Jump to content

All Activity

This stream auto-updates     

  1. Past hour
  2. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25.04.2019 Ran by user (26-04-2019 12:16:27) Running from C:\Users\user\Downloads Windows 10 Home Version 1803 17134.706 (X64) (2018-05-25 16:07:16) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2784505278-3354604937-3040341909-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2784505278-3354604937-3040341909-503 - Limited - Disabled) Guest (S-1-5-21-2784505278-3354604937-3040341909-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2784505278-3354604937-3040341909-1002 - Limited - Enabled) user (S-1-5-21-2784505278-3354604937-3040341909-1000 - Administrator - Enabled) => C:\Users\user WDAGUtilityAccount (S-1-5-21-2784505278-3354604937-3040341909-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Spybot - Search and Destroy (Enabled - Up to date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC} AS: Spybot - Search and Destroy (Enabled - Up to date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75} AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501} FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 4500_G510gm_Help (HKLM-x32\...\{DF0B357C-5874-47D0-81E7-79AA890B0CE0}) (Version: 000.0.440.000 - Hewlett-Packard) Hidden 4500_G510nz_Help (HKLM-x32\...\{690879A5-18EF-447B-98D6-B699D51008AB}) (Version: 000.0.439.000 - Hewlett-Packard) Hidden 4500G510gm (HKLM-x32\...\{BE0D4271-69C9-4f28-AD9B-BB33D126A30E}) (Version: 000.0.423.000 - Hewlett-Packard) Hidden 4500G510gm_Software_Min (HKLM-x32\...\{28379381-B56A-43e1-B505-3098D82B1C30}) (Version: 000.0.423.000 - Hewlett-Packard) Hidden 4500G510nz (HKLM-x32\...\{5B05FF91-F20C-4832-A8DE-E1912639C17C}) (Version: 000.0.439.000 - Hewlett-Packard) Hidden 4500G510nz_Software_Min (HKLM-x32\...\{3A4D5E2D-988D-4ee9-8E7F-3AC200A2B8F5}) (Version: 000.0.423.000 - Hewlett-Packard) Hidden 64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated) AmazonSmile 1Button App (HKLM-x32\...\{D775E291-9D15-4AAE-B75C-ECBD32B82B86}) (Version: 1.0.0 - Amazon) ANT Drivers Installer x64 (HKLM\...\{7664AF65-7B0D-4171-9F0F-50455278B428}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden Apple Application Support (32-bit) (HKLM-x32\...\{9F7041CB-8398-4691-B8CB-0D52273BB3D9}) (Version: 7.4 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{6E7DF4EE-1976-4215-9D81-755AFC95687D}) (Version: 7.4 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{BA2A6DBB-B09A-43D8-84F3-21C1537B47D9}) (Version: 12.2.0.15 - Apple Inc.) Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.) Ask Toolbar Updater (HKU\S-1-5-21-2784505278-3354604937-3040341909-1000\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.4.3.42067 - Ask.com) <==== ATTENTION Bejeweled 2 Deluxe (HKLM-x32\...\WT082192) (Version: 2.2.0.82 - WildTangent) Hidden Blackhawk Striker 2 (HKLM-x32\...\WT082122) (Version: 2.2.0.82 - WildTangent) Hidden Blasterball 3 (HKLM-x32\...\WT082124) (Version: 2.2.0.82 - WildTangent) Hidden Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden Build-a-lot 2 (HKLM-x32\...\WT082438) (Version: 2.2.0.82 - WildTangent) Hidden CaddieSync Express 1.5.25 (HKLM-x32\...\CaddieSync Express) (Version: 1.5.25 - SkyHawke Technologies) Cake Mania (HKLM-x32\...\WT083477) (Version: 2.2.0.82 - WildTangent) Hidden Carbonite (HKLM-x32\...\{129A37E4-7280-429B-B2C6-FF2EA057F239}) (Version: 6.3.4 build 7957 (Feb-08-2019) - Carbonite) Chuzzle Deluxe (HKLM-x32\...\WT082200) (Version: 2.2.0.82 - WildTangent) Hidden CinemaNow Media Manager (HKLM-x32\...\{6C122441-1861-4CD7-B1C5-A163A6984E12}) (Version: 1.9.1.105 - CinemaNow, Inc.) Cisco WebEx Meetings (HKU\S-1-5-21-2784505278-3354604937-3040341909-1000\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC) Citrix Online Launcher (HKLM-x32\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix) Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 13.1.0.89 - Citrix Systems, Inc.) CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2712 - CyberLink Corp.) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden DeviceDiscovery (HKLM-x32\...\{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}) (Version: 130.0.372.000 - Hewlett-Packard) Hidden Diner Dash 2 Restaurant Rescue (HKLM-x32\...\WT082396) (Version: 2.2.0.82 - WildTangent) Hidden DocMgr (HKLM-x32\...\{92A51949-EE4C-466D-AAF0-99E74A49A63F}) (Version: 130.0.000.000 - Hewlett-Packard) Hidden DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden Dora's Carnival Adventure (HKLM-x32\...\WT082133) (Version: 2.2.0.82 - WildTangent) Hidden DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.0.3715 - Hewlett-Packard) Hidden DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.0.3715 - Hewlett-Packard) Elevated Installer (HKLM-x32\...\{1052502B-4C91-43F9-B160-AE39ED57C9F0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden Escape Rosecliff Island (HKLM-x32\...\WT083484) (Version: 2.2.0.82 - WildTangent) Hidden Faerie Solitaire (HKLM-x32\...\WT082442) (Version: 2.2.0.82 - WildTangent) Hidden FATE (HKLM-x32\...\WT082141) (Version: 2.2.0.82 - WildTangent) Hidden Fax (HKLM-x32\...\{440B915A-0C85-45DB-92AE-75AE14704A64}) (Version: 130.0.418.000 - Hewlett-Packard) Hidden Garmin Communicator Plugin (HKLM-x32\...\{647BB978-2876-487B-9B0E-FDB73F0EA4A2}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries) Garmin Communicator Plugin x64 (HKLM\...\{237D687E-9E50-4A30-B810-262764CC491B}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries) Garmin Express (HKLM-x32\...\{BCC7CA85-E57F-452D-BB44-15A1CE018BD0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express (HKLM-x32\...\{bd8bd200-9a60-4969-b267-6b565f36e3da}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Garmin Express Tray (HKLM-x32\...\{DA9C865D-6762-4931-8588-0B13B7A0796B}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries) Garmin WebUpdater (HKLM-x32\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.108 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5418.39 - PC-Doctor, Inc.) Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard) HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP) HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP) HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.80 - WildTangent) HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP) HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard) HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.0.3902 - Hewlett-Packard) HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.0.3910 - Hewlett-Packard) HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.0.3911 - Hewlett-Packard) HP MediaSmart SmartMenu (HKLM\...