Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by RG (administrator) on DESKTOP-NNGBV58 (23-03-2018 12:12:07)
Running from C:\Users\RG\Downloads
Loaded Profiles: RG (Available Profiles: john & RG)
Platform: Windows 10 Home Version 1703 15063.850 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(TOSHIBA CORPORATION) C:\Windows\System32\snnmagisvc.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k120836.inf_amd64_ccaf7e7e1e972b78\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(ExamSoft Worldwide Inc.) C:\Program Files (x86)\Examsoft\Examplify\Services\Examsoft.SoftShield.exe
(Logitech) C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe
(Pharos Systems International) C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\Photodex\ProShow Producer\scsiaccess.exe
(Hewlett-Packard) C:\Program Files (x86)\Examsoft\Softest 11.0\Examsoft.ShieldRunner.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k120836.inf_amd64_ccaf7e7e1e972b78\igfxEM.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Examsoft Worldwide Inc.) C:\Program Files (x86)\Examsoft\Softest 11.0\Examsoft.SoftShield.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1809.217.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k120836.inf_amd64_ccaf7e7e1e972b78\IntelCpHeciSvc.exe
(Spotify Ltd) C:\Users\RG\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
() C:\Users\RG\AppData\Local\vskbtin\vskbtin.exe
() C:\Users\RG\AppData\Local\snmbzhp\upbdlak.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(KeepSolid Inc.) C:\Program Files (x86)\VPN Unlimited\vpn-unlimited-daemon.exe
(Intel Corporation) C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell Inc.) C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Dell) C:\Program Files\Dell\Dell Product Registration\PRSvc.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11802.1001.11.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1709.2703.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Igor Pavlov) C:\Program Files\7-Zip\7zFM.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AcroCEF\AcroCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AcroCEF\AcroCEF.exe
(Microsoft Corporation) C:\Program Files\rempl\remsh.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.994_none_9e3edae32dc31172\TiWorker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes) C:\Users\RG\Downloads\AdwCleaner.exe
() C:\Users\RG\AppData\Local\vskbtin\avbcmrg.exe
() C:\Users\RG\AppData\Local\vskbtin\avbcmrg.exe
() C:\Users\RG\AppData\Local\vskbtin\avbcmrg.exe
() C:\Users\RG\AppData\Local\vskbtin\avbcmrg.exe
() C:\Users\RG\AppData\Local\vskbtin\avbcmrg.exe
() C:\Users\RG\AppData\Local\vskbtin\avbcmrg.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Farbar) C:\Users\RG\Downloads\FRST64 (1).exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9244152 2017-09-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1502712 2017-09-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1502712 2017-09-14] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3885616 2016-03-03] (Dell Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [723928 2017-01-26] (Waves Audio Ltd.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems, Incorporated)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [320584 2016-10-31] (Intel Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567936 2018-03-15] (Dropbox, Inc.)
HKLM-x32\...\Run: [QuickFinder Scheduler] => c:\Program Files (x86)\Corel\WordPerfect Office X8\Programs\QFSCHD180.EXE [235688 2016-04-11] (Corel Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1871344 2018-02-22] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-509284063-2352873921-1556801466-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [886768 2018-02-22] (Adobe Systems Incorporated)
HKU\S-1-5-21-509284063-2352873921-1556801466-1002\...\Run: [prsetup.exe] => "C:\Users\RG\AppData\Local\Temp\is-RG620.tmp\prsetup.exe" /logon <==== ATTENTION
HKU\S-1-5-21-509284063-2352873921-1556801466-1002\...\Run: [glossed] => "C:\Program Files (x86)\Kilbride\freely.exe"
HKU\S-1-5-21-509284063-2352873921-1556801466-1002\...\Run: [troubleshoot] => "C:\Program Files (x86)\nite\troubleshoot.exe"
HKU\S-1-5-21-509284063-2352873921-1556801466-1002\...\Run: [Spotify] => C:\Users\RG\AppData\Roaming\Spotify\Spotify.exe [21894544 2018-03-05] (Spotify Ltd)
HKU\S-1-5-21-509284063-2352873921-1556801466-1002\...\Run: [Spotify Web Helper] => C:\Users\RG\AppData\Roaming\Spotify\SpotifyWebHelper.exe [782736 2018-03-05] (Spotify Ltd)
HKU\S-1-5-21-509284063-2352873921-1556801466-1002\...\Run: [VPN Unlimited] => C:\Program Files (x86)\VPN Unlimited\vpn-unlimited-launcher.exe [390656 2018-02-08] (KeepSolid Inc.)
HKU\S-1-5-21-509284063-2352873921-1556801466-1002\...\MountPoints2: {602083e3-9734-11e7-aa77-c6fc230078ca} - "D:\Menschen A1 iZU Installer.exe"
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.10
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{15bfc9d1-0aa6-4c92-9c21-08421c9fb9cb}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{5bbd4e15-2a52-4717-8762-6edcfc7353cc}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{5bbd4e15-2a52-4717-8762-6edcfc7353cc}: [DhcpNameServer] 10.208.0.1
Tcpip\..\Interfaces\{bbf4e5d2-03c8-4459-b946-b38389474d39}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{bbf4e5d2-03c8-4459-b946-b38389474d39}: [DhcpNameServer] 192.168.1.10
Tcpip\..\Interfaces\{d81a3c86-8508-4bba-a698-475d94a38171}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{dba504f6-4bd4-4a10-8da7-a9d9c41911ad}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{f125daea-e93e-4866-a5e9-7ab74b60d3fb}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{f78f8f52-b489-11e7-be9a-806e6f6e6963}: [NameServer] 8.8.8.8
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-509284063-2352873921-1556801466-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell15.msn.com/?pc=DCTE
SearchScopes: HKLM -> DefaultScope {38F4ED6B-AFC0-495F-A68C-6F7B00D20D7F} URL =
SearchScopes: HKLM-x32 -> DefaultScope {38F4ED6B-AFC0-495F-A68C-6F7B00D20D7F} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-04-04] (Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-04-04] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-04-04] (Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-04-04] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-04-04] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-04-04] (Adobe Systems Incorporated)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 4huayhak.default
FF ProfilePath: C:\Users\RG\AppData\Roaming\Mozilla\Firefox\Profiles\4huayhak.default [2018-01-25]
FF Homepage: Mozilla\Firefox\Profiles\4huayhak.default -> hxxps://www.malwarebytes.org/restorebrowser//?serie=225&b=2&installkey=H4AjRzNivqBKxBw9HbbJ
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2018-02-22]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll [2016-07-17] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-01-24] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-01-24] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2018-02-22] (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\RG\AppData\Local\Google\Chrome\User Data\Default [2018-03-23]
CHR Extension: (Slides) - C:\Users\RG\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-24]
CHR Extension: (Docs) - C:\Users\RG\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-24]
CHR Extension: (Google Drive) - C:\Users\RG\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-24]
CHR Extension: (YouTube) - C:\Users\RG\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-24]
CHR Extension: (Facebook) - C:\Users\RG\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2018-01-24]
CHR Extension: (Adblock Plus) - C:\Users\RG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-01-26]
CHR Extension: (PDF Editor for Docs:Edit, Fill, Sign, Print) - C:\Users\RG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjboohgkgchdnfnjiaggdbkdmpieoagi [2018-01-24]
CHR Extension: (Spotify - Music for every moment) - C:\Users\RG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2018-01-24]
CHR Extension: (Adobe Acrobat) - C:\Users\RG\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-01-24]
CHR Extension: (Gmail Offline) - C:\Users\RG\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2018-01-24]
CHR Extension: (Google Calendar) - C:\Users\RG\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2018-01-24]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\RG\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2018-01-24]
CHR Extension: (Pandora) - C:\Users\RG\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihgfeikcl [2018-01-24]
CHR Extension: (Highlight to Search) - C:\Users\RG\AppData\Local\Google\Chrome\User Data\Default\Extensions\floipahigmmkfhkoapmnijnlnboniglg [2018-03-22]
CHR Extension: (Chrome Remote Desktop) - C:\Users\RG\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2018-01-24]
CHR Extension: (Google Docs Offline) - C:\Users\RG\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-01-24]
CHR Extension: (AdBlock) - C:\Users\RG\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-03-21]
CHR Extension: (Save to Google Drive) - C:\Users\RG\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2018-01-24]
CHR Extension: (Google Keep - notes and lists) - C:\Users\RG\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2018-03-21]
CHR Extension: (Google Play Music) - C:\Users\RG\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2018-01-24]
CHR Extension: (Lexis Views) - C:\Users\RG\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbkegekhgmfgblcgjknebnmbdhndfpdl [2018-01-24]
CHR Extension: (Google Play) - C:\Users\RG\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2018-01-24]
CHR Extension: (Save as PDF) - C:\Users\RG\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdjmbiefanbdgnkcikhllpmjnnllbbc [2018-01-24]
CHR Extension: (StayFocusd) - C:\Users\RG\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji [2018-03-20]
CHR Extension: (Build with Chrome) - C:\Users\RG\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbbbhbjeecagnlfgggogfclkdjamoapf [2018-01-24]
CHR Extension: (Google Maps) - C:\Users\RG\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2018-01-24]
CHR Extension: (Google Keep Chrome Extension) - C:\Users\RG\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2018-03-05]
CHR Extension: (Google Classroom) - C:\Users\RG\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhehppjhmmnlfbbopchdfldgimhfhfk [2018-01-24]
CHR Extension: (Print) - C:\Users\RG\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmiefodmmloajakmcfnpnjpkldellhlj [2018-01-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\RG\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-01-24]
CHR Extension: (Gmail) - C:\Users\RG\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-01-24]
CHR Extension: (Chrome Media Router) - C:\Users\RG\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-14]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
HKLM\SYSTEM\CurrentControlSet\Services\plngxwc <==== ATTENTION (Rootkit!)
