1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

[Inactive] major virus attacked

Discussion in 'Spyware, Adware, Viruses and Malware Removal' started by ramesh help, Jul 28, 2019.

  1. ramesh help

    ramesh help Established Techie7 Member

    hi there. yesterday i installed a software n was attacked by various virus. after scanning almost 200 over virus found. now my google crome is affected as well. done remove n reinstall cannot sign in into google account to sync data, book marks. restarted also same issue. pls assist



    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
    Ran by Home (28-07-2019 13:40:54)
    Running from C:\Users\Home\Downloads\Virus Scan
    Windows 10 Home Single Language Version 1809 17763.615 (X64) (2019-05-25 07:15:46)
    Boot Mode: Normal
    ==========================================================
    ==================== Accounts: =============================
    Administrator (S-1-5-21-2667368444-1927000229-3924509202-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-2667368444-1927000229-3924509202-503 - Limited - Disabled)
    Guest (S-1-5-21-2667368444-1927000229-3924509202-501 - Limited - Disabled)
    Home (S-1-5-21-2667368444-1927000229-3924509202-1001 - Administrator - Enabled) => C:\Users\Home
    WDAGUtilityAccount (S-1-5-21-2667368444-1927000229-3924509202-504 - Limited - Disabled)
    ==================== Security Center ========================
    (If an entry is included in the fixlist, it will be removed.)
    AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    ==================== Installed Programs ======================
    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
    µTorrent (HKU\S-1-5-21-2667368444-1927000229-3924509202-1001\...\uTorrent) (Version: 3.5.5.45271 - BitTorrent Inc.)
    Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
    Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.8.2.476 - Adobe Systems Incorporated)
    Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_1) (Version: 20.0.1 - Adobe Systems Incorporated)
    Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.56.1 - Asmedia Technology)
    Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
    Dell Command | Integration Suite for System Center (HKLM-x32\...\{CA5A01D0-63E0-4FE2-9947-427039A9DEBF}) (Version: 5.1.0.80 - Dell Inc.)
    Dell Command | Power Manager (HKLM\...\{DDDAF4A7-8B7D-4088-AECC-6F50E594B4F5}) (Version: 2.2.0 - Dell Inc.)
    Dell Digital Delivery Services (HKLM-x32\...\{4E63542A-F61E-4A6C-9732-13F3425C1758}) (Version: 4.0.34.0 - Dell Inc.)
    Dell Mobile Connect Drivers (HKLM\...\{04DF02C6-E3D7-4D26-A44C-6F8A2E218D2C}) (Version: 1.3.6844 - Screenovate Technologies Ltd.)
    Dell Power Manager Service (HKLM\...\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}) (Version: 3.3.0 - Dell Inc.)
    Dell PremierColor (HKLM\...\{5CA2B02F-FC89-4F42-A3DA-7649B8EFF194}) (Version: 4.0.11.0 - Portrait Displays, Inc.)
    Dropbox (HKLM-x32\...\Dropbox) (Version: 77.4.131 - Dropbox, Inc.)
