Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Above my skill level to correct my computer


  • This topic is locked This topic is locked
10 replies to this topic

#1 kalvix

kalvix

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:58 AM

Posted 04 January 2018 - 09:46 AM

Can you please help me. my computer is running like crud.  it is slow and most of the time my internet times out. this has only happened in the last 2 weeks.

I don't know what Fission--9.exe is or diode-87.exe or switcher-5.exe then i am apparently missing lots of tiles.  also,when i right click on the window in the corner, the Control Panel option has gone missing.  When i try to go onto the internet, pages seem to time out before they are loaded.  it is quite a challenge to reload pages multiple times including this blog to get it to refresh and actually load. 

 

Please help.  Thanks!!!

 

here is my hijack blog:

 

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 9:43:48 AM, on 1/4/2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0098)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
C:\ProgramData\switcher-4\switcher-5.exe
C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
C:\Users\Keoni Denison\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Keoni Denison\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files (x86)\Windows Photo Viewer\ImagingDevices.exe
C:\Program Files (x86)\Lenovo\OneLink Dock\onelinkpromgn.exe
C:\Program Files (x86)\SmarThru Office\BackUpSvr.exe
C:\Windows\Dell\PanelMgr\SSMMgr.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files\Lenovo\Communications Utility\tpknrres.exe
C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
F2 - REG:system.ini: UserInit=
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [STO Backup Service] C:\Program Files (x86)\SmarThru Office\BackUpSvr.exe
O4 - HKLM\..\Run: [STO Launcher Service] C:\Program Files (x86)\SmarThru Office\x64\LegacyLauncher.exe /run
O4 - HKLM\..\Run: [Dell PanelMgr] C:\windows\Dell\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [2145cn Scan2PC] "C:\Windows\twain_32\Dell\DELL2145\Scan2Pc.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe" 60
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKCU\..\Run: [HP Officejet 7610 series (NET)] "C:\Program Files\HP\HP Officejet 7610 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN3BH3MGTS05SP:NW" -scfn "HP Officejet 7610 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Keoni Denison\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Google Update] C:\Users\Keoni Denison\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [BingSvc] C:\Users\Keoni Denison\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [acprcCsp] C:\Users\Keoni Denison\AppData\Roaming\Microsoft\AcXtldpc\Actiapin.exe
O4 - HKCU\..\Run: [bthpkend] C:\Users\Keoni Denison\AppData\Roaming\Microsoft\Acceeter\audiedia.exe
O4 - HKCU\..\Run: [Actiards] C:\Users\Keoni Denison\AppData\Roaming\Microsoft\Adobpi32\Actileui.exe
O4 - HKCU\..\Run: [canoieDS] C:\Users\Keoni Denison\AppData\Roaming\Microsoft\Accodeui\authicom.exe
O4 - HKCU\..\Run: [fission-0] C:\ProgramData\fission-8\fission-9.exe -k
O4 - Startup: diode-1.lnk = Keoni Denison\AppData\Local\diode-6\diode-87.exe
O4 - Startup: Synology Cloud Station.lnk = C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe
O4 - Global Startup: ThinkPad OneLink Dock Management.lnk = ?
O8 - Extra context menu item: Capture Selection - C:\Program Files (x86)\SmarThru Office\WebCapture.dll2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Save as HTML - C:\Program Files (x86)\SmarThru Office\WebCapture.dll1.htm
O8 - Extra context menu item: Save Selected Text - C:\Program Files (x86)\SmarThru Office\WebCapture.dll.htm
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Web Capture - C:\Program Files (x86)\SmarThru Office\WebCapture.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Web Capture - {7BDBFB9E-FD6E-43c2-937A-5C9F33FEBE5F} - C:\Program Files (x86)\SmarThru Office\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: Web Capture - {7BDBFB9E-FD6E-43c2-937A-5C9F33FEBE5F} - C:\Program Files (x86)\SmarThru Office\WebCapture.dll (HKCU)
O9 - Extra button: Capture Selection - {A36A58CC-70D5-4462-9C90-C0E9D244B230} - C:\Program Files (x86)\SmarThru Office\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: Capture Selection - {A36A58CC-70D5-4462-9C90-C0E9D244B230} - C:\Program Files (x86)\SmarThru Office\WebCapture.dll (HKCU)
O9 - Extra button: Save Selected Text - {A5183750-A927-4ec3-B027-C633A2D5418C} - C:\Program Files (x86)\SmarThru Office\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: Save Selected Text - {A5183750-A927-4ec3-B027-C633A2D5418C} - C:\Program Files (x86)\SmarThru Office\WebCapture.dll (HKCU)
O9 - Extra button: Save as HTML - {BDC4DF0E-D605-48d6-B4AF-CA5927A463EE} - C:\Program Files (x86)\SmarThru Office\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: Save as HTML - {BDC4DF0E-D605-48d6-B4AF-CA5927A463EE} - C:\Program Files (x86)\SmarThru Office\WebCapture.dll (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVControlCenter - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Connect2 Hotspot Service (connect2hotspot) - Lenovo - C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: GoPro Device Detection Service (GoProDeviceDetectionService) - Unknown owner - C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: @oem37.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe (file missing)
O23 - Service: @oem65.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel® HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @oem35.inf,%ImcSvcDisplayName%;System Interface Foundation Service (ImControllerService) - Lenovo Group Limited - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® Wireless Bluetooth® 4.0 Radio Management - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo Settings Service - Lenovo Group Limited - C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
O23 - Service: Lenovo AVFramework Camera Privacy Controller (LENOVO.CAMMUTE) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\cammute.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo AVFramework Microphone Volume Controller and Dolby Interface (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe
O23 - Service: Lenovo AVFramework Virtual Camera Controller Service (LENOVO.TVTVCAM) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: Lenovo Settings Mobile Hotspot Service (LnvHotSpotSvc) - Lenovo - C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe
O23 - Service: LocationTaskManager - Unknown owner - C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
O23 - Service: @oem37.inf,%Lenovo.svcDesc1%;Lenovo Platform Service (LPlatSvc) - Unknown owner - C:\WINDOWS\system32\LPlatSvc.exe (file missing)
O23 - Service: Lenovo Solution Center System Service (LSC.Services.SystemService) - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo QuickControl Master Service (QuickControlMasterSvc) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe
O23 - Service: Lenovo QuickControl Service (QuickControlService) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: UsbClientService - Unknown owner - C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
O23 - Service: @oem103.inf,%WBFService_SvcDesc%;Synaptics FP WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\WINDOWS\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @oem103.inf,%BioSyncService_SvcDesc%;BiometricSensorDataSynchronization (valWbioSyncSvc) - Unknown owner - C:\WINDOWS\system32\valWbioSyncSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 19974 bytes
 


Edited by kalvix, 04 January 2018 - 12:31 PM.


BC AdBot (Login to Remove)

 