\{5B08AF35-B699-4A44-BB89-3E51E70611E8}) (Version: 3.1.1.12 - Hewlett-Packard) HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.0.3911 - Hewlett-Packard) HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.0.2626 - Hewlett-Packard) HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{35021DFB-F9CA-402A-89A2-47F91E506465}) (Version: 1.0.2.0 - Hewlett-Packard) HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard) HP Officejet 4500 G510g-m (HKLM\...\{E5083D57-D93F-404C-A91F-1C50D67C2BEB}) (Version: 13.0 - HP) HP Officejet 4500 G510n-z (HKLM\...\{7E0E61CC-1C99-429D-BEA7-C4DD5B898D2A}) (Version: 13.0 - HP) HP Setup (HKLM-x32\...\{F5C7FD70-2C0A-401E-95E9-916363567DDA}) (Version: 1.2.4048.3310 - Hewlett-Packard) HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP) HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.2.8.25 - Hewlett-Packard Company) HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard) HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.2.8.17 - Hewlett-Packard Company) HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard) HPSSupply (HKLM-x32\...\{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden Hulu Desktop (HKU\S-1-5-21-2784505278-3354604937-3040341909-1000\...\HuluDesktop) (Version: 0.9.11 - Hulu LLC) iCloud (HKLM\...\{03742818-3BC2-45BA-B6BB-4C2D453FD033}) (Version: 7.11.0.19 - Apple Inc.) Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2086 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) ITE Infrared Transceiver (HKLM-x32\...\{40580068-9B10-40B5-9548-536CE88AB23C}) (Version: 1.00.0000 - ITE) iTunes (HKLM\...\{DF90B2B3-5832-4E85-934D-8048B33A1D67}) (Version: 12.9.4.102 - Apple Inc.) Jewel Quest 3 (HKLM-x32\...\WT082443) (Version: 2.2.0.82 - WildTangent) Hidden Jewel Quest Solitaire 2 (HKLM-x32\...\WT082468) (Version: 2.2.0.82 - WildTangent) Hidden JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.36.4 - JMicron Technology Corp.) Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2610 - CyberLink Corp.) Hidden LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2610 - CyberLink Corp.) LightScribe System Software (HKLM-x32\...\{FA8BFB25-BF48-4F8B-8859-B30810745190}) (Version: 1.18.11.1 - LightScribe) Malwarebytes version 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes) MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.36 - McAfee, Inc.) McAfee® Total Protection (HKLM-x32\...\MSC) (Version: 16.0 R18 - McAfee, Inc.) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Professional 2007 (HKLM-x32\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2784505278-3354604937-3040341909-1000\...\OneDriveSetup.exe) (Version: 19.043.0304.0007 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.0.3715 - Hewlett-Packard) Hidden Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.0.3715 - Hewlett-Packard) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Mystery P.I. - The New York Fortune (HKLM-x32\...\WT082456) (Version: 2.2.0.82 - WildTangent) Hidden Network64 (HKLM\...\{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}) (Version: 130.0.550.000 - Hewlett-Packard) Hidden Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 2.0.0.34 - Symantec) OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP) Online Plug-in (HKLM-x32\...\{739A6D0C-CA8D-4955-8E3D-58D1847327AC}) (Version: 13.1.0.89 - Citrix Systems, Inc.) Hidden Penguins! (HKLM-x32\...\WT082168) (Version: 2.2.0.82 - WildTangent) Hidden PhotoNow! (HKLM-x32\...\{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.) Hidden PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.) PictureMover (HKLM-x32\...\{1896E712-2B3D-45eb-BCE9-542742A51032}) (Version: 3.3.1.19 - Hewlett-Packard Company) Plants vs. Zombies (HKLM-x32\...\WT082170) (Version: 2.2.0.82 - WildTangent) Hidden PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) Poker Superstars III (HKLM-x32\...\WT082171) (Version: 2.2.0.82 - WildTangent) Hidden Polar Bowler (HKLM-x32\...\WT082172) (Version: 2.2.0.82 - WildTangent) Hidden Polar Golfer (HKLM-x32\...\WT082173) (Version: 2.2.0.82 - WildTangent) Hidden Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3810 - CyberLink Corp.) Hidden Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3810 - CyberLink Corp.) PowerDirector (HKLM-x32\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2704 - CyberLink Corp.) Hidden PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2704 - CyberLink Corp.) QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: - Ralink) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7404 - Realtek Semiconductor Corp.) Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.2719 - CyberLink Corp.) Hidden Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden Self-service Plug-in (HKLM-x32\...\{F605992E-FD5B-46D7-AFDA-FDB1AB00F829}) (Version: 3.1.0.21744 - Citrix Systems, Inc.) Hidden Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP) Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version: - Silicon Laboratories) Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation) SmartWebPrinting (HKLM-x32\...\{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden Smilebox (HKU\S-1-5-21-2784505278-3354604937-3040341909-1000\...\Smilebox) (Version: 1.0.0.25974 - Smilebox, Inc.) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.) Status (HKLM-x32\...\{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.0.6447 - TeamViewer) TextTwist 2 (HKLM-x32\...\WT083491) (Version: 2.2.0.82 - WildTangent) Hidden Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden TrayApp (HKLM-x32\...\{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}) (Version: 130.0.376.000 - Hewlett-Packard) Hidden Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation) Virtual Families (HKLM-x32\...\WT082188) (Version: 2.2.0.82 - WildTangent) Hidden Virtual Villagers - The Secret City (HKLM-x32\...\WT082241) (Version: 2.2.0.82 - WildTangent) Hidden WD SmartWare (HKLM\...\{604CB4FC-3D32-405F-A109-165F170529B6}) (Version: 1.2.0.8 - Western Digital) WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden Wheel of Fortune 2 (HKLM-x32\...