R2 AESMService; c:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe [3715208 2015-09-30] (Intel Corporation)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems, Incorporated)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-07] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-07] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-03-15] (Dropbox, Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208792 2017-12-14] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3294608 2017-12-14] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217488 2017-12-14] (Dell Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2016-12-21] (Dell Inc.)
R2 Dell Help & Support; C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe [40976 2017-09-18] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [232320 2017-11-21] (Dell Inc.)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1392792 2015-10-30] (Intel Corporation)
R2 ExamplifyService; C:\Program Files (x86)\Examsoft\Examplify\Services\Examsoft.SoftShield.exe [225816 2018-02-23] (ExamSoft Worldwide Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2016-10-31] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [190216 2016-10-15] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-07-06] (Intel Corporation) [File not signed]
S3 Intel® WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-09-17] (Intel Corporation)
S2 IntelAudioService; C:\WINDOWS\system32\cAVS\Intel® Audio Service\IntelAudioService.exe [169576 2017-09-14] (Intel)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-07-06] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [207648 2016-01-21] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2017-03-21] ()
R2 nebula; C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe [1197200 2016-05-13] (Logitech)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2012-02-08] (Hewlett-Packard) [File not signed]
R2 Pharos Systems ComTaskMaster; C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe [339456 2012-12-13] (Pharos Systems International) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2012-02-08] (Hewlett-Packard) [File not signed]
R2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [47144 2017-04-06] (Dell)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
S2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [35104 2016-09-27] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [333304 2017-09-14] (Realtek Semiconductor)
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [186760 2016-07-17] ()
R2 SoftshieldService; C:\Program Files (x86)\Examsoft\Softest 11.0\Examsoft.ShieldRunner.exe [67848 2017-03-26] (Hewlett-Packard)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [41432 2018-02-14] (Dell Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7757552 2018-02-26] (TeamViewer GmbH)
R2 VPNUnlimitedService; C:\Program Files (x86)\VPN Unlimited\vpn-unlimited-daemon.exe [286208 2018-02-08] (KeepSolid Inc.) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-18] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-18] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3750304 2017-03-21] (Intel® Corporation)
S2 Dell Foundation Services; "C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [41608 2017-12-14] (Dell Inc.)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2017-12-14] (Dell Computer Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R2 DpmLiteDrv; c:\Program Files\Dell\QuickSet\DpmLiteDrv64.sys [15080 2014-10-15] (Wistron Corp.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [55784 2015-10-30] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [52200 2015-10-30] (Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [260072 2015-10-30] (Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77432 2017-11-29] ()
R3 HidEventFilter; C:\WINDOWS\System32\drivers\HidEventFilter.sys [54272 2015-09-20] (Intel Corporation)
R3 HID_PCI; C:\WINDOWS\System32\drivers\HID_PCI.sys [47928 2015-11-04] (Intel)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [250624 2016-10-15] (Intel Corporation)
R3 ISH; C:\WINDOWS\System32\drivers\ISH.sys [135992 2015-11-04] (Intel)
R3 ISH_BusDriver; C:\WINDOWS\System32\drivers\ISH_BusDriver.sys [71992 2015-11-09] (Intel)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2018-03-22] (Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2018-01-29] (Malwarebytes)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [7638776 2017-04-19] (Intel Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [413912 2015-12-22] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3224576 2017-09-11] (Realtek Semiconductor Corp.)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2018-01-24] ()
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-12-21] (Apple, Inc.) [File not signed]
R3 VirtualButtons; C:\WINDOWS\System32\drivers\VirtualButtons.sys [41992 2017-03-31] (Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46072 2018-01-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [288848 2018-01-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-18] (Microsoft Corporation)
R3 ilosvy; system32\drivers\orvybe.sys [X]
S3 MBAMFarflt; \SystemRoot\system32\DRIVERS\farflt.sys [X]
S3 MBAMProtection; \SystemRoot\system32\DRIVERS\mbam.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-03-23 12:11 - 2018-03-23 12:11 - 002403328 _____ (Farbar) C:\Users\RG\Downloads\FRST64 (1).exe
2018-03-23 12:11 - 2018-03-23 12:11 - 000001517 _____ C:\Users\RG\Desktop\AdwCleaner[S3].txt
2018-03-23 12:03 - 2018-03-23 12:03 - 000001244 _____ C:\Users\RG\Desktop\malwarebytes.txt
2018-03-22 23:26 - 2018-03-22 23:40 - 000000000 ____D C:\Users\RG\Downloads\The Good Place Season 2
2018-03-22 23:19 - 2018-03-22 23:19 - 000142672 ____N C:\WINDOWS\system32\Drivers\upaknrux.sys
2018-03-22 23:17 - 2018-03-23 11:56 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2018-03-22 11:58 - 2018-03-22 13:03 - 000000000 ____D C:\Users\RG\Desktop\mbar
2018-03-22 11:58 - 2018-03-22 13:03 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2018-03-22 11:58 - 2018-03-22 11:58 - 014178840 _____ (Malwarebytes Corp.) C:\Users\RG\Downloads\mbar-1.10.3.1001.exe
2018-03-22 11:58 - 2018-03-22 11:58 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\1366A5FB.sys
2018-03-22 11:58 - 2018-03-22 11:58 - 000192952 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-03-22 11:17 - 2018-03-22 11:17 - 000945188 _____ C:\Users\RG\Downloads\Spring 2018 Week 9 In re Hammond PT Session.pptx
2018-03-22 10:44 - 2018-03-22 10:44 - 001075542 _____ C:\Users\RG\Downloads\Week 11 PPT for TWEN.pptx
2018-03-22 00:06 - 2018-03-22 00:06 - 008222496 _____ (Malwarebytes) C:\Users\RG\Downloads\AdwCleaner.exe
2018-03-21 19:24 - 2018-03-23 12:12 - 000030922 _____ C:\Users\RG\Downloads\FRST.txt
2018-03-21 19:24 - 2018-03-22 11:54 - 000063232 _____ C:\Users\RG\Downloads\Addition.txt
2018-03-21 19:23 - 2018-03-23 12:12 - 000000000 ____D C:\FRST
2018-03-21 19:14 - 2018-03-21 19:20 - 002403328 _____ (Farbar) C:\Users\RG\Downloads\FRST64.exe
2018-03-21 18:08 - 2018-03-21 18:08 - 001204720 _____ (Adobe Systems Incorporated) C:\Users\RG\Downloads\flashplayer29_xa_install.exe
2018-03-21 14:55 - 2018-03-23 11:53 - 000000797 _____ C:\Users\RG\Desktop\Windows 10 Update Assistant.lnk
2018-03-20 14:07 - 2018-03-20 14:12 - 000876713 _____ C:\Users\RG\Documents\FEBRUARY STATEMENT.pdf
2018-03-20 12:49 - 2018-03-20 14:04 - 001450888 _____ C:\Users\RG\Documents\JANUARY STATEMENTturn to FEBRUARY.pdf
2018-03-20 11:55 - 2018-03-20 11:55 - 000647827 _____ C:\Users\RG\Downloads\CreditCardStatementFEBRUARY.pdf
2018-03-20 11:54 - 2018-03-20 12:12 - 001326581 _____ C:\Users\RG\Downloads\JANUARY STATEMENT.pdf
2018-03-20 11:54 - 2018-03-20 11:54 - 000888277 _____ C:\Users\RG\Downloads\JANUARY STATEMENT (1).pdf
2018-03-20 11:54 - 2018-03-20 11:54 - 000738612 _____ C:\Users\RG\Downloads\CreditCardStatementMARCH.pdf
2018-03-20 11:54 - 2018-03-20 11:54 - 000242858 _____ C:\Users\RG\Downloads\CreditCardStatementDECEMBER.pdf
2018-03-19 11:28 - 2018-03-19 11:28 - 000000000 ____D C:\Users\RG\AppData\Local\Microsoft Help
2018-03-17 23:33 - 2018-03-17 23:33 - 000000000 ____D C:\Users\RG\AppData\Roaming\de.hueber.menschena1izu
2018-03-17 23:32 - 2018-03-17 23:32 - 000001357 _____ C:\Users\Public\Desktop\Menschen A1 Lerner-DVD-ROM zum Kursbuch.lnk
2018-03-17 23:29 - 2017-11-23 13:18 - 1084015929 _____ C:\Users\RG\Desktop\101901_Menschen_A1_KB_Lerner-DVD-ROM.air