#2 kalvix

kalvix
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:58 AM

Posted 04 January 2018 - 12:13 PM

FRST File Log:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.01.2018
Ran by Keoni Denison (administrator) on LENOVO-PC (04-01-2018 12:09:12)
Running from C:\Users\Keoni Denison\Downloads
Loaded Profiles: Keoni Denison (Available Profiles: Keoni Denison)
Platform: Windows 10 Home Version 1709 16299.125 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\Service\Lenovo.Modern.ImController.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\avfaudiosw.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlInput.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlInput.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\ProgramData\switcher-4\switcher-5.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\dfrctl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
() C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 7610 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 7610 series\Bin\HPNetworkCommunicatorCom.exe
(© 2015 Microsoft Corporation) C:\Users\Keoni Denison\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Photo Viewer\ImagingDevices.exe
() C:\Program Files (x86)\Lenovo\OneLink Dock\onelinkpromgn.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\SmarThru Office\BackUpSvr.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\SmarThru Office\x64\LegacyLauncher.exe
() C:\Windows\Dell\PanelMgr\SSMMgr.exe
() C:\Windows\Dell\PanelMgr\caller64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(PowerISO Computing, Inc.) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
() C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\tpknrres.exe
() C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\cammute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\vcamsvchlpr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Trend Micro Inc.) C:\Users\Keoni Denison\Downloads\HijackThis(1).exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RtsCM] => C:\WINDOWS\RTSCM64.EXE [151768 2013-09-19] (Realtek Semiconductor Corp.)
HKLM\...\Run: [LnvMobHotspotClient] => C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [937968 2014-08-12] (Lenovo)
HKLM\...\Run: [LMCSSTART1] => C:\windows\SysWOW64\lmcfrundll.exe C:\Program Files\Lenovo\Communications Utility\libmcsrdllb.dll,InitSubsystemProcesses
HKLM\...\Run: [LMCSSTART2] => C:\windows\SysWOW64\lmcfrundll.exe C:\Program Files\Lenovo\Communications Utility\libstartstub2.dll,ProxyStart
HKLM\...\Run: [LMCSSTART3] => C:\windows\SysWOW64\lmcfrundll.exe C:\Program Files\Lenovo\Communications Utility\libmcsrdllb.dll,SetupCamplusDrop
HKLM\...\Run: [GoPro Tray App] => C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe [866224 2016-10-11] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [AdobeAAMUpdater-1.0] => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM-x32\...\Run: [STO Backup Service] => C:\Program Files (x86)\SmarThru Office\BackUpSvr.exe [184320 2010-08-03] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [STO Launcher Service] => C:\Program Files (x86)\SmarThru Office\x64\LegacyLauncher.exe [381440 2010-08-03] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Dell PanelMgr] => C:\windows\Dell\PanelMgr\SSMMgr.exe [633320 2013-03-25] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2017-05-08] (Apple Inc.)
HKLM-x32\...\Run: [2145cn Scan2PC] => C:\Windows\twain_32\Dell\DELL2145\Scan2Pc.exe [907264 2013-01-15] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-16] (Apple Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [180224 2010-04-12] (PowerISO Computing, Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe [1178400 2015-08-14] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2017-11-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3500056 2017-11-01] (Adobe Systems Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1137034981-1362270290-743441989-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1137034981-1362270290-743441989-1001\...\Run: [HP Officejet 7610 series (NET)] => C:\Program Files\HP\HP Officejet 7610 series\Bin\ScanToPCActivationApp.exe [2631784 2012-10-21] (Hewlett-Packard Co.)
HKU\S-1-5-21-1137034981-1362270290-743441989-1001\...\Run: [Google Update] => C:\Users\Keoni Denison\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe [601680 2017-11-13] (Google Inc.)
HKU\S-1-5-21-1137034981-1362270290-743441989-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1137034981-1362270290-743441989-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27545056 2017-02-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1137034981-1362270290-743441989-1001\...\Run: [BingSvc] => C:\Users\Keoni Denison\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1137034981-1362270290-743441989-1001\...\Run: [acprcCsp] => C:\Users\Keoni Denison\AppData\Roaming\Microsoft\AcXtldpc\Actiapin.exe
HKU\S-1-5-21-1137034981-1362270290-743441989-1001\...\Run: [bthpkend] => C:\Users\Keoni Denison\AppData\Roaming\Microsoft\Acceeter\audiedia.exe [1652224 2017-12-15] (ELEKS)
HKU\S-1-5-21-1137034981-1362270290-743441989-1001\...\Run: [Actiards] => C:\Users\Keoni Denison\AppData\Roaming\Microsoft\Adobpi32\Actileui.exe [467968 2017-12-27] ()
HKU\S-1-5-21-1137034981-1362270290-743441989-1001\...\Run: [canoieDS] => C:\Users\Keoni Denison\AppData\Roaming\Microsoft\Accodeui\authicom.exe [1652224 2017-12-27] ()
HKU\S-1-5-21-1137034981-1362270290-743441989-1001\...\Run: [fission-0] => C:\ProgramData\fission-8\fission-9.exe [647816 2017-11-06] ()
HKU\S-1-5-21-1137034981-1362270290-743441989-1001\...\Winlogon: [Shell] C:\ProgramData\switcher-4\switcher-5.exe -1,explorer.exe <==== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ThinkPad OneLink Dock Management.lnk [2014-10-23]
ShortcutTarget: ThinkPad OneLink Dock Management.lnk -> C:\Program Files (x86)\Lenovo\OneLink Dock\onelinkpromgn.exe ()
Startup: C:\Users\Keoni Denison\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\diode-1.lnk [2017-12-29]
ShortcutTarget: diode-1.lnk -> C:\Users\Keoni Denison\AppData\Local\diode-6\diode-87.exe ()
Startup: C:\Users\Keoni Denison\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station.lnk [2017-12-27]
ShortcutTarget: Synology Cloud Station.lnk -> C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe (Synology Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c92c8dc6-44f6-41c5-9a0f-28037574dff3}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e3da4800-feb9-4da7-a025-7b8c27d01837}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1137034981-1362270290-743441989-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKU\S-1-5-21-1137034981-1362270290-743441989-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://home.lenovo.com
SearchScopes: HKU\S-1-5-21-1137034981-1362270290-743441989-1001 -> DefaultScope {C4809B2B-2E59-4815-A276-DD2CDCF50129} URL =
SearchScopes: HKU\S-1-5-21-1137034981-1362270290-743441989-1001 -> {C4809B2B-2E59-4815-A276-DD2CDCF50129} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2017-11-21] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-11-01] (Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-11-21] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-11-01] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2017-08-15] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-11-01] (Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2017-11-21] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-11-01] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-11-01] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-11-01] (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Keoni Denison\AppData\Roaming\Mozilla\Firefox\Profiles\jcejttad.default [2018-01-04]
FF Homepage: Mozilla\Firefox\Profiles\jcejttad.default -> hxxps://www.google.com/
FF Extension: (Download YouTube Videos as MP4) - C:\Users\Keoni Denison\AppData\Roaming\Mozilla\Firefox\Profiles\jcejttad.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2017-02-15] [Legacy]
FF SearchPlugin: C:\Users\Keoni Denison\AppData\Roaming\Mozilla\Firefox\Profiles\jcejttad.default\searchplugins\bing-.xml [2017-03-13]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2017-11-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-11-04] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2014-11-04] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1137034981-1362270290-743441989-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Keoni Denison\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-01-26] (Citrix Online)
FF Plugin HKU\S-1-5-21-1137034981-1362270290-743441989-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Keoni Denison\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1137034981-1362270290-743441989-1001: @talk.google.com/O1DPlugin -> C:\Users\Keoni Denison\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1137034981-1362270290-743441989-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Keoni Denison\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin HKU\S-1-5-21-1137034981-1362270290-743441989-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Keoni Denison\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin HKU\S-1-5-21-1137034981-1362270290-743441989-1001: SkypeForBusinessPlugin-16.2 -> C:\Users\Keoni Denison\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.172\npGatewayNpapi.dll [2017-01-27] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-1137034981-1362270290-743441989-1001: SkypeForBusinessPlugin64-16.2 -> C:\Users\Keoni Denison\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.172\npGatewayNpapi-x64.dll [2017-01-27] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Keoni Denison\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Keoni Denison\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Keoni Denison\AppData\Local\Google\Chrome\User Data\Default [2018-01-04]
CHR Extension: (Slides) - C:\Users\Keoni Denison\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16]
CHR Extension: (Docs) - C:\Users\Keoni Denison\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Google Drive) - C:\Users\Keoni Denison\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (YouTube) - C:\Users\Keoni Denison\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Google Search) - C:\Users\Keoni Denison\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Keoni Denison\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-12-20]
CHR Extension: (Sheets) - C:\Users\Keoni Denison\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-16]
CHR Extension: (Google Docs Offline) - C:\Users\Keoni Denison\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Keoni Denison\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-11]
CHR Extension: (Gmail) - C:\Users\Keoni Denison\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-07]
CHR Extension: (Chrome Media Router) - C:\Users\Keoni Denison\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-28]
CHR Profile: C:\Users\Keoni Denison\AppData\Local\Google\Chrome\User Data\System Profile [2017-12-27]
CHR HKU\S-1-5-21-1137034981-1362270290-743441989-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-11-01]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [771672 2017-03-14] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R2 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [560584 2015-01-21] (Lenovo Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058416 2017-09-05] (Microsoft Corporation)
S2 connect2hotspot; C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe [100680 2016-12-23] (Lenovo)
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1099280 2017-03-28] (Garmin Ltd. or its subsidiaries)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [37808 2016-10-11] ()
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89352 2014-09-15] (Hewlett-Packard Company)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [184064 2016-12-12] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [382456 2016-11-23] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [68408 2017-11-12] (Lenovo Group Limited)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
R2 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-19] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [207648 2015-08-14] (Intel Corporation)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2016472 2015-01-23] (Lenovo Group Limited)
R3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [626120 2015-01-21] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
S3 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [474608 2014-08-12] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [469720 2015-01-09] ()
R2 LPlatSvc; C:\WINDOWS\system32\LPlatSvc.exe [710144 2016-09-06] (Lenovo.)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (Lenovo)
R2 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [59384 2013-07-16] (Lenovo Group Limited)
R3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [138232 2013-07-16] (Lenovo Group Limited)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324584 2017-08-03] (Realtek Semiconductor)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [23928 2017-08-16] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [259176 2016-10-03] (Synaptics Incorporated)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736 2014-12-17] () [File not signed]
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [86544 2016-07-13] (Synaptics Incorporated)
R2 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [56848 2016-07-13] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 CM3218x; C:\WINDOWS\System32\drivers\WUDFRd.sys [259584 2017-09-29] (Microsoft Corporation)
R3 CPLMACPI; C:\WINDOWS\System32\drivers\CPLMACPI.sys [19592 2014-06-19] (Capella Microsystems, Inc.)
S2 DgiVecp; C:\windows\system32\Drivers\DgiVecp.sys [53816 2011-01-07] (Samsung Electronics Co., Ltd.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [531440 2015-07-29] (Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230656 2016-12-12] (Intel Corporation)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [77992 2013-10-04] (Intel Corporation)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [47008 2013-07-31] ()
S3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [44480 2011-05-17] (hxxp://libusb-win32.sourceforge.net)
R3 LnvHIDHW; C:\WINDOWS\System32\drivers\LnvHIDHW.sys [29496 2014-04-07] (Lenovo)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3529728 2017-10-17] (Intel Corporation)
S3 pmxdrv; C:\WINDOWS\system32\drivers\pmxdrv.sys [31152 2017-12-05] ()
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [8874712 2013-09-19] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51296 2016-10-03] (Synaptics Incorporated)
R1 SMIDriver; C:\WINDOWS\system32\DRIVERS\smi.sys [39488 2016-07-13] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-04 12:09 - 2018-01-04 12:09 - 000053314 _____ C:\Users\Keoni Denison\Downloads\FRST.txt
2018-01-04 12:09 - 2018-01-04 12:09 - 000000000 ____D C:\FRST
2018-01-04 12:08 - 2018-01-04 12:08 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2018-01-04 10:54 - 2018-01-04 10:54 - 002393088 _____ (Farbar) C:\Users\Keoni Denison\Downloads\FRST64.exe
2018-01-04 10:02 - 2018-01-04 10:02 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign89878d9a226f725c
2018-01-04 10:02 - 2018-01-04 10:02 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign2594ecc08ffb6634
2018-01-04 08:38 - 2018-01-04 08:38 - 000024800 _____ (Microsoft Corporation) C:\WINDOWS\system32\tmpidcrl.dll
2018-01-03 16:21 - 2018-01-03 16:21 - 000154633 _____ C:\Users\Keoni Denison\Downloads\applied_payments (7).csv
2018-01-03 14:43 - 2018-01-03 14:43 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign9895ee4617775451
2018-01-03 14:42 - 2018-01-03 14:42 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign20d64d7f4460a18a
2018-01-03 13:42 - 2018-01-03 13:42 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsigncec7f320c6d36943
2018-01-03 13:42 - 2018-01-03 13:42 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign5cf79d22c45b5e8c
2018-01-03 11:43 - 2018-01-03 11:43 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign87b2c84a28351be5
2018-01-03 11:37 - 2018-01-03 11:37 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsignb3ed65083ab9a16f
2018-01-03 09:40 - 2018-01-03 09:40 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsignbb8733f786be49cd
2018-01-03 09:40 - 2018-01-03 09:40 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign434f878dcc15dade
2018-01-03 08:38 - 2018-01-03 08:38 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign5444caa6aed82a76
2018-01-03 08:32 - 2018-01-03 08:32 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsignfe21977844a12bd6
2018-01-02 11:25 - 2018-01-02 11:25 - 014807840 _____ C:\Users\Keoni Denison\Downloads\epson12203.exe
2018-01-02 10:15 - 2018-01-02 10:15 - 000000000 ____D C:\Users\Keoni Denison\Documents\Andrew Scott Brooks
2017-12-29 13:57 - 2017-12-29 13:57 - 000000000 ____D C:\Users\Keoni Denison\AppData\Roaming\Big Fish Games
2017-12-29 10:31 - 2017-12-29 10:31 - 000445865 _____ C:\Users\Keoni Denison\Desktop\NDA - ccg website - Keoni Denison.pdf
2017-12-29 10:30 - 2017-12-29 10:30 - 000441911 _____ C:\Users\Keoni Denison\Desktop\FOX - CCG - AGREEMENT BETWEEN CUSTOMER AND CONTRACTOR.pdf
2017-12-29 08:17 - 2017-12-29 08:17 - 000114224 _____ C:\Users\Keoni Denison\Downloads\Next Level Customs-125335-Banner-invoice (2).pdf
2017-12-29 08:14 - 2017-12-29 08:14 - 000114103 _____ C:\Users\Keoni Denison\Downloads\Next Level Customs-125698-food truck wraps-invoice.pdf
2017-12-29 08:13 - 2017-12-29 08:13 - 000103686 _____ C:\Users\Keoni Denison\Downloads\Next Level Customs-125457-Rocky Mount Toyota Tundra-invoice (1).pdf
2017-12-29 06:53 - 2017-12-29 06:54 - 009909123 _____ C:\Users\Keoni Denison\Downloads\DJ Booth Artwork.zip
2017-12-28 15:50 - 2017-12-28 15:50 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign10f33a66b4b7f038
2017-12-28 07:11 - 2017-12-28 07:11 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign02cb7b1570b2a698
2017-12-28 07:10 - 2017-12-28 07:10 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign5c424044f4e05802
2017-12-27 21:17 - 2017-12-03 17:38 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-12-27 21:17 - 2017-12-03 17:38 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-12-27 07:48 - 2017-12-27 07:48 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign1361c1b8f515cb89
2017-12-27 07:48 - 2017-12-27 07:48 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign00a9cfba7c6edbc6
2017-12-26 12:10 - 2017-12-29 12:25 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\diode-6
2017-12-25 06:59 - 2017-12-25 06:59 - 000000000 ____D C:\Users\Keoni Denison\AppData\Roaming\Artogon
2017-12-24 07:15 - 2017-12-24 07:15 - 000002285 _____ C:\Users\Public\Desktop\Play Redemption Cemetery - Curse of the Raven.lnk
2017-12-24 07:15 - 2017-12-24 07:15 - 000000000 ____D C:\Users\Keoni Denison\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Redemption Cemetery - Curse of the Raven
2017-12-24 07:15 - 2017-12-24 07:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Redemption Cemetery - Curse of the Raven
2017-12-24 07:15 - 2017-12-24 07:15 - 000000000 ____D C:\Program Files (x86)\Redemption Cemetery - Curse of the Raven
2017-12-24 07:13 - 2017-12-24 07:13 - 000002283 _____ C:\Users\Public\Desktop\Play Treasure Seekers - The Time Has Come.lnk
2017-12-23 22:20 - 2017-12-24 07:13 - 000000000 ____D C:\Program Files (x86)\Treasure Seekers - The Time Has Come
2017-12-23 22:20 - 2017-12-23 22:20 - 000000000 ____D C:\Users\Keoni Denison\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Treasure Seekers - The Time Has Come
2017-12-23 22:20 - 2017-12-23 22:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Treasure Seekers - The Time Has Come
2017-12-23 22:16 - 2017-12-23 22:16 - 000002190 _____ C:\Users\Public\Desktop\Play Mystery Case Files - 13th Skull.lnk
2017-12-23 22:15 - 2017-12-23 22:16 - 000000000 ____D C:\Program Files (x86)\Mystery Case Files - 13th Skull
2017-12-23 22:15 - 2017-12-23 22:15 - 000000000 ____D C:\Users\Keoni Denison\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mystery Case Files - 13th Skull
2017-12-23 22:15 - 2017-12-23 22:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mystery Case Files - 13th Skull
2017-12-21 16:22 - 2017-12-21 16:22 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign6cec641fe602dd64
2017-12-21 16:22 - 2017-12-21 16:22 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign18d4158436833072
2017-12-20 11:03 - 2017-12-20 11:03 - 000103807 _____ C:\Users\Keoni Denison\Downloads\Pipe Tech-125977-Partial Wrap on Utility Vehicle-invoice.pdf
2017-12-20 08:47 - 2017-12-20 08:47 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign1893da48e32db08e
2017-12-20 08:20 - 2017-12-20 08:20 - 000103853 _____ C:\Users\Keoni Denison\Downloads\Island Breeze-126073-Ford Transit Connect-invoice.pdf
2017-12-20 07:20 - 2017-12-20 07:20 - 000000000 ____D C:\Users\Keoni Denison\AppData\Roaming\Alawar
2017-12-19 14:41 - 2017-12-19 14:41 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsigna4a994365048cdf9
2017-12-19 14:28 - 2017-12-19 14:28 - 000150575 _____ C:\Users\Keoni Denison\Downloads\applied_payments (6).csv
2017-12-17 15:18 - 2017-12-27 10:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-12-17 15:11 - 2018-01-04 07:19 - 000000000 ____D C:\ProgramData\TEMP
2017-12-17 15:11 - 2017-12-17 15:11 - 000002007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Manager.lnk
2017-12-17 15:11 - 2017-12-17 15:11 - 000001208 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\More Great Games.lnk
2017-12-17 15:11 - 2017-12-17 15:11 - 000000000 ____D C:\ProgramData\Big Fish
2017-12-17 15:11 - 2017-12-17 15:11 - 000000000 ____D C:\Program Files (x86)\bfgclient
2017-12-17 15:09 - 2017-12-23 17:49 - 000000000 ____D C:\BigFishCache
2017-12-17 15:09 - 2017-12-17 15:11 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Big Fish
2017-12-17 15:08 - 2017-12-17 15:08 - 000237568 _____ (Big Fish Games) C:\Users\Keoni Denison\Downloads\bigfishgames_p97641037_s1_l1.exe
2017-12-17 15:08 - 2017-12-17 15:08 - 000237568 _____ (Big Fish Games) C:\Users\Keoni Denison\Downloads\bigfishgames_p97639683_s1_l1.exe
2017-12-17 15:08 - 2017-12-17 15:08 - 000237568 _____ (Big Fish Games) C:\Users\Keoni Denison\Downloads\bigfishgames_p92602178_s1_l1.exe
2017-12-17 15:08 - 2017-12-17 15:08 - 000237568 _____ (Big Fish Games) C:\Users\Keoni Denison\Downloads\bigfishgames_p102896878_s1_l1.exe
2017-12-15 17:09 - 2017-12-29 11:36 - 000000000 ____D C:\ProgramData\fission-8
2017-12-15 11:06 - 2017-12-20 07:23 - 005399697 _____ C:\Users\Keoni Denison\AppData\Roaming\cached-microdescs
2017-12-15 07:52 - 2017-12-15 07:52 - 001652224 _____ (ELEKS) C:\Users\Keoni Denison\AppData\Roaming\a0754ca9.exe
2017-12-14 07:08 - 2017-12-14 07:08 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsignb03ed524d9d74239
2017-12-14 07:04 - 2017-12-08 01:52 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2017-12-14 07:04 - 2017-12-07 18:34 - 001925296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-12-14 07:04 - 2017-12-07 18:34 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-12-14 07:04 - 2017-12-07 18:34 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2017-12-14 07:04 - 2017-12-07 18:31 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-12-14 07:04 - 2017-12-07 18:31 - 000779440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-12-14 07:04 - 2017-12-07 18:30 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-12-14 07:04 - 2017-12-07 18:28 - 000710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-12-14 07:04 - 2017-12-07 18:28 - 000630752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll
2017-12-14 07:04 - 2017-12-07 18:27 - 004504456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2017-12-14 07:04 - 2017-12-07 18:27 - 003903784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-12-14 07:04 - 2017-12-07 18:27 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-12-14 07:04 - 2017-12-07 18:26 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-12-14 07:04 - 2017-12-07 18:26 - 002709200 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-12-14 07:04 - 2017-12-07 18:26 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2017-12-14 07:04 - 2017-12-07 18:25 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2017-12-14 07:04 - 2017-12-07 18:24 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2017-12-14 07:04 - 2017-12-07 18:24 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-12-14 07:04 - 2017-12-07 18:24 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-12-14 07:04 - 2017-12-07 18:23 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-12-14 07:04 - 2017-12-07 18:23 - 000677272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-12-14 07:04 - 2017-12-07 18:22 - 001003104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-12-14 07:04 - 2017-12-07 18:22 - 000979352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-12-14 07:04 - 2017-12-07 18:22 - 000137544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2017-12-14 07:04 - 2017-12-07 18:22 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2017-12-14 07:04 - 2017-12-07 18:21 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-12-14 07:04 - 2017-12-07 18:20 - 001170000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-12-14 07:04 - 2017-12-07 18:19 - 021352136 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-12-14 07:04 - 2017-12-07 18:16 - 001776272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-12-14 07:04 - 2017-12-07 18:16 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-12-14 07:04 - 2017-12-07 18:15 - 001426152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-12-14 07:04 - 2017-12-07 18:15 - 000721592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2017-12-14 07:04 - 2017-12-07 18:14 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-12-14 07:04 - 2017-12-07 18:12 - 000401304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2017-12-14 07:04 - 2017-12-07 18:10 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-12-14 07:04 - 2017-12-07 17:58 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-12-14 07:04 - 2017-12-07 17:57 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-12-14 07:04 - 2017-12-07 17:56 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-12-14 07:04 - 2017-12-07 17:55 - 001490328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-12-14 07:04 - 2017-12-07 17:55 - 000097144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2017-12-14 07:04 - 2017-12-07 17:39 - 006092664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-12-14 07:04 - 2017-12-07 17:37 - 001145104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-12-14 07:04 - 2017-12-07 17:36 - 000769096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll
2017-12-14 07:04 - 2017-12-07 17:34 - 003484840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-12-14 07:04 - 2017-12-07 17:34 - 002192112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-12-14 07:04 - 2017-12-07 17:33 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-12-14 07:04 - 2017-12-07 17:33 - 000592280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2017-12-14 07:04 - 2017-12-07 17:32 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-12-14 07:04 - 2017-12-07 17:31 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-12-14 07:04 - 2017-12-07 17:31 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-12-14 07:04 - 2017-12-07 17:31 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-12-14 07:04 - 2017-12-07 17:23 - 006478528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-12-14 07:04 - 2017-12-07 17:22 - 025245696 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-12-14 07:04 - 2017-12-07 17:13 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-12-14 07:04 - 2017-12-07 17:13 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2017-12-14 07:04 - 2017-12-07 17:12 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2017-12-14 07:04 - 2017-12-07 17:12 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-12-14 07:04 - 2017-12-07 17:12 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx
2017-12-14 07:04 - 2017-12-07 17:11 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-12-14 07:04 - 2017-12-07 17:10 - 018916352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-12-14 07:04 - 2017-12-07 17:10 - 006466048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-12-14 07:04 - 2017-12-07 17:10 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2017-12-14 07:04 - 2017-12-07 17:10 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2017-12-14 07:04 - 2017-12-07 17:10 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-12-14 07:04 - 2017-12-07 17:10 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2017-12-14 07:04 - 2017-12-07 17:10 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-12-14 07:04 - 2017-12-07 17:10 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-12-14 07:04 - 2017-12-07 17:09 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\batmeter.dll
2017-12-14 07:04 - 2017-12-07 17:09 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2017-12-14 07:04 - 2017-12-07 17:09 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe
2017-12-14 07:04 - 2017-12-07 17:09 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2017-12-14 07:04 - 2017-12-07 17:09 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamingtcui.dll
2017-12-14 07:04 - 2017-12-07 17:08 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-12-14 07:04 - 2017-12-07 17:08 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-12-14 07:04 - 2017-12-07 17:08 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2017-12-14 07:04 - 2017-12-07 17:08 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-12-14 07:04 - 2017-12-07 17:08 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2017-12-14 07:04 - 2017-12-07 17:08 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-12-14 07:04 - 2017-12-07 17:07 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-12-14 07:04 - 2017-12-07 17:07 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2017-12-14 07:04 - 2017-12-07 17:07 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-14 07:04 - 2017-12-07 17:07 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-12-14 07:04 - 2017-12-07 17:07 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2017-12-14 07:04 - 2017-12-07 17:07 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-12-14 07:04 - 2017-12-07 17:07 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-12-14 07:04 - 2017-12-07 17:06 - 023652864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-12-14 07:04 - 2017-12-07 17:06 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2017-12-14 07:04 - 2017-12-07 17:06 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-12-14 07:04 - 2017-12-07 17:06 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcui.dll
2017-12-14 07:04 - 2017-12-07 17:06 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe
2017-12-14 07:04 - 2017-12-07 17:05 - 006037504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-12-14 07:04 - 2017-12-07 17:05 - 001670656 _____ (Microsoft Corporation) C:\WINDOWS\system32\batmeter.dll
2017-12-14 07:04 - 2017-12-07 17:05 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-12-14 07:04 - 2017-12-07 17:05 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-12-14 07:04 - 2017-12-07 17:05 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2017-12-14 07:04 - 2017-12-07 17:05 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2017-12-14 07:04 - 2017-12-07 17:05 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-12-14 07:04 - 2017-12-07 17:05 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-12-14 07:04 - 2017-12-07 17:05 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-12-14 07:04 - 2017-12-07 17:05 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2017-12-14 07:04 - 2017-12-07 17:05 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2017-12-14 07:04 - 2017-12-07 17:05 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2017-12-14 07:04 - 2017-12-07 17:05 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2017-12-14 07:04 - 2017-12-07 17:05 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2017-12-14 07:04 - 2017-12-07 17:04 - 003678208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-12-14 07:04 - 2017-12-07 17:04 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2017-12-14 07:04 - 2017-12-07 17:04 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-12-14 07:04 - 2017-12-07 17:04 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-12-14 07:04 - 2017-12-07 17:03 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-12-14 07:04 - 2017-12-07 17:03 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-12-14 07:04 - 2017-12-07 17:03 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-12-14 07:04 - 2017-12-07 17:03 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-12-14 07:04 - 2017-12-07 17:03 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2017-12-14 07:04 - 2017-12-07 17:03 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-12-14 07:04 - 2017-12-07 17:03 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-12-14 07:04 - 2017-12-07 17:03 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-12-14 07:04 - 2017-12-07 17:03 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-14 07:04 - 2017-12-07 17:03 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hascsp.dll
2017-12-14 07:04 - 2017-12-07 17:02 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-12-14 07:04 - 2017-12-07 17:02 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-12-14 07:04 - 2017-12-07 17:02 - 002117632 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-12-14 07:04 - 2017-12-07 17:02 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-12-14 07:04 - 2017-12-07 17:02 - 000813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-12-14 07:04 - 2017-12-07 17:02 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2017-12-14 07:04 - 2017-12-07 17:01 - 008097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-12-14 07:04 - 2017-12-07 17:01 - 004592640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-12-14 07:04 - 2017-12-07 17:01 - 001980928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-12-14 07:04 - 2017-12-07 17:01 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-12-14 07:04 - 2017-12-07 17:01 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2017-12-14 07:04 - 2017-12-07 17:00 - 004740608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-12-14 07:04 - 2017-12-07 17:00 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-12-14 07:04 - 2017-12-07 17:00 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-12-14 07:04 - 2017-12-07 16:59 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-12-14 07:04 - 2017-12-07 16:59 - 002105856 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-12-14 07:04 - 2017-12-07 16:59 - 001666048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-12-14 07:04 - 2017-12-07 16:59 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-12-14 07:04 - 2017-12-07 16:59 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2017-12-14 07:04 - 2017-12-07 16:58 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-12-14 07:04 - 2017-12-07 16:58 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-12-14 07:04 - 2017-12-07 16:58 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-12-14 07:04 - 2017-12-07 16:58 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-12-14 07:04 - 2017-12-07 16:58 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-12-14 07:04 - 2017-12-07 16:57 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-12-14 07:04 - 2017-12-07 16:57 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-12-14 07:04 - 2017-12-07 16:56 - 002666496 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-12-14 07:04 - 2017-12-07 16:56 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-12-14 07:04 - 2017-12-07 16:56 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-12-14 07:04 - 2017-12-07 16:54 - 002510336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-12-14 07:04 - 2017-12-07 16:54 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-12-14 07:04 - 2017-12-07 16:54 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-12-14 07:04 - 2017-11-26 15:35 - 017084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2017-12-14 07:04 - 2017-11-26 15:32 - 021754368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2017-12-14 07:04 - 2017-11-26 15:15 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2017-12-14 07:04 - 2017-11-26 11:43 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2017-12-14 07:04 - 2017-11-26 08:48 - 001200536 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-12-14 07:04 - 2017-11-26 08:47 - 001053592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-12-14 07:04 - 2017-11-26 08:45 - 001642520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2017-12-14 07:04 - 2017-11-26 08:45 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-12-14 07:04 - 2017-11-26 08:45 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-12-14 07:04 - 2017-11-26 08:45 - 000198888 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-12-14 07:04 - 2017-11-26 08:41 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-12-14 07:04 - 2017-11-26 08:38 - 001636376 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-12-14 07:04 - 2017-11-26 08:37 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-12-14 07:04 - 2017-11-26 08:35 - 001090440 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-12-14 07:04 - 2017-11-26 08:35 - 000924136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-12-14 07:04 - 2017-11-26 08:33 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-12-14 07:04 - 2017-11-26 08:33 - 001208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-12-14 07:04 - 2017-11-26 08:33 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-12-14 07:04 - 2017-11-26 08:33 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2017-12-14 07:04 - 2017-11-26 08:32 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-12-14 07:04 - 2017-11-26 08:32 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2017-12-14 07:04 - 2017-11-26 08:31 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-12-14 07:04 - 2017-11-26 08:30 - 001488792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-12-14 07:04 - 2017-11-26 08:29 - 003010720 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-12-14 07:04 - 2017-11-26 08:29 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-12-14 07:04 - 2017-11-26 08:29 - 000891800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-12-14 07:04 - 2017-11-26 08:29 - 000840440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-12-14 07:04 - 2017-11-26 08:29 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-12-14 07:04 - 2017-11-26 08:29 - 000703536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-12-14 07:04 - 2017-11-26 08:29 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-12-14 07:04 - 2017-11-26 08:28 - 001259344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-12-14 07:04 - 2017-11-26 08:28 - 001012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2017-12-14 07:04 - 2017-11-26 08:28 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-12-14 07:04 - 2017-11-26 08:28 - 000495000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-12-14 07:04 - 2017-11-26 08:28 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-12-14 07:04 - 2017-11-26 08:27 - 002446744 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-12-14 07:04 - 2017-11-26 08:27 - 002412168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-12-14 07:04 - 2017-11-26 08:27 - 001413760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-12-14 07:04 - 2017-11-26 08:27 - 000464408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-12-14 07:04 - 2017-11-26 08:27 - 000230296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-12-14 07:04 - 2017-11-26 08:26 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-12-14 07:04 - 2017-11-26 08:26 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-12-14 07:04 - 2017-11-26 08:25 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-12-14 07:04 - 2017-11-26 08:23 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-12-14 07:04 - 2017-11-26 08:23 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-12-14 07:04 - 2017-11-26 08:23 - 000754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2017-12-14 07:04 - 2017-11-26 08:22 - 000404888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-12-14 07:04 - 2017-11-26 08:21 - 001585376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-12-14 07:04 - 2017-11-26 08:21 - 000654048 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-12-14 07:04 - 2017-11-26 08:20 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-12-14 07:04 - 2017-11-26 08:20 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-12-14 07:04 - 2017-11-26 07:57 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-12-14 07:04 - 2017-11-26 07:55 - 001289216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-12-14 07:04 - 2017-11-26 07:55 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2017-12-14 07:04 - 2017-11-26 07:55 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2017-12-14 07:04 - 2017-11-26 07:55 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-12-14 07:04 - 2017-11-26 07:55 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-12-14 07:04 - 2017-11-26 07:55 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2017-12-14 07:04 - 2017-11-26 07:54 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-12-14 07:04 - 2017-11-26 07:54 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-12-14 07:04 - 2017-11-26 07:48 - 012829696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-12-14 07:04 - 2017-11-26 07:47 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-12-14 07:04 - 2017-11-26 07:43 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-12-14 07:04 - 2017-11-26 07:36 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2017-12-14 07:04 - 2017-11-26 07:36 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-12-14 07:04 - 2017-11-26 07:36 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2017-12-14 07:04 - 2017-11-26 07:36 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-12-14 07:04 - 2017-11-26 07:35 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll
2017-12-14 07:04 - 2017-11-26 07:35 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-12-14 07:04 - 2017-11-26 07:34 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2017-12-14 07:04 - 2017-11-26 07:33 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
2017-12-14 07:04 - 2017-11-26 07:31 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-12-14 07:04 - 2017-11-26 07:31 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-12-14 07:04 - 2017-11-26 07:31 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-12-14 07:04 - 2017-11-26 07:31 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2017-12-14 07:04 - 2017-11-26 07:29 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-12-14 07:04 - 2017-11-26 07:29 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-12-14 07:04 - 2017-11-26 07:29 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2017-12-14 07:04 - 2017-11-26 07:29 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2017-12-14 07:04 - 2017-11-26 07:28 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-12-14 07:04 - 2017-11-26 07:26 - 000830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
2017-12-14 07:04 - 2017-11-26 07:26 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-12-14 07:04 - 2017-11-26 07:26 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-12-14 07:04 - 2017-11-26 07:25 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-12-14 07:04 - 2017-11-26 07:25 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-12-14 07:04 - 2017-11-26 07:25 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-12-14 07:04 - 2017-11-26 07:25 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2017-12-14 07:04 - 2017-11-26 07:25 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-12-14 07:04 - 2017-11-26 07:23 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-12-14 07:04 - 2017-11-26 07:22 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-12-14 07:04 - 2017-11-26 07:19 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-12-14 07:04 - 2017-11-26 07:19 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-12-14 07:04 - 2017-11-26 07:19 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadjcsp.dll
2017-12-14 07:04 - 2017-11-26 07:18 - 003186688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-12-14 07:04 - 2017-11-26 07:18 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-12-14 07:04 - 2017-11-26 07:18 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-12-14 07:04 - 2017-11-26 07:17 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-12-14 07:04 - 2017-11-26 07:17 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-12-14 07:04 - 2017-11-26 07:17 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-12-14 07:04 - 2017-11-26 07:08 - 017159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-12-14 07:04 - 2017-11-26 07:05 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-12-14 07:04 - 2017-11-26 07:04 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-12-14 07:04 - 2017-11-26 07:04 - 002596352 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-12-14 07:04 - 2017-11-26 07:03 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-12-14 07:04 - 2017-11-26 07:03 - 002783744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-12-14 07:04 - 2017-11-26 07:01 - 003163648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-12-14 07:04 - 2017-11-26 07:00 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-12-14 07:04 - 2017-11-26 06:59 - 004814848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-12-14 07:04 - 2017-11-26 06:59 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-12-14 07:04 - 2017-11-26 06:59 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-12-14 07:04 - 2017-11-26 06:59 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-12-14 07:04 - 2017-11-26 06:58 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-12-14 07:04 - 2017-11-26 06:48 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2017-12-14 07:04 - 2017-11-26 06:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2017-12-14 07:04 - 2017-11-26 06:21 - 001474680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2017-12-14 07:04 - 2017-11-26 06:21 - 001432816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-12-14 07:04 - 2017-11-26 06:02 - 001124760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2017-12-14 07:04 - 2017-11-26 06:01 - 002339296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-12-14 07:04 - 2017-11-26 06:01 - 000791960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-12-14 07:04 - 2017-11-26 06:01 - 000746904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2017-12-14 07:04 - 2017-11-26 06:01 - 000590944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-12-14 07:04 - 2017-11-26 06:01 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-12-14 07:04 - 2017-11-26 06:01 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-12-14 07:04 - 2017-11-26 06:00 - 001990160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-12-14 07:04 - 2017-11-26 06:00 - 000353848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-12-14 07:04 - 2017-11-26 05:59 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-12-14 07:04 - 2017-11-26 05:58 - 001148216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-12-14 07:04 - 2017-11-26 05:58 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-12-14 07:04 - 2017-11-26 05:51 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-12-14 07:04 - 2017-11-26 05:51 - 000661664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2017-12-14 07:04 - 2017-11-26 05:41 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2017-12-14 07:04 - 2017-11-26 05:41 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-12-14 07:04 - 2017-11-26 05:41 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2017-12-14 07:04 - 2017-11-26 05:41 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-12-14 07:04 - 2017-11-26 05:41 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-12-14 07:04 - 2017-11-26 05:40 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-12-14 07:04 - 2017-11-26 05:38 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
2017-12-14 07:04 - 2017-11-26 05:37 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-12-14 07:04 - 2017-11-26 05:36 - 013703168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-12-14 07:04 - 2017-11-26 05:36 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-12-14 07:04 - 2017-11-26 05:36 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-12-14 07:04 - 2017-11-26 05:36 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-12-14 07:04 - 2017-11-26 05:35 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll
2017-12-14 07:04 - 2017-11-26 05:35 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-12-14 07:04 - 2017-11-26 05:35 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-12-14 07:04 - 2017-11-26 05:35 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2017-12-14 07:04 - 2017-11-26 05:32 - 011923456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-12-14 07:04 - 2017-11-26 05:31 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-12-14 07:04 - 2017-11-26 05:31 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2017-12-14 07:04 - 2017-11-26 05:30 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-12-14 07:04 - 2017-11-26 05:30 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-12-14 07:04 - 2017-11-26 05:29 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-12-14 07:04 - 2017-11-26 05:29 - 000823808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-12-14 07:04 - 2017-11-26 05:28 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-12-14 07:04 - 2017-11-26 05:24 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2017-12-14 07:04 - 2017-11-26 05:24 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll
2017-12-14 07:04 - 2017-11-19 02:35 - 003331520 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2017-12-14 07:04 - 2017-11-18 21:20 - 002491112 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2017-12-13 08:26 - 2017-12-13 08:26 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsigna3e89eda5e1a98ca
2017-12-13 08:26 - 2017-12-13 08:26 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign90d9a08ad503eae6
2017-12-13 08:25 - 2017-12-13 08:25 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsignc12304e8bb3e4197
2017-12-12 15:43 - 2017-12-12 15:43 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign8a9a0be9665759ec
2017-12-12 15:42 - 2017-12-12 15:42 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign0adef84a64f350bc
2017-12-12 14:53 - 2017-12-12 14:53 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign67919f6d87a8e1f5
2017-12-11 13:22 - 2017-12-11 13:22 - 039567943 _____ C:\Users\Keoni Denison\Downloads\80_files_from_Crystal_Mace.zip
2017-12-08 12:46 - 2017-12-08 12:46 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign434dd91c9c39bdef
2017-12-08 08:47 - 2017-12-08 08:47 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign823c49e2c9d7ab7a
2017-12-08 07:38 - 2017-12-08 07:38 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsigndcae41d74e38cb9b
2017-12-08 07:38 - 2017-12-08 07:38 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign9c812e108fbaf9e9
2017-12-08 06:30 - 2017-12-08 06:36 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2017-12-08 06:30 - 2017-12-08 06:36 - 000002298 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2017-12-08 06:30 - 2017-12-08 06:36 - 000002137 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2017-12-07 12:47 - 2017-12-07 12:52 - 000000000 ____D C:\Users\Keoni Denison\Desktop\truck
2017-12-07 11:53 - 2017-12-07 11:53 - 000108336 _____ C:\Users\Keoni Denison\Downloads\PFS Sales Co.-8383--quote (1).pdf
2017-12-07 11:20 - 2017-12-07 11:20 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsigndef78415e5ae692c
2017-12-07 11:20 - 2017-12-07 11:20 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign2edcab1a72d30364
2017-12-07 08:34 - 2017-12-07 08:34 - 000108336 _____ C:\Users\Keoni Denison\Downloads\PFS Sales Co.-8383--quote.pdf
2017-12-06 15:23 - 2017-12-06 15:23 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsigna9a9745e43895d83
2017-12-06 13:07 - 2017-12-06 13:07 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign72ff9abdaea15f82
2017-12-06 12:57 - 2017-12-06 12:57 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign5f1d83d11fd226b6
2017-12-06 12:34 - 2017-12-06 12:34 - 000097513 _____ C:\Users\Keoni Denison\Downloads\CTI Property Services-6992-Fleet Updates Graphics-work_order.pdf
2017-12-05 20:09 - 2017-12-05 20:09 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tvsukernel
2017-12-05 19:23 - 2017-12-05 19:23 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsignbd920396a67a3cc6
2017-12-05 19:20 - 2017-12-05 19:20 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign5af024f0ae0dcef6

