FirewallRules: [{535B34B4-9B82-42AB-BE71-72E57564F2A9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)</p><p>FirewallRules: [{4ED280F1-180F-434D-9966-E9B15A38632B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)</p><p>FirewallRules: [{AE333D64-D655-4648-9B22-631CB37175CF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)</p><p>FirewallRules: [{82141681-2E62-490C-8986-A5E2EDB848F8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)</p><p>FirewallRules: [{73243E14-F42C-4260-A173-CA3AF27F94C4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)</p><p>FirewallRules: [{7AA9AFD9-D0D4-4F57-9B0F-13152AFF9483}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)</p><p></p><p>==================== Restore Points =========================</p><p></p><p></p><p>==================== Faulty Device Manager Devices =============</p><p></p><p></p><p>==================== Event log errors: =========================</p><p></p><p>Application errors:</p><p>==================</p><p>Error: (08/05/2019 08:08:25 PM) (Source: Application Hang) (EventID: 1002) (User: )</p><p>Description: The program LockApp.exe version 10.0.17134.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.</p><p></p><p>Process ID: 31a8</p><p></p><p>Start Time: 01d54979fc9b8bd0</p><p></p><p>Termination Time: 4294967295</p><p></p><p>Application Path: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe</p><p></p><p>Report Id: 62842796-6eb5-458f-b962-191843405b0c</p><p></p><p>Faulting package full name: Microsoft.LockApp_10.0.17134.1_neutral__cw5n1h2txyewy</p><p></p><p>Faulting package-relative application ID: WindowsDefaultLockScreen</p><p></p><p>Error: (08/05/2019 01:54:49 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: GenieTimelineService.exe, version: 7.0.1.100, time stamp: 0x5856675f</p><p>Faulting module name: ntdll.dll, version: 10.0.17134.799, time stamp: 0x7f828745</p><p>Exception code: 0xc0000005</p><p>Fault offset: 0x0000000000024989</p><p>Faulting process id: 0x50a4</p><p>Faulting application start time: 0x01d54ba14a4b5992</p><p>Faulting application path: C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe</p><p>Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll</p><p>Report Id: a86ca4ba-bb72-476d-8ec1-907f196f59df</p><p>Faulting package full name: </p><p>Faulting package-relative application ID:</p><p></p><p>Error: (08/05/2019 11:20:05 AM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: GenieTimelineService.exe, version: 7.0.1.100, time stamp: 0x5856675f</p><p>Faulting module name: ntdll.dll, version: 10.0.17134.799, time stamp: 0x7f828745</p><p>Exception code: 0xc0000005</p><p>Fault offset: 0x0000000000024989</p><p>Faulting process id: 0x1cf4</p><p>Faulting application start time: 0x01d54b9e5fbda344</p><p>Faulting application path: C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe</p><p>Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll</p><p>Report Id: 105b2e85-8398-4fec-b61f-13affbe9ace6</p><p>Faulting package full name: </p><p>Faulting package-relative application ID:</p><p></p><p>Error: (08/05/2019 10:59:29 AM) (Source: COM) (EventID: 10031) (User: )</p><p>Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {41FD88F7-F295-4D39-91AC-A85F3149A05B} was rejected</p><p></p><p>Error: (08/05/2019 10:59:17 AM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: GenieTimelineService.exe, version: 7.0.1.100, time stamp: 0x5856675f</p><p>Faulting module name: ntdll.dll, version: 10.0.17134.799, time stamp: 0x7f828745</p><p>Exception code: 0xc0000005</p><p>Fault offset: 0x0000000000024989</p><p>Faulting process id: 0x34b0</p><p>Faulting application start time: 0x01d549b73fd2550d</p><p>Faulting application path: C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe</p><p>Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll</p><p>Report Id: eb40c0d4-761d-4041-bbdc-ac2fd513746b</p><p>Faulting package full name: </p><p>Faulting package-relative application ID:</p><p></p><p>Error: (08/03/2019 12:52:09 AM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: GenieTimelineService.exe, version: 7.0.1.100, time stamp: 0x5856675f</p><p>Faulting module name: ntdll.dll, version: 10.0.17134.799, time stamp: 0x7f828745</p><p>Exception code: 0xc0000005</p><p>Fault offset: 0x0000000000024989</p><p>Faulting process id: 0x47ac</p><p>Faulting application start time: 0x01d5497fd59f45b0</p><p>Faulting application path: C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe</p><p>Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll</p><p>Report Id: b8b5e19e-6866-4cfa-a92c-90ca3fc2c3ee</p><p>Faulting package full name: </p><p>Faulting package-relative application ID:</p><p></p><p>Error: (08/02/2019 06:15:39 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: GenieTimelineService.exe, version: 7.0.1.100, time stamp: 0x5856675f</p><p>Faulting module name: ntdll.dll, version: 10.0.17134.799, time stamp: 0x7f828745</p><p>Exception code: 0xc0000005</p><p>Fault offset: 0x0000000000024989</p><p>Faulting process id: 0x1048</p><p>Faulting application start time: 0x01d54979f76ea6e8</p><p>Faulting application path: C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe</p><p>Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll</p><p>Report Id: 9f5ed924-496c-4a5f-958b-da72087dd516</p><p>Faulting package full name: </p><p>Faulting package-relative application ID:</p><p></p><p>Error: (08/02/2019 05:33:08 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: ZeroConfigService.exe, version: 19.60.0.0, time stamp: 0x58d16fa6</p><p>Faulting module name: ZeroConfigService.exe, version: 19.60.0.0, time stamp: 0x58d16fa6</p><p>Exception code: 0xc0000409</p><p>Fault offset: 0x000000000022af80</p><p>Faulting process id: 0x1198</p><p>Faulting application start time: 0x01d53fc117c0c810</p><p>Faulting application path: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe</p><p>Faulting module path: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe</p><p>Report Id: d6e5de62-46e2-4c9c-8bdc-f66980777f6b</p><p>Faulting package full name: </p><p>Faulting package-relative application ID:</p><p></p><p></p><p>System errors:</p><p>=============</p><p>Error: (08/08/2019 02:33:14 PM) (Source: DCOM) (EventID: 10016) (User: MSI)</p><p>Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID </p><p>{8BC3F05E-D86B-11D0-A075-00C04FB68820}</p><p> and APPID </p><p>{8BC3F05E-D86B-11D0-A075-00C04FB68820}</p><p> to the user MSI\atlus SID (S-1-5-21-2841152593-433718655-1887091617-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.</p><p></p><p>Error: (08/08/2019 02:33:14 PM) (Source: DCOM) (EventID: 10016) (User: MSI)</p><p>Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID </p><p>{8BC3F05E-D86B-11D0-A075-00C04FB68820}</p><p> and APPID </p><p>{8BC3F05E-D86B-11D0-A075-00C04FB68820}</p><p> to the user MSI\atlus SID (S-1-5-21-2841152593-433718655-1887091617-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.</p><p></p><p>Error: (08/08/2019 10:33:41 AM) (Source: DCOM) (EventID: 10016) (User: MSI)</p><p>Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID </p><p>{8BC3F05E-D86B-11D0-A075-00C04FB68820}</p><p> and APPID </p><p>{8BC3F05E-D86B-11D0-A075-00C04FB68820}</p><p> to the user MSI\atlus SID (S-1-5-21-2841152593-433718655-1887091617-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.</p><p></p><p>Error: (08/08/2019 06:34:09 AM) (Source: DCOM) (EventID: 10016) (User: MSI)</p><p>Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID </p><p>{8BC3F05E-D86B-11D0-A075-00C04FB68820}</p><p> and APPID </p><p>{8BC3F05E-D86B-11D0-A075-00C04FB68820}</p><p> to the user MSI\atlus SID (S-1-5-21-2841152593-433718655-1887091617-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.