2018-03-17 23:14 - 2018-03-17 23:27 - 955707289 _____ C:\Users\RG\Downloads\301901_Menschen_A11_KB_Lerner-DVD-ROM.zip
2018-03-17 23:14 - 2018-03-17 23:22 - 450238617 _____ C:\Users\RG\Downloads\501901_Menschen_A12_KB_Lerner-DVD-ROM.zip
2018-03-17 23:14 - 2018-03-17 23:19 - 209034660 _____ C:\Users\RG\Downloads\501902_Menschen_A22_KB_Lerner-DVD-ROM.zip
2018-03-17 23:14 - 2018-03-17 23:19 - 194140766 _____ C:\Users\RG\Downloads\301902_Menschen_A21_KB_Lerner-DVD-ROM.zip
2018-03-17 23:13 - 2018-03-17 23:27 - 1083570886 _____ C:\Users\RG\Downloads\101901_Menschen_A1_KB_Lerner-DVD-ROM.zip
2018-03-17 23:13 - 2018-03-17 23:20 - 384547330 _____ C:\Users\RG\Downloads\101902_Menschen_A2_KB_Lerner-DVD-ROM.zip
2018-03-17 23:12 - 2018-03-17 23:12 - 197368832 _____ C:\Users\RG\Downloads\505427_chiaro_A1_iKB.zip
2018-03-17 23:09 - 2018-03-17 23:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hueber
2018-03-17 23:09 - 2018-03-17 23:32 - 000000000 ____D C:\Program Files (x86)\Hueber
2018-03-17 23:09 - 2018-03-17 23:09 - 000001107 _____ C:\Users\Public\Desktop\AusBlick 1 iKB.lnk
2018-03-17 23:09 - 2018-03-17 23:09 - 000000000 ____D C:\Users\RG\AppData\Roaming\de.hueber.ausblick1b1
2018-03-17 23:06 - 2018-03-17 23:07 - 158439778 _____ C:\Users\RG\Downloads\131860_Ausblick_1_iKB.zip
2018-03-17 23:00 - 2018-03-17 23:00 - 010857648 _____ (Adobe Systems Inc.) C:\Users\RG\Downloads\AdobeAIRInstaller (2).exe
2018-03-17 22:56 - 2018-03-17 22:56 - 061451455 _____ C:\Users\RG\Downloads\Menschen_A1_2_AB_Audio.zip
2018-03-17 22:56 - 2018-03-17 22:56 - 026017516 _____ C:\Users\RG\Downloads\Menschen_A1_1_AB_Audio.zip
2018-03-17 22:42 - 2018-03-17 22:42 - 010857648 _____ (Adobe Systems Inc.) C:\Users\RG\Downloads\AdobeAIRInstaller (1).exe
2018-03-17 22:41 - 2012-02-28 12:31 - 000102272 _____ (Adobe Systems Inc.) C:\Users\RG\Desktop\Installer.exe
2018-03-17 22:31 - 2018-03-17 22:31 - 000000000 ____D C:\Users\RG\AppData\Roaming\HachetteFLE.ParcoursDigital.AlterEgo.2
2018-03-17 22:31 - 2018-03-17 22:31 - 000000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2018-03-17 22:31 - 2018-03-17 22:31 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2018-03-17 22:30 - 2018-03-17 22:30 - 000001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Parcours Digital AlterEgo+ niveau 2.lnk
2018-03-17 22:30 - 2018-03-17 22:30 - 000000000 ____D C:\Program Files (x86)\ParcoursDigital-AE+2
2018-03-17 22:29 - 2018-03-17 22:30 - 151058182 _____ (Hachette FLE ) C:\Users\RG\Downloads\AlterEgo.2-1.0.0-version-complete.exe
2018-03-17 22:15 - 2018-03-17 22:16 - 139589335 _____ C:\Users\RG\Downloads\pistes-alterEgo+2.zip
2018-03-17 22:02 - 2018-03-17 22:02 - 010857648 _____ (Adobe Systems Inc.) C:\Users\RG\Downloads\AdobeAIRInstaller.exe
2018-03-17 21:51 - 2018-03-17 21:51 - 000000000 ____D C:\Users\RG\Desktop\German
2018-03-17 21:50 - 2018-03-17 22:14 - 000000000 ____D C:\Users\RG\Desktop\French
2018-03-16 20:29 - 2018-03-16 20:29 - 000842716 _____ C:\Users\RG\Desktop\CreditCardStatement.pdf
2018-03-16 14:02 - 2018-03-16 14:02 - 000190606 _____ C:\Users\RG\Downloads\1717The Aerospatiale decision.pdf
2018-03-16 11:59 - 2018-02-18 04:53 - 001568672 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-03-16 11:59 - 2018-02-18 04:53 - 000138144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-03-16 11:59 - 2018-02-18 04:47 - 000389536 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-03-16 11:59 - 2018-02-18 04:46 - 000749472 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-03-16 11:59 - 2018-02-18 04:46 - 000609184 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-03-16 11:59 - 2018-02-18 04:45 - 000664480 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-03-16 11:59 - 2018-02-18 04:45 - 000461720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-03-16 11:59 - 2018-02-18 04:44 - 000273312 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-03-16 11:59 - 2018-02-18 04:36 - 000528288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-03-16 11:59 - 2018-02-18 04:24 - 000213400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-03-16 11:59 - 2018-02-09 22:49 - 000070040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-03-16 11:59 - 2018-02-09 22:47 - 000270744 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-03-16 11:59 - 2018-02-09 22:41 - 002003352 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-03-16 11:59 - 2018-02-09 22:40 - 000035224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-03-16 11:48 - 2018-03-16 11:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-03-15 04:50 - 2018-03-15 04:50 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-03-15 04:50 - 2018-03-15 04:50 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-03-15 04:50 - 2018-03-15 04:50 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-03-15 04:50 - 2018-03-15 04:50 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2018-03-12 20:40 - 2018-03-12 20:40 - 000014151 ____H C:\Users\RG\Documents\~WRL0647.tmp
2018-03-12 19:38 - 2018-02-18 04:32 - 000026464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2018-03-12 19:38 - 2018-02-18 03:56 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2018-03-12 19:38 - 2018-02-18 03:54 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2018-03-12 19:38 - 2018-02-18 03:49 - 000378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-03-12 19:38 - 2018-02-18 03:49 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2018-03-12 19:38 - 2018-02-18 03:49 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2018-03-12 19:38 - 2018-02-18 03:48 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-03-12 19:38 - 2018-02-18 03:48 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-03-12 19:38 - 2018-02-18 03:48 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2018-03-12 19:38 - 2018-02-18 03:47 - 000788480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-03-12 19:38 - 2018-02-18 03:47 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2018-03-12 19:38 - 2018-02-18 03:46 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-03-12 19:38 - 2018-02-18 03:45 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2018-03-12 19:38 - 2018-02-18 03:44 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-03-12 19:38 - 2018-02-18 03:41 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-03-12 19:38 - 2018-02-18 03:40 - 000691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-03-12 19:38 - 2018-02-18 03:39 - 002449920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-03-12 19:38 - 2018-02-18 03:38 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-03-12 19:38 - 2018-02-18 03:36 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2018-03-12 19:38 - 2018-02-09 21:35 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2018-03-12 19:38 - 2018-02-09 21:30 - 001307136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-03-12 12:53 - 2018-03-12 12:56 - 000000000 ____D C:\Users\RG\Desktop\SD Card
2018-03-07 22:06 - 2018-03-23 11:53 - 000000809 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Update Assistant.lnk
2018-03-07 22:06 - 2018-03-23 11:53 - 000000000 ____D C:\Windows10Upgrade
2018-03-07 21:45 - 2018-03-07 21:45 - 000000000 ____D C:\WINDOWS\UpdateAssistant
2018-03-05 00:54 - 2018-03-05 00:58 - 216388608 ____R C:\Users\RG\Downloads\Last.Week.Tonight.With.John.Oliver.S05E03.HDTV.x264-CROOKS[eztv].mkv
2018-03-02 01:51 - 2018-03-02 01:51 - 000091922 _____ C:\Users\RG\Downloads\2008_WL_7185283.pdf
2018-03-01 01:26 - 2018-03-01 01:26 - 000073850 _____ C:\Users\RG\Desktop\California State Bar - Application for Take the California Bar Examination - Print Copy.pdf
2018-02-28 13:31 - 2018-02-28 13:31 - 000330712 _____ C:\Users\RG\Desktop\CalBar_MC_Fingerprint_LiveScan_pdf_replica.asp.pdf
2018-02-28 13:31 - 2018-02-28 13:31 - 000173767 _____ C:\Users\RG\Desktop\Authorization_and_Release_Form_Print.pdf
2018-02-28 13:30 - 2018-02-28 13:30 - 000126416 _____ C:\Users\RG\Desktop\California State Bar - Application for Moral Character Determination - Print Copy.pdf
2018-02-27 14:45 - 2018-02-27 14:45 - 000003934 _____ C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AnonymousRegistration
2018-02-26 18:35 - 2018-02-26 18:35 - 000135473 _____ C:\Users\RG\Downloads\PRACTICE Stewart v. Quantum Airlines Pers. Practice PT File and Library.pdf
2018-02-26 17:59 - 2018-02-26 17:59 - 000007933 _____ C:\Users\RG\Downloads\Stewart v. Quantum Airlines Objective Instrs.pdf