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-04 12:08 - 2014-10-30 18:42 - 000000000 ____D C:\Users\Keoni Denison\Documents\Outlook Files
2018-01-04 12:06 - 2017-11-28 12:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-01-04 10:58 - 2015-10-06 07:22 - 000000034 _____ C:\Users\Keoni Denison\AppData\Roaming\AdobeWLCMCache.dat
2018-01-04 10:03 - 2017-11-28 12:18 - 000004170 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D32FEB5D-BDF8-4A68-9CCE-DED52A2BD829}
2018-01-04 10:03 - 2016-11-17 06:16 - 000000000 ____D C:\Users\Keoni Denison\AppData\LocalLow\Mozilla
2018-01-04 09:56 - 2014-11-06 09:10 - 000205824 _____ C:\Users\Keoni Denison\Documents\CWI - Vehicle Measurements.xls
2018-01-04 06:39 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-01-04 06:38 - 2017-09-29 08:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-01-04 06:38 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-01-04 06:34 - 2017-09-29 08:44 - 000000000 ____D C:\WINDOWS\INF
2018-01-03 16:14 - 2014-10-23 12:58 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Packages
2018-01-03 15:32 - 2017-02-10 18:34 - 000000000 ____D C:\Users\Keoni Denison\Desktop\New folder
2018-01-03 15:31 - 2015-09-26 11:21 - 001331592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-01-03 15:30 - 2017-01-09 07:34 - 000098642 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2018-01-03 15:25 - 2015-12-09 12:00 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-01-03 15:25 - 2014-10-24 08:12 - 000000000 __SHD C:\Users\Keoni Denison\IntelGraphicsProfiles
2018-01-03 15:24 - 2017-11-28 12:18 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-01-03 15:24 - 2014-10-23 17:01 - 000000000 ____D C:\ProgramData\Synaptics
2018-01-03 15:23 - 2017-11-28 12:08 - 000000000 ____D C:\Users\Keoni Denison
2018-01-03 15:23 - 2017-09-29 03:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-01-03 15:23 - 2017-01-27 17:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-01-03 15:23 - 2014-10-28 18:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-01-03 13:51 - 2014-12-19 16:32 - 000000000 ____D C:\Users\Keoni Denison\Outlook Files
2018-01-03 11:54 - 2014-10-30 18:44 - 000000000 ____D C:\Users\Keoni Denison\Documents\Client
2018-01-02 13:16 - 2017-07-10 11:42 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\GoToMeeting
2018-01-02 11:01 - 2014-10-28 18:55 - 000001182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-12-30 09:18 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\rescache
2017-12-29 11:49 - 2017-10-08 01:04 - 000000000 ____D C:\ProgramData\switcher-4
2017-12-29 11:34 - 2014-11-04 15:42 - 000001456 _____ C:\Users\Keoni Denison\AppData\Local\Adobe Save for Web 13.0 Prefs
2017-12-29 10:30 - 2014-10-23 12:58 - 000000000 ____D C:\Users\Keoni Denison\AppData\Roaming\Adobe
2017-12-27 21:18 - 2015-12-03 07:34 - 000000000 ____D C:\ProgramData\pv
2017-12-27 21:17 - 2017-11-28 12:20 - 000000000 ___RD C:\Users\Keoni Denison\3D Objects
2017-12-27 21:17 - 2015-09-10 00:42 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-12-27 21:16 - 2017-11-28 12:05 - 005646680 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-12-27 21:16 - 2015-06-11 14:52 - 000000698 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1137034981-1362270290-743441989-1001.job
2017-12-27 21:16 - 2015-01-26 09:52 - 000000602 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1137034981-1362270290-743441989-1001.job
2017-12-27 21:15 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\TextInput
2017-12-27 21:15 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-12-27 21:15 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-12-27 21:15 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-12-27 21:15 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-12-27 21:15 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-12-27 21:15 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-12-27 21:15 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\Provisioning
2017-12-27 21:15 - 2017-09-29 08:46 - 000000000 ____D C:\Program Files\Windows Defender
2017-12-27 21:15 - 2017-09-29 08:46 - 000000000 ____D C:\PerfLogs
2017-12-27 21:15 - 2017-09-29 03:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2017-12-27 20:46 - 2017-11-29 08:03 - 000001309 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2017-12-23 17:49 - 2014-10-23 12:58 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\VirtualStore
2017-12-21 05:30 - 2017-11-28 12:18 - 000003870 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-1137034981-1362270290-743441989-1001
2017-12-21 05:30 - 2017-11-28 12:18 - 000003774 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-1137034981-1362270290-743441989-1001
2017-12-17 15:07 - 2017-09-29 08:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-12-16 20:35 - 2015-06-15 10:45 - 000000000 ____D C:\Users\Keoni Denison\AppData\Roaming\Apple Computer
2017-12-15 07:09 - 2014-10-23 14:23 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-12-15 07:02 - 2017-10-11 07:35 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-12-15 07:02 - 2014-10-23 14:23 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-12-14 07:05 - 2017-09-29 08:42 - 001587200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-12-14 07:05 - 2017-09-29 08:41 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-12-14 07:05 - 2017-09-29 08:41 - 000139672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-12-14 07:05 - 2017-09-29 08:41 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2017-12-14 07:01 - 2014-10-29 20:04 - 000002283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-12-08 07:17 - 2017-11-28 12:18 - 000003380 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1137034981-1362270290-743441989-1001
2017-12-08 07:17 - 2015-09-26 16:54 - 000002438 _____ C:\Users\Keoni Denison\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-12-08 07:17 - 2015-09-26 16:54 - 000000000 ___RD C:\Users\Keoni Denison\OneDrive
2017-12-08 06:30 - 2014-10-23 15:37 - 000000000 ____D C:\ProgramData\Adobe
2017-12-08 06:29 - 2017-11-29 08:03 - 000000000 ____D C:\Program Files (x86)\Adobe
2017-12-07 08:20 - 2016-01-27 11:35 - 000000000 ____D C:\Users\Keoni Denison\Desktop\bids
2017-12-07 07:49 - 2017-11-28 12:18 - 000000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2017-12-07 07:49 - 2017-09-29 08:46 - 000000000 __RSD C:\WINDOWS\media
2017-12-06 07:10 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-12-05 20:11 - 2017-12-04 07:30 - 000000000 ____D C:\Program Files\Plumbytes Software
2017-12-05 20:08 - 2017-06-06 08:35 - 000031152 _____ C:\WINDOWS\system32\Drivers\pmxdrv.sys

==================== Files in the root of some directories =======

2017-12-15 07:52 - 2017-12-15 07:52 - 001652224 _____ (ELEKS) C:\Users\Keoni Denison\AppData\Roaming\a0754ca9.exe
2014-10-23 12:59 - 2014-11-04 20:40 - 000001533 _____ () C:\Users\Keoni Denison\AppData\Roaming\AbsoluteReminder.xml
2015-10-06 07:22 - 2018-01-04 10:58 - 000000034 _____ () C:\Users\Keoni Denison\AppData\Roaming\AdobeWLCMCache.dat
2017-12-15 11:06 - 2017-12-20 07:23 - 005399697 _____ () C:\Users\Keoni Denison\AppData\Roaming\cached-microdescs
2016-11-10 12:11 - 2016-11-10 12:11 - 000000687 _____ () C:\Users\Keoni Denison\AppData\Roaming\Contact Sheet II.xml
2016-11-10 12:11 - 2016-11-10 12:17 - 000016989 _____ () C:\Users\Keoni Denison\AppData\Roaming\ContactSheetII.log
2015-10-26 06:29 - 2015-10-26 06:29 - 000000112 _____ () C:\Users\Keoni Denison\AppData\Roaming\JP2K CS6 Prefs
2016-03-13 15:48 - 2016-03-13 15:48 - 238722213 _____ () C:\Users\Keoni Denison\AppData\Local\ACCCx3_5_1_209.zip.aamdownload
2016-03-13 15:48 - 2016-03-13 15:48 - 000002741 _____ () C:\Users\Keoni Denison\AppData\Local\ACCCx3_5_1_209.zip.aamdownload.aamd
2017-07-12 10:43 - 2017-07-12 10:43 - 331479536 _____ () C:\Users\Keoni Denison\AppData\Local\ACCCx4_1_1_202.zip.aamdownload
2017-07-12 10:43 - 2017-07-12 10:43 - 000003693 _____ () C:\Users\Keoni Denison\AppData\Local\ACCCx4_1_1_202.zip.aamdownload.aamd
2014-11-04 15:42 - 2017-12-29 11:34 - 000001456 _____ () C:\Users\Keoni Denison\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-10-23 12:58 - 2014-10-23 12:58 - 000000193 _____ () C:\Users\Keoni Denison\AppData\Local\RegisteredPackageInformation.xml
2015-07-24 16:26 - 2015-07-24 16:26 - 000000017 _____ () C:\Users\Keoni Denison\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-12-29 09:49