\WT082189) (Version: 2.2.0.82 - WildTangent) Hidden Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin) Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation) Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - ) Zuma's Revenge (HKLM-x32\...\WT082463) (Version: 2.2.0.82 - WildTangent) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2784505278-3354604937-3040341909-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-2784505278-3354604937-3040341909-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-2784505278-3354604937-3040341909-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-2784505278-3354604937-3040341909-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-2784505278-3354604937-3040341909-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-2784505278-3354604937-3040341909-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-2784505278-3354604937-3040341909-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-2784505278-3354604937-3040341909-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-2784505278-3354604937-3040341909-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\user\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File ShellIconOverlayIdentifiers: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.) ShellIconOverlayIdentifiers: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.) ShellIconOverlayIdentifiers: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.) ShellIconOverlayIdentifiers: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.) ShellIconOverlayIdentifiers: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.) ShellIconOverlayIdentifiers: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.) ShellIconOverlayIdentifiers: [Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.) ShellIconOverlayIdentifiers: [Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.) ShellIconOverlayIdentifiers: [Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.) ShellIconOverlayIdentifiers-x32: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.) ShellIconOverlayIdentifiers-x32: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.) ShellIconOverlayIdentifiers-x32: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.) ShellIconOverlayIdentifiers-x32: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.) ShellIconOverlayIdentifiers-x32: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.) ShellIconOverlayIdentifiers-x32: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.) ShellIconOverlayIdentifiers-x32: [Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.) ShellIconOverlayIdentifiers-x32: [Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.) ShellIconOverlayIdentifiers-x32: [Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.) ContextMenuHandlers1: [Carbonite] -> {FE8BD682-9A64-4740-A92B-EE7E5F7FA0A5} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.) ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\program files\mcafee\msc\mcctxmenufrmwrk.dll [2019-02-15] (McAfee, Inc. -> McAfee, Inc.) ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-03-13] (Apple Inc. -> Apple Inc.) ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.) ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.) ContextMenuHandlers2: [Carbonite] -> {FE8BD682-9A64-4740-A92B-EE7E5F7FA0A5} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [Carbonite] -> {FE8BD682-9A64-4740-A92B-EE7E5F7FA0A5} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-02-08] (Carbonite -> Carbonite, Inc.) ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2012-11-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\program files\mcafee\msc\mcctxmenufrmwrk.dll [2019-02-15] (McAfee, Inc. -> McAfee, Inc.) ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.) ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\Users\user\AppData\Roaming\Microsoft\Windows\Network Shortcuts\My Web Sites on MSN\target.lnk -> hxxp://www.msnusers.co ==================== Loaded Modules (Whitelisted) ============== 2010-01-22 15:14 - 2010-01-22 15:14 - 000073728 _____ (Hewlett-Packard Company) [File not signed] c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe 2008-12-03 21:05 - 2008-12-03 21:05 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll 2009-11-13 15:28 - 2009-11-13 15:28 - 000129536 _____ (WDC) [File not signed] C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe 2018-05-25 11:47 - 2018-05-25 11:47 - 001654784 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80U.DLL 2018-05-25 11:47 - 2018-05-25 11:47 - 000047104 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\MFC80ENU.DLL 2009-06-16 12:58 - 2009-06-16 12:58 - 000020480 _____ (Memeo) [File not signed] C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe 2009-06-16 12:58 - 2009-06-16 12:58 - 000028672 _____ (Memeo) [File not signed] C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\MemeoRemoteCore.dll 2008-12-03 21:05 - 2008-12-03 21:05 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll 2009-09-08 12:51 - 2009-09-08 12:51 - 001037824 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll 2009-08-19 19:49 - 2009-08-19 19:49 - 001069056 _____ (Memeo Inc.) [File not signed] C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\Tanagra.DataClad.dll 2009-08-19 19:49 - 2009-08-19 19:49 - 000049152 _____ () [File not signed] C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\Memeo.API.dll 2009-08-19 19:49 - 2009-08-19 19:49 - 000901120 _____ (Memeo Inc.) [File not signed] C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\Tanagra.Utility.dll 2009-08-19 19:49 - 2009-08-19 19:49 - 000015360 _____ (Stan Schultes, VBNetExpert.com) [File not signed] C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\XMLSettings.dll 2009-08-19 19:49 - 2009-08-19 19:49 - 000290816 _____ (Memeo Inc.) [File not signed] C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\Tanagra.DataClad.DataAccess.dll 2009-08-19 19:49 - 2009-08-19 19:49 - 001404928 _____ (Memeo Inc.) [File not signed] C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\Tanagra.BMU.dll 2009-08-19 19:49 - 2009-08-19 19:49 - 000049152 _____ (Memeo Inc.) [File not signed] C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\Tanagra.Interop.dll 2009-08-19 19:49 - 2009-08-19 19:49 - 000069632 _____ (Finisar Corporation) [File not