</p><p></p><p>Error: (08/07/2019 12:40:45 PM) (Source: DCOM) (EventID: 10016) (User: MSI)</p><p>Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID </p><p>{8BC3F05E-D86B-11D0-A075-00C04FB68820}</p><p> and APPID </p><p>{8BC3F05E-D86B-11D0-A075-00C04FB68820}</p><p> to the user MSI\atlus SID (S-1-5-21-2841152593-433718655-1887091617-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.</p><p></p><p>Error: (08/07/2019 10:33:01 AM) (Source: DCOM) (EventID: 10016) (User: MSI)</p><p>Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID </p><p>{8BC3F05E-D86B-11D0-A075-00C04FB68820}</p><p> and APPID </p><p>{8BC3F05E-D86B-11D0-A075-00C04FB68820}</p><p> to the user MSI\atlus SID (S-1-5-21-2841152593-433718655-1887091617-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.</p><p></p><p>Error: (08/07/2019 09:49:16 AM) (Source: DCOM) (EventID: 10016) (User: MSI)</p><p>Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID </p><p>{8BC3F05E-D86B-11D0-A075-00C04FB68820}</p><p> and APPID </p><p>{8BC3F05E-D86B-11D0-A075-00C04FB68820}</p><p> to the user MSI\atlus SID (S-1-5-21-2841152593-433718655-1887091617-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.</p><p></p><p>Error: (08/06/2019 10:11:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)</p><p>Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID </p><p>{D63B10C5-BB46-4990-A94F-E40B9D520160}</p><p> and APPID </p><p>{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}</p><p> to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.</p><p></p><p></p><p>Windows Defender:</p><p>===================================</p><p>Date: 2019-06-09 10:14:43.785</p><p>Description: </p><p>Windows Defender Antivirus scan has been stopped before completion.</p><p>Scan ID: {348D6BF0-9490-4C66-B223-C4793BFB6A24}</p><p>Scan Type: Antimalware</p><p>Scan Parameters: Quick Scan</p><p></p><p>Date: 2019-06-05 17:22:18.206</p><p>Description: </p><p>Windows Defender Antivirus scan has been stopped before completion.</p><p>Scan ID: {68638A97-4816-4E9B-B1C2-90788622BF1D}</p><p>Scan Type: Antimalware</p><p>Scan Parameters: Quick Scan</p><p></p><p>Date: 2019-06-05 17:14:18.592</p><p>Description: </p><p>Windows Defender Antivirus scan has been stopped before completion.</p><p>Scan ID: {5D97F875-80B0-401A-B7DF-1E11DECAD2AF}</p><p>Scan Type: Antimalware</p><p>Scan Parameters: Quick Scan</p><p></p><p>Date: 2019-05-17 09:39:05.922</p><p>Description: </p><p>Windows Defender Antivirus scan has been stopped before completion.</p><p>Scan ID: {968FFC42-D574-4161-9678-3C99B1550858}</p><p>Scan Type: Antimalware</p><p>Scan Parameters: Quick Scan</p><p></p><p>Date: 2019-05-17 09:04:13.970</p><p>Description: </p><p>Windows Defender Antivirus scan has been stopped before completion.</p><p>Scan ID: {6AB7AF03-5B6F-436E-B8BA-BA4170B9DD44}</p><p>Scan Type: Antimalware</p><p>Scan Parameters: Quick Scan</p><p></p><p>CodeIntegrity:</p><p>===================================</p><p></p><p>Date: 2019-08-07 13:11:20.716</p><p>Description: </p><p>Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.</p><p></p><p>Date: 2019-08-07 13:11:20.711</p><p>Description: </p><p>Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.</p><p></p><p>Date: 2019-08-07 13:11:14.651</p><p>Description: </p><p>Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.</p><p></p><p>Date: 2019-08-07 13:11:14.643</p><p>Description: </p><p>Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.</p><p></p><p>Date: 2019-08-07 08:23:08.260</p><p>Description: </p><p>Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.</p><p></p><p>Date: 2019-08-07 08:23:08.256</p><p>Description: </p><p>Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.</p><p></p><p>Date: 2019-08-06 08:51:10.308</p><p>Description: </p><p>Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.</p><p></p><p>Date: 2019-08-06 08:51:10.301</p><p>Description: </p><p>Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.</p><p></p><p>==================== Memory info =========================== </p><p></p><p>BIOS: American Megatrends Inc. E16J9IMS.31A 07/11/2017</p><p>Motherboard: Micro-Star International Co., Ltd. MS-16J9</p><p>Processor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz</p><p>Percentage of memory in use: 88%</p><p>Total physical RAM: 8111.84 MB</p><p>Available physical RAM: 896.14 MB</p><p>Total Virtual: 17327.84 MB</p><p>Available Virtual: 4460.39 MB</p><p></p><p>==================== Drives ================================</p><p></p><p>Drive c: (Windows) (Fixed) (Total:143.08 GB) (Free:8.77 GB) NTFS</p><p>Drive d: (Data) (Fixed) (Total:72.33 GB) (Free:43.98 GB) NTFS</p><p></p><p>\\?\Volume{d6722152-ccfa-45ae-a00c-0470ebdaab59}\ (WinRE tools) (Fixed) (Total:0.88 GB) (Free:0.46 GB) NTFS</p><p>\\?\Volume{350436c9-bbe1-426b-bab7-b63a274088b9}\ (BIOS_RVY) (Fixed) (Total:21.77 GB) (Free:1.1 GB) NTFS</p><p>\\?\Volume{a2a6bbd3-f82f-425d-85df-44dbe7b08fbb}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32</p><p></p><p>==================== MBR & Partition Table ==================</p><p></p><p>========================================================</p><p>Disk: 0 (Size: 238.5 GB) (Disk ID: E4F6F460)</p><p></p><p>Partition: GPT.</p><p></p><p>==================== End of Addition.txt ============================</p><p></p><p></p><p></p><p></p><p></p><p></p><p></p><p>Malwarebytes</p><p><a href="http://www.malwarebytes.com" target="_blank">www.malwarebytes.com</a></p><p></p><p>-Log Details-</p><p>Scan Date: 8/5/19</p><p>Scan Time: 11:00 AM</p><p>Log File: bc5353d7-b791-11e9-a00f-4ccc6adf6900.json</p><p></p><p>-Software Information-</p><p>Version: 3.8.3.2965</p><p>Components Version: 1.0.613</p><p>Update Package Version: 1.0.11870</p><p>License: Expired</p><p></p><p>-System Information-</p><p>OS: Windows 10 (Build 17134.885)</p><p>CPU: x64</p><p>File System: NTFS</p><p>User: System</p><p></p><p>-Scan Summary-</p><p>Scan Type: Threat Scan</p><p>Scan Initiated By: Scheduler</p><p>Result: Completed</p><p>Objects Scanned: 302565</p><p>Threats Detected: 0</p><p>Threats Quarantined: 0</p><p>Time Elapsed: 5 min, 20 sec</p><p></p><p>-Scan Options-</p><p>Memory: Enabled</p><p>Startup: Enabled</p><p>Filesystem: Enabled</p><p>Archives: Enabled</p><p>Rootkits: Disabled</p><p>Heuristics: Enabled</p><p>PUP: Detect</p><p>PUM: Detect</p><p></p><p>-Scan Details-</p><p>Process: 0</p><p>(No malicious items detected)</p><p></p><p>Module: 0</p><p>(No malicious items detected)</p><p></p><p>Registry Key: 0</p><p>(No malicious items detected)</p><p></p><p>Registry Value: 0</p><p>(No malicious items detected)</p><p></p><p>Registry Data: 0</p><p>(No malicious items detected)</p><p></p><p>Data Stream: 0</p><p>(No malicious items detected)</p><p></p><p>Folder: 0</p><p>(No malicious items detected)</p><p></p><p>File: 0</p><p>(No malicious items detected)</p><p></p><p>Physical Sector: 0</p><p>(No malicious items detected)</p><p></p><p>WMI: 0</p><p>(No malicious items detected)</p><p></p><p></p><p>(end)</p></blockquote><p></p>