==================== End of FRST.txt ============================


Addition Log:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02.01.2018
Ran by Keoni Denison (04-01-2018 12:10:30)
Running from C:\Users\Keoni Denison\Downloads
Windows 10 Home Version 1709 16299.125 (X64) (2017-11-28 17:20:11)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1137034981-1362270290-743441989-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1137034981-1362270290-743441989-503 - Limited - Disabled)
Guest (S-1-5-21-1137034981-1362270290-743441989-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1137034981-1362270290-743441989-1003 - Limited - Enabled)
Keoni Denison (S-1-5-21-1137034981-1362270290-743441989-1001 - Administrator - Enabled) => C:\Users\Keoni Denison
WDAGUtilityAccount (S-1-5-21-1137034981-1362270290-743441989-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.3.0.1 - Absolute Software)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.23 - Adobe Systems)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.0.327 - Adobe Systems Incorporated)
Adobe Illustrator (HKLM\...\{780AAB64-C5AB-4CC5-9096-02F8671E5179}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_1_0) (Version: 21.1.0 - Adobe Systems Incorporated)
Adobe InDesign CC 2018 (HKLM-x32\...\IDSN_13_0) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
ANT Drivers Installer x64 (HKLM\...\{7664AF65-7B0D-4171-9F0F-50455278B428}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Citrix Online Launcher (HKLM-x32\...\{AFB80939-4486-49D8-A04E-2B05C0F2DE39}) (Version: 1.0.252 - Citrix)
Connect2 (HKLM-x32\...\Connect2_is1) (Version: 4.2.0.3818 - Lenovo)
Cutting Master 3 (HKLM-x32\...\{4337BF9E-04A8-4A3E-9F1D-ECCDF0E7BC84}) (Version: 2.1.264 - Graphtec Corporation)
Dell 2145cn Color Laser MFP (HKLM-x32\...\Dell 2145cn Color Laser MFP) (Version:  - DELL Inc.)
Dependency Package Update (HKLM-x32\...\{3117B53D-A409-4D99-A0DE-11A1A40696FA}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4430150F-61B3-4142-BE04-EAC68C8DDA18}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4AF6C9BC-D8DB-4286-94D9-474CE54ADAA2}) (Version: 1.6.38.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{503B47A9-E34A-4841-ADD7-417191D5DB5E}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{546FF45D-2467-4950-AAFB-0A06ACBB6B2C}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5B2190E9-199D-450A-94B3-4D6826C770C2}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5BEFE1E1-F597-4B79-913B-15FFDB25B744}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{63DE35C9-B080-4D03-B110-99E14FD35BCE}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{65316098-0220-4D5C-B37A-6136083A0897}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{E966DBE4-5075-465E-BA81-BC9A3A3204B3}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7/8 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
Elevated Installer (HKLM-x32\...\{1052502B-4C91-43F9-B160-AE39ED57C9F0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Esko ai-cut for Adobe Illustrator (HKLM-x32\...\Esko ai-cut for Adobe Illustrator) (Version:  - Esko)
Esko CT-LP plug-in for Adobe Photoshop (HKLM-x32\...\Esko CT-LP plug-in for Adobe Photoshop) (Version:  - )
Esko Data Exchange for Adobe Illustrator (HKLM-x32\...\Esko Data Exchange for Adobe Illustrator) (Version:  - Esko)
Esko Shell Extension plugin for previewing .ct files (HKLM-x32\...\Esko Shell Extension plugin for previewing .ct files) (Version:  - )
Garmin Express (HKLM-x32\...\{BCC7CA85-E57F-452D-BB44-15A1CE018BD0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{bd8bd200-9a60-4969-b267-6b565f36e3da}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express Tray (HKLM-x32\...\{DA9C865D-6762-4931-8588-0B13B7A0796B}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Gesture Control (HKLM-x32\...\{1C0D7E21-47A2-4975-8824-FBA18BBA4B1F}) (Version: 4.0.116.3 - Lenovo)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.84 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GoPro Studio (HKLM-x32\...\{7BDB9575-D4C8-42B0-84EA-1CD654F63637}) (Version: 5.10.4320 - GoPro, Inc.) Hidden
GoToMeeting 8.19.0.8126 (HKU\S-1-5-21-1137034981-1362270290-743441989-1001\...\GoToMeeting) (Version: 8.19.0.8126 - LogMeIn, Inc.)
HP Officejet 7610 series Basic Device Software (HKLM\...\{3507BAF4-20F8-4AAC-8B4B-C61D67607728}) (Version: 29.1.971.39251 - Hewlett-Packard Co.)
HP Support Solutions Framework (HKLM-x32\...\{44157EB3-D8D0-4BB1-B0F5-AD2C38814ED1}) (Version: 11.51.0027 - Hewlett-Packard Company)
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.42 - Softex Inc.) Hidden
Integrated Camera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10247 - Realtek Semiconductor Corp.)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1015 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1163 - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 20.2 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.253.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{12415e07-c869-4438-9d99-b55261706671}) (Version: 19.1.0 - Intel Corporation)
iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.05 - )
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.5.0 - Lenovo)
Lenovo HID HW Radio Driver 1.0.0.58 (HKLM\...\{E5325F32-D15A-4131-B029-4A5B7609E532}_is1) (Version: 1.0.0.58 - Lenovo)
Lenovo Multimedia and Communications Core Runtime (HKLM\...\{033DC0E0-DA89-4C33-B66C-89B64D312CD1}_is1) (Version: 5.0.13.94 - Lenovo Corporation)
Lenovo On Screen Display (HKLM\...\OnScreenDisplay) (Version: 8.85.03 - Lenovo)
Lenovo Patch Utility (HKLM-x32\...\{E8F27ADF-B1ED-41AF-A7EF-D5E71778480C}) (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (HKLM\...\{053ACA98-6B07-4DD0-9DB3-F51E3EB1780C}) (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.12.16 - Lenovo) Hidden
Lenovo QuickControl (HKLM-x32\...\{4855C42F-5197-4AAD-A50D-5066D2CC4647}) (Version: 1.10 - Lenovo Group Limited)
Lenovo Settings - Camera Audio (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 4.3.19.209 - Lenovo Corporation)
Lenovo Settings - Location Awareness (HKLM-x32\...\{C79D4402-E622-4922-9C02-89F9080BF081}_is1) (Version: 1.4.0.5 - Lenovo Group Limited)
Lenovo Settings - Power (HKLM-x32\...\{A6CFC34A-56EE-4AF5-8C49-995F59E6A160}) (Version: 2.00.000 - Lenovo) Hidden
Lenovo Settings Dependency Package (HKLM\...\{3694BA2E-BE31-4B7E-886B-A0B559E69D4D}_is1) (Version: 2.3.3.33 - Lenovo Group Limited)
Lenovo Settings Mobile Hotspot (HKLM\...\{42603F7D-B08D-436B-B0D8-3E2DEF1AFD41}_is1) (Version: 2.3.0.85 - Lenovo)
Lenovo Settings Service (HKLM\...\{8C6F1EBA-17F1-4481-B688-9777E63E985F}_is1) (Version: 2.3.3.7 - Lenovo Group Limited)
Lenovo Settings UMDF driver (HKLM\...\{2BDC7413-65EA-4B99-8C4B-02F11075BE6D}_is1) (Version: 1.2.0.7 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0065 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0012.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0011.00 - Lenovo)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0011.00 - Lenovo Group Limited) Hidden
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4981.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1137034981-1362270290-743441989-1001\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{49e969a1-2990-464d-92b5-25f6f34573c6}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{d2c8df0e-f15d-4426-9e51-f13f329f9cb4}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25711 (HKLM-x32\...\{1bffbfc8-3cfb-4b1d-aca9-64f1c7c9f811}) (Version: 14.12.25711.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25711 (HKLM-x32\...\{f381fb0a-b38e-44ab-bca5-7f651c8c6b93}) (Version: 14.12.25711.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 57.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 57.0.3 (x64 en-US)) (Version: 57.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.3.6569 - Mozilla)
Mystery Case Files &reg;: 13th Skull ™ (HKLM-x32\...\BFG-Mystery Case Files - 13th Skull) (Version:  - )
Office 15 Click-to-Run Extensibility Component (HKLM\...\{90150000-008C-0000-1000-0000000FF1CE}) (Version: 15.0.4981.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-007E-0000-1000-0000000FF1CE}) (Version: 15.0.4981.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM\...\{90150000-008C-0409-1000-0000000FF1CE}) (Version: 15.0.4981.1001 - Microsoft Corporation) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 4.7 - PowerISO Computing, Inc.)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Quik (HKLM\...\{6249867C-ACE2-4400-AD50-4D6945A8EA8A}) (Version: 0.1.4320 - GoPro, Inc.) Hidden
Quik (HKLM-x32\...\{0d91b40f-e179-491c-a726-cd71dc297e8a}) (Version: 2.0.0.4320 - GoPro, Inc.)
Readiris Pro 10 (HKLM-x32\...\{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}) (Version:  - )
Redemption Cemetery: Curse of the Raven (HKLM-x32\...\BFG-Redemption Cemetery - Curse of the Raven) (Version:  - )
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype Meetings App (HKLM-x32\...\{D194F3F7-A3E3-4D33-97D6-A37725DAEC25}) (Version: 16.2.0.172 - Microsoft Corporation)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.104 - Skype Technologies S.A.)
SmarThru Office (HKLM-x32\...\{9BC1E722-AE07-46A3-B7A6-556DBE18E22A}) (Version: 2.02.005 - Samsung Electronics Co., Ltd.)
SmarThru Office PC Fax (HKLM-x32\...\SmarThru Office PC Fax) (Version:  - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.115 - Synaptics Incorporated)
Synaptics WBF DDK 5011 (HKLM\...\{4D70781C-36A9-4335-9568-565C6F61B5EB}) (Version: 4.5.285.0 - )
Synaptics WBF DDK 5011 (HKLM\...\{D6FED322-4EA0-48AE-A5AC-BC381D7048CF}) (Version: 4.5.285.0 - Synaptics)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version:  - )
Synology Cloud Station (remove only) (HKLM\...\Synology Cloud Station) (Version: 3.2.3482 - Synology, Inc.)
Synology Cloud Station (remove only) (HKU\S-1-5-21-1137034981-1362270290-743441989-1001\...\Synology CloudStation) (Version:  - )
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
ThinkPad OneLink Dock (HKLM-x32\...\{8E1CACF5-2493-4950-9AD5-189903FE57E7}) (Version: 1.08.24 - Lenovo)
Treasure Seekers: The Time Has Come (HKLM-x32\...\BFG-Treasure Seekers - The Time Has Come) (Version:  - )
Undelete 360 (HKLM-x32\...\Undelete 360_is1) (Version:  - File Recovery Ltd.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{61702639-6539-473A-8FE5-618E194C0069}) (Version: 2.7.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{B7AFAF92-D1C8-49A0-B34A-B5DAF9C9D5C6}) (Version: 1.9.0.0 - Microsoft Corporation) Hidden
VFW_Codec32 (HKLM-x32\...\{FCA86F94-8BCA-491D-AFF9-90921796FCD8}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden
VFW_Codec64 (HKLM\...\{341735D3-32CF-41BC-8C9B-FDE3975452DB}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22314 - Microsoft Corporation)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices  (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012  - GoPro)
Windows Driver Package - Intel (e1dexpress) Net  (07/02/2013 12.9.16.0) (HKLM\...\023677FE062B918F6118988706661111844C0205) (Version: 07/02/2013 12.9.16.0 - Intel)
Windows Driver Package - Intel Corporation (iaStorA) HDC  (08/01/2013 12.8.0.1016) (HKLM\...\C8A921233C0C441A4E4EAABC2AB08C872FD77A6E) (Version: 08/01/2013 12.8.0.1016 - Intel Corporation)
Windows Driver Package - Lenovo 1.67.04.04 (11/07/2013 1.67.04.04) (HKLM\...\70FB73D983446AEE2932B0ED51A770D1BD1348DA) (Version: 11/07/2013 1.67.04.04 - Lenovo)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Driver Package - Synaptics (SmbDrv) System  (10/23/2013 17.0.12.52) (HKLM\...\546FF7E8ABB3021DB74C663BFEAB0780589F2990) (Version: 10/23/2013 17.0.12.52 - Synaptics)
Windows Driver Package - Synaptics (SynTP) Mouse  (10/23/2013 17.0.12.52) (HKLM\...\D4AF752691BC44E5CA6E33BDDD57F0845B4AEBFE) (Version: 10/23/2013 17.0.12.52 - Synaptics)
Zund Design Center Plug-In For Adobe Illustrator (HKLM\...\{8AC87498-DF4A-4E65-BB08-342BE863F456}) (Version: 2.3.269 - Zund Systemtechnik) Hidden
Zund Design Center Plug-In For Adobe Illustrator (HKLM-x32\...\Zund Design Center Plug-In For Adobe Illustrator 2.3.269) (Version: 2.3.269 - Zund Systemtechnik)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Keoni Denison\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\Keoni Denison\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\ContextMenu.dll ()
CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{3E3AD4BD-346A-460A-80E8-90699B75C00B}\InprocServer32 -> C:\Users\Keoni Denison\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.172\GatewayActiveX-x64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\Keoni Denison\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\Keoni Denison\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Keoni Denison\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Keoni Denison\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Keoni Denison\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Keoni Denison\AppData\Local\Citrix\GoToMeeting\3911\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Keoni Denison\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Keoni Denison\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\Keoni Denison\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\Keoni Denison\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\Keoni Denison\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Keoni Denison\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Keoni Denison\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{cece6816-6107-4dc7-bdbc-20cd5ae1ffed}\localserver32 -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoAppPromotionPlugin\x64\DesktopToastsHelper.exe => No File
CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Keoni Denison\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\Keoni Denison\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2016-04-16] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\Keoni Denison\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2016-04-16] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\Keoni Denison\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2016-04-16] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\Keoni Denison\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2016-04-16] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\Keoni Denison\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2016-04-16] (TODO: <Company name>)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-11-21] (Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2010-04-22] (PowerISO Computing, Inc.)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2010-04-22] (PowerISO Computing, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-23] (Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2010-04-22] (PowerISO Computing, Inc.)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers1_S-1-5-21-1137034981-1362270290-743441989-1001: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\Keoni Denison\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\ContextMenu.dll [2016-04-16] ()
ContextMenuHandlers6_S-1-5-21-1137034981-1362270290-743441989-1001: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\Keoni Denison\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\ContextMenu.dll [2016-04-16] ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0549C139-B1DF-47F0-B32F-BD950F5C1C0E} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-08-03] (Realtek Semiconductor)
Task: {0759CA7E-DC7F-4B9B-B49A-D12BF0D4782F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {08022775-95CD-4C6C-97AF-CFF74844D654} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {0AE5CE45-DA9C-4C23-8281-BB088799188C} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {1DD0C8EC-685F-4CBA-8749-C8FCAAAAFB44} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {2441BFC7-00E7-4FBD-946B-B5FD873BC61D} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-03-28] ()
Task: {2546B2E6-07DC-4386-8182-6A9ABE968D47} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {255C398B-3DDB-410F-9DC6-B7C6455BE288} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {26AB4791-6F90-4926-8AB9-6F4CC6032982} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-08-03] (Realtek Semiconductor)
Task: {31D05FEF-E62A-4FE7-811E-7B8F4FC88558} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-09-05] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3F771CEF-21F8-4272-B34A-17D938452668} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-09-05] (Microsoft Corporation)
Task: {407DEA18-ED6F-4427-B725-6AFE603B6102} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-06-02] (Lenovo)
Task: {47FAB8BB-2948-48F5-AF5B-409FF1938C78} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-01] (Lenovo)
Task: {52A82BA8-A2DC-44BF-AEA1-1EF2E83B1A05} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {588F3ADC-A829-40DC-9763-58A9E6714FD8} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {664A6187-A0D4-4066-AB56-E2A477EFC457} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\a5f958a6-7add-4bf4-ad4d-b4a156594506 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-11-12] (Lenovo Group Limited)
Task: {66DE3422-018E-40FA-9063-0792B802FF15} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c59a20bb-0c12-4660-be53-ee8fc5910764 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-11-12] (Lenovo Group Limited)
Task: {71EA4F44-CF49-4FD2-930A-09AABF700AA6} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-06-02] ()
Task: {7651144D-4E9E-4678-90D5-7F41BCB38B06} - System32\Tasks\G2MUpdateTask-S-1-5-21-1137034981-1362270290-743441989-1001 => C:\Users\Keoni Denison\AppData\Local\GoToMeeting\8126\g2mupdate.exe [2017-12-21] (LogMeIn, Inc.)
Task: {7AC92881-63B7-48E4-AC47-EA3C5CD980F4} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: {7D0E4EFB-F945-40E1-B60F-7774E93E54AB} - System32\Tasks\Lenovo\Lenovo Hardware Settings => "C:\WINDOWS\system32\rundll32.exe" "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
Task: {89B4322F-6EB1-4450-B0CE-668F31A418D1} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {8E05EDFA-A74B-43B1-B5F7-7DD337747E14} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {8E0E3250-F9B5-4F1B-AEF0-42347C616255} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe
Task: {941ADE57-22EA-489A-A43E-0C0089FB48A7} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {94819403-12D7-4AD9-A023-64D2C29E9C0B} - System32\Tasks\Lenovo\Gesture Control => C:\Program Files (x86)\eyeSight\Gesture Control\GestureControl.exe [2013-10-31] (Lenovo)
Task: {976AF5C7-68A9-4003-B03A-BB3AD5655EC7} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {9A0BA22D-9EA8-419C-BC5A-799F758E5CFB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {9A40AD4E-2288-427D-9C12-925C956E8741} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-03-14] (Microsoft Corporation)
Task: {A3EBFA37-40BF-40F8-BB11-2FCDE4C7CA1E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {A43445AB-9B92-462D-891E-803B2B3A5638} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-08-16] ()
Task: {A6AA7EE1-AE0B-4CE8-9285-DDCB93700EB2} - System32\Tasks\Lenovo\Lenovo Settings Power => "C:\WINDOWS\system32\rundll32.exe" "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
Task: {A78978A8-444C-412A-8C9B-F68321AB81B9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-03-14] (Microsoft Corporation)
Task: {AAAAB6BF-298D-4B30-A544-F594E5012D4B} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2016-01-08] (Lenovo)
Task: {AD250AB0-9354-4F68-8567-FBC1BAE9434E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-12-15] (Microsoft Corporation)
Task: {B17469BE-9FB5-47D9-B58C-4CEBFD65C602} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {B34C5E19-4695-4CA1-BE95-924AC710F955} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B9DB7AEA-171E-4F4D-9B4B-280D1CF9FF8E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {BBA7D931-D02A-46F9-BF8E-D8DFE9449200} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {C0C9340D-F968-4C90-BED8-02977E8030E7} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {C202914B-E1A2-406C-87C3-04A00AD733A4} - System32\Tasks\Lenovo\Experience Improvement Logon => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2013-09-06] (Lenovo)
Task: {C69E18B2-F1D3-43DD-96B5-3F8D0B9EB00B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {D5C8FB1E-98B0-4564-AA1D-ED8E0B25F4C7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1137034981-1362270290-743441989-1001UA => C:\Users\Keoni Denison\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-09] (Google Inc.)
Task: {DCDE67FC-E7C8-4A01-9BFE-41FFA0BAC02A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {DDE7DE13-4694-473F-BCFC-F40869E0F9CE} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2016-10-03] (Synaptics Incorporated)
Task: {DF470FBE-C4EA-4F2B-BC01-7D56F4371A3C} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-08-16] ()
Task: {DFC93D4B-AA98-4226-A54E-1198E9B92E0C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {E4B9EE89-19B1-4A38-B513-B56C327CA6C1} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {EAD0FCEB-609C-4F1A-A92A-8D86C95BC0DF} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\d0fd586f-246c-4275-a761-b4dee6c97276 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-11-12] (Lenovo Group Limited)
Task: {F00DFE86-5D3A-44A0-B07C-139DEC8F312C} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {F1E48979-9837-4115-AFF8-06970AC79219} - System32\Tasks\G2MUploadTask-S-1-5-21-1137034981-1362270290-743441989-1001 => C:\Users\Keoni Denison\AppData\Local\GoToMeeting\8126\g2mupload.exe [2017-12-21] (LogMeIn, Inc.)
Task: {F7C947E1-F1D5-4656-9A14-90D4E2B843BE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1137034981-1362270290-743441989-1001Core => C:\Users\Keoni Denison\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-09] (Google Inc.)
Task: {FD06E9FD-3FDC-4379-823E-AF44D9824817} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1137034981-1362270290-743441989-1001.job => C:\Users\Keoni Denison\AppData\Local\GoToMeeting\8126\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1137034981-1362270290-743441989-1001.job => C:\Users\Keoni Denison\AppData\Local\GoToMeeting\8126\g2mupload.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-09-29 08:41 - 2017-09-29 08:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2014-11-03 08:47 - 2012-10-26 22:26 - 000034304 _____ () C:\WINDOWS\System32\sdg1cl6.dll
2015-07-29 14:17 - 2009-06-24 12:38 - 000177664 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\DP2145U.DLL
2017-05-08 23:44 - 2017-05-08 23:44 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-05-08 23:44 - 2017-05-08 23:44 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-11-04 20:53 - 2017-01-17 04:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-12-17 02:26 - 2014-12-17 02:26 - 000248736 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
2017-12-10 04:33 - 2017-12-10 04:33 - 000630784 ____N () C:\ProgramData\switcher-4\switcher-5.exe
2016-06-10 01:41 - 2016-06-10 01:41 - 000491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2014-11-15 18:50 - 2017-01-31 07:34 - 008909512 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2016-04-16 08:11 - 2016-04-16 08:11 - 001047552 _____ () C:\Users\Keoni Denison\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\ContextMenu.dll
2017-01-09 07:28 - 2017-11-16 08:03 - 000201000 _____ () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL
2016-10-11 22:48 - 2016-10-11 22:48 - 000866224 _____ () C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe
2017-05-09 02:05 - 2017-05-09 02:05 - 000092472 _____ () C:\Program Files\iTunes\zlib1.dll
2017-05-09 02:05 - 2017-05-09 02:05 - 001354040 _____ () C:\Program Files\iTunes\libxml2.dll
2014-10-23 15:32 - 2013-10-09 20:31 - 000915968 ____N () C:\Program Files (x86)\Lenovo\OneLink Dock\onelinkpromgn.exe
2013-03-25 19:42 - 2013-03-25 19:42 - 000633320 _____ () C:\Windows\Dell\PanelMgr\SSMMgr.exe
2012-09-22 18:42 - 2012-09-22 18:42 - 000312128 _____ () C:\Windows\Dell\PanelMgr\caller64.exe
2017-07-11 12:01 - 2017-08-16 14:07 - 000023928 _____ () C:\Program Files (x86)\Lenovo\System Update\SUService.exe
2016-10-11 22:48 - 2016-10-11 22:48 - 000037808 _____ () C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
2013-10-09 16:38 - 2015-01-09 15:40 - 000469720 _____ () C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
2013-10-09 16:38 - 2015-01-09 15:40 - 000013528 _____ () C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
2017-05-17 13:34 - 2017-06-27 12:00 - 000402624 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream64.dll
2017-11-28 10:49 - 2017-11-28 10:49 - 000975872 _____ () C:\WINDOWS\system32\FaceProcessor.dll
2017-11-28 10:49 - 2017-11-28 10:49 - 000269696 _____ () C:\WINDOWS\system32\FaceProcessorCore.dll
2017-09-29 08:41 - 2017-09-29 08:41 - 001357464 _____ () C:\WINDOWS\system32\FaceTrackerInternal.dll
2017-11-01 09:27 - 2017-11-01 09:27 - 004891768 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\PDFMaker\Common\X64\AdobePDFMakerX.dll
2014-11-15 18:47 - 2015-05-05 06:45 - 002210480 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\tmpod.dll
2017-09-22 04:59 - 2017-11-21 06:28 - 001437896 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\ADDINS\UmOutlookAddin.dll
2017-12-14 07:04 - 2017-11-26 07:23 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-14 07:04 - 2017-11-26 07:01 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-01-03 07:15 - 2018-01-03 07:15 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-01-03 07:15 - 2018-01-03 07:15 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2014-11-04 20:53 - 2016-05-27 05:51 - 000170184 _____ () C:\Program Files\Microsoft Office 15\root\Office15\JitV.dll
2016-08-17 10:08 - 2012-08-23 09:38 - 000574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-08-17 10:08 - 2014-05-13 11:04 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-08-17 10:08 - 2014-05-13 11:04 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-08-17 10:08 - 2014-05-13 11:04 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-08-17 10:08 - 2012-04-03 16:06 - 000565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2017-12-08 07:17 - 2017-12-08 07:17 - 000102088 _____ () C:\Users\Keoni Denison\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\UpdateRingSettings.dll
2015-08-14 02:17 - 2015-08-14 02:17 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-10-23 15:41 - 2015-01-07 09:29 - 002201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll
2014-10-23 15:41 - 2015-01-07 09:29 - 002085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll
2014-11-15 18:51 - 2017-01-31 05:14 - 008909512 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\1033\GrooveIntlResource.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\TEMP:512E1728 [412]
AlternateDataStreams: C:\ProgramData\TEMP:9BAC4211 [426]
AlternateDataStreams: C:\ProgramData\TEMP:B54E4B5A [454]
AlternateDataStreams: C:\ProgramData\TEMP:BE6B5FC3 [464]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2017-12-08 07:21 - 000002006 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1137034981-1362270290-743441989-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Keoni Denison\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-1137034981-1362270290-743441989-1001\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9BCC2ED9-8831-4ECD-99E4-43FD6FD1F7CD}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{369169E4-D63A-4434-AE74-A34B43CD5A35}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{8F7397A4-53E4-4746-AB8A-3842BD08D81B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{57B44C01-5F4D-4008-88C9-9FB0032904A0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CBBA1779-2C7D-48BA-B82A-300751C31684}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5F3619CB-D5E6-44A1-924E-FC5764CD4100}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C7484A54-0F06-43CA-BC1B-ADC0DC72263D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B5C06ED4-6221-4BC0-A722-FD2D967CEAE5}] => (Allow) C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe
FirewallRules: [{1E618296-92E9-428B-8847-FFB7D7BC56D1}] => (Allow) C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe
FirewallRules: [{12D15A3D-97F1-44B2-8C6A-48F3F36C6E4E}] => (Allow) C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe
FirewallRules: [{3435AFDB-17D7-4204-BDC2-EA597F7FDB1D}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe
FirewallRules: [{64D108CA-5FE0-494C-B8EF-2C675DA5C5E9}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe
FirewallRules: [{30078E5C-99DA-47DE-9949-09523EE5E4F4}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe
FirewallRules: [{79E2D74E-7446-46BC-8CE9-A1F068A804E8}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\Quik.exe
FirewallRules: [{9B7D3AD6-2455-4FAA-8764-2F1C2D44C054}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{7DCE1D6B-693E-404D-87E4-1B6F55AB2177}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{796671D3-7EC2-4725-AB6A-5D7884398E4A}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{12B5DAAB-E2FC-4B0A-A0FC-69E61A61097C}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{6BCCBC34-D0FB-4BD9-A1CE-D99EBFCCE02F}] => (Allow) C:\Windows\twain_32\Dell\ScanMgr.exe
FirewallRules: [{CBEF07C6-EDFD-4DC6-9414-38882D2CC4C9}] => (Allow) C:\Windows\twain_32\Dell\ScanMgr.exe
FirewallRules: [{B0354481-9076-4AA3-8348-8EC06F6F5357}] => (Allow) C:\Windows\twain_32\Dell\DELL2145\Sscan2io.exe
FirewallRules: [{9CC993C2-628E-48C8-84D8-F49E95FF5533}] => (Allow) C:\Windows\twain_32\Dell\DELL2145\Sscan2io.exe
FirewallRules: [{69011492-82F4-445A-86B8-0A3D01E64AFE}] => (Allow) C:\Windows\twain_32\Dell\DELL2145\Scan2Pc.exe
FirewallRules: [{F1C7717A-229C-4675-A338-6641E23B44BD}] => (Allow) C:\Windows\twain_32\Dell\DELL2145\Scan2Pc.exe
FirewallRules: [UDP Query User{0D79F41B-0D39-413D-B27E-99BB1F4E9855}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{FF363096-8AAF-432D-B4A8-95FFC329D2F5}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{896D6845-64C7-400E-9638-EF0B09AF39A6}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{4E304E1B-6585-4F5A-B318-3BC5F02BC7B8}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{8ED5C55A-BBF4-4D8C-8CD4-691AC5BBD699}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [TCP Query User{20391911-FD3A-44B2-955F-05837193BFCD}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [{7E785758-55C0-410D-AD33-5FE25E1E2986}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4878997D-E6A3-4EF3-9E53-F36423F45450}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{2BE449A5-B280-4603-9B38-66D424E6BCDE}C:\users\keoni denison\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Block) C:\users\keoni denison\appdata\local\cloudstation\app\bin\cloud-connect.exe
FirewallRules: [TCP Query User{61897281-99DC-41A9-8283-0052298ED58B}C:\users\keoni denison\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Block) C:\users\keoni denison\appdata\local\cloudstation\app\bin\cloud-connect.exe
FirewallRules: [{9D41BE52-2018-4942-8FE3-6E608B1F0FB0}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{631E8B29-BB20-4613-B8EE-B032F59ADE34}] => (Allow) C:\Program Files\HP\HP Officejet 7610 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{C60DE059-2EEA-414E-ABD5-BB49A37C1BBC}] => (Allow) C:\Program Files\HP\HP Officejet 7610 series\Bin\DeviceSetup.exe
FirewallRules: [{890235E6-469B-4311-A438-EA41B736C23B}] => (Allow) C:\Program Files\HP\HP Officejet 7610 series\bin\SendAFax.exe
FirewallRules: [{BFC55D33-EEB7-4084-AD02-E9E551D153B8}] => (Allow) C:\Program Files\HP\HP Officejet 7610 series\bin\DigitalWizards.exe
FirewallRules: [{DCAD0485-6B18-46E6-838A-AC8724C64FFC}] => (Allow) C:\Program Files\HP\HP Officejet 7610 series\bin\FaxApplications.exe
FirewallRules: [{93E9696A-3333-451A-AC61-A023C1328925}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
FirewallRules: [{FBEE843B-1D28-4224-9E13-1BC1C02217AC}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
FirewallRules: [{82344128-6E7A-4356-A39E-60283A77244E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1BB59230-3FB7-4676-B36B-A4C161A66173}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{407C6948-D5ED-4947-9E24-E17720E4174F}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{955A1305-C9B0-4FBC-95EE-71FA2E805F00}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{A72A587A-B207-434E-8F61-F3BC9BB3B6E0}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{C36F1143-0726-4055-9C30-2B27B39F1E46}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{AF7156B9-61E7-4635-B264-CB57A2619AA2}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F995AFCD-271A-47F7-BA57-96F1B98DE28B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

17-12-2017 15:06:36 Windows Update
27-12-2017 08:30:19 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

Name: Unknown USB Device (Device Descriptor Request Failed)
Description: Unknown USB Device (Device Descriptor Request Failed)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/04/2018 12:11:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Faulting module name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Exception code: 0xc0000005
Fault offset: 0x0000000000005b10
Faulting process id: 0x1294
Faulting application start time: 0x01d3856d15f161f1
Faulting application path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Faulting module path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report Id: 36448c1e-b433-4903-b920-385e7f351381
Faulting package full name:
Faulting package-relative application ID:

Error: (01/04/2018 12:10:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Faulting module name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Exception code: 0xc0000005
Fault offset: 0x0000000000005b10
Faulting process id: 0x1294
Faulting application start time: 0x01d3856d15f161f1
Faulting application path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Faulting module path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report Id: 3ae9fa19-defa-4f01-965e-6a5cec719beb
Faulting package full name:
Faulting package-relative application ID:

Error: (01/04/2018 12:10:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Faulting module name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Exception code: 0xc0000005
Fault offset: 0x0000000000005b10
Faulting process id: 0x1294
Faulting application start time: 0x01d3856d15f161f1
Faulting application path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Faulting module path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report Id: cda08c31-1c7a-429b-8dd7-41f418e58f3b
Faulting package full name:
Faulting package-relative application ID:

Error: (01/04/2018 12:10:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Faulting module name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Exception code: 0xc0000005
Fault offset: 0x0000000000005b10
Faulting process id: 0x1294
Faulting application start time: 0x01d3856d15f161f1
Faulting application path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Faulting module path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report Id: dc00b273-aa99-4dbf-a9b6-4eb4473cd5b5
Faulting package full name:
Faulting package-relative application ID:

Error: (01/04/2018 12:09:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Faulting module name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Exception code: 0xc0000005
Fault offset: 0x0000000000005b10
Faulting process id: 0x1294
Faulting application start time: 0x01d3856d15f161f1
Faulting application path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Faulting module path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report Id: 88416499-67bd-468d-8b63-7464bcb2ca73
Faulting package full name:
Faulting package-relative application ID:

Error: (01/04/2018 12:09:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Faulting module name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Exception code: 0xc0000005
Fault offset: 0x0000000000005b10
Faulting process id: 0x1294
Faulting application start time: 0x01d3856d15f161f1
Faulting application path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Faulting module path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report Id: 471f278a-73f2-49c7-87db-70e25891cbd9
Faulting package full name:
Faulting package-relative application ID:

Error: (01/04/2018 12:09:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Faulting module name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Exception code: 0xc0000005
Fault offset: 0x0000000000005b10
Faulting process id: 0x1294
Faulting application start time: 0x01d3856d15f161f1
Faulting application path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Faulting module path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report Id: d1fbc05d-73a2-47dc-9575-07515f70f706
Faulting package full name:
Faulting package-relative application ID:

Error: (01/04/2018 12:09:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Faulting module name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Exception code: 0xc0000005
Fault offset: 0x0000000000005b10
Faulting process id: 0x1294
Faulting application start time: 0x01d3856d15f161f1
Faulting application path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Faulting module path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report Id: fe35219f-65f9-4374-96eb-0a87d77a8af6
Faulting package full name:
Faulting package-relative application ID:

Error: (01/04/2018 12:09:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Faulting module name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Exception code: 0xc0000005
Fault offset: 0x0000000000005b10
Faulting process id: 0x1294
Faulting application start time: 0x01d3856d15f161f1
Faulting application path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Faulting module path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report Id: 66eb640a-9a05-445b-be0d-df0b68976eaa
Faulting package full name:
Faulting package-relative application ID:

Error: (01/04/2018 12:09:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Faulting module name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Exception code: 0xc0000005
Fault offset: 0x0000000000005b10
Faulting process id: 0x1294
Faulting application start time: 0x01d3856d15f161f1
Faulting application path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Faulting module path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report Id: 39777872-0f84-4721-9c9b-cf75f3bb0c58
Faulting package full name:
Faulting package-relative application ID:


System errors:
=============
Error: (01/04/2018 12:06:49 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "LENOVO-PC      :0" could not be registered on the interface with IP address 192.168.1.205.
The computer with the IP address 192.168.1.155 did not allow the name to be claimed by
this computer.

Error: (01/04/2018 12:06:49 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "LENOVO-PC      :20" could not be registered on the interface with IP address 192.168.1.205.
The computer with the IP address 192.168.1.155 did not allow the name to be claimed by
this computer.

Error: (01/04/2018 12:06:49 PM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{E3DA4800-FEB9-4DA7-A025-7B8C27D01837} because another computer on the network has the same name.  The server could not start.

Error: (01/04/2018 11:42:38 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/04/2018 10:59:12 AM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: The server {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} did not register with DCOM within the required timeout.

Error: (01/04/2018 10:58:39 AM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: The server {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} did not register with DCOM within the required timeout.