signed] C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\SQLite.NET.dll 2009-02-25 18:18 - 2009-02-25 18:18 - 001196032 _____ () [File not signed] C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\sqlite3.DLL 2010-01-22 15:13 - 2010-01-22 15:13 - 000110592 _____ (Hewlett-Packard Company) [File not signed] c:\Program Files (x86)\Common Files\LightScribe\LSSProxy.dll 2010-01-22 15:14 - 2010-01-22 15:14 - 000033792 _____ (Hewlett-Packard Company) [File not signed] c:\Program Files (x86)\Common Files\LightScribe\LSLog.dll 2009-05-21 23:03 - 2009-05-21 23:03 - 000133120 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll 2009-05-21 23:03 - 2009-05-21 23:03 - 000213504 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddcmn.dll 2009-05-21 23:13 - 2009-05-21 23:13 - 000248832 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll 2019-04-25 17:13 - 2019-03-13 09:22 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll 2019-04-25 17:13 - 2019-03-13 09:22 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll 2019-04-25 17:13 - 2019-03-13 09:22 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll 2019-04-25 17:13 - 2019-03-13 09:22 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll 2019-04-25 17:13 - 2019-03-13 09:22 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll 2019-04-25 17:13 - 2019-03-13 09:22 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll 2019-04-25 17:13 - 2019-03-13 09:22 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll 2019-04-25 17:13 - 2019-03-13 09:22 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll 2019-04-25 17:13 - 2019-03-13 09:22 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll 2019-04-25 17:13 - 2019-03-13 09:22 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll 2019-04-25 17:13 - 2019-03-13 09:22 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll 2019-04-25 17:13 - 2019-03-13 09:22 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll 2019-04-25 17:13 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll 2019-04-25 17:13 - 2019-03-13 09:22 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll 2019-04-25 17:13 - 2019-03-13 09:22 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll 2019-04-25 17:13 - 2019-03-13 09:22 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll 2019-04-25 17:13 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll 2019-04-25 17:13 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll 2019-04-25 17:13 - 2019-03-13 09:22 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll 2013-03-04 13:18 - 2013-03-04 13:18 - 002892800 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtCore4.dll 2009-06-22 22:42 - 2009-06-22 22:42 - 000043008 _____ () [File not signed] C:\Program Files (x86)\SkyGolf\CaddieSync Express\libgcc_s_dw2-1.dll 2009-01-10 14:32 - 2009-01-10 14:32 - 000011362 _____ () [File not signed] C:\Program Files (x86)\SkyGolf\CaddieSync Express\mingwm10.dll 2012-11-26 04:46 - 2012-11-26 04:46 - 010153984 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtGui4.dll 2012-11-26 04:23 - 2012-11-26 04:23 - 001306624 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtNetwork4.dll 2012-11-26 05:17 - 2012-11-26 05:17 - 002178048 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtScript4.dll 2012-11-26 04:21 - 2012-11-26 04:21 - 000400384 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtXml4.dll 2012-11-26 07:53 - 2012-11-26 07:53 - 000745984 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\SkyGolf\CaddieSync Express\QtScriptTools4.dll 2013-01-15 19:43 - 2009-09-30 22:45 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll 2013-01-15 19:43 - 2009-09-30 22:48 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll 2013-01-15 19:43 - 2009-09-30 22:48 - 000077824 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\DTMessageLib.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com There are 7945 more sites. IE restricted site: HKU\S-1-5-21-2784505278-3354604937-3040341909-1000\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-2784505278-3354604937-3040341909-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-2784505278-3354604937-3040341909-1000\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-2784505278-3354604937-3040341909-1000\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-2784505278-3354604937-3040341909-1000\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-2784505278-3354604937-3040341909-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-2784505278-3354604937-3040341909-1000\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-2784505278-3354604937-3040341909-1000\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-2784505278-3354604937-3040341909-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-2784505278-3354604937-3040341909-1000\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-2784505278-3354604937-3040341909-1000\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-2784505278-3354604937-3040341909-1000\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-2784505278-3354604937-3040341909-1000\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-2784505278-3354604937-3040341909-1000\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-2784505278-3354604937-3040341909-1000\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-2784505278-3354604937-3040341909-1000\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-2784505278-3354604937-3040341909-1000\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-2784505278-3354604937-3040341909-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-2784505278-3354604937-3040341909-1000\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-2784505278-3354604937-3040341909-1000\...\123simsen.com -> www.123simsen.com There are 7945 more sites. ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 22:34 - 2018-12-10 07:25 - 000454894 ____R C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 123fporn.info 127.0.0.1 www.123fporn.info 127.0.0.1 123haustiereundmehr.com 127.0.0.1 www.123haustiereundmehr.com 127.0.0.1 123moviedownload.com 127.0.0.1 www.123moviedownload.com There are 15614 more lines. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\;c:\Program Files (x86)\Common Files\Roxio Shared\12.0\DLLShared\;C:\Program Files (x86)\Common Files\HP\Digital Imaging\bin;C:\Program Files (x86)\HP\Digital Imaging\bin\;C:\Program Files (x86)\HP\Digital Imaging\bin\Qt\Qt 4.3.3;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\QuickTime\QTSystem\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\Apple\Internet Services\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-2784505278-3354604937-3040341909-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\user\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PictureMover.lnk => C:\Windows\pss\PictureMover.lnk.CommonStartup MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup MSCONFIG\startupreg: HPAdvisorDock => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: SmileboxTray => "C:\Users\user\AppData\Roaming\Smilebox\SmileboxTray.exe" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{D2076611-CBD3-4712-B4EA-33CF906B6E36}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{99E19B39-CE9F-42B1-A496-13D20ED5BEA1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{4C27B121-D88C-4094-90E2-D1581D473957}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{F8C64658-BCA9-46C0-866D-4B5B20E3031B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{5FC9EA17-9DE5-40AA-93C9-9896BBA077F7}] => (Allow) C:\Windows\System32\mstsc.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{73376366-6816-4AFA-AA1A-D098C905EED8}] => (Allow) C:\Windows\System32\mstsc.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{4D383B37-85DF-4C3F-89AE-467CE537057A}] => (Allow) C:\Windows\System32\mstsc.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{3CC122FD-F4ED-4ED8-B901-1B99BB62B996}] => (Allow) C:\Windows\System32\mstsc.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{3D8CD479-7A88-4208-BF07-3348D0C5641A}] => (Allow) C:\Windows\System32\mstsc.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{F0131E70-80B7-4333-8F5C-0E3396DCB5C7}] => (Allow) C:\Windows\System32\mstsc.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{E4340F6F-DDD2-4678-8555-EACD535F398C}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe (Hewlett Packard -> Hewlett-Packard) FirewallRules: [{32036DB2-08EF-442E-9457-BD3556633FFB}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe (Hewlett Packard -> Hewlett-Packard) FirewallRules: [{35125B73-E34A-473D-940A-FB1CCE75CF48}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe No File FirewallRules: [{2DB4F02F-7A51-4BF4-9956-FAB03EA217BE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{183DB637-947D-4938-9615-234E1AAE216C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{1F7EE496-91BE-4057-803D-B5FBEC612A26}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{7781AB57-0FDD-4162-BE41-4F310996EB83}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{9B26C4DE-1E57-4D77-9477-71CE909E946B}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.) FirewallRules: [{C3A323A9-5988-42B5-886C-E78F8F1A62B8}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.) FirewallRules: [{60EA7403-8D17-4AB3-B4F0-B016F9582285}] => (Allow) LPort=1900 FirewallRules: [{C438F349-C689-40C3-A518-A4B7AB9BAB8C}] => (Allow) LPort=2869 FirewallRules: [{F09438D1-871F-432C-AB6F-5C1747AF6D77}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{8ECAAE5F-4A8D-451B-88F2-F424127C912A}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe (Hewlett-Packard Company -> Hewlett-Packard Co.) FirewallRules: [{3CF28B02-15CC-413B-9167-ADEA7A750952}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard) FirewallRules: [{6140E529-9099-41CF-B6D6-C629AA16913D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{9D0238A7-8472-4A28-825A-0B52A553A990}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{3B1C3418-FD9B-4383-93B5-6F651A388E25}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe No File FirewallRules: [{0AAF3737-182B-4EBB-B0F2-AA96220FA8EB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe No File FirewallRules: [{0DDFF58F-3C55-419C-B00A-FF3EC8F0B3BC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe (Hewlett-Packard Co.) [File not signed] FirewallRules: [{DD946725-F1F4-4AC4-A299-C76588F55D4A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe (Hewlett-Packard Co.) [File not signed] FirewallRules: [{9992FA06-99BD-4E0A-8860-429F767B5FA6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett-Packard) [File not signed] FirewallRules: [{E141C013-9C57-42B6-8162-948D66AE1051}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe (Hewlett-Packard Co.) [File not signed] FirewallRules: [{CCA3486F-EF52-4B21-BF97-262C59AFB655}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe (Hewlett-Packard Co.) [File not signed] FirewallRules: [{685E0ED8-A385-47C3-A45D-CC8D5E20AC99}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe () [File not signed] FirewallRules: [{66546FAB-A0DC-40D6-955D-3A24586C060A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett-Packard) [File not signed] FirewallRules: [{BF0869FB-2C69-4AB4-A989-D5D809276EEC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe (Hewlett-Packard Co.) [File not signed] FirewallRules: [{433BE15D-9929-45BC-B241-4C5633787410}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe (Hewlett-Packard Co.) [File not signed] FirewallRules: [{29FE5679-5BFB-4FE5-8818-CF038397FF78}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe (Hewlett-Packard Co.) [File not signed] FirewallRules: [{6795A03C-02C8-4116-974A-6379A231CD21}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) [File not signed] FirewallRules: [{D1F2872A-3518-40B0-99B3-478979338885}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{60F61E62-2694-4511-A5C6-A5E326A4552A}] => (Allow) C:\Users\user\AppData\Local\Temp\HP\OJ4500vG510g-m_Full_13_en\setup\hpznui40.exe No File FirewallRules: [{D3F3802C-4582-4E2D-BE9D-53D05EA11CA3}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{FAAF119B-4D22-4C13-A3FA-B32ABE508502}] => (Allow) svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation) FirewallRules: [{3728D75E-42FE-45D7-80A7-E3EED99D237A}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C9EBFFCF-CF06-47D6-8E3F-679CB478A34E}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\HPTouchSmartMusic.exe (CyberLink -> CyberLink Corp.) FirewallRules: [{240347E4-0884-4FD4-81EC-39C19952760E}] => (Allow) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe (Sonic Solutions -> CinemaNow Inc.) FirewallRules: [{14F6B11B-526B-4E3F-936C-2B27F578E0D7}] => (Allow) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe (Sonic Solutions -> CinemaNow Inc.) FirewallRules: [{EF4AF612-D632-4754-8727-958868D844AD}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\CinemaNow\CinemaNow.exe (Sonic Solutions -> Sonic Solutions) FirewallRules: [{2D3A9E2C-EAA1-4D5A-877D-74971B549F54}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\CinemaNow\CinemaNow.exe (Sonic Solutions -> Sonic Solutions) FirewallRules: [{F478F8F0-5AA1-4E65-95E5-43D32C37938A}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE No File FirewallRules: [{EF914C7A-2174-44A8-ACF3-C0F1A47288BA}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe (CyberLink -> CyberLink Corp.) FirewallRules: [{1EA7CD6F-5E55-43B0-8377-59E901EF7508}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe No File FirewallRules: [{E86159D1-366B-4412-8BCE-9F10DEB95AEA}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe No File FirewallRules: [{7E2AF8B5-0365-415A-9D15-EFFC238B6D80}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe No File FirewallRules: [{557656FE-B212-440B-8FD4-DA6B2E672F4F}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe No File FirewallRules: [{4E38A03D-2F57-4BEC-95FD-9F3E6CFCA00D}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe No File FirewallRules: [{A5B0E923-D7DD-4522-AEF2-2BBE329AACC8}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe (McAfee, Inc. -> McAfee, Inc.) FirewallRules: [{59B9566C-0518-470F-98A3-092589B09496}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, Inc. -> McAfee, Inc.) FirewallRules: [{61F586F9-82EB-45E2-87B7-A250C656321C}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{F83E1D08-1020-42DB-808A-B1581645CDDC}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{69B47BAA-4648-4FC0-A7BC-7A561169D16A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Restore Points ========================= 26-04-2019 09:39:50 Scheduled Checkpoint ==================== Faulty Device Manager Devices ============= Name: OfficeJet Pro 6970 Description: OfficeJet Pro 6970 Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318} Manufacturer: HP Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (04/26/2019 03:41:43 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: esu.exe, version: 1.0.0.0, time stamp: 0x58dac8d5 Faulting module name: KERNELBASE.dll, version: 10.0.17134.556, time stamp: 0xadca2670 Exception code: 0xe0434352 Fault offset: 0x001118a2 Faulting process id: 0xcd24 Faulting application start time: 0x01d4fc037b77814e Faulting application path: C:\Program Files (x86)\Garmin\Express SelfUpdater\esu.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report Id: fb5657c7-b727-449e-9d54-f86923da4abe Faulting package full name: Faulting package-relative application ID: Error: (04/26/2019 03:41:41 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: esu.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.IO.FileNotFoundException at Garmin.Omt.Service.Shared.Overrides+<UpdateDatacenterOverridesAsync>d__61.MoveNext() at System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start[[Garmin.Omt.Service.Shared.Overrides+<UpdateDatacenterOverridesAsync>d__61, ExpressSelfUpdater, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null]](<UpdateDatacenterOverridesAsync>d__61 ByRef) at Garmin.Omt.Service.Shared.Overrides.UpdateDatacenterOverridesAsync(Boolean) at Garmin.Omt.Service.Shared.Overrides..cctor() Exception Info: System.TypeInitializationException at Garmin.Omt.Service.Shared.Overrides.get_OmtBaseUrl() at Garmin.Omt.Express.SelfUpdater.Program.RealMain() at Garmin.Omt.Express.SelfUpdater.Program.Main(System.String[]) Error: (04/25/2019 09:12:55 AM) (Source: HP Active Health) (EventID: 91) (User: ) Description: Unhandled Exception. Application will terminate immediately. System.ArgumentNullException: Value cannot be null. at System.Threading.Monitor.Enter(Object obj) at HP.ActiveHealth.Commons.Security.HashStore.Validate(String filePath) at HP.ActiveHealth.Core.Program..ctor(String[] args, Boolean mustCheckSignature, Boolean validateIni) at HP.ActiveHealth.Core.ActiveHealthMain.Main(String[] args) Error: (04/25/2019 04:50:25 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: esu.exe, version: 1.0.0.0, time stamp: 0x58dac8d5 Faulting module name: KERNELBASE.dll, version: 10.0.17134.556, time stamp: 0xadca2670 Exception code: 0xe0434352 Fault offset: 0x001118a2 Faulting process id: 0x249d8 Faulting application start time: 0x01d4fb43e90bd1eb Faulting application path: C:\Program Files (x86)\Garmin\Express SelfUpdater\esu.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report Id: 8e878997-11b6-46bd-a1a4-7af79a911865 Faulting package full name: Faulting package-relative application ID: Error: (04/25/2019 04:50:23 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: esu.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.IO.FileNotFoundException at Garmin.Omt.Service.Shared.Overrides+<UpdateDatacenterOverridesAsync>d__61.MoveNext() at System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start[[Garmin.Omt.Service.Shared.Overrides+<UpdateDatacenterOverridesAsync>d__61, ExpressSelfUpdater, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null]](<UpdateDatacenterOverridesAsync>d__61 ByRef) at Garmin.Omt.Service.Shared.Overrides.UpdateDatacenterOverridesAsync(Boolean) at Garmin.Omt.Service.Shared.Overrides..cctor() Exception Info: System.TypeInitializationException at Garmin.Omt.Service.Shared.Overrides.get_OmtBaseUrl() at Garmin.Omt.Express.SelfUpdater.Program.RealMain() at Garmin.Omt.Express.SelfUpdater.Program.Main(System.String[]) Error: (04/24/2019 07:46:49 AM) (Source: HP Active Health) (EventID: 91) (User: ) Description: Unhandled Exception. Application will terminate immediately. System.ArgumentNullException: Value cannot be null. at System.Threading.Monitor.Enter(Object obj) at HP.ActiveHealth.Commons.Security.HashStore.Validate(String filePath) at HP.ActiveHealth.Core.Program..ctor(String[] args, Boolean mustCheckSignature, Boolean validateIni) at HP.ActiveHealth.Core.ActiveHealthMain.Main(String[] args) Error: (04/24/2019 03:31:23 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: esu.exe, version: 1.0.0.0, time stamp: 0x58dac8d5 Faulting module name: KERNELBASE.dll, version: 10.0.17134.556, time stamp: 0xadca2670 Exception code: 0xe0434352 Fault offset: 0x001118a2 Faulting process id: 0x16584 Faulting application start time: 0x01d4fa6fb536f1e0 Faulting application path: C:\Program Files (x86)\Garmin\Express SelfUpdater\esu.