    Goodix Fingerprint Driver (HKLM\...\{60FAB781-18F2-4D2B-A8E7-B3AADD327955}_is1) (Version: 2.1.32.300 - Goodix, Inc.)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
    IGdm 2.6.5 (HKU\S-1-5-21-2667368444-1927000229-3924509202-1001\...\1ead4f81-c61a-5fa6-9e81-7a8c0c868952) (Version: 2.6.5 - ifedapo olarewaju)
    inSSIDer (HKU\S-1-5-21-2667368444-1927000229-3924509202-1001\...\inSSIDer) (Version: 1.12.4 - MetaGeek, LLC)
    Intel Driver && Support Assistant (HKLM-x32\...\{CF18558A-3642-4C4D-A551-23275D1FCE16}) (Version: 19.7.30.2 - Intel)
    Intel(R) Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation)
    Intel(R) Computing Improvement Program (HKLM\...\{85B6BF0F-EF1B-4F0F-892D-E68BD798950C}) (Version: 2.4.04669 - Intel Corporation)
    Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.4.10501.6067 - Intel Corporation)
    Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1829.12.0.1154 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4973 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.5.0.1017 - Intel Corporation)
    Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.369.0 - Intel Corporation) Hidden
    Intel(R) Trusted Connect Services Client (HKLM-x32\...\{aa81bdf2-96a6-4400-a596-c7d1916ce9f7}) (Version: 1.50.369.0 - Intel Corporation)
    Intel® Driver & Support Assistant (HKLM-x32\...\{12d2d1d9-5223-431d-96ac-6a82d3a1391c}) (Version: 19.7.30.2 - Intel)
    Intel® Driver & Support Assistant (HKLM-x32\...\{dbe96554-7594-4bba-b7c5-fc6c72dbaa39}) (Version: 19.6.26.3 - Intel)
    Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{7D4998B3-AC68-4815-AC47-5A1969D91E30}) (Version: 17.5.0.1017 - Intel Corporation)
    Killer Performance Driver Suite UWD (HKLM\...\{AA56D628-E761-4C38-99B7-D86DD05B0580}) (Version: 2.0.1170 - Rivet Networks)
    Logitech Options (HKLM\...\LogiOptions) (Version: 7.14.70 - Logitech)
    Mail Attachment Downloader v3.2 (HKLM-x32\...\{04742CB7-83A9-45DC-91D2-920DE9DC5290}) (Version: 3.2.1016 - Gearmage)
    Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
    Microsoft Excel 2019 - en-us (HKLM\...\Excel2019Retail - en-us) (Version: 16.0.11328.20368 - Microsoft Corporation)
    Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.11328.20368 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
    Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
    Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
    Microsoft Word 2019 - en-us (HKLM\...\Word2019Retail - en-us) (Version: 16.0.11328.20368 - Microsoft Corporation)
    Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.7 - Notepad++ Team)
    NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation)
    NVIDIA GeForce Experience 3.19.0.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.19.0.94 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
    Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11328.20368 - Microsoft Corporation)
    Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20368 - Microsoft Corporation)
    Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20368 - Microsoft Corporation)
    Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11328.20368 - Microsoft Corporation)
    OnePlus USB Drivers 1.00 (HKLM-x32\...\OnePlus USB Drivers 1.00) (Version: 1.00 - OnePlus, Inc)
    PDF2XL Enterprise 6.5.7.2 Activation version 6.5.7.2 (HKLM-x32\...\{5501A701-C85B-4B11-B053-47E91A51ADE2}_is1) (Version: 6.5.7.2 - Cogniview)
    PDF2XL Enterprise Evaluation (HKLM-x32\...\{3E060507-4585-41BE-899F-60B5DC1DB22C}) (Version: 6.5.7.2 - CogniView)
    Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.709 - Qualcomm Atheros)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8454 - Realtek Semiconductor Corp.)
    Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.2197 - Realtek Semiconductor Corp.)
    ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0092 - ST Microelectronics)
    Thunderbolt™ Software (HKLM-x32\...\{1CAE7E2B-41ED-46BF-AA78-4658AE8C2130}) (Version: 17.4.77.400 - Intel Corporation)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
    Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.)
    WinRAR 5.71 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
    Packages:
    =========
    Dell Power Manager -> C:\Program Files\WindowsApps\DellInc.DellPowerManager_3.3.41.0_x64__htrsf667h5kn2 [2019-05-27] (Dell Inc)
    HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_100.1.581.0_x64__v10z8vjag6ke6 [2019-07-27] (HP Inc.)
    NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.954.0_x64__56jybvy8sckqj [2019-05-27] (NVIDIA Corp.)