Error: (01/04/2018 10:58:16 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "LENOVO-PC      :0" could not be registered on the interface with IP address 192.168.1.205.
The computer with the IP address 192.168.1.155 did not allow the name to be claimed by
this computer.

Error: (01/04/2018 10:49:35 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "LENOVO-PC      :0" could not be registered on the interface with IP address 192.168.1.205.
The computer with the IP address 192.168.1.155 did not allow the name to be claimed by
this computer.

Error: (01/04/2018 10:26:34 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/04/2018 10:23:35 AM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: The server Microsoft.Windows.Cortana_1.9.6.16299_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppX360dyffbd5crx5cph6sy881bkkccrbr0.mca did not register with DCOM within the required timeout.


CodeIntegrity:
===================================
  Date: 2018-01-04 12:06:47.278
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-04 12:06:47.272
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-04 12:06:46.227
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-04 12:06:46.213
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-04 11:36:43.623
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-04 11:36:43.618
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-04 11:21:42.911
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-04 11:21:42.909
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-04 11:21:33.756
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-04 11:21:33.753
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

Processor: Intel® Core™ i5-4300U CPU @ 1.90GHz
Percentage of memory in use: 62%
Total physical RAM: 8071.77 MB
Available physical RAM: 2998.65 MB
Total Virtual: 32647.41 MB
Available Virtual: 21171.84 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:458.77 GB) (Free:52.86 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 7AB3F9F8)

Partition: GPT.

==================== End of Addition.txt ============================



#3 kalvix

kalvix
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:58 AM

Posted 04 January 2018 - 12:19 PM

Revised FRST LOG: i closed Firefox and reran the the files:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.01.2018
Ran by Keoni Denison (administrator) on LENOVO-PC (04-01-2018 12:15:02)
Running from C:\Users\Keoni Denison\Downloads
Loaded Profiles: Keoni Denison (Available Profiles: Keoni Denison)
Platform: Windows 10 Home Version 1709 16299.125 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\Service\Lenovo.Modern.ImController.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\avfaudiosw.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlInput.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlInput.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\ProgramData\switcher-4\switcher-5.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\dfrctl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe
() C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 7610 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 7610 series\Bin\HPNetworkCommunicatorCom.exe
(© 2015 Microsoft Corporation) C:\Users\Keoni Denison\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Photo Viewer\ImagingDevices.exe
() C:\Program Files (x86)\Lenovo\OneLink Dock\onelinkpromgn.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\SmarThru Office\BackUpSvr.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\SmarThru Office\x64\LegacyLauncher.exe
() C:\Windows\Dell\PanelMgr\SSMMgr.exe
() C:\Windows\Dell\PanelMgr\caller64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(PowerISO Computing, Inc.) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
() C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\tpknrres.exe
() C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\cammute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\tpknrsvc.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\vcamsvchlpr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RtsCM] => C:\WINDOWS\RTSCM64.EXE [151768 2013-09-19] (Realtek Semiconductor Corp.)
HKLM\...\Run: [LnvMobHotspotClient] => C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [937968 2014-08-12] (Lenovo)
HKLM\...\Run: [LMCSSTART1] => C:\windows\SysWOW64\lmcfrundll.exe C:\Program Files\Lenovo\Communications Utility\libmcsrdllb.dll,InitSubsystemProcesses
HKLM\...\Run: [LMCSSTART2] => C:\windows\SysWOW64\lmcfrundll.exe C:\Program Files\Lenovo\Communications Utility\libstartstub2.dll,ProxyStart
HKLM\...\Run: [LMCSSTART3] => C:\windows\SysWOW64\lmcfrundll.exe C:\Program Files\Lenovo\Communications Utility\libmcsrdllb.dll,SetupCamplusDrop
HKLM\...\Run: [GoPro Tray App] => C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe [866224 2016-10-11] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [AdobeAAMUpdater-1.0] => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM-x32\...\Run: [STO Backup Service] => C:\Program Files (x86)\SmarThru Office\BackUpSvr.exe [184320 2010-08-03] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [STO Launcher Service] => C:\Program Files (x86)\SmarThru Office\x64\LegacyLauncher.exe [381440 2010-08-03] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Dell PanelMgr] => C:\windows\Dell\PanelMgr\SSMMgr.exe [633320 2013-03-25] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2017-05-08] (Apple Inc.)
HKLM-x32\...\Run: [2145cn Scan2PC] => C:\Windows\twain_32\Dell\DELL2145\Scan2Pc.exe [907264 2013-01-15] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-16] (Apple Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [180224 2010-04-12] (PowerISO Computing, Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe [1178400 2015-08-14] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2017-11-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3500056 2017-11-01] (Adobe Systems Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1137034981-1362270290-743441989-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1137034981-1362270290-743441989-1001\...\Run: [HP Officejet 7610 series (NET)] => C:\Program Files\HP\HP Officejet 7610 series\Bin\ScanToPCActivationApp.exe [2631784 2012-10-21] (Hewlett-Packard Co.)
HKU\S-1-5-21-1137034981-1362270290-743441989-1001\...\Run: [Google Update] => C:\Users\Keoni Denison\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe [601680 2017-11-13] (Google Inc.)
HKU\S-1-5-21-1137034981-1362270290-743441989-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1137034981-1362270290-743441989-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27545056 2017-02-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1137034981-1362270290-743441989-1001\...\Run: [BingSvc] => C:\Users\Keoni Denison\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1137034981-1362270290-743441989-1001\...\Run: [acprcCsp] => C:\Users\Keoni Denison\AppData\Roaming\Microsoft\AcXtldpc\Actiapin.exe
HKU\S-1-5-21-1137034981-1362270290-743441989-1001\...\Run: [bthpkend] => C:\Users\Keoni Denison\AppData\Roaming\Microsoft\Acceeter\audiedia.exe [1652224 2017-12-15] (ELEKS)
HKU\S-1-5-21-1137034981-1362270290-743441989-1001\...\Run: [Actiards] => C:\Users\Keoni Denison\AppData\Roaming\Microsoft\Adobpi32\Actileui.exe [467968 2017-12-27] ()
HKU\S-1-5-21-1137034981-1362270290-743441989-1001\...\Run: [canoieDS] => C:\Users\Keoni Denison\AppData\Roaming\Microsoft\Accodeui\authicom.exe [1652224 2017-12-27] ()
HKU\S-1-5-21-1137034981-1362270290-743441989-1001\...\Run: [fission-0] => C:\ProgramData\fission-8\fission-9.exe [647816 2017-11-06] ()
HKU\S-1-5-21-1137034981-1362270290-743441989-1001\...\Winlogon: [Shell] C:\ProgramData\switcher-4\switcher-5.exe -1,explorer.exe <==== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ThinkPad OneLink Dock Management.lnk [2014-10-23]
ShortcutTarget: ThinkPad OneLink Dock Management.lnk -> C:\Program Files (x86)\Lenovo\OneLink Dock\onelinkpromgn.exe ()
Startup: C:\Users\Keoni Denison\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\diode-1.lnk [2017-12-29]
ShortcutTarget: diode-1.lnk -> C:\Users\Keoni Denison\AppData\Local\diode-6\diode-87.exe ()
Startup: C:\Users\Keoni Denison\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station.lnk [2017-12-27]
ShortcutTarget: Synology Cloud Station.lnk -> C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe (Synology Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c92c8dc6-44f6-41c5-9a0f-28037574dff3}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e3da4800-feb9-4da7-a025-7b8c27d01837}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1137034981-1362270290-743441989-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKU\S-1-5-21-1137034981-1362270290-743441989-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://home.lenovo.com
SearchScopes: HKU\S-1-5-21-1137034981-1362270290-743441989-1001 -> DefaultScope {C4809B2B-2E59-4815-A276-DD2CDCF50129} URL =
SearchScopes: HKU\S-1-5-21-1137034981-1362270290-743441989-1001 -> {C4809B2B-2E59-4815-A276-DD2CDCF50129} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2017-11-21] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-11-01] (Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-11-21] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-11-01] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2017-08-15] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-11-01] (Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2017-11-21] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-11-01] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-11-01] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-11-01] (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Keoni Denison\AppData\Roaming\Mozilla\Firefox\Profiles\jcejttad.default [2018-01-04]
FF Homepage: Mozilla\Firefox\Profiles\jcejttad.default -> hxxps://www.google.com/
FF Extension: (Download YouTube Videos as MP4) - C:\Users\Keoni Denison\AppData\Roaming\Mozilla\Firefox\Profiles\jcejttad.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2017-02-15] [Legacy]
FF SearchPlugin: C:\Users\Keoni Denison\AppData\Roaming\Mozilla\Firefox\Profiles\jcejttad.default\searchplugins\bing-.xml [2017-03-13]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2017-11-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-11-04] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2014-11-04] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1137034981-1362270290-743441989-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Keoni Denison\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-01-26] (Citrix Online)
FF Plugin HKU\S-1-5-21-1137034981-1362270290-743441989-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Keoni Denison\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1137034981-1362270290-743441989-1001: @talk.google.com/O1DPlugin -> C:\Users\Keoni Denison\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1137034981-1362270290-743441989-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Keoni Denison\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin HKU\S-1-5-21-1137034981-1362270290-743441989-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Keoni Denison\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin HKU\S-1-5-21-1137034981-1362270290-743441989-1001: SkypeForBusinessPlugin-16.2 -> C:\Users\Keoni Denison\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.172\npGatewayNpapi.dll [2017-01-27] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-1137034981-1362270290-743441989-1001: SkypeForBusinessPlugin64-16.2 -> C:\Users\Keoni Denison\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.172\npGatewayNpapi-x64.dll [2017-01-27] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Keoni Denison\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Keoni Denison\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Keoni Denison\AppData\Local\Google\Chrome\User Data\Default [2018-01-04]
CHR Extension: (Slides) - C:\Users\Keoni Denison\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16]
CHR Extension: (Docs) - C:\Users\Keoni Denison\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Google Drive) - C:\Users\Keoni Denison\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (YouTube) - C:\Users\Keoni Denison\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Google Search) - C:\Users\Keoni Denison\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Keoni Denison\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-12-20]
CHR Extension: (Sheets) - C:\Users\Keoni Denison\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-16]
CHR Extension: (Google Docs Offline) - C:\Users\Keoni Denison\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Keoni Denison\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-11]
CHR Extension: (Gmail) - C:\Users\Keoni Denison\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-07]
CHR Extension: (Chrome Media Router) - C:\Users\Keoni Denison\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-28]
CHR Profile: C:\Users\Keoni Denison\AppData\Local\Google\Chrome\User Data\System Profile [2017-12-27]
CHR HKU\S-1-5-21-1137034981-1362270290-743441989-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-11-01]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [771672 2017-03-14] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R2 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [560584 2015-01-21] (Lenovo Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058416 2017-09-05] (Microsoft Corporation)
S2 connect2hotspot; C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe [100680 2016-12-23] (Lenovo)
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1099280 2017-03-28] (Garmin Ltd. or its subsidiaries)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [37808 2016-10-11] ()
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89352 2014-09-15] (Hewlett-Packard Company)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [184064 2016-12-12] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [382456 2016-11-23] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [68408 2017-11-12] (Lenovo Group Limited)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
R2 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-19] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [207648 2015-08-14] (Intel Corporation)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2016472 2015-01-23] (Lenovo Group Limited)
R3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [626120 2015-01-21] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo Group Limited)
S3 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [474608 2014-08-12] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [469720 2015-01-09] ()
R2 LPlatSvc; C:\WINDOWS\system32\LPlatSvc.exe [710144 2016-09-06] (Lenovo.)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (Lenovo)
R2 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [59384 2013-07-16] (Lenovo Group Limited)
R3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [138232 2013-07-16] (Lenovo Group Limited)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324584 2017-08-03] (Realtek Semiconductor)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [23928 2017-08-16] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [259176 2016-10-03] (Synaptics Incorporated)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736 2014-12-17] () [File not signed]
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [86544 2016-07-13] (Synaptics Incorporated)
R2 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [56848 2016-07-13] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 CM3218x; C:\WINDOWS\System32\drivers\WUDFRd.sys [259584 2017-09-29] (Microsoft Corporation)
R3 CPLMACPI; C:\WINDOWS\System32\drivers\CPLMACPI.sys [19592 2014-06-19] (Capella Microsystems, Inc.)
S2 DgiVecp; C:\windows\system32\Drivers\DgiVecp.sys [53816 2011-01-07] (Samsung Electronics Co., Ltd.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [531440 2015-07-29] (Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230656 2016-12-12] (Intel Corporation)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [77992 2013-10-04] (Intel Corporation)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [47008 2013-07-31] ()
S3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [44480 2011-05-17] (hxxp://libusb-win32.sourceforge.net)
R3 LnvHIDHW; C:\WINDOWS\System32\drivers\LnvHIDHW.sys [29496 2014-04-07] (Lenovo)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3529728 2017-10-17] (Intel Corporation)
S3 pmxdrv; C:\WINDOWS\system32\drivers\pmxdrv.sys [31152 2017-12-05] ()
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [8874712 2013-09-19] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51296 2016-10-03] (Synaptics Incorporated)
R1 SMIDriver; C:\WINDOWS\system32\DRIVERS\smi.sys [39488 2016-07-13] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-04 12:10 - 2018-01-04 12:11 - 000071527 _____ C:\Users\Keoni Denison\Downloads\Addition.txt
2018-01-04 12:09 - 2018-01-04 12:15 - 000032531 _____ C:\Users\Keoni Denison\Downloads\FRST.txt
2018-01-04 12:09 - 2018-01-04 12:15 - 000000000 ____D C:\FRST
2018-01-04 12:08 - 2018-01-04 12:08 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2018-01-04 10:54 - 2018-01-04 10:54 - 002393088 _____ (Farbar) C:\Users\Keoni Denison\Downloads\FRST64.exe
2018-01-04 10:02 - 2018-01-04 10:02 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign89878d9a226f725c
2018-01-04 10:02 - 2018-01-04 10:02 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign2594ecc08ffb6634
2018-01-04 08:38 - 2018-01-04 08:38 - 000024800 _____ (Microsoft Corporation) C:\WINDOWS\system32\tmpidcrl.dll
2018-01-03 16:21 - 2018-01-03 16:21 - 000154633 _____ C:\Users\Keoni Denison\Downloads\applied_payments (7).csv
2018-01-03 14:43 - 2018-01-03 14:43 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign9895ee4617775451
2018-01-03 14:42 - 2018-01-03 14:42 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign20d64d7f4460a18a
2018-01-03 13:42 - 2018-01-03 13:42 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsigncec7f320c6d36943
2018-01-03 13:42 - 2018-01-03 13:42 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign5cf79d22c45b5e8c
2018-01-03 11:43 - 2018-01-03 11:43 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign87b2c84a28351be5
2018-01-03 11:37 - 2018-01-03 11:37 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsignb3ed65083ab9a16f
2018-01-03 09:40 - 2018-01-03 09:40 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsignbb8733f786be49cd
2018-01-03 09:40 - 2018-01-03 09:40 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign434f878dcc15dade
2018-01-03 08:38 - 2018-01-03 08:38 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign5444caa6aed82a76
2018-01-03 08:32 - 2018-01-03 08:32 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsignfe21977844a12bd6
2018-01-02 11:25 - 2018-01-02 11:25 - 014807840 _____ C:\Users\Keoni Denison\Downloads\epson12203.exe
2018-01-02 10:15 - 2018-01-02 10:15 - 000000000 ____D C:\Users\Keoni Denison\Documents\Andrew Scott Brooks
2017-12-29 13:57 - 2017-12-29 13:57 - 000000000 ____D C:\Users\Keoni Denison\AppData\Roaming\Big Fish Games
2017-12-29 10:31 - 2017-12-29 10:31 - 000445865 _____ C:\Users\Keoni Denison\Desktop\NDA - ccg website - Keoni Denison.pdf
2017-12-29 10:30 - 2017-12-29 10:30 - 000441911 _____ C:\Users\Keoni Denison\Desktop\FOX - CCG - AGREEMENT BETWEEN CUSTOMER AND CONTRACTOR.pdf
2017-12-29 08:17 - 2017-12-29 08:17 - 000114224 _____ C:\Users\Keoni Denison\Downloads\Next Level Customs-125335-Banner-invoice (2).pdf
2017-12-29 08:14 - 2017-12-29 08:14 - 000114103 _____ C:\Users\Keoni Denison\Downloads\Next Level Customs-125698-food truck wraps-invoice.pdf
2017-12-29 08:13 - 2017-12-29 08:13 - 000103686 _____ C:\Users\Keoni Denison\Downloads\Next Level Customs-125457-Rocky Mount Toyota Tundra-invoice (1).pdf
2017-12-29 06:53 - 2017-12-29 06:54 - 009909123 _____ C:\Users\Keoni Denison\Downloads\DJ Booth Artwork.zip
2017-12-28 15:50 - 2017-12-28 15:50 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign10f33a66b4b7f038
2017-12-28 07:11 - 2017-12-28 07:11 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign02cb7b1570b2a698
2017-12-28 07:10 - 2017-12-28 07:10 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign5c424044f4e05802
2017-12-27 21:17 - 2017-12-03 17:38 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-12-27 21:17 - 2017-12-03 17:38 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-12-27 07:48 - 2017-12-27 07:48 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign1361c1b8f515cb89
2017-12-27 07:48 - 2017-12-27 07:48 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign00a9cfba7c6edbc6
2017-12-26 12:10 - 2017-12-29 12:25 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\diode-6
2017-12-25 06:59 - 2017-12-25 06:59 - 000000000 ____D C:\Users\Keoni Denison\AppData\Roaming\Artogon
2017-12-24 07:15 - 2017-12-24 07:15 - 000002285 _____ C:\Users\Public\Desktop\Play Redemption Cemetery - Curse of the Raven.lnk
2017-12-24 07:15 - 2017-12-24 07:15 - 000000000 ____D C:\Users\Keoni Denison\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Redemption Cemetery - Curse of the Raven
2017-12-24 07:15 - 2017-12-24 07:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Redemption Cemetery - Curse of the Raven
2017-12-24 07:15 - 2017-12-24 07:15 - 000000000 ____D C:\Program Files (x86)\Redemption Cemetery - Curse of the Raven
2017-12-24 07:13 - 2017-12-24 07:13 - 000002283 _____ C:\Users\Public\Desktop\Play Treasure Seekers - The Time Has Come.lnk
2017-12-23 22:20 - 2017-12-24 07:13 - 000000000 ____D C:\Program Files (x86)\Treasure Seekers - The Time Has Come
2017-12-23 22:20 - 2017-12-23 22:20 - 000000000 ____D C:\Users\Keoni Denison\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Treasure Seekers - The Time Has Come
2017-12-23 22:20 - 2017-12-23 22:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Treasure Seekers - The Time Has Come
2017-12-23 22:16 - 2017-12-23 22:16 - 000002190 _____ C:\Users\Public\Desktop\Play Mystery Case Files - 13th Skull.lnk
2017-12-23 22:15 - 2017-12-23 22:16 - 000000000 ____D C:\Program Files (x86)\Mystery Case Files - 13th Skull
2017-12-23 22:15 - 2017-12-23 22:15 - 000000000 ____D C:\Users\Keoni Denison\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mystery Case Files - 13th Skull
2017-12-23 22:15 - 2017-12-23 22:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mystery Case Files - 13th Skull
2017-12-21 16:22 - 2017-12-21 16:22 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign6cec641fe602dd64
2017-12-21 16:22 - 2017-12-21 16:22 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign18d4158436833072
2017-12-20 11:03 - 2017-12-20 11:03 - 000103807 _____ C:\Users\Keoni Denison\Downloads\Pipe Tech-125977-Partial Wrap on Utility Vehicle-invoice.pdf
2017-12-20 08:47 - 2017-12-20 08:47 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign1893da48e32db08e
2017-12-20 08:20 - 2017-12-20 08:20 - 000103853 _____ C:\Users\Keoni Denison\Downloads\Island Breeze-126073-Ford Transit Connect-invoice.pdf
2017-12-20 07:20 - 2017-12-20 07:20 - 000000000 ____D C:\Users\Keoni Denison\AppData\Roaming\Alawar
2017-12-19 14:41 - 2017-12-19 14:41 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsigna4a994365048cdf9
2017-12-19 14:28 - 2017-12-19 14:28 - 000150575 _____ C:\Users\Keoni Denison\Downloads\applied_payments (6).csv
2017-12-17 15:18 - 2017-12-27 10:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-12-17 15:11 - 2018-01-04 07:19 - 000000000 ____D C:\ProgramData\TEMP
2017-12-17 15:11 - 2017-12-17 15:11 - 000002007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Manager.lnk
2017-12-17 15:11 - 2017-12-17 15:11 - 000001208 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\More Great Games.lnk
2017-12-17 15:11 - 2017-12-17 15:11 - 000000000 ____D C:\ProgramData\Big Fish
2017-12-17 15:11 - 2017-12-17 15:11 - 000000000 ____D C:\Program Files (x86)\bfgclient
2017-12-17 15:09 - 2017-12-23 17:49 - 000000000 ____D C:\BigFishCache
2017-12-17 15:09 - 2017-12-17 15:11 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Big Fish
2017-12-17 15:08 - 2017-12-17 15:08 - 000237568 _____ (Big Fish Games) C:\Users\Keoni Denison\Downloads\bigfishgames_p97641037_s1_l1.exe
2017-12-17 15:08 - 2017-12-17 15:08 - 000237568 _____ (Big Fish Games) C:\Users\Keoni Denison\Downloads\bigfishgames_p97639683_s1_l1.exe
2017-12-17 15:08 - 2017-12-17 15:08 - 000237568 _____ (Big Fish Games) C:\Users\Keoni Denison\Downloads\bigfishgames_p92602178_s1_l1.exe
2017-12-17 15:08 - 2017-12-17 15:08 - 000237568 _____ (Big Fish Games) C:\Users\Keoni Denison\Downloads\bigfishgames_p102896878_s1_l1.exe
2017-12-15 17:09 - 2017-12-29 11:36 - 000000000 ____D C:\ProgramData\fission-8
2017-12-15 11:06 - 2017-12-20 07:23 - 005399697 _____ C:\Users\Keoni Denison\AppData\Roaming\cached-microdescs
2017-12-15 07:52 - 2017-12-15 07:52 - 001652224 _____ (ELEKS) C:\Users\Keoni Denison\AppData\Roaming\a0754ca9.exe
2017-12-14 07:08 - 2017-12-14 07:08 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsignb03ed524d9d74239
2017-12-14 07:04 - 2017-12-08 01:52 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2017-12-14 07:04 - 2017-12-07 18:34 - 001925296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-12-14 07:04 - 2017-12-07 18:34 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-12-14 07:04 - 2017-12-07 18:34 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2017-12-14 07:04 - 2017-12-07 18:31 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-12-14 07:04 - 2017-12-07 18:31 - 000779440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-12-14 07:04 - 2017-12-07 18:30 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-12-14 07:04 - 2017-12-07 18:28 - 000710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-12-14 07:04 - 2017-12-07 18:28 - 000630752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll
2017-12-14 07:04 - 2017-12-07 18:27 - 004504456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2017-12-14 07:04 - 2017-12-07 18:27 - 003903784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-12-14 07:04 - 2017-12-07 18:27 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-12-14 07:04 - 2017-12-07 18:26 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-12-14 07:04 - 2017-12-07 18:26 - 002709200 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-12-14 07:04 - 2017-12-07 18:26 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2017-12-14 07:04 - 2017-12-07 18:25 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2017-12-14 07:04 - 2017-12-07 18:24 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2017-12-14 07:04 - 2017-12-07 18:24 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-12-14 07:04 - 2017-12-07 18:24 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-12-14 07:04 - 2017-12-07 18:23 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-12-14 07:04 - 2017-12-07 18:23 - 000677272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-12-14 07:04 - 2017-12-07 18:22 - 001003104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-12-14 07:04 - 2017-12-07 18:22 - 000979352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-12-14 07:04 - 2017-12-07 18:22 - 000137544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2017-12-14 07:04 - 2017-12-07 18:22 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2017-12-14 07:04 - 2017-12-07 18:21 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-12-14 07:04 - 2017-12-07 18:20 - 001170000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-12-14 07:04 - 2017-12-07 18:19 - 021352136 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-12-14 07:04 - 2017-12-07 18:16 - 001776272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-12-14 07:04 - 2017-12-07 18:16 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-12-14 07:04 - 2017-12-07 18:15 - 001426152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-12-14 07:04 - 2017-12-07 18:15 - 000721592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2017-12-14 07:04 - 2017-12-07 18:14 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-12-14 07:04 - 2017-12-07 18:12 - 000401304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2017-12-14 07:04 - 2017-12-07 18:10 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-12-14 07:04 - 2017-12-07 17:58 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-12-14 07:04 - 2017-12-07 17:57 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-12-14 07:04 - 2017-12-07 17:56 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-12-14 07:04 - 2017-12-07 17:55 - 001490328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-12-14 07:04 - 2017-12-07 17:55 - 000097144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2017-12-14 07:04 - 2017-12-07 17:39 - 006092664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-12-14 07:04 - 2017-12-07 17:37 - 001145104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-12-14 07:04 - 2017-12-07 17:36 - 000769096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll
2017-12-14 07:04 - 2017-12-07 17:34 - 003484840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-12-14 07:04 - 2017-12-07 17:34 - 002192112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-12-14 07:04 - 2017-12-07 17:33 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-12-14 07:04 - 2017-12-07 17:33 - 000592280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2017-12-14 07:04 - 2017-12-07 17:32 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-12-14 07:04 - 2017-12-07 17:31 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-12-14 07:04 - 2017-12-07 17:31 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-12-14 07:04 - 2017-12-07 17:31 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-12-14 07:04 - 2017-12-07 17:23 - 006478528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-12-14 07:04 - 2017-12-07 17:22 - 025245696 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-12-14 07:04 - 2017-12-07 17:13 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-12-14 07:04 - 2017-12-07 17:13 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2017-12-14 07:04 - 2017-12-07 17:12 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2017-12-14 07:04 - 2017-12-07 17:12 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-12-14 07:04 - 2017-12-07 17:12 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx
2017-12-14 07:04 - 2017-12-07 17:11 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-12-14 07:04 - 2017-12-07 17:10 - 018916352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-12-14 07:04 - 2017-12-07 17:10 - 006466048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-12-14 07:04 - 2017-12-07 17:10 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2017-12-14 07:04 - 2017-12-07 17:10 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2017-12-14 07:04 - 2017-12-07 17:10 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-12-14 07:04 - 2017-12-07 17:10 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2017-12-14 07:04 - 2017-12-07 17:10 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-12-14 07:04 - 2017-12-07 17:10 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-12-14 07:04 - 2017-12-07 17:09 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\batmeter.dll
2017-12-14 07:04 - 2017-12-07 17:09 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2017-12-14 07:04 - 2017-12-07 17:09 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe
2017-12-14 07:04 - 2017-12-07 17:09 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2017-12-14 07:04 - 2017-12-07 17:09 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamingtcui.dll
2017-12-14 07:04 - 2017-12-07 17:08 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-12-14 07:04 - 2017-12-07 17:08 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-12-14 07:04 - 2017-12-07 17:08 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2017-12-14 07:04 - 2017-12-07 17:08 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-12-14 07:04 - 2017-12-07 17:08 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2017-12-14 07:04 - 2017-12-07 17:08 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-12-14 07:04 - 2017-12-07 17:07 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-12-14 07:04 - 2017-12-07 17:07 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2017-12-14 07:04 - 2017-12-07 17:07 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-14 07:04 - 2017-12-07 17:07 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-12-14 07:04 - 2017-12-07 17:07 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2017-12-14 07:04 - 2017-12-07 17:07 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-12-14 07:04 - 2017-12-07 17:07 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-12-14 07:04 - 2017-12-07 17:06 - 023652864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-12-14 07:04 - 2017-12-07 17:06 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2017-12-14 07:04 - 2017-12-07 17:06 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-12-14 07:04 - 2017-12-07 17:06 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcui.dll
2017-12-14 07:04 - 2017-12-07 17:06 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe
2017-12-14 07:04 - 2017-12-07 17:05 - 006037504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-12-14 07:04 - 2017-12-07 17:05 - 001670656 _____ (Microsoft Corporation) C:\WINDOWS\system32\batmeter.dll
2017-12-14 07:04 - 2017-12-07 17:05 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-12-14 07:04 - 2017-12-07 17:05 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-12-14 07:04 - 2017-12-07 17:05 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2017-12-14 07:04 - 2017-12-07 17:05 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2017-12-14 07:04 - 2017-12-07 17:05 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-12-14 07:04 - 2017-12-07 17:05 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-12-14 07:04 - 2017-12-07 17:05 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-12-14 07:04 - 2017-12-07 17:05 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2017-12-14 07:04 - 2017-12-07 17:05 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2017-12-14 07:04 - 2017-12-07 17:05 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2017-12-14 07:04 - 2017-12-07 17:05 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2017-12-14 07:04 - 2017-12-07 17:05 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2017-12-14 07:04 - 2017-12-07 17:04 - 003678208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-12-14 07:04 - 2017-12-07 17:04 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2017-12-14 07:04 - 2017-12-07 17:04 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-12-14 07:04 - 2017-12-07 17:04 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-12-14 07:04 - 2017-12-07 17:03 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-12-14 07:04 - 2017-12-07 17:03 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-12-14 07:04 - 2017-12-07 17:03 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-12-14 07:04 - 2017-12-07 17:03 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-12-14 07:04 - 2017-12-07 17:03 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2017-12-14 07:04 - 2017-12-07 17:03 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-12-14 07:04 - 2017-12-07 17:03 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-12-14 07:04 - 2017-12-07 17:03 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-12-14 07:04 - 2017-12-07 17:03 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-14 07:04 - 2017-12-07 17:03 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hascsp.dll
2017-12-14 07:04 - 2017-12-07 17:02 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-12-14 07:04 - 2017-12-07 17:02 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-12-14 07:04 - 2017-12-07 17:02 - 002117632 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-12-14 07:04 - 2017-12-07 17:02 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-12-14 07:04 - 2017-12-07 17:02 - 000813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-12-14 07:04 - 2017-12-07 17:02 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2017-12-14 07:04 - 2017-12-07 17:01 - 008097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-12-14 07:04 - 2017-12-07 17:01 - 004592640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-12-14 07:04 - 2017-12-07 17:01 - 001980928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-12-14 07:04 - 2017-12-07 17:01 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-12-14 07:04 - 2017-12-07 17:01 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2017-12-14 07:04 - 2017-12-07 17:00 - 004740608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-12-14 07:04 - 2017-12-07 17:00 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-12-14 07:04 - 2017-12-07 17:00 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-12-14 07:04 - 2017-12-07 16:59 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-12-14 07:04 - 2017-12-07 16:59 - 002105856 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-12-14 07:04 - 2017-12-07 16:59 - 001666048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-12-14 07:04 - 2017-12-07 16:59 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-12-14 07:04 - 2017-12-07 16:59 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2017-12-14 07:04 - 2017-12-07 16:58 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-12-14 07:04 - 2017-12-07 16:58 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-12-14 07:04 - 2017-12-07 16:58 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-12-14 07:04 - 2017-12-07 16:58 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-12-14 07:04 - 2017-12-07 16:58 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-12-14 07:04 - 2017-12-07 16:57 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-12-14 07:04 - 2017-12-07 16:57 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-12-14 07:04 - 2017-12-07 16:56 - 002666496 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-12-14 07:04 - 2017-12-07 16:56 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-12-14 07:04 - 2017-12-07 16:56 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-12-14 07:04 - 2017-12-07 16:54 - 002510336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-12-14 07:04 - 2017-12-07 16:54 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-12-14 07:04 - 2017-12-07 16:54 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-12-14 07:04 - 2017-11-26 15:35 - 017084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2017-12-14 07:04 - 2017-11-26 15:32 - 021754368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2017-12-14 07:04 - 2017-11-26 15:15 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2017-12-14 07:04 - 2017-11-26 11:43 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2017-12-14 07:04 - 2017-11-26 08:48 - 001200536 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-12-14 07:04 - 2017-11-26 08:47 - 001053592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-12-14 07:04 - 2017-11-26 08:45 - 001642520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2017-12-14 07:04 - 2017-11-26 08:45 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-12-14 07:04 - 2017-11-26 08:45 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-12-14 07:04 - 2017-11-26 08:45 - 000198888 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-12-14 07:04 - 2017-11-26 08:41 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-12-14 07:04 - 2017-11-26 08:38 - 001636376 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-12-14 07:04 - 2017-11-26 08:37 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-12-14 07:04 - 2017-11-26 08:35 - 001090440 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-12-14 07:04 - 2017-11-26 08:35 - 000924136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-12-14 07:04 - 2017-11-26 08:33 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-12-14 07:04 - 2017-11-26 08:33 - 001208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-12-14 07:04 - 2017-11-26 08:33 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-12-14 07:04 - 2017-11-26 08:33 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2017-12-14 07:04 - 2017-11-26 08:32 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-12-14 07:04 - 2017-11-26 08:32 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2017-12-14 07:04 - 2017-11-26 08:31 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-12-14 07:04 - 2017-11-26 08:30 - 001488792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-12-14 07:04 - 2017-11-26 08:29 - 003010720 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-12-14 07:04 - 2017-11-26 08:29 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-12-14 07:04 - 2017-11-26 08:29 - 000891800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-12-14 07:04 - 2017-11-26 08:29 - 000840440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-12-14 07:04 - 2017-11-26 08:29 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-12-14 07:04 - 2017-11-26 08:29 - 000703536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-12-14 07:04 - 2017-11-26 08:29 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-12-14 07:04 - 2017-11-26 08:28 - 001259344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-12-14 07:04 - 2017-11-26 08:28 - 001012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2017-12-14 07:04 - 2017-11-26 08:28 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-12-14 07:04 - 2017-11-26 08:28 - 000495000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-12-14 07:04 - 2017-11-26 08:28 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-12-14 07:04 - 2017-11-26 08:27 - 002446744 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-12-14 07:04 - 2017-11-26 08:27 - 002412168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-12-14 07:04 - 2017-11-26 08:27 - 001413760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-12-14 07:04 - 2017-11-26 08:27 - 000464408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-12-14 07:04 - 2017-11-26 08:27 - 000230296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-12-14 07:04 - 2017-11-26 08:26 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-12-14 07:04 - 2017-11-26 08:26 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-12-14 07:04 - 2017-11-26 08:25 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-12-14 07:04 - 2017-11-26 08:23 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-12-14 07:04 - 2017-11-26 08:23 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-12-14 07:04 - 2017-11-26 08:23 - 000754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2017-12-14 07:04 - 2017-11-26 08:22 - 000404888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-12-14 07:04 - 2017-11-26 08:21 - 001585376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-12-14 07:04 - 2017-11-26 08:21 - 000654048 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-12-14 07:04 - 2017-11-26 08:20 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-12-14 07:04 - 2017-11-26 08:20 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-12-14 07:04 - 2017-11-26 07:57 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-12-14 07:04 - 2017-11-26 07:55 - 001289216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-12-14 07:04 - 2017-11-26 07:55 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2017-12-14 07:04 - 2017-11-26 07:55 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2017-12-14 07:04 - 2017-11-26 07:55 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-12-14 07:04 - 2017-11-26 07:55 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-12-14 07:04 - 2017-11-26 07:55 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2017-12-14 07:04 - 2017-11-26 07:54 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-12-14 07:04 - 2017-11-26 07:54 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-12-14 07:04 - 2017-11-26 07:48 - 012829696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-12-14 07:04 - 2017-11-26 07:47 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-12-14 07:04 - 2017-11-26 07:43 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-12-14 07:04 - 2017-11-26 07:36 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2017-12-14 07:04 - 2017-11-26 07:36 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-12-14 07:04 - 2017-11-26 07:36 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2017-12-14 07:04 - 2017-11-26 07:36 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-12-14 07:04 - 2017-11-26 07:35 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll
2017-12-14 07:04 - 2017-11-26 07:35 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-12-14 07:04 - 2017-11-26 07:34 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2017-12-14 07:04 - 2017-11-26 07:33 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
2017-12-14 07:04 - 2017-11-26 07:31 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-12-14 07:04 - 2017-11-26 07:31 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-12-14 07:04 - 2017-11-26 07:31 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-12-14 07:04 - 2017-11-26 07:31 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2017-12-14 07:04 - 2017-11-26 07:29 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-12-14 07:04 - 2017-11-26 07:29 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-12-14 07:04 - 2017-11-26 07:29 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2017-12-14 07:04 - 2017-11-26 07:29 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2017-12-14 07:04 - 2017-11-26 07:28 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-12-14 07:04 - 2017-11-26 07:26 - 000830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
2017-12-14 07:04 - 2017-11-26 07:26 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-12-14 07:04 - 2017-11-26 07:26 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-12-14 07:04 - 2017-11-26 07:25 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-12-14 07:04 - 2017-11-26 07:25 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-12-14 07:04 - 2017-11-26 07:25 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-12-14 07:04 - 2017-11-26 07:25 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2017-12-14 07:04 - 2017-11-26 07:25 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-12-14 07:04 - 2017-11-26 07:23 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-12-14 07:04 - 2017-11-26 07:22 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-12-14 07:04 - 2017-11-26 07:19 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-12-14 07:04 - 2017-11-26 07:19 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-12-14 07:04 - 2017-11-26 07:19 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadjcsp.dll
2017-12-14 07:04 - 2017-11-26 07:18 - 003186688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-12-14 07:04 - 2017-11-26 07:18 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-12-14 07:04 - 2017-11-26 07:18 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-12-14 07:04 - 2017-11-26 07:17 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-12-14 07:04 - 2017-11-26 07:17 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-12-14 07:04 - 2017-11-26 07:17 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-12-14 07:04 - 2017-11-26 07:08 - 017159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-12-14 07:04 - 2017-11-26 07:05 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-12-14 07:04 - 2017-11-26 07:04 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-12-14 07:04 - 2017-11-26 07:04 - 002596352 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-12-14 07:04 - 2017-11-26 07:03 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-12-14 07:04 - 2017-11-26 07:03 - 002783744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-12-14 07:04 - 2017-11-26 07:01 - 003163648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-12-14 07:04 - 2017-11-26 07:00 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-12-14 07:04 - 2017-11-26 06:59 - 004814848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-12-14 07:04 - 2017-11-26 06:59 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-12-14 07:04 - 2017-11-26 06:59 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-12-14 07:04 - 2017-11-26 06:59 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-12-14 07:04 - 2017-11-26 06:58 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-12-14 07:04 - 2017-11-26 06:48 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2017-12-14 07:04 - 2017-11-26 06:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2017-12-14 07:04 - 2017-11-26 06:21 - 001474680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2017-12-14 07:04 - 2017-11-26 06:21 - 001432816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-12-14 07:04 - 2017-11-26 06:02 - 001124760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2017-12-14 07:04 - 2017-11-26 06:01 - 002339296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-12-14 07:04 - 2017-11-26 06:01 - 000791960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-12-14 07:04 - 2017-11-26 06:01 - 000746904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2017-12-14 07:04 - 2017-11-26 06:01 - 000590944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-12-14 07:04 - 2017-11-26 06:01 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-12-14 07:04 - 2017-11-26 06:01 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-12-14 07:04 - 2017-11-26 06:00 - 001990160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-12-14 07:04 - 2017-11-26 06:00 - 000353848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-12-14 07:04 - 2017-11-26 05:59 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-12-14 07:04 - 2017-11-26 05:58 - 001148216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-12-14 07:04 - 2017-11-26 05:58 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-12-14 07:04 - 2017-11-26 05:51 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-12-14 07:04 - 2017-11-26 05:51 - 000661664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2017-12-14 07:04 - 2017-11-26 05:41 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2017-12-14 07:04 - 2017-11-26 05:41 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-12-14 07:04 - 2017-11-26 05:41 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2017-12-14 07:04 - 2017-11-26 05:41 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-12-14 07:04 - 2017-11-26 05:41 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-12-14 07:04 - 2017-11-26 05:40 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-12-14 07:04 - 2017-11-26 05:38 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
2017-12-14 07:04 - 2017-11-26 05:37 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-12-14 07:04 - 2017-11-26 05:36 - 013703168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-12-14 07:04 - 2017-11-26 05:36 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-12-14 07:04 - 2017-11-26 05:36 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-12-14 07:04 - 2017-11-26 05:36 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-12-14 07:04 - 2017-11-26 05:35 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll
2017-12-14 07:04 - 2017-11-26 05:35 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-12-14 07:04 - 2017-11-26 05:35 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-12-14 07:04 - 2017-11-26 05:35 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2017-12-14 07:04 - 2017-11-26 05:32 - 011923456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-12-14 07:04 - 2017-11-26 05:31 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-12-14 07:04 - 2017-11-26 05:31 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2017-12-14 07:04 - 2017-11-26 05:30 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-12-14 07:04 - 2017-11-26 05:30 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-12-14 07:04 - 2017-11-26 05:29 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-12-14 07:04 - 2017-11-26 05:29 - 000823808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-12-14 07:04 - 2017-11-26 05:28 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-12-14 07:04 - 2017-11-26 05:24 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2017-12-14 07:04 - 2017-11-26 05:24 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll
2017-12-14 07:04 - 2017-11-19 02:35 - 003331520 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2017-12-14 07:04 - 2017-11-18 21:20 - 002491112 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2017-12-13 08:26 - 2017-12-13 08:26 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsigna3e89eda5e1a98ca
2017-12-13 08:26 - 2017-12-13 08:26 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign90d9a08ad503eae6
2017-12-13 08:25 - 2017-12-13 08:25 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsignc12304e8bb3e4197
2017-12-12 15:43 - 2017-12-12 15:43 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign8a9a0be9665759ec
2017-12-12 15:42 - 2017-12-12 15:42 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign0adef84a64f350bc
2017-12-12 14:53 - 2017-12-12 14:53 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign67919f6d87a8e1f5
2017-12-11 13:22 - 2017-12-11 13:22 - 039567943 _____ C:\Users\Keoni Denison\Downloads\80_files_from_Crystal_Mace.zip
2017-12-08 12:46 - 2017-12-08 12:46 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign434dd91c9c39bdef
2017-12-08 08:47 - 2017-12-08 08:47 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign823c49e2c9d7ab7a
2017-12-08 07:38 - 2017-12-08 07:38 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsigndcae41d74e38cb9b
2017-12-08 07:38 - 2017-12-08 07:38 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign9c812e108fbaf9e9
2017-12-08 06:30 - 2017-12-08 06:36 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2017-12-08 06:30 - 2017-12-08 06:36 - 000002298 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2017-12-08 06:30 - 2017-12-08 06:36 - 000002137 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2017-12-07 12:47 - 2017-12-07 12:52 - 000000000 ____D C:\Users\Keoni Denison\Desktop\truck
2017-12-07 11:53 - 2017-12-07 11:53 - 000108336 _____ C:\Users\Keoni Denison\Downloads\PFS Sales Co.-8383--quote (1).pdf
2017-12-07 11:20 - 2017-12-07 11:20 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsigndef78415e5ae692c
2017-12-07 11:20 - 2017-12-07 11:20 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign2edcab1a72d30364
2017-12-07 08:34 - 2017-12-07 08:34 - 000108336 _____ C:\Users\Keoni Denison\Downloads\PFS Sales Co.-8383--quote.pdf
2017-12-06 15:23 - 2017-12-06 15:23 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsigna9a9745e43895d83
2017-12-06 13:07 - 2017-12-06 13:07 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign72ff9abdaea15f82
2017-12-06 12:57 - 2017-12-06 12:57 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign5f1d83d11fd226b6
2017-12-06 12:34 - 2017-12-06 12:34 - 000097513 _____ C:\Users\Keoni Denison\Downloads\CTI Property Services-6992-Fleet Updates Graphics-work_order.pdf
2017-12-05 20:09 - 2017-12-05 20:09 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tvsukernel
2017-12-05 19:23 - 2017-12-05 19:23 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsignbd920396a67a3cc6
2017-12-05 19:20 - 2017-12-05 19:20 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Tempzxpsign5af024f0ae0dcef6