2018-02-26 14:38 - 2018-02-26 14:38 - 000043473 _____ C:\Users\RG\Downloads\Conditional Life Insurance Agreement.pdf
2018-02-26 00:42 - 2018-02-26 00:42 - 001309182 _____ C:\Users\RG\Downloads\Essay #2 with BarBri Answers.pdf
2018-02-26 00:41 - 2018-02-26 00:41 - 000318707 _____ C:\Users\RG\Downloads\Bar Essays July 2011 Civ Pro Evidence Model Answer.pdf
2018-02-24 22:30 - 2018-02-24 22:30 - 000752218 _____ C:\Users\RG\Documents\_Statements_4.pdf
2018-02-24 22:29 - 2018-02-24 22:29 - 000752220 _____ C:\Users\RG\Documents\_Statements_3.pdf
2018-02-24 22:29 - 2018-02-24 22:29 - 000752194 _____ C:\Users\RG\Documents\_Statements_2.pdf
2018-02-24 22:17 - 2018-02-24 22:38 - 000888277 _____ C:\Users\RG\Desktop\JANUARY STATEMENT.pdf
2018-02-24 21:52 - 2018-02-24 21:52 - 000705863 _____ C:\Users\RG\Desktop\_Statements_.pdf
2018-02-21 21:04 - 2018-02-21 21:04 - 001358465 _____ C:\Users\RG\Downloads\Week 6 Civ Pro Overview and Civ Pro Evidence Essay Exam Spring 2018 (1).pptx
2018-02-21 20:29 - 2018-02-21 20:29 - 000029412 _____ C:\Users\RG\Downloads\Week 5 Civ Pro Practice Exam.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-03-23 12:09 - 2018-01-24 11:44 - 000000000 ____D C:\Users\RG\AppData\Local\vskbtin
2018-03-23 12:08 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-03-23 12:06 - 2018-01-24 12:51 - 000000000 ____D C:\AdwCleaner
2018-03-23 12:00 - 2017-03-18 14:01 - 000000000 ____D C:\WINDOWS\INF
2018-03-23 01:48 - 2017-10-18 20:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-03-23 00:02 - 2018-01-25 00:53 - 000000000 ____D C:\Users\RG\AppData\Local\CrashDumps
2018-03-22 23:50 - 2017-03-18 13:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-03-22 23:49 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\rescache
2018-03-22 23:26 - 2017-09-29 23:27 - 000000000 ____D C:\Program Files\rempl
2018-03-22 23:25 - 2017-10-18 21:46 - 001097332 _____ C:\WINDOWS\system32\prfh0404.dat
2018-03-22 23:25 - 2017-10-18 21:46 - 000325004 _____ C:\WINDOWS\system32\prfc0404.dat
2018-03-22 23:25 - 2017-10-18 21:07 - 003130192 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-03-22 23:21 - 2016-11-21 22:13 - 000000000 ____D C:\Users\RG\AppData\Local\Spotify
2018-03-22 23:21 - 2016-11-21 21:41 - 000001138 _____ C:\Users\Public\Desktop\VPN Unlimited.lnk
2018-03-22 23:21 - 2016-11-21 21:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VPN Unlimited
2018-03-22 23:21 - 2016-11-21 21:41 - 000000000 ____D C:\Program Files (x86)\VPN Unlimited
2018-03-22 23:20 - 2018-01-25 01:12 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-03-22 23:20 - 2016-11-21 22:08 - 000000000 ____D C:\Users\RG\AppData\Roaming\Spotify
2018-03-22 23:20 - 2016-11-21 19:37 - 000000000 __SHD C:\Users\RG\IntelGraphicsProfiles
2018-03-22 23:19 - 2018-01-24 11:42 - 002888704 _____ (TOSHIBA CORPORATION) C:\WINDOWS\system32\snnmagisvc.exe
2018-03-22 23:19 - 2017-10-18 21:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-03-22 23:19 - 2017-10-18 20:57 - 000600672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-03-22 23:19 - 2017-03-18 04:40 - 034603008 _____ C:\WINDOWS\system32\config\HARDWARE
2018-03-22 23:19 - 2017-03-18 04:40 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2018-03-22 11:58 - 2018-01-25 00:55 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-03-22 11:18 - 2016-11-21 19:37 - 000000000 ____D C:\Users\RG\AppData\Local\Packages
2018-03-22 10:32 - 2017-03-18 14:03 - 000000000 ___HD C:\Program Files\WindowsApps
2018-03-21 18:08 - 2016-11-21 19:37 - 000000000 ____D C:\Users\RG\AppData\Local\Adobe
2018-03-21 18:04 - 2016-11-21 22:02 - 000000000 ___RD C:\Users\RG\Dropbox
2018-03-20 22:09 - 2018-01-24 12:45 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-20 22:09 - 2018-01-24 12:45 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-03-20 12:13 - 2016-11-23 09:14 - 000007875 _____ C:\WINDOWS\BRRBCOM.INI
2018-03-17 22:31 - 2017-06-04 20:07 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-03-16 22:18 - 2016-11-21 19:47 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-03-16 22:06 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-03-16 11:49 - 2016-06-10 12:50 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-03-14 12:49 - 2016-06-28 16:04 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-03-14 12:20 - 2017-10-10 17:15 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-03-14 12:20 - 2016-06-28 16:04 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-03-13 17:27 - 2017-10-28 12:13 - 000004594 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-03-13 17:27 - 2017-10-28 12:13 - 000004422 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-03-13 17:27 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-03-13 17:27 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-03-07 22:18 - 2017-12-04 16:49 - 000002089 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Examplify.lnk
2018-03-07 22:18 - 2017-12-04 16:49 - 000002077 _____ C:\Users\Public\Desktop\Examplify.lnk
2018-03-07 22:05 - 2017-10-18 20:59 - 000000000 ____D C:\Users\RG
2018-03-07 21:43 - 2017-10-18 21:04 - 000003370 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-509284063-2352873921-1556801466-1002
2018-03-07 21:43 - 2016-11-21 19:37 - 000002356 _____ C:\Users\RG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-03-07 21:43 - 2016-11-21 19:37 - 000000000 ___RD C:\Users\RG\OneDrive
2018-03-05 01:30 - 2016-12-26 17:05 - 000000000 ____D C:\Users\RG\AppData\Roaming\vlc
2018-03-02 13:25 - 2017-03-18 14:06 - 000834552 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-03-02 13:25 - 2017-03-18 14:06 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-02-28 14:30 - 2016-11-21 19:47 - 000001042 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2018-02-28 14:30 - 2016-11-21 19:47 - 000001030 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2018-02-28 13:16 - 2017-10-18 21:04 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-02-26 00:41 - 2017-03-18 14:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-02-25 01:53 - 2017-06-04 20:09 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2018-02-25 01:53 - 2017-06-04 20:09 - 000002116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2018-02-23 01:50 - 2016-11-22 01:19 - 000000000 ____D C:\Users\RG\Downloads\Naruto Complete Series + Movies Uncut
Some files in TEMP:
====================
2018-01-24 22:46 - 2017-10-18 21:53 - 001930840 _____ (Microsoft Corporation) C:\Users\RG\AppData\Local\Temp\dllnt_dump.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
C:\WINDOWS\system32\drivers\upaknrux.sys -> Access Denied <======= ATTENTION
LastRegBack: 2018-03-14 22:10
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by RG (23-03-2018 12:12:49)
Running from C:\Users\RG\Downloads
Windows 10 Home Version 1703 15063.850 (X64) (2017-10-19 04:07:34)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-509284063-2352873921-1556801466-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-509284063-2352873921-1556801466-503 - Limited - Disabled)
Guest (S-1-5-21-509284063-2352873921-1556801466-501 - Limited - Disabled)
john (S-1-5-21-509284063-2352873921-1556801466-1001 - Administrator - Enabled) => C:\Users\john
RG (S-1-5-21-509284063-2352873921-1556801466-1002 - Administrator - Enabled) => C:\Users\RG
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (HKLM\...\{FD868C71-6CCF-42E2-B90D-0504AB0036FE}) (Version: 13.2.1 - Hewlett-Packard) Hidden
7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 29.0.0.112 - Adobe Systems Incorporated)
Adobe Flash Player 29 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 29.0.0.113 - Adobe Systems Incorporated)
AusBlick 1 iKB (HKLM-x32\...\{F0BF2FE5-0F39-0126-2992-8BD6A10EF51F}) (Version: 0.3 - Hueber Verlag GmbH & Co. KG) Hidden
AusBlick 1 iKB (HKLM-x32\...\de.hueber.ausblick1b1) (Version: 0.3 - Hueber Verlag GmbH & Co. KG)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6229 - CDBurnerXP)
Dell Customer Connect (HKLM-x32\...\{4FA72FF9-DD64-43A8-8704-6380A11F11D5}) (Version: 1.4.15.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{AB7F2792-2ED1-4C5C-9F28-680E5110BF72}) (Version: 3.1.1018.0 - Dell Products, LP)
Dell Help & Support (HKLM\...\{457EFE69-8F49-43E0-80F9-1DEF4F7690C2}) (Version: 2.5.23.0 - Dell Inc.) Hidden
Dell Help & Support (HKLM-x32\...\InstallShield_{457EFE69-8F49-43E0-80F9-1DEF4F7690C2}) (Version: 2.5.23.0 - Dell Inc.)