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report Id: 23939ec1-18cd-4989-804c-7439c5023e93 Faulting package full name: Faulting package-relative application ID: Error: (04/24/2019 03:31:21 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: esu.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.IO.FileNotFoundException at Garmin.Omt.Service.Shared.Overrides+<UpdateDatacenterOverridesAsync>d__61.MoveNext() at System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start[[Garmin.Omt.Service.Shared.Overrides+<UpdateDatacenterOverridesAsync>d__61, ExpressSelfUpdater, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null]](<UpdateDatacenterOverridesAsync>d__61 ByRef) at Garmin.Omt.Service.Shared.Overrides.UpdateDatacenterOverridesAsync(Boolean) at Garmin.Omt.Service.Shared.Overrides..cctor() Exception Info: System.TypeInitializationException at Garmin.Omt.Service.Shared.Overrides.get_OmtBaseUrl() at Garmin.Omt.Express.SelfUpdater.Program.RealMain() at Garmin.Omt.Express.SelfUpdater.Program.Main(System.String[]) System errors: ============= Error: (04/26/2019 09:21:32 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (04/26/2019 09:21:16 AM) (Source: DCOM) (EventID: 10016) (User: USER-HP) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user user-HP\user SID (S-1-5-21-2784505278-3354604937-3040341909-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (04/26/2019 09:14:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Garmin Device Interaction Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (04/26/2019 09:14:37 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Garmin Device Interaction Service service to connect. Error: (04/26/2019 09:02:46 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (04/26/2019 09:02:29 AM) (Source: DCOM) (EventID: 10016) (User: USER-HP) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user user-HP\user SID (S-1-5-21-2784505278-3354604937-3040341909-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (04/26/2019 08:58:14 AM) (Source: DCOM) (EventID: 10016) (User: USER-HP) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user user-HP\user SID (S-1-5-21-2784505278-3354604937-3040341909-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (04/26/2019 03:59:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Software Protection service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Windows Defender: =================================== Date: 2019-04-25 11:41:36.952 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.269.69.0 Update Source: Microsoft Malware Protection Center Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.14901.4 Error code: 0x80072ee7 Error description: The server name or address could not be resolved Date: 2019-04-25 11:41:36.952 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.269.69.0 Update Source: Microsoft Malware Protection Center Signature Type: AntiSpyware Update Type: Full Current Engine Version: Previous Engine Version: 1.1.14901.4 Error code: 0x80072ee7 Error description: The server name or address could not be resolved Date: 2019-04-25 11:41:36.951 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.269.69.0 Update Source: Microsoft Malware Protection Center Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.14901.4 Error code: 0x80072ee7 Error description: The server name or address could not be resolved Date: 2019-04-25 11:41:36.937 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.269.69.0 Update Source: Microsoft Malware Protection Center Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.14901.4 Error code: 0x80072ee7 Error description: The server name or address could not be resolved Date: 2019-04-25 11:41:36.936 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.269.69.0 Update Source: Microsoft Malware Protection Center Signature Type: AntiSpyware Update Type: Full Current Engine Version: Previous Engine Version: 1.1.14901.4 Error code: 0x80072ee7 Error description: The server name or address could not be resolved CodeIntegrity: =================================== Date: 2019-04-26 12:15:56.403 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Windows signing level requirements. Date: 2019-04-26 12:15:44.998 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Windows signing level requirements. Date: 2019-04-26 12:08:44.932 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Windows signing level requirements. Date: 2019-04-26 12:01:44.916 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Windows signing level requirements. Date: 2019-04-26 11:53:44.910 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Windows signing level requirements. Date: 2019-04-26 11:44:44.938 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Windows signing level requirements. Date: 2019-04-26 11:38:44.890 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Windows signing level requirements. Date: 2019-04-26 11:23:44.881 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll that did not meet the Windows signing level requirements. ==================== Memory info =========================== BIOS: American Megatrends Inc. 6.16 03/24/2011 Motherboard: Hewlett-Packard 2AA6 Processor: Intel(R) Core(TM) i3 CPU 540 @ 3.07GHz Percentage of memory in use: 52% Total physical RAM: 7991.11 MB Available physical RAM: 3767.18 MB Total Virtual: 16183.11 MB Available Virtual: 11081.35 MB ==================== Drives ================================ Drive 😄 (OS) (Fixed) (Total:686.69 GB) (Free:574.91 GB) NTFS Drive d: (HP_RECOVERY) (Fixed) (Total:11.41 GB) (Free:1.3 GB) NTFS ==>[system with boot components (obtained from drive)] \\?\Volume{1e90e763-5f77-11e2-b98a-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS \\?\Volume{d733c7a2-0000-0000-0000-60b2ab000000}\ () (Fixed) (Total:0.44 GB) (Free:0.05 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 698.6 GB) (Disk ID: D733C7A2) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=686.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) Partition 4: (Not Active) - (Size=11.4 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================
  3. I know, just was trying to speak in a language that everyone does understand. Many people do not know the word Trojan.