[QUOTE="atlus1432, post: 828504, member: 81552"] I am unable to remove this annoying malware. I downloaded the 2 week trial of Malwrebytes and ran a scan but it was unable to detect the virus. Please see attached - If I have omitted something , apologies in advance as I am a 1st time poster. Thanking you in advance atlus Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-08-2019 02 Ran by atlus (08-08-2019 16:15:43) Running from C:\Users\atlus\Downloads Windows 10 Home Version 1803 17134.885 (X64) (2018-06-08 11:31:23) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2841152593-433718655-1887091617-500 - Administrator - Disabled) atlus (S-1-5-21-2841152593-433718655-1887091617-1001 - Administrator - Enabled) => C:\Users\atlus DefaultAccount (S-1-5-21-2841152593-433718655-1887091617-503 - Limited - Disabled) Guest (S-1-5-21-2841152593-433718655-1887091617-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-2841152593-433718655-1887091617-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Norton Security (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Amazon Kindle (HKU\S-1-5-21-2841152593-433718655-1887091617-1001\...\Amazon Kindle) (Version: 1.25.1.52064 - Amazon) ApoDispatch Install Configurator (HKLM\...\{ABDDDEE7-C266-403D-A4C7-5316B12A98E5}) (Version: 2.3.2101 - Nahimic) Hidden AR8171 Driver Installation (HKLM-x32\...\{1E672F6A-B698-48A2-AE8C-427F97AF8F0E}) (Version: 1.0.0.34 - Rivet Networks) AR8171 Drivers (HKLM\...\{DBB92BB8-0C89-488D-B6B4-74C6C03ABD13}) (Version: 1.0.0.34 - Rivet Networks) Hidden Audacity 2.2.2 (HKLM-x32\...\Audacity_is1) (Version: 2.2.2 - Audacity Team) AudioLaunchpad Install Configurator (HKLM\...\{5358C6D0-4456-40B4-8BE1-C7515AE660B6}) (Version: 2.3.2101 - Nahimic) Hidden Backup and Sync from Google (HKLM\...\{768C0072-2FD2-4934-9824-B2A1E81AEA5D}) (Version: 3.45.5545.5747 - Google, Inc.) Battery Calibration (HKLM-x32\...\{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1609.1901 - Micro-Star International Co., Ltd.) Hidden Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1609.1901 - Micro-Star International Co., Ltd.) BurnRecovery (HKLM-x32\...\{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1704.1801 - Application) Hidden BurnRecovery (HKLM-x32\...\InstallShield_{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1704.1801 - Application) Camtasia 2018 (HKLM\...\{B709B962-53AA-446A-A733-95D1A6C5DE50}) (Version: 18.0.7.4045 - TechSmith Corporation) Hidden Camtasia 2018 (HKLM-x32\...\{5fd4f6d8-26d6-43b6-9b95-116b69ee0a69}) (Version: 18.0.7.4045 - TechSmith Corporation) Camtasia 9 (HKLM\...\{9A1BFE8E-398E-497D-B3BE-C1D8688010FC}) (Version: 9.1.1.2546 - TechSmith Corporation) Hidden Camtasia 9 (HKLM-x32\...\{d298a2fc-0b3a-45ab-9711-d5ca8a3bda00}) (Version: 9.1.1.2546 - TechSmith Corporation) Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.) Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.3.3 - Canon Inc.) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.6.0 - Canon Inc.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.15.23 - Canon Inc.) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.3.0 - Canon Inc.) Canon MX490 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX490_series) (Version: 1.02 - Canon Inc.) Canon MX490 series On-screen Manual (HKLM-x32\...\Canon MX490 series On-screen Manual) (Version: 7.7.1 - Canon Inc.) Canon MX490 series User Registration (HKLM-x32\...\Canon MX490 series User Registration) (Version: - Canon Inc.) Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.1 - Canon Inc.) Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.) Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.) Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version: 1.6.0 - Canon Inc.) CheckDevices Install Configurator (HKLM\...\{947A1173-AC2A-41FE-B10F-0604088F0521}) (Version: 2.3.2101 - Nahimic) Hidden Cisco WebEx Meetings (HKU\S-1-5-21-2841152593-433718655-1887091617-1001\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 390.77 - NVIDIA Corporation) Hidden Dragon Center (HKLM-x32\...\{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 1.2.1706.1501 - Micro-Star International Co., Ltd.) Hidden Dragon Center (HKLM-x32\...\InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 1.2.1706.1501 - Micro-Star International Co., Ltd.) Epic Games Launcher (HKLM-x32\...\{93BFE5DF-776E-436F-8693-DF1F72C0E3C1}) (Version: 1.1.151.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Excel Add-in (HKLM-x32\...\Hoadley Options Excel Add-in_is1) (Version: - Peter Hoadley) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden Grammarly (HKU\S-1-5-21-2841152593-433718655-1887091617-1001\...\GrammarlyForWindows) (Version: 1.5.41 - Grammarly) Help Desk (HKLM-x32\...\{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1706.1901 - Micro-Star International Co., Ltd.) Hidden Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1706.1901 - Micro-Star International Co., Ltd.) Hoadley Options Strategy Evaluation Tool (HKLM-x32\...\Hoadley Options Strategy Evaluation Tool_is1) (Version: - Peter Hoadley) Hoadley Setup (HKLM-x32\...\{CE2B0332-72EF-42E6-B923-2B27F9CCFCC4}) (Version: 1.0.801 - Hoadley Trading & Investment Tools) Hoadley Setup X64 (HKLM\...\{D4CEA714-2A25-45F5-A376-4977CDE51C27}) (Version: 1.0.1 - Hoadley Trading & Investment Tools) Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1028 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4708 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.7.0.1014 - Intel Corporation) Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{559FA847-377D-4926-80A3-ED9E014D363A}) (Version: 19.60.0 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{03929cf1-3ae4-4765-b8b3-32b8e2e26a8d}) (Version: 19.60.0 - Intel Corporation) KB9X Radio Switch Driver (HKLM\...\97FE6BFA6A40EE4967381F4313B334031A3B6E03) (Version: 1.1.4.0 - ENE TECHNOLOGY INC.) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden LauncherSetup Install (HKLM\...\{C0AF8952-0B19-4081-85D9-987DBF52FE41}) (Version: 2.3.2101 - Nahimic) Hidden LiveSlides (HKLM-x32\...\{B452B231-8DFE-441A-A0CF-04F712785BA0}) (Version: 1.6.12 - LiveSlides) Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes) Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation) Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.11901.20176 - Microsoft Corporation) Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2841152593-433718655-1887091617-1001\...\OneDriveSetup.exe) (Version: 19.123.0624.0005 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40303 - Microsoft Corporation) MSI Feature Navigator (HKLM-x32\...\{2BD90BC2-5B5C-4493-8633-66D0CADF8B33}) (Version: 1.0.1703.1601 - Micro-Star International Co., Ltd.) Hidden MSI Feature Navigator (HKLM-x32\...\InstallShield_{2BD90BC2-5B5C-4493-8633-66D0CADF8B33}) (Version: 1.0.1703.1601 - Micro-Star International Co., Ltd.) MSI Remind Manager Service (HKLM-x32\...\{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.0.1705.3101 - Micro-Star International Co., Ltd.) Hidden MSI Remind Manager Service (HKLM-x32\...\InstallShield_{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.0.1705.3101 - Micro-Star International Co., Ltd.) MSI_OSET_Setup (HKLM-x32\...\{4822AB78-EFA4-4EBA-B195-55CF122C3302}) (Version: 11.0.112 - Peter Hoadley) Nahimic 2 Audio Driver (HKLM\...\{C526A25E-AB3F-4E66-900B-ACF134FB093D}) (Version: 2.3.2101 - Nahimic) Hidden Nahimic 2 Audio Driver (HKLM-x32\...\{38ca1b1f-9d48-476a-98a8-ef8d540ce051}) (Version: 2.3.21 - Nahimic) NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.4.48.00 - NETGEAR Inc.) Norton Online Backup (HKLM-x32\...\{652C1CDF-C61D-4525-9348-8C272CC2DB24}) (Version: 2.10.2.7 - Symantec Corporation) Norton Online Backup (HKLM-x32\...\NARA) (Version: 4.6.0.12 - Symantec Corporation) Hidden Norton Security (HKLM-x32\...\NGC) (Version: 22.17.3.50 - Symantec Corporation) NVIDIA GeForce Experience 3.5.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.5.0.70 - NVIDIA Corporation) NVIDIA Graphics Driver 399.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 399.01 - NVIDIA Corporation) NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.5.0.70 - NVIDIA Corporation) Hidden NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.5.0 - NVIDIA Corporation) Hidden Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden Origin (HKLM-x32\...\Origin) (Version: 10.5.43.28287 - Electronic Arts, Inc.) ProductDaemonSetup Install (HKLM\...\{34BEB8EF-E3F5-4FD0-82EB-F688A1E40FFE}) (Version: 2.3.2101 - Nahimic) Hidden ProductNS Install Configurator (HKLM\...\{05ED5DB9-79BB-48F8-B8DA-A04C1E840FA6}) (Version: 2.3.2101 - Nahimic) Hidden ReadySHARE Vault (HKLM-x32\...\ReadySHARE Vault) (Version: 7.0 - Genie9) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8172 - Realtek Semiconductor Corp.) SCM (HKLM\...