    ==================== Custom CLSID (Whitelisted): ==========================
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
    CustomCLSID: HKU\S-1-5-21-2667368444-1927000229-3924509202-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-0E8488463C5F} -> [Creative Cloud Files] => C:\Users\Home\Creative Cloud Files [2019-05-26 08:56]
    CustomCLSID: HKU\S-1-5-21-2667368444-1927000229-3924509202-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel)
    CustomCLSID: HKU\S-1-5-21-2667368444-1927000229-3924509202-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Home\Desktop\Dropbox\Dropbox [2019-05-26 16:07]
    CustomCLSID: HKU\S-1-5-21-2667368444-1927000229-3924509202-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
    ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
    ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
    ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
    ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-05-09] (Intel(R) Rapid Storage Technology -> )
    ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft)
    ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
    ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-05-09] (Intel(R) Rapid Storage Technology -> )
    ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-24] (Dropbox, Inc -> Dropbox, Inc.)
    ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\ki127034.inf_amd64_67158b9e3d4a0df5\igfxDTCM.dll [2018-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
    ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_2fc3119a95e0b946\nvshext.dll [2019-05-08] (NVIDIA Corporation -> NVIDIA Corporation)
    ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
    ==================== Shortcuts & WMI ========================
    (The entries could be listed to be restored or removed.)
    ShortcutWithArgument: C:\Users\Home\Desktop\Person 1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
    ShortcutWithArgument: C:\Users\Home\Desktop\Person 2 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
    ==================== Loaded Modules (Whitelisted) ==============
    ==================== Alternate Data Streams (Whitelisted) =========
    (If an entry is included in the fixlist, only the ADS will be removed.)
    AlternateDataStreams: C:\Users\Home\Desktop\Iproperty Listings.xlsx:com.dropbox.attrs [54]
    ==================== Safe Mode (Whitelisted) ===================
    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
    ==================== Association (Whitelisted) ===============
    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
    ==================== Internet Explorer trusted/restricted ===============
    (If an entry is included in the fixlist, it will be removed from the registry.)
    ==================== Hosts content: ==========================
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
    2018-09-15 15:31 - 2019-07-25 19:09 - 000000906 _____ C:\Windows\system32\drivers\etc\hosts
    0.0.0.0 telemetry.malwarebytes.com
    127.0.0.1 104.27.131.207
    2019-07-12 12:27 - 2019-07-18 15:38 - 000000495 _____ C:\Windows\system32\drivers\etc\hosts.ics
    192.168.137.1 Home.mshome.net # 2024 7 2 16 7 38 32 881
    192.168.137.101 OnePlus_6.mshome.net # 2019 7 4 25 7 38 32 881
    ==================== Other Areas ============================
    (Currently there is no automatic fix for this section.)
    HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Android;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
    HKU\S-1-5-21-2667368444-1927000229-3924509202-1001\Control Panel\Desktop\\Wallpaper ->
    DNS Servers: 116.203.6.218 - 8.8.8.8
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
    Windows Firewall is enabled.
    ==================== MSCONFIG/TASK MANAGER disabled items ==
    If an entry is included in the fixlist, it will be removed.
    MSCONFIG\Services: AdobeARMservice => 2
    MSCONFIG\Services: DDVCollectorSvcApi => 2
    MSCONFIG\Services: DDVDataCollector => 2
    MSCONFIG\Services: DDVRulesProcessor => 2
    MSCONFIG\Services: Dell Digital Delivery Services => 2
    MSCONFIG\Services: Dell Hardware Support => 2
    MSCONFIG\Services: Dell SupportAssist Remediation => 2
    MSCONFIG\Services: GoogleChromeElevationService => 3
    MSCONFIG\Services: gupdate => 2
    MSCONFIG\Services: gupdatem => 3
    MSCONFIG\Services: IntelAudioService => 2
    MSCONFIG\Services: SupportAssistAgent => 2
    HKLM\...\StartupApproved\Run: => "SecurityHealth"
    HKLM\...\StartupApproved\Run: => "WavesSvc"
    HKLM\...\StartupApproved\Run: => "RtkAudUService"
    HKLM\...\StartupApproved\Run: => "DellMobileConnectWelcome"
    HKLM\...\StartupApproved\Run: => "IAStorIcon"
    HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
    HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
    HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
    HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
    HKU\S-1-5-21-2667368444-1927000229-3924509202-1001\...\StartupApproved\Run: => "Mail Attachment Downloader"
    HKU\S-1-5-21-2667368444-1927000229-3924509202-1001\...\StartupApproved\Run: => "uTorrent"
    ==================== FirewallRules (Whitelisted) ===============
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
    ==================== Restore Points =========================
    08-07-2019 17:26:31 Installed Dell Command | Integration Suite for System Center.