Dell Product Registration (HKLM-x32\...\InstallShield_{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 2.0.6875.668 - Dell)
Dell SupportAssistAgent (HKLM\...\{9DD6B149-CEBC-4910-B11A-242393EDF6D3}) (Version: 2.1.4.14 - Dell)
Dell Update (HKLM-x32\...\{632610E3-5B12-403C-9C93-EF533ED1C113}) (Version: 1.10.5.0 - Dell Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 45.4.92 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Examplify (HKLM-x32\...\{BDF34D34-009D-4567-84C6-77F898C3F031}) (Version: 1.4.2 - Examsoft) Hidden
Examplify (HKLM-x32\...\InstallShield_{BDF34D34-009D-4567-84C6-77F898C3F031}) (Version: 1.4.2 - Examsoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 65.0.3325.181 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Herramientas de corrección de Microsoft Office 2016: español (HKLM-x32\...\{90160000-001F-0C0A-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10605.221 - Intel Corporation)
Intel® HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 1.1.0.311 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1178 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4590 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.2.1030 - Intel Corporation)
Intel® Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.1.0.21 - Intel Corporation)
Intel® WiDi (HKLM\...\{E8A2DA8A-CA1A-4F5A-B113-6C34FCC4B6D4}) (Version: 6.0.62.0 - Intel Corporation)
Intel® WiDi Software Asset Manager (HKLM-x32\...\{AC8973AF-7F4C-40F4-BFE1-C02FE95ED2C2}) (Version: 3.2.1184 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{4DA9DC19-4E1D-4B10-A726-A5F2A1BC7265}) (Version: 18.1.1546.2762 - Intel Corporation)
Intel® Integrated Sensor Solution (HKLM-x32\...\{755abcd0-2942-482b-a27d-22921a5849f0}) (Version: 3.0.14.3056 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{03929cf1-3ae4-4765-b8b3-32b8e2e26a8d}) (Version: 19.60.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{3D45BD48-F215-4C69-B23F-256C83D1D7F0}) (Version: 1.0.0.534 - Intel Corporation)
Intel® Software Guard Extensions Platform Software (HKLM\...\{D6CE0772-080E-45D4-8CB0-AB2AB9710DFE}) (Version: 1.1.28151.80 - Intel Corporation)
IPM_Common_x86 (HKLM-x32\...\{EE61B6C5-F017-4505-85D3-6D40B1797D32}) (Version: 2.1 - Your Company Name) Hidden
ISS_Drivers_x64 (HKLM\...\{7E28859E-AD3D-4FC2-8D70-E345F8C87722}) (Version: 3.0.14.3056 - Intel Corporation) Hidden
Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab)
LexisNexis Sanction (HKLM-x32\...\{74C42E3E-E122-45BF-9B55-17E2A88C4491}) (Version: 4.10.06.01 - LexisNexis)
LexisNexis TimeMap 6 (HKLM-x32\...\{65022604-D57C-44B0-B626-CF9899FB6B83}) (Version: 6.00.86.01 - LexisNexis CaseSoft)
LibreOffice 5.3.3.2 (HKLM-x32\...\{C7C4A0C6-8483-4065-851D-CBE5DC17D046}) (Version: 5.3.3.2 - The Document Foundation)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.9060.3 - Waves Audio Ltd.) Hidden
Menschen A1 Lerner-DVD-ROM zum Kursbuch (HKLM-x32\...\{C00C7537-BCAD-5637-CB8F-E60DD3DA3832}) (Version: 1.0 - Hueber Verlag GmbH & Co. KG) Hidden
Menschen A1 Lerner-DVD-ROM zum Kursbuch (HKLM-x32\...\de.hueber.menschena1izu) (Version: 1.0 - Hueber Verlag GmbH & Co. KG)
Microsoft Office Professional Plus 2016 (HKLM-x32\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-509284063-2352873921-1556801466-1002\...\OneDriveSetup.exe) (Version: 18.025.0204.0009 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 57.0.4 (x64 en-US) (HKLM\...\Mozilla Firefox 57.0.4 (x64 en-US)) (Version: 57.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.4.6577 - Mozilla)
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM-x32\...\{90160000-001F-040C-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Parcours Digital AlterEgo+ niveau 1 version 1.3 (HKLM-x32\...\{ABEA6B4C-2FA1-43C0-B3EA-4D83E4BFBF44}_is1) (Version: 1.3 - Hachette FLE)
Parcours Digital AlterEgo+ niveau 2 version 1.0 (HKLM-x32\...\{5A7B1EB3-7CC7-463D-A18E-68B56198A4AA}_is1) (Version: 1.0 - Hachette FLE)
Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - Photodex Corporation)
Product Registration (HKLM\...\{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.) Hidden
ProShow Producer (HKLM-x32\...\ProShow Producer) (Version: - Photodex Corporation)
QuickSet64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.35 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8224 - Realtek Semiconductor Corp.)
Realtek PC Camera Driver (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.14393.11242 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (HKLM-x32\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
RogueKiller version 12.12.1.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.12.1.0 - Adlice Software)
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.103 - Skype Technologies S.A.)
SofTest v11 (HKLM-x32\...\{A579A21A-8DED-44E9-AA63-F1595AC24884}) (Version: 11.33.5 - Examsoft) Hidden
SofTest v11 (HKLM-x32\...\InstallShield_{A579A21A-8DED-44E9-AA63-F1595AC24884}) (Version: 11.33.5 - Examsoft)
Spotify (HKU\S-1-5-21-509284063-2352873921-1556801466-1002\...\Spotify) (Version: 1.0.75.483.g7ff4a0dc - Spotify AB)
SSH Secure Shell (HKLM-x32\...\{74E2CD0C-D4A2-11D3-95A6-0000E86CFDE5}) (Version: - )
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.93231 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{AAB396C1-4338-4825-BFA1-A085F3C55781}) (Version: 2.19.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{E1D7CB46-BAE9-4D58-99C4-582332B1755A}) (Version: 1.13.0.0 - Microsoft Corporation) Hidden
UpdateService (HKLM-x32\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VPN Unlimited 4.17 (HKLM-x32\...\{DC24521E-872B-41AF-93EA-FE477902D6FB}_is1) (Version: 4.17 - KeepSolid Inc.)
vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22395 - Microsoft Corporation)
Windows 7 Games for Windows 8 and 10 (HKLM-x32\...\MicrosoftGamesForWin8) (Version: 2.0.0.0 - )
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WordPerfect Office X8 - Common Files (HKLM-x32\...\{42428570-D010-4FC6-BD19-02D443418372}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 - IPM Content TBYB (HKLM-x32\...\{39D42D80-E7FA-445C-A6A0-0D90BF66D715}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 - IPM TBYB (HKLM-x32\...\{0142A22B-3F10-4034-AC51-01B86449F89C}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 - Lightning Files (HKLM-x32\...\{070A4546-460D-4B5D-BEEB-22F9BDC0CF6A}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 - Oxford (HKLM-x32\...\{CC0E11EC-EE17-4351-9523-FDF15CDE36DB}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 - Presentations Files (HKLM-x32\...\{56046687-93A2-420F-BC32-472A7BE02C78}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 - Quattro Pro Files (HKLM-x32\...\{C6EA41FF-5BC2-4035-A08E-A66B3084EDCE}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 - Setup Files (HKLM-x32\...\{8F19BD38-2FAE-4383-95F5-20FB54A647FC}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 - System Files (HKLM-x32\...\{1E20010F-6730-4511-B1BA-66E5032A5860}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 - WordPerfect Files (HKLM-x32\...\{31A0E52F-CA1A-4BAF-AD4F-F40A2BEE9FA7}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 - WPD format Props x64 (HKLM\...\{5E7A9D3D-7A1B-4F4E-B4E4-74E3BCD28E77}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 - WT (HKLM-x32\...\{DF751A12-329C-4963-BCE7-14C8265167E6}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 (HKLM-x32\...\_{8F19BD38-2FAE-4383-95F5-20FB54A647FC}) (Version: 18.0.0.200 - Corel Corporation)
WordPerfect Office X8 (HKLM-x32\...\{0BC87715-8C0B-4C9C-BF95-36A463B7A96C}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 (HKLM-x32\...\{2067216B-D56E-4717-AB2C-38FBE8DB3FC3}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 (HKLM-x32\...\{21D49A11-15ED-43F3-97D6-1C5B73F70F21}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 (HKLM-x32\...\{7C6905CE-F10B-4629-8A5D-602BE91CCBB3}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 (HKLM-x32\...\{B2BCF349-C7C0-4C02-8803-0191F9D83C7A}) (Version: 18.0 - Corel Corporation) Hidden
WordPerfect Office X8 (HKLM-x32\...\{E292E6B0-C84D-4C47-A61E-7C42540C4ECF}) (Version: 18.0 - Corel Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-21] (Igor Pavlov)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ContextMenuHandlers2-x32: [QuickFinderMenu] -> {72faaca8-f0ae-4638-868a-4a786f23c60c} => c:\Program Files (x86)\Corel\WordPerfect Office X8\Programs\PFSE180.DLL [2016-04-11] (Corel Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-21] (Igor Pavlov)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ContextMenuHandlers4-x32: [QuickFinderMenu] -> {72faaca8-f0ae-4638-868a-4a786f23c60c} => c:\Program Files (x86)\Corel\WordPerfect Office X8\Programs\PFSE180.DLL [2016-04-11] (Corel Corporation)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-03-15] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\k120836.inf_amd64_ccaf7e7e1e972b78\igfxDTCM.dll [2017-02-20] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-21] (Igor Pavlov)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0527B2D3-17FC-4D36-8F4C-6E48A3B25C7B} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-NNGBV58-RG => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-01-05] (Adobe Systems, Incorporated)
Task: {0AB103E0-380F-4C15-95F5-2DC08A0DB862} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {15CE6A8A-5A51-4001-991F-E3EE543A3F4D} - System32\Tasks\WRU => C:\Program Files\Intel Corporation\Intel WiDi\WRU.exe [2016-02-24] ()
Task: {18F7FAAA-5A49-4F7A-9ABC-B7BCF0561B72} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-18] (Microsoft Corporation)
Task: {233AB51A-75C6-4714-ACFD-812C96A869FE} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2016-02-27] (Corel Corporation)
Task: {2C18C0C5-EBA8-45F0-86B0-63DDB72AEB1A} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
Task: {2FB43C30-6E96-4BCB-B220-EC64AAB8F36C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {2FF8FE31-7617-4BA8-A692-6F720CB0030D} - System32\Tasks\PCDoctorBackgroundMonitorTask-Retry => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2017-09-14] (PC-Doctor, Inc.)