\{F6E94387-38E9-4D98-9FE1-038F575768BA}) (Version: 13.017.06089 - Application) SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0360 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.5.0.70 - NVIDIA Corporation) Hidden Sizing Options (HKLM-x32\...\{DFAB6DE8-E45F-4D5D-95C0-E54C58993F9F}) (Version: 3.0.1607.2201 - Application) Hidden Sizing Options (HKLM-x32\...\InstallShield_{DFAB6DE8-E45F-4D5D-95C0-E54C58993F9F}) (Version: 3.0.1607.2201 - Application) Snagit 2018 (HKLM\...\{F1B2BB45-BADD-45DA-83F1-23FEFE4662BD}) (Version: 18.2.2 - TechSmith Corporation) Snagit 2019 (HKLM\...\{C4E5FC8D-D9CF-4FA1-B5BC-E8A327E9F4F6}) (Version: 19.1.2 - TechSmith Corporation) Hidden Snagit 2019 (HKLM-x32\...\{e7360f27-8b39-4b3f-a1cd-c3f0ed162529}) (Version: 19.1.2.3596 - TechSmith Corporation) SonicMapper Install Configurator (HKLM\...\{C2232191-A1E6-4255-A706-BBC8EF956F64}) (Version: 2.3.2101 - Nahimic) Hidden STAR WARS™ Battlefront™ II (HKLM-x32\...\{8a882ce0-0c0b-4eb2-850c-28ebadab4f50}) (Version: 1.1.7.26356 - Electronic Arts) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TC2000 v18 (HKLM-x32\...\{A6A526E4-A376-4772-897D-508FB2473C91}) (Version: 1.0.0 - Worden Brothers, Inc.) Hidden TC2000 v18 (HKU\S-1-5-21-2841152593-433718655-1887091617-1001\...\TC2000 v18 1.0.0) (Version: 1.0.0 - Worden Brothers, Inc.) TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.4.2669 - TeamViewer) thinkorswim (HKU\S-1-5-21-2841152593-433718655-1887091617-1001\...\9968-4488-2169-7623) (Version: desktop - thinkorswim, Inc) Trader Workstation (HKU\S-1-5-21-2841152593-433718655-1887091617-1001\...\5889-6375-8446-2021) (Version: stable (972.1t) 20190507 10:25:42 - Interactive Brokers LLC) TriDef SmartCam (MSI) 2.1.2 (HKLM-x32\...\webcam-msi-pkg) (Version: 2.1.2 - Dynamic Digital Depth Australia Pty Ltd) TWS API (HKLM-x32\...\{BFB69492-F72A-400E-AEEB-DA6567AF90CE}) (Version: 9.72.18 - IBG LLC) UIInstallUpgrade (HKLM\...\{A8B178EB-1927-4FB7-9D02-78A5FDE9A6B6}) (Version: 2.3.2101 - Nahimic) Hidden Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation) Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-2) (Version: 1.0.42.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-3) (Version: 1.0.42.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-4) (Version: 1.0.42.0 - LunarG, Inc.) Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22329 - Microsoft Corporation) Packages: ========= Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.0.2.0_x64__tf1gferkr813w [2019-05-27] (Autodesk Inc.) Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_5.8.4.0_x86__kgqvnymyfvs32 [2019-07-16] (king.com) Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.145.300.0_x86__kgqvnymyfvs32 [2019-08-07] (king.com) File Viewer Plus -> C:\Program Files\WindowsApps\SharpenedProductions.FileViewerPlus_3.2.0.0_x86__xkt78gamzntbr [2019-07-09] (Sharpened Productions) Google -> C:\Program Files\WindowsApps\GoogleInc.GoogleSearch_2.1.19.0_x64__yfg5n0ztvskxp [2018-06-26] (Google Inc) Grammarly for Microsoft Edge -> C:\Program Files\WindowsApps\Grammarly.GrammarlyforMicrosoftEdge_1.120.2309.0_neutral__zee0y2571dhse [2019-05-31] (Grammarly) Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation) [MS Ad] March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.2.1.1_x86__h6adky7gbf63m [2019-08-07] (Gameloft.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad] Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.12124.0_x64__8wekyb3d8bbwe [2019-08-07] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-16] (Microsoft Studios) [MS Ad] Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.12.28.0_x64__8wekyb3d8bbwe [2019-07-11] (Microsoft Studios) MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad] Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.0.0.0_x64__a2t3txkz9j1jw [2019-07-26] (MAGIX) Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2018-01-23] (Plex) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0 [2019-08-02] (Spotify AB) SynMsiDApp -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynMsiDApp_19005.31005.0.0_x64__807d65c4rvak2 [2019-01-14] (Synaptics Incorporated) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ShellIconOverlayIdentifiers: [0GenieTimeLine-BackedUp] -> {88A8B1ED-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] () [File not signed] ShellIconOverlayIdentifiers: [0GenieTimeLine-Excluded] -> {B77E8651-93B1-40CD-8ECF-6F33DAC805A0} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] () [File not signed] ShellIconOverlayIdentifiers: [0GenieTimeLine-Folder] -> {CEAF16CE-C11C-4081-BE29-DDE7F45A59DB} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] () [File not signed] ShellIconOverlayIdentifiers: [0GenieTimeLine-NotBackedUp] -> {88A8B1EE-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] () [File not signed] ShellIconOverlayIdentifiers: [0GenieTimeLine-Pending ] -> {88A8B1EF-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] () [File not signed] ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-BackedUp] -> {88A8B1ED-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] () [File not signed] ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-Excluded] -> {B77E8651-93B1-40CD-8ECF-6F33DAC805A0} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] () [File not signed] ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-Folder] -> {CEAF16CE-C11C-4081-BE29-DDE7F45A59DB} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] () [File not signed] ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-NotBackedUp] -> {88A8B1EE-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] () [File not signed] ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-Pending ] -> {88A8B1EF-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] () [File not signed] ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-27] (Google LLC -> Google) ContextMenuHandlers1: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files\TechSmith\Snagit 2018\DLLx64\SnagItShellExt64.dll [2018-09-13] (TechSmith Corporation -> TechSmith Corporation) ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.3.50\NavShExt.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers2: [Genie-Soft Timeline Backup Context Menu Extension] -> {D821600B-0B5D-4D7E-B1CC-034C652E8288} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineContextMenu.gtl [2016-12-18] (Genie9) [File not signed] ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.3.50\NavShExt.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers3: [Genie-Soft Timeline Backup Context Menu Extension] -> {D821600B-0B5D-4D7E-B1CC-034C652E8288} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineContextMenu.gtl [2016-12-18] (Genie9) [File not signed] ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-27] (Google LLC -> Google) ContextMenuHandlers4: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files\TechSmith\Snagit 2018\DLLx64\SnagItShellExt64.dll [2018-09-13] (TechSmith Corporation -> TechSmith Corporation) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxDTCM.dll [2017-06-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-08-13] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.3.50\NavShExt.