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-04 12:08 - 2014-10-30 18:42 - 000000000 ____D C:\Users\Keoni Denison\Documents\Outlook Files
2018-01-04 12:06 - 2017-11-28 12:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-01-04 10:58 - 2015-10-06 07:22 - 000000034 _____ C:\Users\Keoni Denison\AppData\Roaming\AdobeWLCMCache.dat
2018-01-04 10:03 - 2017-11-28 12:18 - 000004170 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D32FEB5D-BDF8-4A68-9CCE-DED52A2BD829}
2018-01-04 10:03 - 2016-11-17 06:16 - 000000000 ____D C:\Users\Keoni Denison\AppData\LocalLow\Mozilla
2018-01-04 09:56 - 2014-11-06 09:10 - 000205824 _____ C:\Users\Keoni Denison\Documents\CWI - Vehicle Measurements.xls
2018-01-04 06:39 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-01-04 06:38 - 2017-09-29 08:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-01-04 06:38 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-01-04 06:34 - 2017-09-29 08:44 - 000000000 ____D C:\WINDOWS\INF
2018-01-03 16:14 - 2014-10-23 12:58 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\Packages
2018-01-03 15:32 - 2017-02-10 18:34 - 000000000 ____D C:\Users\Keoni Denison\Desktop\New folder
2018-01-03 15:31 - 2015-09-26 11:21 - 001331592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-01-03 15:30 - 2017-01-09 07:34 - 000098642 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2018-01-03 15:25 - 2015-12-09 12:00 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-01-03 15:25 - 2014-10-24 08:12 - 000000000 __SHD C:\Users\Keoni Denison\IntelGraphicsProfiles
2018-01-03 15:24 - 2017-11-28 12:18 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-01-03 15:24 - 2014-10-23 17:01 - 000000000 ____D C:\ProgramData\Synaptics
2018-01-03 15:23 - 2017-11-28 12:08 - 000000000 ____D C:\Users\Keoni Denison
2018-01-03 15:23 - 2017-09-29 03:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-01-03 15:23 - 2017-01-27 17:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-01-03 15:23 - 2014-10-28 18:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-01-03 13:51 - 2014-12-19 16:32 - 000000000 ____D C:\Users\Keoni Denison\Outlook Files
2018-01-03 11:54 - 2014-10-30 18:44 - 000000000 ____D C:\Users\Keoni Denison\Documents\Client
2018-01-02 13:16 - 2017-07-10 11:42 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\GoToMeeting
2018-01-02 11:01 - 2014-10-28 18:55 - 000001182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-12-30 09:18 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\rescache
2017-12-29 11:49 - 2017-10-08 01:04 - 000000000 ____D C:\ProgramData\switcher-4
2017-12-29 11:34 - 2014-11-04 15:42 - 000001456 _____ C:\Users\Keoni Denison\AppData\Local\Adobe Save for Web 13.0 Prefs
2017-12-29 10:30 - 2014-10-23 12:58 - 000000000 ____D C:\Users\Keoni Denison\AppData\Roaming\Adobe
2017-12-27 21:18 - 2015-12-03 07:34 - 000000000 ____D C:\ProgramData\pv
2017-12-27 21:17 - 2017-11-28 12:20 - 000000000 ___RD C:\Users\Keoni Denison\3D Objects
2017-12-27 21:17 - 2015-09-10 00:42 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-12-27 21:16 - 2017-11-28 12:05 - 005646680 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-12-27 21:16 - 2015-06-11 14:52 - 000000698 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1137034981-1362270290-743441989-1001.job
2017-12-27 21:16 - 2015-01-26 09:52 - 000000602 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1137034981-1362270290-743441989-1001.job
2017-12-27 21:15 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\TextInput
2017-12-27 21:15 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-12-27 21:15 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-12-27 21:15 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-12-27 21:15 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-12-27 21:15 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-12-27 21:15 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-12-27 21:15 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\Provisioning
2017-12-27 21:15 - 2017-09-29 08:46 - 000000000 ____D C:\Program Files\Windows Defender
2017-12-27 21:15 - 2017-09-29 08:46 - 000000000 ____D C:\PerfLogs
2017-12-27 21:15 - 2017-09-29 03:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2017-12-27 20:46 - 2017-11-29 08:03 - 000001309 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2017-12-23 17:49 - 2014-10-23 12:58 - 000000000 ____D C:\Users\Keoni Denison\AppData\Local\VirtualStore
2017-12-21 05:30 - 2017-11-28 12:18 - 000003870 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-1137034981-1362270290-743441989-1001
2017-12-21 05:30 - 2017-11-28 12:18 - 000003774 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-1137034981-1362270290-743441989-1001
2017-12-17 15:07 - 2017-09-29 08:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-12-16 20:35 - 2015-06-15 10:45 - 000000000 ____D C:\Users\Keoni Denison\AppData\Roaming\Apple Computer
2017-12-15 07:09 - 2014-10-23 14:23 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-12-15 07:02 - 2017-10-11 07:35 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-12-15 07:02 - 2014-10-23 14:23 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-12-14 07:05 - 2017-09-29 08:42 - 001587200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-12-14 07:05 - 2017-09-29 08:41 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-12-14 07:05 - 2017-09-29 08:41 - 000139672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-12-14 07:05 - 2017-09-29 08:41 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2017-12-14 07:01 - 2014-10-29 20:04 - 000002283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-12-08 07:17 - 2017-11-28 12:18 - 000003380 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1137034981-1362270290-743441989-1001
2017-12-08 07:17 - 2015-09-26 16:54 - 000002438 _____ C:\Users\Keoni Denison\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-12-08 07:17 - 2015-09-26 16:54 - 000000000 ___RD C:\Users\Keoni Denison\OneDrive
2017-12-08 06:30 - 2014-10-23 15:37 - 000000000 ____D C:\ProgramData\Adobe
2017-12-08 06:29 - 2017-11-29 08:03 - 000000000 ____D C:\Program Files (x86)\Adobe
2017-12-07 08:20 - 2016-01-27 11:35 - 000000000 ____D C:\Users\Keoni Denison\Desktop\bids
2017-12-07 07:49 - 2017-11-28 12:18 - 000000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2017-12-07 07:49 - 2017-09-29 08:46 - 000000000 __RSD C:\WINDOWS\media
2017-12-06 07:10 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-12-05 20:11 - 2017-12-04 07:30 - 000000000 ____D C:\Program Files\Plumbytes Software
2017-12-05 20:08 - 2017-06-06 08:35 - 000031152 _____ C:\WINDOWS\system32\Drivers\pmxdrv.sys