    18-07-2019 15:43:39 Windows Update
    21-07-2019 19:44:46 Removed Bonjour
    26-07-2019 20:14:19 Installed PDF2XL Evaluation
    27-07-2019 22:00:22 Removed Dropbox Update Helper
    28-07-2019 13:34:58 JRT Pre-Junkware Removal
    ==================== Faulty Device Manager Devices =============
    ==================== Event log errors: =========================
    Application errors:
    ==================
    Error: (07/27/2019 09:50:54 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: SUPERAntiSpyware.exe, version: 8.0.0.1040, time stamp: 0x5cabe30d
    Faulting module name: SUPERAntiSpyware.exe, version: 8.0.0.1040, time stamp: 0x5cabe30d
    Exception code: 0xc0000005
    Fault offset: 0x000000000001d5de
    Faulting process id: 0x391c
    Faulting application start time: 0x01d54481e3304046
    Faulting application path: C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    Faulting module path: C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    Report Id: ba7d8941-d01c-4df1-a1d2-dbc7fc0f9d3e
    Faulting package full name:
    Faulting package-relative application ID:
    Error: (07/27/2019 03:40:29 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: 5aab3f6052252754f46bbf169debddca.exe, version: 3.0.1311.96, time stamp: 0x5d3bfe9e
    Faulting module name: 5aab3f6052252754f46bbf169debddca.exe, version: 3.0.1311.96, time stamp: 0x5d3bfe9e
    Exception code: 0x80000001
    Fault offset: 0x000030c1
    Faulting process id: 0x26a0
    Faulting application start time: 0x01d5444e900701a8
    Faulting application path: C:\Users\Home\AppData\Local\Temp\H99f0T9t1WhBr4pX\5aab3f6052252754f46bbf169debddca.exe
    Faulting module path: C:\Users\Home\AppData\Local\Temp\H99f0T9t1WhBr4pX\5aab3f6052252754f46bbf169debddca.exe
    Report Id: 447f359f-420d-4667-bbe2-eac0ac6ea736
    Faulting package full name:
    Faulting package-relative application ID:
    Error: (07/27/2019 03:33:33 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: PDF2XL.EXE, version: 6.5.7.2, time stamp: 0x587fdbca
    Faulting module name: PDF2XL.EXE, version: 6.5.7.2, time stamp: 0x587fdbca
    Exception code: 0xc0000005
    Fault offset: 0x006b0d8c
    Faulting process id: 0x32f4
    Faulting application start time: 0x01d5444d94a5886d
    Faulting application path: C:\Program Files (x86)\CogniView\PDF2XL\PDF2XL.EXE
    Faulting module path: C:\Program Files (x86)\CogniView\PDF2XL\PDF2XL.EXE
    Report Id: b4c97557-e5d2-402c-bfb4-e8f33b7b0ec5
    Faulting package full name:
    Faulting package-relative application ID:
    Error: (07/19/2019 04:19:09 PM) (Source: VSTO 4.0) (EventID: 4096) (User: )
    Description: Customization URI: file:///C:/ProgramData/Logishrd/LogiOptions/Plugins/ca7c0911-fbf7-4e87-9c23-25987358303b/Content/publish/LogiOptionsWordAddin.vsto
    Exception: Attempting to uninstall a customization that has not been installed on this computer or has already been uninstalled from this computer. Please correct the parameter values and try again.