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2018-01-24 22:25 - 2018-11-06 17:54 - 000170496 ____C () [File not signed] C:\Jts\.install4j\i4jinst.dll 2016-03-03 00:17 - 2016-03-03 00:17 - 000136704 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\airprintdll.dll 2016-03-03 00:17 - 2016-03-03 00:17 - 000146944 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\DiagnoseDll.dll 2016-01-14 22:06 - 2016-01-14 22:06 - 000057344 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\DiagnosePlugin.dll 2016-02-22 04:25 - 2016-02-22 04:25 - 000116224 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\DragonNetTool.dll 2015-08-24 04:41 - 2015-08-24 04:41 - 002360622 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\drivers\libntgr_api.dll 2017-12-01 02:18 - 2017-12-01 02:18 - 000650240 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Genie.dll 2017-08-03 03:08 - 2017-08-03 03:08 - 000168448 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Airprint.dll 2017-08-03 03:08 - 2017-08-03 03:08 - 000590848 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Internet.dll 2017-11-08 23:21 - 2017-11-08 23:21 - 006886400 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Map.dll 2017-08-03 03:18 - 2017-08-03 03:18 - 002976768 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_MyMedia.dll 2017-12-01 02:48 - 2017-12-01 02:48 - 000910848 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_NetworkProblem.dll 2017-11-08 23:22 - 2017-11-08 23:22 - 001241600 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_ParentalControl.dll 2017-11-09 23:38 - 2017-11-09 23:38 - 011869184 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Resource.dll 2017-11-08 23:22 - 2017-11-08 23:22 - 002569728 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_RouterConfiguration.dll 2017-11-08 23:31 - 2017-11-08 23:31 - 000246784 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Statistics.dll 2017-11-08 23:22 - 2017-11-08 23:22 - 000849408 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Ui.dll 2017-08-03 03:12 - 2017-08-03 03:12 - 000414720 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Wireless.dll 2017-10-30 02:12 - 2017-10-30 02:12 - 000633344 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_Update.dll 2017-08-03 03:12 - 2017-08-03 03:12 - 000433664 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_WirelessExport.dll 2014-12-21 12:07 - 2014-12-21 12:07 - 000119822 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libgcc_s_dw2-1.dll 2014-12-21 12:07 - 2014-12-21 12:07 - 001026062 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libstdc++-6.dll 2012-06-27 18:23 - 2012-06-27 18:23 - 000111616 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libvlc.dll 2012-06-27 18:23 - 2012-06-27 18:23 - 002285056 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libvlccore.dll 2016-03-03 00:17 - 2016-03-03 00:17 - 000074752 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\NetcardApi.dll 2012-06-27 18:23 - 2012-06-27 18:23 - 000219648 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\access\libdshow_plugin.dll 2012-06-27 18:23 - 2012-06-27 18:23 - 000049664 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\audio_output\libaout_directx_plugin.dll 2012-06-27 18:23 - 2012-06-27 18:23 - 000051200 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\audio_output\libwaveout_plugin.dll 2012-06-27 18:23 - 2012-06-27 18:23 - 000051200 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\control\libhotkeys_plugin.dll 2012-06-27 18:23 - 2012-06-27 18:23 - 000037376 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\mmxext\libmemcpymmxext_plugin.dll 2012-06-27 18:23 - 2012-06-27 18:23 - 000070144 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\video_output\libdirectx_plugin.dll 2016-02-26 06:07 - 2016-02-26 06:07 - 000049152 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\QRCode.dll 2016-08-15 04:28 - 2016-08-15 04:28 - 001125888 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\qwt.dll 2017-11-08 23:22 - 2017-11-08 23:22 - 001685504 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\SvtNetworkTool.dll 2016-03-03 00:17 - 2016-03-03 00:17 - 000072192 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\SVTUtils.dll 2016-01-14 22:23 - 2016-01-14 22:23 - 000026112 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\WSetupApiPlugin.dll 2016-04-12 02:13 - 2016-04-12 02:13 - 000067072 ____C () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\WSetupDll.dll 2016-12-13 06:19 - 2016-12-13 06:19 - 000093696 ____C () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSCurl.dll 2016-12-13 06:19 - 2016-12-13 06:19 - 000089600 ____C () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSEncryption.dll 2018-01-28 14:50 - 2016-12-13 06:19 - 000089600 _____ () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSEncryption.gtl 2016-12-18 08:38 - 2016-12-18 08:38 - 000491520 ____C () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSIndexDB.dll 2016-12-13 06:19 - 2016-12-13 06:19 - 000058368 ____C () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSLibrariesManager.dll 2016-12-13 06:18 - 2016-12-13 06:18 - 000045568 ____C () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSLogging.dll 2018-01-28 14:50 - 2016-12-13 06:18 - 000045568 _____ () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSLogging.gtl 2018-01-28 14:50 - 2016-12-18 08:38 - 000163328 _____ () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl 2016-12-18 08:38 - 2016-12-18 08:38 - 000332800 ____C () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\OnlineHandler.dll 2016-12-18 08:38 - 2016-12-18 08:38 - 000087552 ____C () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\QueueManager.dll 2013-02-03 07:40 - 2013-02-03 07:40 - 000011264 ____C () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\RWLock.dll 2016-12-18 08:38 - 2016-12-18 08:38 - 000211968 ____C () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\Settings.dll 2018-01-28 14:50 - 2016-12-18 08:38 - 000211968 _____ () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\Settings.gtl 2012-02-02 05:16 - 2012-02-02 05:16 - 000740864 ____C () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\sqlite3.dll 2016-12-18 08:38 - 2016-12-18 08:38 - 000063488 ____C () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\XBalloonMsgDll.dll 2018-08-14 14:49 - 2018-08-14 14:49 - 001874432 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2019\cairo.dll 2018-08-14 14:49 - 2018-08-14 14:49 - 000790528 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2019\fontconfig.dll 2018-08-14 14:49 - 2018-08-14 14:49 - 001041920 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2019\harfbuzz-vs14.dll 2018-08-14 14:49 - 2018-08-14 14:49 - 000060928 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2019\iconv.dll 2018-12-11 15:09 - 2018-12-11 15:09 - 000790016 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2019\libhpdf.dll 2017-11-02 16:36 - 2017-11-02 16:36 - 000252928 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2019\libpng16.dll 2018-08-14 14:49 - 2018-08-14 14:49 - 001294336 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2019\libxml2.dll 2017-10-18 09:43 - 2017-10-18 09:43 - 010857984 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2019\opencv_core300.dll 2017-10-18 09:43 - 2017-10-18 09:43 - 025250304 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2019\opencv_imgproc300.dll 2017-11-02 16:36 - 2017-11-02 16:36 - 000086016 _____ () [File not signed] C:\Program Files\TechSmith\Snagit 2019\zlib1.dll 2015-05-26 05:42 - 2015-05-26 05:42 - 000491520 ____C (Artpol Software) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSZipEng.dll 2018-01-28 14:50 - 2015-05-26 05:42 - 000491520 _____ (Artpol Software) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSZipEng.gtl 2019-06-27 12:34 - 2017-07-05 13:43 - 000561152 ____C (CANON INC. ) [File not signed] C:\Program Files (x86)\Canon\Quick Menu\CCL.dll 2019-06-27 12:34 - 2014-07-30 14:49 - 000008192 ____C (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_ENU.DLL 2019-06-27 12:34 - 2014-07-30 14:47 - 000104960 ____C (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_IMG.dll 2014-05-15 18:16 - 2014-05-15 18:16 - 000248320 ____C (Canon INC.) [File not signed] C:\Program Files (x86)\Canon\IJPLM\IJPLMCOM.DLL 2019-06-27 12:34 - 2017-07-05 13:49 - 000593920 ____C (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\Quick Menu\CNQMMWRP.dll 2018-04-21 17:58 - 2014-08-06 13:25 - 000375296 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL 2017-11-02 16:36 - 2017-11-02 16:36 - 000092672 _____ (Free Software Foundation) [File not signed] C:\Program Files\TechSmith\Snagit 2019\intl.dll 2016-12-18 08:38 - 2016-12-18 08:38 - 001353728 ____C (Genie9) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineAgent.exe 2016-12-18 08:38 - 2016-12-18 08:38 - 000174592 ____C (Genie9) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSOnlineProtocol.dll 2016-12-18 08:38 - 2016-12-18 08:38 - 000090624 ____C (Genie9) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSUpdater.dll 2016-12-13 06:19 - 2016-12-13 06:19 - 000648704 ____C (Genie-Soft) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GenieAFX.dll 2016-12-13 06:18 - 2016-12-13 06:18 - 000029184 ____C (Genie-soft) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSEnManager.dll 2016-12-13 06:18 - 2016-12-13 06:18 - 000113152 ____C (Genie-soft) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSGlobalMFC.dll 2016-12-13 06:19 - 2016-12-13 06:19 - 000036352 ____C (Genie-soft) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSSEMGR.dll 2016-12-13 06:19 - 2016-12-13 06:19 - 000152064 ____C (Genie-Soft) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSSMTP.dll 2016-01-08 14:28 - 2016-01-08 14:28 - 000356352 _____ (hxxp://hunspell.sourceforge.net/) [File not signed] C:\Program Files\TechSmith\Snagit 2019\libhunspell.dll 2017-05-16 18:58 - 2017-05-16 18:58 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll 2017-05-16 18:58 - 2017-05-16 18:58 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll 2015-06-11 22:35 - 2015-06-11 22:35 - 000047816 ____C (MICRO-STAR INTERNATIONAL CO., LTD -> [URL="http://www.internals.com"]www.internals.com[/URL]) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\WinIo64.dll 2017-06-08 12:37 - 2017-06-08 12:37 - 000301848 ____C (Micro-Star International CO., LTD. -> ) [File not signed] C:\Program Files (x86)\SCM\SCM.exe 2017-06-15 17:06 - 2017-06-15 17:06 - 005122840 ____C (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe 2017-06-08 12:37 - 2017-06-08 12:37 - 000160768 _____ (Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\SCM\MSIService.exe 2017-06-08 12:37 - 2017-06-08 12:37 - 001598464 _____ (Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\SCM\MSIWmiAcpi.dll 2014-12-21 12:07 - 2014-12-21 12:07 - 000049152 ____C (MingW-W64 Project. All rights reserved.) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libwinpthread-1.dll 2013-02-19 02:46 - 2013-02-19 02:46 - 000220160 ____C (NETGEAR Inc.) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\drivers\NETGEAR_PLC_L2_API.dll 2014-03-23 22:32 - 2014-03-23 22:32 - 000060273 ____C (Open Source Software community project) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\pthreadGC2.dll 2017-11-02 16:36 - 2017-11-02 16:36 - 000288768 _____ (Red Hat Software) [File not signed] C:\Program Files\TechSmith\Snagit 2019\pango-1.0.dll 2017-11-02 16:36 - 2017-11-02 16:36 - 000588800 _____ (Red Hat Software) [File not signed] C:\Program Files\TechSmith\Snagit 2019\pangocairo-1.0.dll 2017-11-02 16:36 - 2017-11-02 16:36 - 000615424 _____ (Red Hat Software) [File not signed] C:\Program Files\TechSmith\Snagit 2019\pangoft2-1.0.dll 2017-11-02 16:36 - 2017-11-02 16:36 - 000066048 _____ (Red Hat Software) [File not signed] C:\Program Files\TechSmith\Snagit 2019\pangowin32-1.0.dll 2012-02-02 05:16 - 2012-02-02 05:16 - 003501056 ____C (Terra Informatica Software, Inc., British Columbia, Canada.) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\htmlayout.dll 2012-02-02 05:16 - 2012-02-02 05:16 - 000222720 ____C (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\libcurl.dll 2017-11-02 16:36 - 2017-11-02 16:36 - 001328128 _____ (The GLib developer community) [File not signed] C:\Program Files\TechSmith\Snagit 2019\glib-2.0.dll 2017-11-02 16:36 - 2017-11-02 16:36 - 000276480 _____ (The GLib developer community) [File not signed] C:\Program Files\TechSmith\Snagit 2019\gobject-2.0.dll 2013-02-10 21:35 - 2013-02-10 21:35 - 001178624 ____C (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\LIBEAY32.dll 2013-02-10 21:35 - 2013-02-10 21:35 - 000269824 ____C (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\ssleay32.dll 2018-02-18 21:11 - 2019-06-11 08:21 - 001277440 ____C (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll 2018-02-18 21:11 - 2019-06-11 08:22 - 000279040 ____C (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll 2012-02-02 05:16 - 2012-02-02 05:16 - 001558016 ____C (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\LIBEAY32.dll 2012-02-02 05:16 - 2012-02-02 05:16 - 000301568 ____C (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\SSLEAY32.dll 2015-10-12 15:44 - 2015-10-12 15:44 - 000033280 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qgif.dll 2015-10-12 15:45 - 2015-10-12 15:45 - 000034816 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qico.dll 2015-10-12 15:45 - 2015-10-12 15:45 - 000246784 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qjpeg.dll 2015-10-12 15:58 - 2015-10-12 15:58 - 000366592 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qmng.dll 2015-10-12 15:48 - 2015-10-12 15:48 - 000028672 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qsvg.dll 2015-10-12 15:58 - 2015-10-12 15:58 - 000027648 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qtga.dll 2015-10-12 15:58 - 2015-10-12 15:58 - 000433664 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qtiff.dll 2015-10-12 15:58 - 2015-10-12 15:58 - 000027136 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qwbmp.dll 2015-10-12 15:46 - 2015-10-12 15:46 - 001413632 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\platforms\qwindows.dll 2015-10-12 15:47 - 2015-10-12 15:47 - 000044544 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\printsupport\windowsprintersupport.dll 2015-11-19 00:54 - 2015-11-19 00:54 - 005391360 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Core.dll 2015-10-12 15:31 - 2015-10-12 15:31 - 005334528 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Gui.dll 2015-10-12 15:26 - 2015-10-12 15:26 - 001528832 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Network.dll 2015-10-12 15:42 - 2015-10-12 15:42 - 000334848 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5OpenGL.dll 2016-04-12 22:52 - 2016-04-12 22:52 - 000357888 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5PrintSupport.dll 2015-10-12 15:48 - 2015-10-12 15:48 - 000331776 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Svg.dll 2015-10-12 15:37 - 2015-10-12 15:37 - 006541824 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Widgets.dll 2015-10-12 15:25 - 2015-10-12 15:25 - 000237056 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Xml.dll 2018-02-18 21:11 - 2019-07-12 09:23 - 001611264 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll 2018-12-22 09:13 - 2019-07-12 09:23 - 005487104 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll 2018-12-22 09:13 - 2019-07-12 09:23 - 005841920 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll 2018-12-22 09:13 - 2019-07-12 09:23 - 001179136 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll 2018-12-22 09:13 - 2019-07-12 09:23 - 005089792 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll 2018-12-22 09:13 - 2019-07-12 09:23 - 000184832 ____C (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\atlus\OneDrive\Documents\cache:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194] AlternateDataStreams: C:\Users\atlus\OneDrive\Documents\Camtasia:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194] AlternateDataStreams: C:\Users\atlus\OneDrive\Documents\My Kindle Content:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194] AlternateDataStreams: C:\Users\atlus\OneDrive\Documents\TC:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194] AlternateDataStreams: C:\Users\atlus\OneDrive\Documents\YouTubeDownloads:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194] AlternateDataStreams: C:\Users\Public\AppData:CSM [468] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2017-03-18 17:03 - 2017-03-18 17:01 - 000000824 ____C C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-2841152593-433718655-1887091617-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [UDP Query User{1539A94A-704C-4A0B-A86F-E6A934019B86}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{AC0731BA-7FF0-44AD-9E72-A11BDF315BA8}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{04667F5F-E408-454D-90CE-59E6024F105E}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{B990F12A-9C50-4915-91DB-C36430D788CF}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{4728E94B-6996-41CF-8112-D8B5991A4D9B}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{3C0EB273-24F6-4F9D-86E3-520739CFB9D5}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{C1C9AF95-754F-410C-BD8F-F58016EB11AF}C:\jts\tws.exe] => (Allow) C:\jts\tws.exe (Interactive Brokers Group, Inc. -> Interactive Brokers LLC) FirewallRules: [TCP Query User{0D0F8764-2F12-46AD-B8B4-9180914228D4}C:\jts\tws.exe] => (Allow) C:\jts\tws.exe (Interactive Brokers Group, Inc. -> Interactive Brokers LLC) FirewallRules: [{48D70421-EF8C-42C1-8130-AC0C95174BBF}] => (Block) C:\program files (x86)\netgear genie\bin\netgeargenie.exe (Netgear Incorporated -> NETGEAR Inc.) FirewallRules: [{9375787C-9267-4D00-AC63-AF4B83EE3329}] => (Block) C:\program files (x86)\netgear genie\bin\netgeargenie.exe (Netgear Incorporated -> NETGEAR Inc.) FirewallRules: [UDP Query User{CC13E7E3-6CA3-4DF6-925B-5F0733D6FA62}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe (Netgear Incorporated -> NETGEAR Inc.) FirewallRules: [TCP Query User{4C3E5BA4-57F5-4047-9444-91D288AF0439}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe (Netgear Incorporated -> NETGEAR Inc.) FirewallRules: [{04F09750-A3FD-456B-AD84-94008A98540D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Golf Club VR\golfvr.exe () [File not signed] FirewallRules: [{B50B1C21-7C93-4E06-8FB2-568B00C95A52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Golf Club VR\golfvr.exe () [File not signed] FirewallRules: [{FA8E4AF3-6CF9-499C-A9E6-6CB7A4952526}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File FirewallRules: [{977961A1-D994-4858-B0E8-BC7DB6F194F0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File FirewallRules: [{39053CCF-6463-42ED-B21D-5380CDF93D63}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{3CF8A87E-9C1C-4E6D-8F04-55A1BBA71776}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{214551BB-0013-4A16-8AFC-93C865E29EEE}] => (Allow) LPort=8318 FirewallRules: [{D624A299-A9EC-461E-A585-A877018B30E0}] => (Allow) LPort=8298 FirewallRules: [{F742CA52-A298-4208-AD2F-B2D8457ABCBE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{C991143B-427E-41C0-A2CC-7393C4F45E7C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{559F0704-3DF5-4DBB-8901-00B610B04439}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{0E7CE527-7025-4EBD-9329-6A730A870948}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{E2B6BE40-3DB2-4C0E-B480-2152143A875C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{B1F8BBEC-7145-44FE-AB1E-7DFD4F7A8FDD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{B783FA74-8D14-417D-BF3B-1B187041C5C6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{4559AFBB-EC3E-4924-9C5C-4B741F780460}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{E09198C6-BB9F-4870-B591-587C41E9FF71}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{F2A50501-49F0-4881-8E1E-5495072AD8AF}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> ) FirewallRules: [{16E26D06-E4C8-4DD9-A035-F23E08B53A50}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{2F36C96D-B867-45AC-89D1-3F0C0A778601}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{8068796A-8D07-4C9F-BA52-33FCCBE8D07E}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.) FirewallRules: [{9DFB6FE1-339F-4240-A45F-B22CE2192E86}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.) FirewallRules: [{F1109FFF-89FC-43F5-BFBA-CFCF4498098D}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts, Inc. -> Electronic Arts Inc.) FirewallRules: [{C2655607-252B-4DF6-A8D5-DC76735460E1}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts, Inc. -> Electronic Arts Inc.) FirewallRules: [{BFAF9B33-A031-45C0-B23D-438D64BF52CF}] => (Allow) LPort=8299 FirewallRules: [{AE6808ED-A718-4BB5-A75A-B15E47E2D260}] => (Allow) LPort=8319 FirewallRules: [{6E183971-645D-4974-B2F0-D6953CE0B173}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{BE4BDC04-67AE-407A-8DC1-1AF4A813BDC4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{B0DD6AA2-F700-4561-B6DA-1FAD61A999A8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{80C80D15-737D-4368-AFE8-6F4E762F1E0B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{30372D1D-8915-4FCA-B205-F5D86DD73C1E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{2302093C-EAF3-4A44-B19F-D363C862D65C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{AF23154E-BECE-4ED1-81EB-59F8F7FEFDF2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{D562217C-4C8C-459C-AF1D-BF6AF4BBCE6C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{535B34B4-9B82-42AB-BE71-72E57564F2A9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{4ED280F1-180F-434D-9966-E9B15A38632B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{AE333D64-D655-4648-9B22-631CB37175CF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{82141681-2E62-490C-8986-A5E2EDB848F8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{73243E14-F42C-4260-A173-CA3AF27F94C4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{7AA9AFD9-D0D4-4F57-9B0F-13152AFF9483}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) ==================== Restore Points ========================= ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (08/05/2019 08:08:25 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program LockApp.exe version 10.0.17134.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 31a8 Start Time: 01d54979fc9b8bd0 Termination Time: 4294967295 Application Path: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe Report Id: 62842796-6eb5-458f-b962-191843405b0c Faulting package full name: Microsoft.LockApp_10.0.17134.1_neutral__cw5n1h2txyewy Faulting package-relative application ID: WindowsDefaultLockScreen Error: (08/05/2019 01:54:49 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: GenieTimelineService.exe, version: 7.0.1.100, time stamp: 0x5856675f Faulting module name: ntdll.dll, version: 10.0.17134.799, time stamp: 0x7f828745 Exception code: 0xc0000005 Fault offset: 0x0000000000024989 Faulting process id: 0x50a4 Faulting application start time: 0x01d54ba14a4b5992 Faulting application path: C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report Id: a86ca4ba-bb72-476d-8ec1-907f196f59df Faulting package full name: Faulting package-relative application ID: Error: (08/05/2019 11:20:05 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: GenieTimelineService.exe, version: 7.0.1.100, time stamp: 0x5856675f Faulting module name: ntdll.dll, version: 10.0.17134.799, time stamp: 0x7f828745 Exception code: 0xc0000005 Fault offset: 0x0000000000024989 Faulting process id: 0x1cf4 Faulting application start time: 0x01d54b9e5fbda344 Faulting application path: C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report Id: 105b2e85-8398-4fec-b61f-13affbe9ace6 Faulting package full name: Faulting package-relative application ID: Error: (08/05/2019 10:59:29 AM) (Source: COM) (EventID: 10031) (User: ) Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {41FD88F7-F295-4D39-91AC-A85F3149A05B} was rejected Error: (08/05/2019 10:59:17 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: GenieTimelineService.exe, version: 7.0.1.100, time stamp: 0x5856675f Faulting module name: ntdll.dll, version: 10.0.17134.799, time stamp: 0x7f828745 Exception code: 0xc0000005 Fault offset: 0x0000000000024989 Faulting process id: 0x34b0 Faulting application start time: 0x01d549b73fd2550d Faulting application path: C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report Id: eb40c0d4-761d-4041-bbdc-ac2fd513746b Faulting package full name: Faulting package-relative application ID: Error: (08/03/2019 12:52:09 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: GenieTimelineService.exe, version: 7.0.1.100, time stamp: 0x5856675f Faulting module name: ntdll.dll, version: 10.0.17134.799, time stamp: 0x7f828745 Exception code: 0xc0000005 Fault offset: 0x0000000000024989 Faulting process id: 0x47ac Faulting application start time: 0x01d5497fd59f45b0 Faulting application path: C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report Id: b8b5e19e-6866-4cfa-a92c-90ca3fc2c3ee Faulting package full name: Faulting package-relative application ID: Error: (08/02/2019 06:15:39 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: GenieTimelineService.exe, version: 7.0.1.100, time stamp: 0x5856675f Faulting module name: ntdll.dll, version: 10.0.17134.799, time stamp: 0x7f828745 Exception code: 0xc0000005 Fault offset: 0x0000000000024989 Faulting process id: 0x1048 Faulting application start time: 0x01d54979f76ea6e8 Faulting application path: C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report Id: 9f5ed924-496c-4a5f-958b-da72087dd516 Faulting package full name: Faulting package-relative application ID: Error: (08/02/2019 05:33:08 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: ZeroConfigService.exe, version: 19.60.0.0, time stamp: 0x58d16fa6 Faulting module name: ZeroConfigService.exe, version: 19.60.0.0, time stamp: 0x58d16fa6 Exception code: 0xc0000409 Fault offset: 0x000000000022af80 Faulting process id: 0x1198 Faulting application start time: 0x01d53fc117c0c810 Faulting application path: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Faulting module path: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Report Id: d6e5de62-46e2-4c9c-8bdc-f66980777f6b Faulting package full name: Faulting package-relative application ID: System errors: ============= Error: (08/08/2019 02:33:14 PM) (Source: DCOM) (EventID: 10016) (User: MSI) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} and APPID {8BC3F05E-D86B-11D0-A075-00C04FB68820} to the user MSI\atlus SID (S-1-5-21-2841152593-433718655-1887091617-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool. Error: (08/08/2019 02:33:14 PM) (Source: DCOM) (EventID: 10016) (User: MSI) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} and APPID {8BC3F05E-D86B-11D0-A075-00C04FB68820} to the user MSI\atlus SID (S-1-5-21-2841152593-433718655-1887091617-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool. Error: (08/08/2019 10:33:41 AM) (Source: DCOM) (EventID: 10016) (User: MSI) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} and APPID {8BC3F05E-D86B-11D0-A075-00C04FB68820} to the user MSI\atlus SID (S-1-5-21-2841152593-433718655-1887091617-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool. Error: (08/08/2019 06:34:09 AM) (Source: DCOM) (EventID: 10016) (User: MSI) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} and APPID {8BC3F05E-D86B-11D0-A075-00C04FB68820} to the user MSI\atlus SID (S-1-5-21-2841152593-433718655-1887091617-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool. Error: (08/07/2019 12:40:45 PM) (Source: DCOM) (EventID: 10016) (User: MSI) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} and APPID {8BC3F05E-D86B-11D0-A075-00C04FB68820} to the user MSI\atlus SID (S-1-5-21-2841152593-433718655-1887091617-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool. Error: (08/07/2019 10:33:01 AM) (Source: DCOM) (EventID: 10016) (User: MSI) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} and APPID {8BC3F05E-D86B-11D0-A075-00C04FB68820} to the user MSI\atlus SID (S-1-5-21-2841152593-433718655-1887091617-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool. Error: (08/07/2019 09:49:16 AM) (Source: DCOM) (EventID: 10016) (User: MSI) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} and APPID {8BC3F05E-D86B-11D0-A075-00C04FB68820} to the user MSI\atlus SID (S-1-5-21-2841152593-433718655-1887091617-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool. Error: (08/06/2019 10:11:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Windows Defender: =================================== Date: 2019-06-09 10:14:43.785 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {348D6BF0-9490-4C66-B223-C4793BFB6A24} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2019-06-05 17:22:18.206 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {68638A97-4816-4E9B-B1C2-90788622BF1D} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2019-06-05 17:14:18.592 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {5D97F875-80B0-401A-B7DF-1E11DECAD2AF} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2019-05-17 09:39:05.922 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {968FFC42-D574-4161-9678-3C99B1550858} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2019-05-17 09:04:13.970 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {6AB7AF03-5B6F-436E-B8BA-BA4170B9DD44} Scan Type: Antimalware Scan Parameters: Quick Scan CodeIntegrity: =================================== Date: 2019-08-07 13:11:20.716 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements. Date: 2019-08-07 13:11:20.711 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements. Date: 2019-08-07 13:11:14.651 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements. Date: 2019-08-07 13:11:14.643 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements. Date: 2019-08-07 08:23:08.260 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements. Date: 2019-08-07 08:23:08.256 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements. Date: 2019-08-06 08:51:10.308 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements. Date: 2019-08-06 08:51:10.301 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements. ==================== Memory info =========================== BIOS: American Megatrends Inc. E16J9IMS.31A 07/11/2017 Motherboard: Micro-Star International Co., Ltd. MS-16J9 Processor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz Percentage of memory in use: 88% Total physical RAM: 8111.84 MB Available physical RAM: 896.14 MB Total Virtual: 17327.84 MB Available Virtual: 4460.39 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:143.08 GB) (Free:8.77 GB) NTFS Drive d: (Data) (Fixed) (Total:72.33 GB) (Free:43.98 GB) NTFS \\?\Volume{d6722152-ccfa-45ae-a00c-0470ebdaab59}\ (WinRE tools) (Fixed) (Total:0.88 GB) (Free:0.46 GB) NTFS \\?\Volume{350436c9-bbe1-426b-bab7-b63a274088b9}\ (BIOS_RVY) (Fixed) (Total:21.77 GB) (Free:1.1 GB) NTFS \\?\Volume{a2a6bbd3-f82f-425d-85df-44dbe7b08fbb}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 238.5 GB) (Disk ID: E4F6F460) Partition: GPT. ==================== End of Addition.txt ============================ Malwarebytes [URL="http://www.malwarebytes.com"]www.malwarebytes.com[/URL] -Log Details- Scan Date: 8/5/19 Scan Time: 11:00 AM Log File: bc5353d7-b791-11e9-a00f-4ccc6adf6900.json -Software Information- Version: 3.8.3.2965 Components Version: 1.0.613 Update Package Version: 1.0.11870 License: Expired -System Information- OS: Windows 10 (Build 17134.885) CPU: x64 File System: NTFS User: System -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Scheduler Result: Completed Objects Scanned: 302565 Threats Detected: 0 Threats Quarantined: 0 Time Elapsed: 5 min, 20 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) [/QUOTE]
Insert quotes…
Verification
Post reply
Top