Task: {3056746E-880D-4B42-9495-23BE884CF002} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {346EFE44-7CDF-4757-AD49-D59BE380B452} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-509284063-2352873921-1556801466-1001 => C:\Program Files (x86)\Real\RealDownloader\RealUpgrade.exe
Task: {38D5B36D-B694-402E-A7DE-CC86F12230C7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {3964D9A3-398F-41BC-A463-AB9259648575} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-18] (Microsoft Corporation)
Task: {3E7162A7-3E5D-4695-BF77-70AE17FD92CA} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-509284063-2352873921-1556801466-1001 => C:\Program Files (x86)\Real\RealDownloader\recordingmanager.exe
Task: {3FADB233-8A5A-4D2B-BEFB-3A2DA767890B} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2015-06-05] (Intel Corporation)
Task: {4310763A-92D9-4FC9-B235-F5C2C5C0C461} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {4E840847-16C8-40DF-8561-543CBFDD5202} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-24] (Google Inc.)
Task: {5B4D0BFD-4FFD-4E69-9436-DDCA013CC361} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2018-02-14] (Dell Inc.)
Task: {61DB6AE0-1291-41F1-8637-4645DB97CD60} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-07] (Dropbox, Inc.)
Task: {68C5890D-E823-4F77-B14F-4F55868E0D6F} - System32\Tasks\Dell SupportAssistAgent AnonymousRegistration => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2018-02-14] (Dell Inc.)
Task: {6A94301D-F770-43A4-A38D-B43D646309A9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-24] (Google Inc.)
Task: {724806D3-C143-47F5-A8F4-31205CDBF78A} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-509284063-2352873921-1556801466-1001 => C:\Program Files (x86)\Real\RealDownloader\RealUpgrade.exe
Task: {7B3F0916-DAB4-41D0-BF96-C0B2784683AF} - System32\Tasks\SystemToolsDailyTest-Retry => uaclauncher.exe
Task: {7D7EE01B-4B5C-42AF-BB54-B5673E40082B} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-07] (Dropbox, Inc.)
Task: {807F7606-AD39-49E3-94DB-424FEAAAEB48} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\Real\RealDownloader\downloader2.exe
Task: {8486701D-1950-4B6B-AB4A-27A7F81A98BD} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2017-09-14] (PC-Doctor, Inc.)
Task: {9C64F817-3295-4316-9B32-070B0780AEC8} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-09-17] (Intel Corporation)
Task: {A4C4B2AF-6010-4597-8E02-E1DF4928B749} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-03-13] (Adobe Systems Incorporated)
Task: {A80FBAD4-38E0-49C2-AEE2-60F689DC660B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-18] (Microsoft Corporation)
Task: {BC5D43DF-1354-4A3D-BA36-D1932BE95B18} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-18] (Microsoft Corporation)
Task: {BD1BE771-2B32-4FD3-9C38-EB9EECFEA06B} - System32\Tasks\WRUStartup => C:\Program Files\Intel Corporation\Intel WiDi\WRU.exe [2016-02-24] ()
Task: {CE3C66D3-3234-4063-8FB3-23F0AC865CEC} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-09-17] (Intel Corporation)
Task: {D348532D-38F9-4675-BD62-548D3E477E3F} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2017-09-14] (PC-Doctor, Inc.)
Task: {E75442AA-172A-4920-A54D-ACDEDA00A98A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Task: {E9A6EBD6-6301-4837-9286-E531DD8AFA88} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_113_pepper.exe [2018-03-13] (Adobe Systems Incorporated)
Task: {EF356356-721C-4C0A-A2CF-60B7FECCD35F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {FB1112BD-D312-4358-95B4-F839678F76A5} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-09-14] (Realtek Semiconductor)
Task: {FC873CE5-1AAF-4416-BC85-5CF5B669D9D7} - System32\Tasks\Chess Titans => C:\Users\RG\AppData\Local\Temp\is-RG620.tmp\prsetup.exe <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-07-17 02:15 - 2016-07-17 02:15 - 000186760 _____ () C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe
2018-01-25 00:55 - 2017-11-29 10:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-03-18 13:58 - 2017-03-18 13:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-03-16 11:50 - 2018-03-16 11:51 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1809.217.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-03-16 11:50 - 2018-03-16 11:51 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1809.217.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-03-16 11:50 - 2018-03-16 11:51 - 022044160 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1809.217.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-03-16 11:50 - 2018-03-16 11:51 - 002559488 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1809.217.0_x64__kzf8qxf38zg5c\skypert.dll
2018-03-20 22:09 - 2018-03-19 23:00 - 004435288 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libglesv2.dll
2018-03-20 22:09 - 2018-03-19 23:00 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libegl.dll
2018-03-16 11:50 - 2018-03-16 11:51 - 000173568 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11802.1001.11.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-03-08 18:30 - 2018-03-08 18:30 - 002250240 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11802.1001.11.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-10-18 21:39 - 2017-10-18 21:39 - 004252672 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1709.2703.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-09-25 19:13 - 2017-09-25 19:13 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1709.2703.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-03-18 13:59 - 2017-03-18 19:31 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-02-23 18:55 - 2018-02-23 18:55 - 000904704 _____ () C:\Program Files (x86)\Examsoft\Examplify\Services\System.Data.SQLite.dll
2016-09-16 14:58 - 2016-09-16 14:58 - 000904704 _____ () C:\Program Files (x86)\Examsoft\Softest 11.0\System.Data.SQLite.dll
2018-03-16 11:48 - 2018-03-15 04:50 - 000746312 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-03-16 11:48 - 2018-03-15 04:50 - 002079048 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2017-08-06 12:20 - 2018-03-15 04:50 - 000100312 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-08-06 12:20 - 2018-03-15 04:50 - 000018896 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-08-06 12:20 - 2018-03-15 04:53 - 000020808 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-08-06 12:20 - 2018-03-15 04:50 - 000035808 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-08-06 12:20 - 2018-03-15 04:50 - 000694232 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2018-03-16 11:48 - 2018-03-15 04:52 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-08-06 12:20 - 2018-03-15 04:50 - 000130520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2018-03-16 11:48 - 2018-03-15 04:52 - 001856864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2018-03-16 11:48 - 2018-03-15 04:52 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2018-03-16 11:48 - 2018-03-15 04:50 - 000145880 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2018-03-16 11:48 - 2018-03-15 04:50 - 000116696 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-08-06 12:20 - 2018-03-15 04:50 - 000105944 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-08-06 12:20 - 2018-03-15 04:53 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2018-03-16 11:48 - 2018-03-15 04:52 - 000063312 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-08-06 12:20 - 2018-03-15 04:50 - 000024536 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2018-03-16 11:48 - 2018-03-15 04:52 - 000077120 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2018-03-16 11:48 - 2018-03-15 04:50 - 000020952 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-08-06 12:20 - 2018-03-15 04:50 - 000124888 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-08-06 12:20 - 2018-03-15 04:50 - 000114136 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2018-03-16 11:48 - 2018-03-15 04:50 - 000392664 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-08-06 12:20 - 2018-03-15 04:53 - 000392520 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-08-06 12:20 - 2018-03-15 04:53 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-08-06 12:20 - 2018-03-15 04:50 - 000043480 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-08-06 12:20 - 2018-03-15 04:50 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-08-06 12:20 - 2018-03-15 04:50 - 000175576 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-08-06 12:20 - 2018-03-15 04:50 - 000030168 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-09-21 13:34 - 2018-03-15 04:50 - 000026072 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd
2017-08-06 12:20 - 2018-03-15 04:50 - 000048600 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-08-06 12:20 - 2018-03-15 04:50 - 000057816 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2018-03-16 11:48 - 2018-03-15 04:52 - 000021840 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-09-08 15:11 - 2018-03-15 04:53 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd
2018-03-16 11:48 - 2018-03-15 04:52 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd
2017-08-06 12:20 - 2018-03-15 04:53 - 000066400 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2018-03-16 11:48 - 2018-03-15 04:52 - 001798464 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-08-06 12:20 - 2018-03-15 04:50 - 000084944 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2018-03-16 11:48 - 2018-03-15 04:52 - 001959232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2018-03-16 11:48 - 2018-03-15 04:52 - 003863880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2018-03-16 11:48 - 2018-03-15 04:52 - 000155472 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2018-03-16 11:48 - 2018-03-15 04:52 - 000521544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2018-03-16 11:48 - 2018-03-15 04:52 - 000051024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2018-03-16 11:48 - 2018-03-15 04:52 - 000043336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2018-03-16 11:48 - 2018-03-15 04:52 - 000131400 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2018-03-16 11:48 - 2018-03-15 04:52 - 000219984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2018-03-16 11:48 - 2018-03-15 04:52 - 000204104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-08-06 12:20 - 2018-03-15 04:53 - 000025440 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-08-06 12:20 - 2018-03-15 04:50 - 000060888 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-08-06 12:20 - 2018-03-15 04:53 - 000054616 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-08-06 12:20 - 2018-03-15 04:50 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-08-06 12:20 - 2018-03-15 04:53 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-08-06 12:20 - 2018-03-15 04:53 - 000087904 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-08-06 12:20 - 2018-03-15 04:50 - 000028632 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-08-06 12:20 - 2018-03-15 04:53 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-08-06 12:20 - 2018-03-15 04:53 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-08-06 12:20 - 2018-03-15 04:53 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2018-03-16 11:48 - 2018-03-15 04:52 - 000027496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-08-06 12:20 - 2018-03-15 04:50 - 000349144 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2018-03-16 11:48 - 2018-03-15 04:52 - 000101704 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2017-08-06 12:20 - 2018-03-15 04:53 - 000023904 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2018-03-16 11:48 - 2018-03-15 04:52 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2018-03-16 11:48 - 2018-03-15 04:50 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-03-16 11:48 - 2018-03-15 04:52 - 000032608 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2018-03-16 11:48 - 2018-03-15 04:50 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2018-01-11 17:57 - 2018-03-15 04:53 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.pyd
2018-03-16 11:48 - 2018-03-15 04:52 - 000181064 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-08-06 12:20 - 2018-03-15 04:53 - 000030544 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2018-03-16 11:48 - 2018-03-15 04:52 - 000024384 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-03-16 11:48 - 2018-03-15 04:52 - 001638208 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-08-06 12:20 - 2018-03-15 04:53 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2018-03-16 11:48 - 2018-03-15 04:52 - 000546632 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2018-03-16 11:48 - 2018-03-15 04:52 - 000359744 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2018-03-16 11:48 - 2018-03-15 04:52 - 000038216 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.pyd
2016-12-21 11:24 - 2016-12-21 11:24 - 000134008 _____ () C:\Program Files (x86)\Dell Customer Connect\ServiceTagPlusPlus.dll
2015-06-23 16:26 - 2015-06-23 16:26 - 000155888 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2017-11-21 14:50 - 2017-11-21 14:50 - 000134016 _____ () C:\Program Files (x86)\Dell Update\ServiceTagPlusPlus.dll
2016-01-21 00:12 - 2016-01-21 00:12 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2018-02-22 09:57 - 2018-02-22 09:57 - 029246960 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.dll
2018-02-22 09:57 - 2018-02-22 09:57 - 000392688 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\sqlite.dll
2017-08-10 08:24 - 2017-08-10 08:24 - 072940016 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AcroCEF\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 00:24 - 2015-10-30 00:21 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-509284063-2352873921-1556801466-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\RG\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{0F7144AF-3906-4142-A069-01606F418AA4}C:\program files (x86)\vpn unlimited\vpn-unlimited-daemon.exe] => (Allow) C:\program files (x86)\vpn unlimited\vpn-unlimited-daemon.exe
FirewallRules: [TCP Query User{F3B3862D-21C9-4627-8311-5A287D170832}C:\program files (x86)\vpn unlimited\vpn-unlimited-daemon.exe] => (Allow) C:\program files (x86)\vpn unlimited\vpn-unlimited-daemon.exe
FirewallRules: [{57A6EAC5-3B54-4A17-8A18-713018721900}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{4428DDF8-636B-4BA8-B8A2-EFC57822594F}] => (Allow) C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe
FirewallRules: [{1F38C0E6-4798-4302-8E0C-9FBDAB95A87F}] => (Allow) C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe
FirewallRules: [{F1FCF9A0-02E1-4968-8715-99CC6ABCCE7D}] => (Allow) C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe
FirewallRules: [{E969162D-55BB-4DE7-B697-CA95D9C4209C}] => (Allow) C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe
FirewallRules: [UDP Query User{5EF4EE77-E57C-4042-AC03-893310218650}C:\users\rg\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\rg\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{5003A093-2EE5-4423-923E-7D8C2ABA118F}C:\users\rg\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\rg\appdata\roaming\spotify\spotify.exe
FirewallRules: [{00A77504-9747-4882-B851-83A7FB458EC3}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{113384AA-F0DC-44C5-8988-646C6F38FCDD}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe
FirewallRules: [{373254FF-4999-4575-AED1-D58706F46D95}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe
FirewallRules: [{36661E36-093B-4C7B-829A-68C6C859FABB}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe
FirewallRules: [{58907E92-C625-48C1-AB39-50284145EFA9}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe
FirewallRules: [{FE44F13A-69C6-4ECB-B578-3954AF396B41}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe
FirewallRules: [{0456E444-696E-4178-93C3-CB4AD1FEA90E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{C7BB1379-62D1-4F3D-B25F-F7EEF43AC0DB}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{45823DC3-184B-4009-AAA4-7CE5C5DBE7FD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{31770ABD-2A92-4F2C-BA1C-2BE49334D5CC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{05D1EF7A-9A19-47B5-BFE6-83F6EB65885B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{86BB85F0-6C23-4E82-BCCA-460A19FE91C9}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{6DF9B717-EB5E-44BF-A204-D7C6D81187E1}] => (Allow) C:\Program Files (x86)\Kilbride\freely.exe
FirewallRules: [{5BD34C16-CE37-4EA4-9EDE-7B2E9E5B275C}] => (Allow) C:\Program Files (x86)\Sent\freely.exe
FirewallRules: [{8BC9EA4A-C20C-4FC8-B883-B691AA16FDFA}] => (Allow) C:\Program Files (x86)\cannot\registry.exe
FirewallRules: [{9A5511AB-041C-45FB-AB6F-602F5C66EE6B}] => (Allow) C:\Program Files (x86)\Sent\registry.exe
FirewallRules: [{B31BA0EF-4CD9-4359-A65F-527630422ADD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{4854E52D-2CD6-4468-BC68-B65211C5946B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{81CA48E3-7C93-4884-9FD5-BAE66AC4E1F0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{67555CC0-DAC2-4558-8AA2-CB954719F971}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F463BC62-D95F-46F5-968D-5330A94B7B49}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{BB515F7D-58AE-4BF3-AD92-FD84CDF6416D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{BB95A0A7-104B-43F9-A088-4B2B6250EA51}] => (Allow) C:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe
FirewallRules: [{54779E85-3456-4261-B6F5-2E635E727EDF}] => (Allow) C:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe
FirewallRules: [{7B5E867E-9ABE-47D4-A9B3-CD5F16DCFFAF}] => (Allow) C:\Program Files (x86)\VPN Unlimited\openvpn.exe
FirewallRules: [{6A9616F9-9826-4483-A6C8-349E9223A43D}] => (Allow) C:\Program Files (x86)\VPN Unlimited\openvpn.exe
==================== Restore Points =========================
22-03-2018 23:25:29 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/23/2018 12:02:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: QtWebEngineProcess.exe, version: 0.0.0.0, time stamp: 0x59119a8b
Faulting module name: Qt5WebEngineCore.dll, version: 5.6.2.0, time stamp: 0x57e7d9e6
Exception code: 0x80000003
Fault offset: 0x008332c3
Faulting process id: 0x3810
Faulting application start time: 0x01d3c26f432567cc
Faulting application path: C:\Program Files (x86)\VPN Unlimited\QtWebEngineProcess.exe
Faulting module path: C:\Program Files (x86)\VPN Unlimited\Qt5WebEngineCore.dll
Report Id: 4ba0312a-2166-4b42-9ce7-d2a19b2f0509
Faulting package full name:
Faulting package-relative application ID:
Error: (03/23/2018 12:02:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: vpn-unlimited.exe, version: 4.17.0.0, time stamp: 0x5a7c6d89