==================== Files in the root of some directories =======

2017-12-15 07:52 - 2017-12-15 07:52 - 001652224 _____ (ELEKS) C:\Users\Keoni Denison\AppData\Roaming\a0754ca9.exe
2014-10-23 12:59 - 2014-11-04 20:40 - 000001533 _____ () C:\Users\Keoni Denison\AppData\Roaming\AbsoluteReminder.xml
2015-10-06 07:22 - 2018-01-04 10:58 - 000000034 _____ () C:\Users\Keoni Denison\AppData\Roaming\AdobeWLCMCache.dat
2017-12-15 11:06 - 2017-12-20 07:23 - 005399697 _____ () C:\Users\Keoni Denison\AppData\Roaming\cached-microdescs
2016-11-10 12:11 - 2016-11-10 12:11 - 000000687 _____ () C:\Users\Keoni Denison\AppData\Roaming\Contact Sheet II.xml
2016-11-10 12:11 - 2016-11-10 12:17 - 000016989 _____ () C:\Users\Keoni Denison\AppData\Roaming\ContactSheetII.log
2015-10-26 06:29 - 2015-10-26 06:29 - 000000112 _____ () C:\Users\Keoni Denison\AppData\Roaming\JP2K CS6 Prefs
2016-03-13 15:48 - 2016-03-13 15:48 - 238722213 _____ () C:\Users\Keoni Denison\AppData\Local\ACCCx3_5_1_209.zip.aamdownload
2016-03-13 15:48 - 2016-03-13 15:48 - 000002741 _____ () C:\Users\Keoni Denison\AppData\Local\ACCCx3_5_1_209.zip.aamdownload.aamd
2017-07-12 10:43 - 2017-07-12 10:43 - 331479536 _____ () C:\Users\Keoni Denison\AppData\Local\ACCCx4_1_1_202.zip.aamdownload
2017-07-12 10:43 - 2017-07-12 10:43 - 000003693 _____ () C:\Users\Keoni Denison\AppData\Local\ACCCx4_1_1_202.zip.aamdownload.aamd
2014-11-04 15:42 - 2017-12-29 11:34 - 000001456 _____ () C:\Users\Keoni Denison\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-10-23 12:58 - 2014-10-23 12:58 - 000000193 _____ () C:\Users\Keoni Denison\AppData\Local\RegisteredPackageInformation.xml
2015-07-24 16:26 - 2015-07-24 16:26 - 000000017 _____ () C:\Users\Keoni Denison\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-12-29 09:49

==================== End of FRST.txt ============================



#4 kalvix

kalvix
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:58 AM

Posted 04 January 2018 - 12:20 PM

reposted Additional Log with Firefox Closed:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02.01.2018
Ran by Keoni Denison (04-01-2018 12:15:34)
Running from C:\Users\Keoni Denison\Downloads
Windows 10 Home Version 1709 16299.125 (X64) (2017-11-28 17:20:11)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1137034981-1362270290-743441989-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1137034981-1362270290-743441989-503 - Limited - Disabled)
Guest (S-1-5-21-1137034981-1362270290-743441989-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1137034981-1362270290-743441989-1003 - Limited - Enabled)
Keoni Denison (S-1-5-21-1137034981-1362270290-743441989-1001 - Administrator - Enabled) => C:\Users\Keoni Denison
WDAGUtilityAccount (S-1-5-21-1137034981-1362270290-743441989-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.3.0.1 - Absolute Software)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.23 - Adobe Systems)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.0.327 - Adobe Systems Incorporated)
Adobe Illustrator (HKLM\...\{780AAB64-C5AB-4CC5-9096-02F8671E5179}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_1_0) (Version: 21.1.0 - Adobe Systems Incorporated)
Adobe InDesign CC 2018 (HKLM-x32\...\IDSN_13_0) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
ANT Drivers Installer x64 (HKLM\...\{7664AF65-7B0D-4171-9F0F-50455278B428}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Citrix Online Launcher (HKLM-x32\...\{AFB80939-4486-49D8-A04E-2B05C0F2DE39}) (Version: 1.0.252 - Citrix)
Connect2 (HKLM-x32\...\Connect2_is1) (Version: 4.2.0.3818 - Lenovo)
Cutting Master 3 (HKLM-x32\...\{4337BF9E-04A8-4A3E-9F1D-ECCDF0E7BC84}) (Version: 2.1.264 - Graphtec Corporation)
Dell 2145cn Color Laser MFP (HKLM-x32\...\Dell 2145cn Color Laser MFP) (Version:  - DELL Inc.)
Dependency Package Update (HKLM-x32\...\{3117B53D-A409-4D99-A0DE-11A1A40696FA}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4430150F-61B3-4142-BE04-EAC68C8DDA18}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4AF6C9BC-D8DB-4286-94D9-474CE54ADAA2}) (Version: 1.6.38.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{503B47A9-E34A-4841-ADD7-417191D5DB5E}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{546FF45D-2467-4950-AAFB-0A06ACBB6B2C}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5B2190E9-199D-450A-94B3-4D6826C770C2}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5BEFE1E1-F597-4B79-913B-15FFDB25B744}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{63DE35C9-B080-4D03-B110-99E14FD35BCE}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{65316098-0220-4D5C-B37A-6136083A0897}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{E966DBE4-5075-465E-BA81-BC9A3A3204B3}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7/8 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
Elevated Installer (HKLM-x32\...\{1052502B-4C91-43F9-B160-AE39ED57C9F0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Esko ai-cut for Adobe Illustrator (HKLM-x32\...\Esko ai-cut for Adobe Illustrator) (Version:  - Esko)
Esko CT-LP plug-in for Adobe Photoshop (HKLM-x32\...\Esko CT-LP plug-in for Adobe Photoshop) (Version:  - )
Esko Data Exchange for Adobe Illustrator (HKLM-x32\...\Esko Data Exchange for Adobe Illustrator) (Version:  - Esko)
Esko Shell Extension plugin for previewing .ct files (HKLM-x32\...\Esko Shell Extension plugin for previewing .ct files) (Version:  - )
Garmin Express (HKLM-x32\...\{BCC7CA85-E57F-452D-BB44-15A1CE018BD0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{bd8bd200-9a60-4969-b267-6b565f36e3da}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express Tray (HKLM-x32\...\{DA9C865D-6762-4931-8588-0B13B7A0796B}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Gesture Control (HKLM-x32\...\{1C0D7E21-47A2-4975-8824-FBA18BBA4B1F}) (Version: 4.0.116.3 - Lenovo)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.84 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GoPro Studio (HKLM-x32\...\{7BDB9575-D4C8-42B0-84EA-1CD654F63637}) (Version: 5.10.4320 - GoPro, Inc.) Hidden
GoToMeeting 8.19.0.8126 (HKU\S-1-5-21-1137034981-1362270290-743441989-1001\...\GoToMeeting) (Version: 8.19.0.8126 - LogMeIn, Inc.)
HP Officejet 7610 series Basic Device Software (HKLM\...\{3507BAF4-20F8-4AAC-8B4B-C61D67607728}) (Version: 29.1.971.39251 - Hewlett-Packard Co.)
HP Support Solutions Framework (HKLM-x32\...\{44157EB3-D8D0-4BB1-B0F5-AD2C38814ED1}) (Version: 11.51.0027 - Hewlett-Packard Company)
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.42 - Softex Inc.) Hidden
Integrated Camera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10247 - Realtek Semiconductor Corp.)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1015 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1163 - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 20.2 - Intel)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.253.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{12415e07-c869-4438-9d99-b55261706671}) (Version: 19.1.0 - Intel Corporation)
iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.05 - )
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.5.0 - Lenovo)
Lenovo HID HW Radio Driver 1.0.0.58 (HKLM\...\{E5325F32-D15A-4131-B029-4A5B7609E532}_is1) (Version: 1.0.0.58 - Lenovo)
Lenovo Multimedia and Communications Core Runtime (HKLM\...\{033DC0E0-DA89-4C33-B66C-89B64D312CD1}_is1) (Version: 5.0.13.94 - Lenovo Corporation)
Lenovo On Screen Display (HKLM\...\OnScreenDisplay) (Version: 8.85.03 - Lenovo)
Lenovo Patch Utility (HKLM-x32\...\{E8F27ADF-B1ED-41AF-A7EF-D5E71778480C}) (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (HKLM\...\{053ACA98-6B07-4DD0-9DB3-F51E3EB1780C}) (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.12.16 - Lenovo) Hidden
Lenovo QuickControl (HKLM-x32\...\{4855C42F-5197-4AAD-A50D-5066D2CC4647}) (Version: 1.10 - Lenovo Group Limited)
Lenovo Settings - Camera Audio (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 4.3.19.209 - Lenovo Corporation)
Lenovo Settings - Location Awareness (HKLM-x32\...\{C79D4402-E622-4922-9C02-89F9080BF081}_is1) (Version: 1.4.0.5 - Lenovo Group Limited)
Lenovo Settings - Power (HKLM-x32\...\{A6CFC34A-56EE-4AF5-8C49-995F59E6A160}) (Version: 2.00.000 - Lenovo) Hidden
Lenovo Settings Dependency Package (HKLM\...\{3694BA2E-BE31-4B7E-886B-A0B559E69D4D}_is1) (Version: 2.3.3.33 - Lenovo Group Limited)
Lenovo Settings Mobile Hotspot (HKLM\...\{42603F7D-B08D-436B-B0D8-3E2DEF1AFD41}_is1) (Version: 2.3.0.85 - Lenovo)
Lenovo Settings Service (HKLM\...\{8C6F1EBA-17F1-4481-B688-9777E63E985F}_is1) (Version: 2.3.3.7 - Lenovo Group Limited)
Lenovo Settings UMDF driver (HKLM\...\{2BDC7413-65EA-4B99-8C4B-02F11075BE6D}_is1) (Version: 1.2.0.7 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0065 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0012.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0011.00 - Lenovo)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0011.00 - Lenovo Group Limited) Hidden
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4981.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1137034981-1362270290-743441989-1001\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{49e969a1-2990-464d-92b5-25f6f34573c6}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{d2c8df0e-f15d-4426-9e51-f13f329f9cb4}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25711 (HKLM-x32\...\{1bffbfc8-3cfb-4b1d-aca9-64f1c7c9f811}) (Version: 14.12.25711.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25711 (HKLM-x32\...\{f381fb0a-b38e-44ab-bca5-7f651c8c6b93}) (Version: 14.12.25711.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 57.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 57.0.3 (x64 en-US)) (Version: 57.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.3.6569 - Mozilla)
Mystery Case Files &reg;: 13th Skull ™ (HKLM-x32\...\BFG-Mystery Case Files - 13th Skull) (Version:  - )
Office 15 Click-to-Run Extensibility Component (HKLM\...\{90150000-008C-0000-1000-0000000FF1CE}) (Version: 15.0.4981.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-007E-0000-1000-0000000FF1CE}) (Version: 15.0.4981.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM\...\{90150000-008C-0409-1000-0000000FF1CE}) (Version: 15.0.4981.1001 - Microsoft Corporation) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 4.7 - PowerISO Computing, Inc.)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Quik (HKLM\...\{6249867C-ACE2-4400-AD50-4D6945A8EA8A}) (Version: 0.1.4320 - GoPro, Inc.) Hidden
Quik (HKLM-x32\...\{0d91b40f-e179-491c-a726-cd71dc297e8a}) (Version: 2.0.0.4320 - GoPro, Inc.)
Readiris Pro 10 (HKLM-x32\...\{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}) (Version:  - )
Redemption Cemetery: Curse of the Raven (HKLM-x32\...\BFG-Redemption Cemetery - Curse of the Raven) (Version:  - )
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype Meetings App (HKLM-x32\...\{D194F3F7-A3E3-4D33-97D6-A37725DAEC25}) (Version: 16.2.0.172 - Microsoft Corporation)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.104 - Skype Technologies S.A.)
SmarThru Office (HKLM-x32\...\{9BC1E722-AE07-46A3-B7A6-556DBE18E22A}) (Version: 2.02.005 - Samsung Electronics Co., Ltd.)
SmarThru Office PC Fax (HKLM-x32\...\SmarThru Office PC Fax) (Version:  - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.115 - Synaptics Incorporated)
Synaptics WBF DDK 5011 (HKLM\...\{4D70781C-36A9-4335-9568-565C6F61B5EB}) (Version: 4.5.285.0 - )
Synaptics WBF DDK 5011 (HKLM\...\{D6FED322-4EA0-48AE-A5AC-BC381D7048CF}) (Version: 4.5.285.0 - Synaptics)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version:  - )
Synology Cloud Station (remove only) (HKLM\...\Synology Cloud Station) (Version: 3.2.3482 - Synology, Inc.)
Synology Cloud Station (remove only) (HKU\S-1-5-21-1137034981-1362270290-743441989-1001\...\Synology CloudStation) (Version:  - )
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
ThinkPad OneLink Dock (HKLM-x32\...\{8E1CACF5-2493-4950-9AD5-189903FE57E7}) (Version: 1.08.24 - Lenovo)
Treasure Seekers: The Time Has Come (HKLM-x32\...\BFG-Treasure Seekers - The Time Has Come) (Version:  - )
Undelete 360 (HKLM-x32\...\Undelete 360_is1) (Version:  - File Recovery Ltd.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{61702639-6539-473A-8FE5-618E194C0069}) (Version: 2.7.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{B7AFAF92-D1C8-49A0-B34A-B5DAF9C9D5C6}) (Version: 1.9.0.0 - Microsoft Corporation) Hidden
VFW_Codec32 (HKLM-x32\...\{FCA86F94-8BCA-491D-AFF9-90921796FCD8}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden
VFW_Codec64 (HKLM\...\{341735D3-32CF-41BC-8C9B-FDE3975452DB}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22314 - Microsoft Corporation)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices  (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012  - GoPro)
Windows Driver Package - Intel (e1dexpress) Net  (07/02/2013 12.9.16.0) (HKLM\...\023677FE062B918F6118988706661111844C0205) (Version: 07/02/2013 12.9.16.0 - Intel)
Windows Driver Package - Intel Corporation (iaStorA) HDC  (08/01/2013 12.8.0.1016) (HKLM\...\C8A921233C0C441A4E4EAABC2AB08C872FD77A6E) (Version: 08/01/2013 12.8.0.1016 - Intel Corporation)
Windows Driver Package - Lenovo 1.67.04.04 (11/07/2013 1.67.04.04) (HKLM\...\70FB73D983446AEE2932B0ED51A770D1BD1348DA) (Version: 11/07/2013 1.67.04.04 - Lenovo)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Driver Package - Synaptics (SmbDrv) System  (10/23/2013 17.0.12.52) (HKLM\...\546FF7E8ABB3021DB74C663BFEAB0780589F2990) (Version: 10/23/2013 17.0.12.52 - Synaptics)
Windows Driver Package - Synaptics (SynTP) Mouse  (10/23/2013 17.0.12.52) (HKLM\...\D4AF752691BC44E5CA6E33BDDD57F0845B4AEBFE) (Version: 10/23/2013 17.0.12.52 - Synaptics)
Zund Design Center Plug-In For Adobe Illustrator (HKLM\...\{8AC87498-DF4A-4E65-BB08-342BE863F456}) (Version: 2.3.269 - Zund Systemtechnik) Hidden
Zund Design Center Plug-In For Adobe Illustrator (HKLM-x32\...\Zund Design Center Plug-In For Adobe Illustrator 2.3.269) (Version: 2.3.269 - Zund Systemtechnik)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Keoni Denison\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\Keoni Denison\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\ContextMenu.dll ()
CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{3E3AD4BD-346A-460A-80E8-90699B75C00B}\InprocServer32 -> C:\Users\Keoni Denison\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.172\GatewayActiveX-x64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\Keoni Denison\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\Keoni Denison\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Keoni Denison\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Keoni Denison\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Keoni Denison\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Keoni Denison\AppData\Local\Citrix\GoToMeeting\3911\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Keoni Denison\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Keoni Denison\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\Keoni Denison\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\Keoni Denison\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\Keoni Denison\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Keoni Denison\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Keoni Denison\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{cece6816-6107-4dc7-bdbc-20cd5ae1ffed}\localserver32 -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoAppPromotionPlugin\x64\DesktopToastsHelper.exe => No File
CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-1137034981-1362270290-743441989-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Keoni Denison\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\Keoni Denison\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2016-04-16] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\Keoni Denison\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2016-04-16] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\Keoni Denison\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2016-04-16] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\Keoni Denison\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2016-04-16] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\Keoni Denison\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2016-04-16] (TODO: <Company name>)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-11-21] (Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2010-04-22] (PowerISO Computing, Inc.)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2010-04-22] (PowerISO Computing, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-23] (Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2010-04-22] (PowerISO Computing, Inc.)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers1_S-1-5-21-1137034981-1362270290-743441989-1001: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\Keoni Denison\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\ContextMenu.dll [2016-04-16] ()
ContextMenuHandlers6_S-1-5-21-1137034981-1362270290-743441989-1001: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\Keoni Denison\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\ContextMenu.dll [2016-04-16] ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0549C139-B1DF-47F0-B32F-BD950F5C1C0E} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-08-03] (Realtek Semiconductor)
Task: {0759CA7E-DC7F-4B9B-B49A-D12BF0D4782F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {08022775-95CD-4C6C-97AF-CFF74844D654} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {0AE5CE45-DA9C-4C23-8281-BB088799188C} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {1DD0C8EC-685F-4CBA-8749-C8FCAAAAFB44} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {2441BFC7-00E7-4FBD-946B-B5FD873BC61D} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-03-28] ()
Task: {2546B2E6-07DC-4386-8182-6A9ABE968D47} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {255C398B-3DDB-410F-9DC6-B7C6455BE288} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {26AB4791-6F90-4926-8AB9-6F4CC6032982} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-08-03] (Realtek Semiconductor)
Task: {31D05FEF-E62A-4FE7-811E-7B8F4FC88558} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-09-05] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3F771CEF-21F8-4272-B34A-17D938452668} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-09-05] (Microsoft Corporation)
Task: {407DEA18-ED6F-4427-B725-6AFE603B6102} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-06-02] (Lenovo)
Task: {47FAB8BB-2948-48F5-AF5B-409FF1938C78} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-01] (Lenovo)
Task: {52A82BA8-A2DC-44BF-AEA1-1EF2E83B1A05} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {588F3ADC-A829-40DC-9763-58A9E6714FD8} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {664A6187-A0D4-4066-AB56-E2A477EFC457} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\a5f958a6-7add-4bf4-ad4d-b4a156594506 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-11-12] (Lenovo Group Limited)
Task: {66DE3422-018E-40FA-9063-0792B802FF15} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c59a20bb-0c12-4660-be53-ee8fc5910764 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-11-12] (Lenovo Group Limited)
Task: {71EA4F44-CF49-4FD2-930A-09AABF700AA6} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-06-02] ()
Task: {7651144D-4E9E-4678-90D5-7F41BCB38B06} - System32\Tasks\G2MUpdateTask-S-1-5-21-1137034981-1362270290-743441989-1001 => C:\Users\Keoni Denison\AppData\Local\GoToMeeting\8126\g2mupdate.exe [2017-12-21] (LogMeIn, Inc.)
Task: {7AC92881-63B7-48E4-AC47-EA3C5CD980F4} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: {7D0E4EFB-F945-40E1-B60F-7774E93E54AB} - System32\Tasks\Lenovo\Lenovo Hardware Settings => "C:\WINDOWS\system32\rundll32.exe" "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
Task: {89B4322F-6EB1-4450-B0CE-668F31A418D1} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {8E05EDFA-A74B-43B1-B5F7-7DD337747E14} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {8E0E3250-F9B5-4F1B-AEF0-42347C616255} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe
Task: {941ADE57-22EA-489A-A43E-0C0089FB48A7} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {94819403-12D7-4AD9-A023-64D2C29E9C0B} - System32\Tasks\Lenovo\Gesture Control => C:\Program Files (x86)\eyeSight\Gesture Control\GestureControl.exe [2013-10-31] (Lenovo)
Task: {976AF5C7-68A9-4003-B03A-BB3AD5655EC7} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {9A0BA22D-9EA8-419C-BC5A-799F758E5CFB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {9A40AD4E-2288-427D-9C12-925C956E8741} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-03-14] (Microsoft Corporation)
Task: {A3EBFA37-40BF-40F8-BB11-2FCDE4C7CA1E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {A43445AB-9B92-462D-891E-803B2B3A5638} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-08-16] ()
Task: {A6AA7EE1-AE0B-4CE8-9285-DDCB93700EB2} - System32\Tasks\Lenovo\Lenovo Settings Power => "C:\WINDOWS\system32\rundll32.exe" "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
Task: {A78978A8-444C-412A-8C9B-F68321AB81B9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-03-14] (Microsoft Corporation)
Task: {AAAAB6BF-298D-4B30-A544-F594E5012D4B} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2016-01-08] (Lenovo)
Task: {AD250AB0-9354-4F68-8567-FBC1BAE9434E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-12-15] (Microsoft Corporation)
Task: {B17469BE-9FB5-47D9-B58C-4CEBFD65C602} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {B34C5E19-4695-4CA1-BE95-924AC710F955} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B9DB7AEA-171E-4F4D-9B4B-280D1CF9FF8E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {BBA7D931-D02A-46F9-BF8E-D8DFE9449200} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {C0C9340D-F968-4C90-BED8-02977E8030E7} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {C202914B-E1A2-406C-87C3-04A00AD733A4} - System32\Tasks\Lenovo\Experience Improvement Logon => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2013-09-06] (Lenovo)
Task: {C69E18B2-F1D3-43DD-96B5-3F8D0B9EB00B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {D5C8FB1E-98B0-4564-AA1D-ED8E0B25F4C7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1137034981-1362270290-743441989-1001UA => C:\Users\Keoni Denison\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-09] (Google Inc.)
Task: {DCDE67FC-E7C8-4A01-9BFE-41FFA0BAC02A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {DDE7DE13-4694-473F-BCFC-F40869E0F9CE} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2016-10-03] (Synaptics Incorporated)
Task: {DF470FBE-C4EA-4F2B-BC01-7D56F4371A3C} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-08-16] ()
Task: {DFC93D4B-AA98-4226-A54E-1198E9B92E0C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {E4B9EE89-19B1-4A38-B513-B56C327CA6C1} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {EAD0FCEB-609C-4F1A-A92A-8D86C95BC0DF} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\d0fd586f-246c-4275-a761-b4dee6c97276 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-11-12] (Lenovo Group Limited)
Task: {F00DFE86-5D3A-44A0-B07C-139DEC8F312C} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {F1E48979-9837-4115-AFF8-06970AC79219} - System32\Tasks\G2MUploadTask-S-1-5-21-1137034981-1362270290-743441989-1001 => C:\Users\Keoni Denison\AppData\Local\GoToMeeting\8126\g2mupload.exe [2017-12-21] (LogMeIn, Inc.)
Task: {F7C947E1-F1D5-4656-9A14-90D4E2B843BE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1137034981-1362270290-743441989-1001Core => C:\Users\Keoni Denison\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-09] (Google Inc.)
Task: {FD06E9FD-3FDC-4379-823E-AF44D9824817} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1137034981-1362270290-743441989-1001.job => C:\Users\Keoni Denison\AppData\Local\GoToMeeting\8126\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1137034981-1362270290-743441989-1001.job => C:\Users\Keoni Denison\AppData\Local\GoToMeeting\8126\g2mupload.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-09-29 08:41 - 2017-09-29 08:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2014-11-03 08:47 - 2012-10-26 22:26 - 000034304 _____ () C:\WINDOWS\System32\sdg1cl6.dll
2015-07-29 14:17 - 2009-06-24 12:38 - 000177664 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\DP2145U.DLL
2017-05-08 23:44 - 2017-05-08 23:44 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-05-08 23:44 - 2017-05-08 23:44 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-11-04 20:53 - 2017-01-17 04:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-12-17 02:26 - 2014-12-17 02:26 - 000248736 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
2017-12-10 04:33 - 2017-12-10 04:33 - 000630784 ____N () C:\ProgramData\switcher-4\switcher-5.exe
2016-06-10 01:41 - 2016-06-10 01:41 - 000491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2014-11-15 18:50 - 2017-01-31 07:34 - 008909512 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2016-04-16 08:11 - 2016-04-16 08:11 - 001047552 _____ () C:\Users\Keoni Denison\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\ContextMenu.dll
2017-01-09 07:28 - 2017-11-16 08:03 - 000201000 _____ () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL
2016-10-11 22:48 - 2016-10-11 22:48 - 000866224 _____ () C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe
2017-05-09 02:05 - 2017-05-09 02:05 - 000092472 _____ () C:\Program Files\iTunes\zlib1.dll
2017-05-09 02:05 - 2017-05-09 02:05 - 001354040 _____ () C:\Program Files\iTunes\libxml2.dll
2014-10-23 15:32 - 2013-10-09 20:31 - 000915968 ____N () C:\Program Files (x86)\Lenovo\OneLink Dock\onelinkpromgn.exe
2013-03-25 19:42 - 2013-03-25 19:42 - 000633320 _____ () C:\Windows\Dell\PanelMgr\SSMMgr.exe
2012-09-22 18:42 - 2012-09-22 18:42 - 000312128 _____ () C:\Windows\Dell\PanelMgr\caller64.exe
2017-07-11 12:01 - 2017-08-16 14:07 - 000023928 _____ () C:\Program Files (x86)\Lenovo\System Update\SUService.exe
2016-10-11 22:48 - 2016-10-11 22:48 - 000037808 _____ () C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
2013-10-09 16:38 - 2015-01-09 15:40 - 000469720 _____ () C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
2013-10-09 16:38 - 2015-01-09 15:40 - 000013528 _____ () C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
2017-05-17 13:34 - 2017-06-27 12:00 - 000402624 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream64.dll
2017-11-28 10:49 - 2017-11-28 10:49 - 000975872 _____ () C:\WINDOWS\system32\FaceProcessor.dll
2017-11-28 10:49 - 2017-11-28 10:49 - 000269696 _____ () C:\WINDOWS\system32\FaceProcessorCore.dll
2017-09-29 08:41 - 2017-09-29 08:41 - 001357464 _____ () C:\WINDOWS\system32\FaceTrackerInternal.dll
2017-11-01 09:27 - 2017-11-01 09:27 - 004891768 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\PDFMaker\Common\X64\AdobePDFMakerX.dll
2014-11-15 18:47 - 2015-05-05 06:45 - 002210480 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\tmpod.dll
2017-09-22 04:59 - 2017-11-21 06:28 - 001437896 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\ADDINS\UmOutlookAddin.dll
2017-12-14 07:04 - 2017-11-26 07:23 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-14 07:04 - 2017-11-26 07:01 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-01-03 07:15 - 2018-01-03 07:15 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-01-03 07:15 - 2018-01-03 07:15 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-08-17 10:08 - 2012-08-23 09:38 - 000574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-08-17 10:08 - 2014-05-13 11:04 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-08-17 10:08 - 2014-05-13 11:04 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-08-17 10:08 - 2014-05-13 11:04 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-08-17 10:08 - 2012-04-03 16:06 - 000565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2017-12-08 07:17 - 2017-12-08 07:17 - 000102088 _____ () C:\Users\Keoni Denison\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\UpdateRingSettings.dll
2015-08-14 02:17 - 2015-08-14 02:17 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-10-23 15:41 - 2015-01-07 09:29 - 002201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll
2014-10-23 15:41 - 2015-01-07 09:29 - 002085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\TEMP:512E1728 [412]
AlternateDataStreams: C:\ProgramData\TEMP:9BAC4211 [426]
AlternateDataStreams: C:\ProgramData\TEMP:B54E4B5A [454]
AlternateDataStreams: C:\ProgramData\TEMP:BE6B5FC3 [464]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2017-12-08 07:21 - 000002006 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1137034981-1362270290-743441989-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Keoni Denison\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-1137034981-1362270290-743441989-1001\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9BCC2ED9-8831-4ECD-99E4-43FD6FD1F7CD}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{369169E4-D63A-4434-AE74-A34B43CD5A35}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{8F7397A4-53E4-4746-AB8A-3842BD08D81B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{57B44C01-5F4D-4008-88C9-9FB0032904A0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CBBA1779-2C7D-48BA-B82A-300751C31684}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5F3619CB-D5E6-44A1-924E-FC5764CD4100}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C7484A54-0F06-43CA-BC1B-ADC0DC72263D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B5C06ED4-6221-4BC0-A722-FD2D967CEAE5}] => (Allow) C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe
FirewallRules: [{1E618296-92E9-428B-8847-FFB7D7BC56D1}] => (Allow) C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe
FirewallRules: [{12D15A3D-97F1-44B2-8C6A-48F3F36C6E4E}] => (Allow) C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe
FirewallRules: [{3435AFDB-17D7-4204-BDC2-EA597F7FDB1D}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe
FirewallRules: [{64D108CA-5FE0-494C-B8EF-2C675DA5C5E9}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe
FirewallRules: [{30078E5C-99DA-47DE-9949-09523EE5E4F4}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe
FirewallRules: [{79E2D74E-7446-46BC-8CE9-A1F068A804E8}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\Quik.exe
FirewallRules: [{9B7D3AD6-2455-4FAA-8764-2F1C2D44C054}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{7DCE1D6B-693E-404D-87E4-1B6F55AB2177}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{796671D3-7EC2-4725-AB6A-5D7884398E4A}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{12B5DAAB-E2FC-4B0A-A0FC-69E61A61097C}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{6BCCBC34-D0FB-4BD9-A1CE-D99EBFCCE02F}] => (Allow) C:\Windows\twain_32\Dell\ScanMgr.exe
FirewallRules: [{CBEF07C6-EDFD-4DC6-9414-38882D2CC4C9}] => (Allow) C:\Windows\twain_32\Dell\ScanMgr.exe
FirewallRules: [{B0354481-9076-4AA3-8348-8EC06F6F5357}] => (Allow) C:\Windows\twain_32\Dell\DELL2145\Sscan2io.exe
FirewallRules: [{9CC993C2-628E-48C8-84D8-F49E95FF5533}] => (Allow) C:\Windows\twain_32\Dell\DELL2145\Sscan2io.exe
FirewallRules: [{69011492-82F4-445A-86B8-0A3D01E64AFE}] => (Allow) C:\Windows\twain_32\Dell\DELL2145\Scan2Pc.exe
FirewallRules: [{F1C7717A-229C-4675-A338-6641E23B44BD}] => (Allow) C:\Windows\twain_32\Dell\DELL2145\Scan2Pc.exe
FirewallRules: [UDP Query User{0D79F41B-0D39-413D-B27E-99BB1F4E9855}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{FF363096-8AAF-432D-B4A8-95FFC329D2F5}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{896D6845-64C7-400E-9638-EF0B09AF39A6}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{4E304E1B-6585-4F5A-B318-3BC5F02BC7B8}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{8ED5C55A-BBF4-4D8C-8CD4-691AC5BBD699}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [TCP Query User{20391911-FD3A-44B2-955F-05837193BFCD}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [{7E785758-55C0-410D-AD33-5FE25E1E2986}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4878997D-E6A3-4EF3-9E53-F36423F45450}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{2BE449A5-B280-4603-9B38-66D424E6BCDE}C:\users\keoni denison\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Block) C:\users\keoni denison\appdata\local\cloudstation\app\bin\cloud-connect.exe
FirewallRules: [TCP Query User{61897281-99DC-41A9-8283-0052298ED58B}C:\users\keoni denison\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Block) C:\users\keoni denison\appdata\local\cloudstation\app\bin\cloud-connect.exe
FirewallRules: [{9D41BE52-2018-4942-8FE3-6E608B1F0FB0}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{631E8B29-BB20-4613-B8EE-B032F59ADE34}] => (Allow) C:\Program Files\HP\HP Officejet 7610 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{C60DE059-2EEA-414E-ABD5-BB49A37C1BBC}] => (Allow) C:\Program Files\HP\HP Officejet 7610 series\Bin\DeviceSetup.exe
FirewallRules: [{890235E6-469B-4311-A438-EA41B736C23B}] => (Allow) C:\Program Files\HP\HP Officejet 7610 series\bin\SendAFax.exe
FirewallRules: [{BFC55D33-EEB7-4084-AD02-E9E551D153B8}] => (Allow) C:\Program Files\HP\HP Officejet 7610 series\bin\DigitalWizards.exe
FirewallRules: [{DCAD0485-6B18-46E6-838A-AC8724C64FFC}] => (Allow) C:\Program Files\HP\HP Officejet 7610 series\bin\FaxApplications.exe
FirewallRules: [{93E9696A-3333-451A-AC61-A023C1328925}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
FirewallRules: [{FBEE843B-1D28-4224-9E13-1BC1C02217AC}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
FirewallRules: [{82344128-6E7A-4356-A39E-60283A77244E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1BB59230-3FB7-4676-B36B-A4C161A66173}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{407C6948-D5ED-4947-9E24-E17720E4174F}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{955A1305-C9B0-4FBC-95EE-71FA2E805F00}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{A72A587A-B207-434E-8F61-F3BC9BB3B6E0}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{C36F1143-0726-4055-9C30-2B27B39F1E46}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{AF7156B9-61E7-4635-B264-CB57A2619AA2}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F995AFCD-271A-47F7-BA57-96F1B98DE28B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