  4. Parece que Allisonoc usou uma versão hackeada do programa ... Com o domínio serius que nem existe. E depois reclamar aqui que não funciona mais. Irônico...
  5. Hello, We are in the process of reviewing this application. Please keep in contact with us through your ticket you opened. You and the PUP Reconsideration team can continue the discussion there. For reference, the ticket number is 2587256 I'll close this thread. Thank you,
  6. No The level of Abuse, malicious and nefarious activity is too high and their actions to deal with them is too low.
  7. I watch Digital Ocean, LLC on my network closely because I've seen more intrusion attempts from this company than any other. An incident that's definitely spiked my concern is testing an RDP port using port 3395 to a test computer. Within a day this computer was endlessly being scanned on the new port down to the minute from Digital Ocean's IP. Anyone have any insite on Digital Ocean's integrity, if it's worth blocking the IP, etc.
  8. Today
  9. Here you go. AdwCleaner[C05].txt yup.txt FRST.txt Addition.txt
  10. Yes, restarting the system is probably necessary since any registry startup items would not be loaded after being restored until the system is restarted.
  11. Hi, Please check with the Windows 10 experts in this forum. https://www.bleepingcomputer.com/forums/f/229/windows-10-support/ This is not caused by malware and not my forte. I will leave this topic one for 6 days.
  12. I'm using Malwarebytes Premium on Windows 7 64-bit, and have Real-Time Protection always enabled, and also a scan at start up, yet I did a manual scan and found I had Neshta for who knows how long. Malwarebytes has it quarantined now after the manual scan, but I'm still wondering how a trojan was able to get on my computer when Malwarebytes is always on, and also, if that's the case, how do I know it's really gone if Malwarebytes doesn't always find things? Not sure whether I should rebuild Windows to be safe, or if I can be sure my system is clean now. Any advice appreciated. Thanks!
  13. I too have always used never register on my own computers and any I set up for clients. I personally have no issues and never have and I am using 1903 upgraded from 1809. The above tests were done just to see how a default install would act on 1903 and to give feedback about the default install.
  14. The reason I purchased this product was to stop the click bait pop-ups on my laptop when I am browsing. I downloaded and ran the scan yesterday and today and the program found a few issues that were quarantined, however, I am still seeing the click bait pop-ups randomly when I am working in Chrome. They really are so annoying, and I have to stop working to close the ad so I can get my mouse to continue typing. I thought that was the job of this program to stop the annoying pop-ups. Sadly I have to say I'm not that impressed with the program so far. Has anyone else had this similar situation and if so, how can I fix it? Thank you for any assistance or suggestions you may have.
  15. Yesterday after I followed your steps and rebooted the computer worked fine. This morning I saw your email, installed Kaspersky, and the scan found nothing. It still seems to be working fine. Thank You for the help.
  16. I restored all of the stuff but then it still wouldn't show the settings. should I try restarting the computer?
  17. @Porthos Thank you for your notes. Just to add some info on my setup, I have for a long time had the never register selection in MB3. I have also not had the need to install MB3 as a new install, since it has been installed all along, and am running 1903 / 19H1 on live metal / resident OS.
  18. ***This is an automated reply*** Hi, Thanks for posting in the Malwarebytes 3 Help forum. If you are having technical issues with our Windows product, please do the following: If you are having licensing issues, please do the following: Thanks in advance for your patience. -The Malwarebytes Forum Team
  19. Two weeks ago I tried to use the Share feature of my license so I can put it on a second PC of mine. I got an error that my license was blacklisted. After reading about it, it seems licenses were sold illegally so they were blacklisted. Funny thing is, I read these licenses were sold well after I purchased mine in 2013. I purchased mine directly from Malwarebytes,(cleverbridge) showed proof to support and have been waiting 1.5 weeks to get new licenses. (I have 2 lifetime) I keep being told by support, we are waiting for "them" to give us one. Not sure what that means, "them" being Corporate or them being Corporate since support is some 3rd party contractor? Not sure, don't care, just want my corrected licenses which a problem caused by Malwarebytes is forcing me to get. But when Malwarebytes? Malwarebytes Support Ticket 2584948
  20. Go through this article which is pinned at the top of the forum and perform those checks, paying particular attention to those involving Chrome. https://forums.malwarebytes.com/topic/236261-how-to-remove-weknow-malware-and-others/
  21. Wow, that was quick! Thanks for sorting it out. Andy
  22. Hi, This is detected by our MachineLearning engine, which helps to protect even better against 0day threats. Unfortunately, as this is a heuristic engine, it's possible False Positives happen. Also see here for more explanation: https://forums.malwarebytes.com/topic/238670-machinelearninganomalous-detections-and-explanation/ Thanks for reporting these, as this helps to finetune the engine, so these won't be detected in the future anymore. This should be fixed by now. Please give it some time (max 10 minutes) in order to have it populate, so detection won't happen anymore.
  1. Load more activity
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.