Faulting module name: ntdll.dll, version: 10.0.15063.608, time stamp: 0x802f667e
Exception code: 0xc000000d
Fault offset: 0x000f507c
Faulting process id: 0x339c
Faulting application start time: 0x01d3c26f31d27d3f
Faulting application path: C:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 8b0c5d6b-4344-4589-92dd-7d66791989f3
Faulting package full name:
Faulting package-relative application ID:
Error: (03/23/2018 12:02:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: vpn-unlimited.exe, version: 4.17.0.0, time stamp: 0x5a7c6d89
Faulting module name: ntdll.dll, version: 10.0.15063.608, time stamp: 0x802f667e
Exception code: 0xc000000d
Fault offset: 0x000f507c
Faulting process id: 0x339c
Faulting application start time: 0x01d3c26f31d27d3f
Faulting application path: C:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: cfd1147b-9df2-40e8-9743-2a300daa39a3
Faulting package full name:
Faulting package-relative application ID:
Error: (03/22/2018 11:49:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RealPlayerUpdateSvc.exe, version: 0.0.0.0, time stamp: 0x57eb1533
Faulting module name: ntdll.dll, version: 10.0.15063.608, time stamp: 0x802f667e
Exception code: 0xc0000005
Fault offset: 0x00091cc2
Faulting process id: 0xe4c
Faulting application start time: 0x01d3c26ef6b72b8c
Faulting application path: C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 435c0213-8b3d-4890-bab5-626260096ca1
Faulting package full name:
Faulting package-relative application ID:
Error: (03/22/2018 11:21:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: QtWebEngineProcess.exe, version: 0.0.0.0, time stamp: 0x59119a8b
Faulting module name: Qt5WebEngineCore.dll, version: 5.6.2.0, time stamp: 0x57e7d9e6
Exception code: 0x80000003
Fault offset: 0x008332c3
Faulting process id: 0x39f8
Faulting application start time: 0x01d3c26f1a2f4272
Faulting application path: C:\Program Files (x86)\VPN Unlimited\QtWebEngineProcess.exe
Faulting module path: C:\Program Files (x86)\VPN Unlimited\Qt5WebEngineCore.dll
Report Id: 9a9e40eb-88f6-443b-9706-7866e31f6949
Faulting package full name:
Faulting package-relative application ID:
Error: (03/22/2018 11:21:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: vpn-unlimited.exe, version: 4.16.0.0, time stamp: 0x5a181260
Faulting module name: ntdll.dll, version: 10.0.15063.608, time stamp: 0x802f667e
Exception code: 0xc000000d
Fault offset: 0x000f507c
Faulting process id: 0x3404
Faulting application start time: 0x01d3c26f05cb6619
Faulting application path: C:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: ceddcf0e-510b-4e95-bbf7-8f9f445f1971
Faulting package full name:
Faulting package-relative application ID:
Error: (03/22/2018 11:21:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: vpn-unlimited.exe, version: 4.16.0.0, time stamp: 0x5a181260
Faulting module name: ntdll.dll, version: 10.0.15063.608, time stamp: 0x802f667e
Exception code: 0xc000000d
Fault offset: 0x000f507c
Faulting process id: 0x3404
Faulting application start time: 0x01d3c26f05cb6619
Faulting application path: C:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: ed13b3ae-be78-4edb-a75b-57778f56e4cf
Faulting package full name:
Faulting package-relative application ID:
Error: (03/22/2018 11:19:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ZeroConfigService.exe, version: 19.60.0.0, time stamp: 0x58d16fa6
Faulting module name: ZeroConfigService.exe, version: 19.60.0.0, time stamp: 0x58d16fa6
Exception code: 0xc0000409
Fault offset: 0x000000000022af80
Faulting process id: 0x132c
Faulting application start time: 0x01d3c20e8bdde52d
Faulting application path: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
Faulting module path: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
Report Id: de3848d2-e528-49aa-ac06-ea05da05ea21
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (03/23/2018 12:02:47 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.
Error: (03/23/2018 12:02:47 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.
Error: (03/23/2018 12:02:47 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.
Error: (03/23/2018 12:02:47 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.
Error: (03/23/2018 12:02:47 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.
Error: (03/23/2018 12:02:47 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.
Error: (03/23/2018 12:02:47 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.
Error: (03/23/2018 12:02:47 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.
Windows Defender:
===================================
Date: 2018-01-24 10:41:48.957
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Tiggre!plock
ID: 2147723626
Severity: Severe
Category: Trojan
Path: file:_C:\Users\RG\AppData\Local\Temp\78906\ic-0.2867822b6d5b64.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Users\RG\AppData\Local\Temp\is-IVUOC.tmp\temporal_setup.exe
Signature Version: AV: 1.261.127.0, AS: 1.261.127.0, NIS: 118.2.0.0
Engine Version: AM: 1.1.14500.5, NIS: 2.1.14202.0
Date: 2018-01-24 10:41:42.605
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Fuery.A!cl
ID: 2147718513
Severity: Severe
Category: Trojan
Path: file:_C:\Users\RG\AppData\Local\Temp\78906\ic-0.5c988dc4478be4.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Users\RG\AppData\Local\Temp\is-IVUOC.tmp\temporal_setup.exe
Signature Version: AV: 1.261.127.0, AS: 1.261.127.0, NIS: 118.2.0.0
Engine Version: AM: 1.1.14500.5, NIS: 2.1.14202.0
Date: 2018-01-24 10:41:01.268
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Fuerboos.A!cl
ID: 2147723652
Severity: Severe
Category: Trojan
Path: file:_C:\Users\RG\AppData\Local\Temp\78906\ic-0.760fadb8409eec.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: Unknown
Signature Version: AV: 1.261.127.0, AS: 1.261.127.0, NIS: 118.2.0.0
Engine Version: AM: 1.1.14500.5, NIS: 2.1.14202.0
Date: 2018-01-24 10:41:00.635
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Fuerboos.A!cl
ID: 2147723652
Severity: Severe
Category: Trojan
Path: file:_C:\Users\RG\AppData\Local\Temp\78906\ic-0.760fadb8409eec.exe;process:_pid:13580,ProcessStart:131612928057091330
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: Unknown
Signature Version: AV: 1.261.127.0, AS: 1.261.127.0, NIS: 118.2.0.0
Engine Version: AM: 1.1.14500.5, NIS: 2.1.14202.0
Date: 2018-01-24 10:41:00.157
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Fuerboos.A!cl
ID: 2147723652
Severity: Severe
Category: Trojan
Path: file:_C:\Users\RG\AppData\Local\Temp\78906\ic-0.760fadb8409eec.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: Unknown
Signature Version: AV: 1.261.127.0, AS: 1.261.127.0, NIS: 118.2.0.0
Engine Version: AM: 1.1.14500.5, NIS: 2.1.14202.0
Date: 2018-01-24 10:57:27.069
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.261.127.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14500.5
Error code: 0x80070645
Error description: This action is only valid for products that are currently installed.
Date: 2018-01-24 10:57:27.068
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.261.127.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14500.5
Error code: 0x80070645
Error description: This action is only valid for products that are currently installed.
Date: 2018-01-24 10:57:27.068
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.261.127.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14500.5
Error code: 0x80070645
Error description: This action is only valid for products that are currently installed.
Date: 2018-01-24 10:47:24.910
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.261.127.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14500.5
Error code: 0x80072ee2
Error description: The operation timed out
Date: 2018-01-24 10:47:24.909
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 118.2.0.0
Update Source: Microsoft Malware Protection Center
Signature Type: Network Inspection System
Update Type: Full
Current Engine Version:
Previous Engine Version: 2.1.14202.0
Error code: 0x80072ee2
Error description: The operation timed out
CodeIntegrity:
===================================
Date: 2018-01-29 18:38:12.123
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-25 00:13:00.848
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-24 23:56:03.373
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-24 23:07:59.788
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-20 21:30:12.140
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-01-18 22:06:48.613
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\Drivers\WdBoot.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-01-18 22:06:48.610
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\Drivers\WdBoot.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-12-14 16:05:07.741
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel® Core i7-6500U CPU @ 2.50GHz
Percentage of memory in use: 41%
Total physical RAM: 12147.63 MB
Available physical RAM: 7089.89 MB
Total Virtual: 14003.63 MB
Available Virtual: 8380.7 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:465.22 GB) (Free:43.78 GB) NTFS
\\?\Volume{e7f89266-153f-4d6c-b0d4-bb5d93b3b75a}\ () (Fixed) (Total:0.86 GB) (Free:0.34 GB) NTFS
\\?\Volume{1c93cc0d-21ea-44e1-9704-88f4b7548b01}\ () (Fixed) (Total:0 GB) (Free:0 GB)
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 5814AFE4)
Partition: GPT.
==================== End of Addition.txt ============================