17-12-2017 15:06:36 Windows Update
27-12-2017 08:30:19 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

Name: Unknown USB Device (Device Descriptor Request Failed)
Description: Unknown USB Device (Device Descriptor Request Failed)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/04/2018 12:14:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Faulting module name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Exception code: 0xc0000005
Fault offset: 0x0000000000005b10
Faulting process id: 0x1294
Faulting application start time: 0x01d3856d15f161f1
Faulting application path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Faulting module path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report Id: 1aebd619-05d7-4520-8e1f-43a247ccb18c
Faulting package full name:
Faulting package-relative application ID:

Error: (01/04/2018 12:14:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Faulting module name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Exception code: 0xc0000005
Fault offset: 0x0000000000005b10
Faulting process id: 0x1294
Faulting application start time: 0x01d3856d15f161f1
Faulting application path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Faulting module path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report Id: 18aac647-1b7c-4fba-beed-5f2eb45d8dca
Faulting package full name:
Faulting package-relative application ID:

Error: (01/04/2018 12:14:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Faulting module name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Exception code: 0xc0000005
Fault offset: 0x0000000000005b10
Faulting process id: 0x1294
Faulting application start time: 0x01d3856d15f161f1
Faulting application path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Faulting module path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report Id: ffe73a68-f43a-42b6-819b-5a656d233666
Faulting package full name:
Faulting package-relative application ID:

Error: (01/04/2018 12:14:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Faulting module name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Exception code: 0xc0000005
Fault offset: 0x0000000000005b10
Faulting process id: 0x1294
Faulting application start time: 0x01d3856d15f161f1
Faulting application path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Faulting module path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report Id: ab850e19-79d0-4838-ba42-9e4a7da23dc1
Faulting package full name:
Faulting package-relative application ID:

Error: (01/04/2018 12:13:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Faulting module name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Exception code: 0xc0000005
Fault offset: 0x0000000000005b10
Faulting process id: 0x1294
Faulting application start time: 0x01d3856d15f161f1
Faulting application path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Faulting module path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report Id: 5cb58b8f-e333-40fd-ac05-4d7f20ed1461
Faulting package full name:
Faulting package-relative application ID:

Error: (01/04/2018 12:13:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Faulting module name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Exception code: 0xc0000005
Fault offset: 0x0000000000005b10
Faulting process id: 0x1294
Faulting application start time: 0x01d3856d15f161f1
Faulting application path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Faulting module path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report Id: bfcd2e01-94ce-4967-8c14-6d3c363dfa8b
Faulting package full name:
Faulting package-relative application ID:

Error: (01/04/2018 12:13:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Faulting module name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Exception code: 0xc0000005
Fault offset: 0x0000000000005b10
Faulting process id: 0x1294
Faulting application start time: 0x01d3856d15f161f1
Faulting application path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Faulting module path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report Id: 3b027c51-1d76-4747-9ac6-aebc3302dbcf
Faulting package full name:
Faulting package-relative application ID:

Error: (01/04/2018 12:13:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Faulting module name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Exception code: 0xc0000005
Fault offset: 0x0000000000005b10
Faulting process id: 0x1294
Faulting application start time: 0x01d3856d15f161f1
Faulting application path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Faulting module path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report Id: 5234c563-1c9c-4979-9b9e-3784bd532447
Faulting package full name:
Faulting package-relative application ID:

Error: (01/04/2018 12:12:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Faulting module name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Exception code: 0xc0000005
Fault offset: 0x0000000000005b10
Faulting process id: 0x1294
Faulting application start time: 0x01d3856d15f161f1
Faulting application path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Faulting module path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report Id: ae575661-7e5e-48f5-85e3-8e63380e5663
Faulting package full name:
Faulting package-relative application ID:

Error: (01/04/2018 12:12:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Faulting module name: firefox.exe, version: 57.0.3.6569, time stamp: 0x5a421d09
Exception code: 0xc0000005
Fault offset: 0x0000000000005b10
Faulting process id: 0x1294
Faulting application start time: 0x01d3856d15f161f1
Faulting application path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Faulting module path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report Id: 4a2efb04-2967-47fe-9e4a-bb38c6bda09c
Faulting package full name:
Faulting package-relative application ID:


System errors:
=============
Error: (01/04/2018 12:12:05 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "LENOVO-PC      :0" could not be registered on the interface with IP address 192.168.1.205.
The computer with the IP address 192.168.1.155 did not allow the name to be claimed by
this computer.

Error: (01/04/2018 12:11:46 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/04/2018 12:06:49 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "LENOVO-PC      :0" could not be registered on the interface with IP address 192.168.1.205.
The computer with the IP address 192.168.1.155 did not allow the name to be claimed by
this computer.

Error: (01/04/2018 12:06:49 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "LENOVO-PC      :20" could not be registered on the interface with IP address 192.168.1.205.
The computer with the IP address 192.168.1.155 did not allow the name to be claimed by
this computer.

Error: (01/04/2018 12:06:49 PM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{E3DA4800-FEB9-4DA7-A025-7B8C27D01837} because another computer on the network has the same name.  The server could not start.

Error: (01/04/2018 11:42:38 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/04/2018 10:59:12 AM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: The server {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} did not register with DCOM within the required timeout.

Error: (01/04/2018 10:58:39 AM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: The server {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C} did not register with DCOM within the required timeout.

Error: (01/04/2018 10:58:16 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "LENOVO-PC      :0" could not be registered on the interface with IP address 192.168.1.205.
The computer with the IP address 192.168.1.155 did not allow the name to be claimed by
this computer.

Error: (01/04/2018 10:49:35 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "LENOVO-PC      :0" could not be registered on the interface with IP address 192.168.1.205.
The computer with the IP address 192.168.1.155 did not allow the name to be claimed by
this computer.


CodeIntegrity:
===================================
  Date: 2018-01-04 12:06:47.278
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-04 12:06:47.272
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-04 12:06:46.227
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-04 12:06:46.213
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-04 11:36:43.623
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-04 11:36:43.618
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-04 11:21:42.911
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-04 11:21:42.909
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-04 11:21:33.756
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-04 11:21:33.753
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

Processor: Intel® Core™ i5-4300U CPU @ 1.90GHz
Percentage of memory in use: 35%
Total physical RAM: 8071.77 MB
Available physical RAM: 5209.73 MB
Total Virtual: 32647.41 MB
Available Virtual: 28770.12 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:458.77 GB) (Free:52.87 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 7AB3F9F8)

Partition: GPT.

==================== End of Addition.txt ============================



#5 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:58 AM

Posted 04 January 2018 - 01:42 PM

:welcome: to BleepingComputer.

Hi there,

my name is Jo and I will help you with your computer problems.


Please follow these guidelines:
  • Read and follow the instructions in the sequence they are posted.
  • print or copy & save instructions.
  • back up all your private data / music / important files on another (external) drive before using our tools.
  • Do not install / uninstall any applications, unless otherwise instructed.
  • Use only that tools you have been instructed to use.
  • Copy and Paste the log files inside your post, unless otherwise instructed.
  • Ask for clarification, if you have any questions.
  • Stay with this topic til you get the all clean post.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

***


:step1: Please download Security Analysis by Rocket Grannie from here
  • Save it to your Desktop.
  • Close your security software to avoid potential conflicts.
  • Double click RGSA.exe
  • Click OK on the copyright-disclaimer
  • When finished, a Notepad window will open with the results of the scan.
  • The log named SALog.txt can also be found on the Desktop or in the same folder from where the tool is run if installed elsewhere.
  • Please copy and paste the contents of that log in this topic.
  • Note:
If you get a Warning from Windows about running the program, click on More info and then click Run Anyway to run it even though Windows says it might put your PC at risk.
 

***


:step2: Please download Malwarebytes Anti-Rootkit and save it to your desktop.
  • Be sure to print out and follow the instructions provided on that same page.
  • Caution: This is a beta version so please be sure to read the disclaimer and back up all your data before using.
  • Double click on downloaded file. OK self extracting prompt.
  • MBAR will start. Click in the introduction screen "next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
With some infections, you may see two messages boxes.
  • 'Could not load protection driver'. Click 'OK'.
  • 'Could not load DDA driver'. Click 'Yes' to this message, to allow the driver to load after a restart. Allow the computer to restart. Continue with the rest of these instructions.
  • If malware is found - do not press the Clean up button, please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.
  • If there is no malware found, please let me know as well.

***


:step3: Please download AdwCleaner by Xplode and save to your Desktop.
Double-click AdwCleaner.exe
Vista / Windows 7/8/10 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it.
    If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#6 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:58 AM

Posted 07 January 2018 - 06:21 AM

Hi,

it has been several days since I sent my last set of instructions to help with your computer problem.

Please let me know if you are having problems and still need help.

Note: Thread will be closed if no response after 3 days.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#7 kalvix

kalvix
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:58 AM

Posted 08 January 2018 - 04:54 PM

HI Jo,

thank you for your help

 

I'm here and was sick due to the freezing weather.

 

attached logs adwcleaner

SALog

Mbar Log

Attached Files


Edited by kalvix, 08 January 2018 - 05:31 PM.


#8 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:58 AM

Posted 08 January 2018 - 06:01 PM

Hello,

:step1: Run Malwarebytes Anti-Rootkit again: Double click mbar.exe to run the tool.
Vista / Windows 7/8/10 users right-click and select Run As Administrator.
  • Scan your system for malware
  • If malware is found, click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • then please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.
  • If there is no malware found, please let me know as well.

***


:step2: Double click on AdwCleaner.exe to run the tool again.
Vista / Windows 7/8/10 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[C#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

***


:step3: How the computer is running now?


***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#9 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:58 AM

Posted 12 January 2018 - 06:06 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#10 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:58 AM

Posted 22 January 2018 - 11:20 AM

re-opened

please follow instructions from post #8
https://www.bleepingcomputer.com/forums/t/667186/above-my-skill-level-to-correct-my-computer/#entry4418938

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#11 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:58 AM

Posted 27 January 2018 - 02:52 AM

Due to the lack of feedback, this topic is now permanently closed.

If you still have problems, please start a new topic.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users