    ************** Exception Text **************
    Microsoft.VisualStudio.Tools.Office.Runtime.SolutionInstallerException: Attempting to uninstall a customization that has not been installed on this computer or has already been uninstalled from this computer. Please correct the parameter values and try again.
    at Microsoft.VisualStudio.Tools.Office.Runtime.SolutionInstaller.ProcessInstallerOperation(ClickOnceAddInDeploymentManager clickOnceAddInDeploymentManager, OfficeAddInDeploymentManager officeAddInDeploymentManager, AddInInformation& info)
    at Microsoft.VisualStudio.Tools.Office.Runtime.SolutionInstaller.ProcessInstallerOperation(Boolean uninstall, Boolean silent, Uri manifest, Int32& errorCode, String& errorMessage)
    ************** Loaded Assemblies **************
    mscorlib
    Assembly Version: 4.0.0.0
    Win32 Version: 4.7.3416.0 built by: NET472REL1LAST_B
    CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll
    ----------------------------------------
    Microsoft.VisualStudio.Tools.Office.Runtime
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.60828.0
    CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Office.Runtime/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Office.Runtime.dll
    ----------------------------------------
    System.Core
    Assembly Version: 4.0.0.0
    Win32 Version: 4.7.3362.0 built by: NET472REL1LAST_C
    CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll
    ----------------------------------------
    System
    Assembly Version: 4.0.0.0
    Win32 Version: 4.7.3416.0 built by: NET472REL1LAST_B
    CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll
    ----------------------------------------
    Microsoft.VisualStudio.Tools.Applications.Hosting
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.60828.0
    CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.Hosting/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.Hosting.dll
    ----------------------------------------
    System.Windows.Forms
    Assembly Version: 4.0.0.0
    Win32 Version: 4.7.3324.0 built by: NET472REL1LAST_C
    CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll
    ----------------------------------------
    System.Drawing
    Assembly Version: 4.0.0.0
    Win32 Version: 4.7.3190.0 built by: NET472REL1LAST_C
    CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll
    ----------------------------------------
    Microsoft.VisualStudio.Tools.Applications.ServerDocument
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.60828.0
    CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.ServerDocument/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.ServerDocument.dll
    ----------------------------------------
    System.Deployment
    Assembly Version: 4.0.0.0
    Win32 Version: 4.7.3190.0 built by: NET472REL1LAST_C
    CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/System.Deployment/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Deployment.dll
    ----------------------------------------
    Microsoft.VisualStudio.Tools.Applications.Runtime
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.60828.0
    CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.Runtime/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.Runtime.dll
    ----------------------------------------
    Error: (07/19/2019 04:19:06 PM) (Source: VSTO 4.0) (EventID: 4096) (User: )
    Description: Customization URI: file:///C:/ProgramData/Logishrd/LogiOptions/Plugins/abc9594a-1092-4a3a-8a1d-d05e602a10b8/Content/publish/LogiOptionsPowerPointAddin.vsto
    Exception: Attempting to uninstall a customization that has not been installed on this computer or has already been uninstalled from this computer. Please correct the parameter values and try again.
    ************** Exception Text **************
    Microsoft.VisualStudio.Tools.Office.Runtime.SolutionInstallerException: Attempting to uninstall a customization that has not been installed on this computer or has already been uninstalled from this computer. Please correct the parameter values and try again.
    at Microsoft.VisualStudio.Tools.Office.Runtime.SolutionInstaller.ProcessInstallerOperation(ClickOnceAddInDeploymentManager clickOnceAddInDeploymentManager, OfficeAddInDeploymentManager officeAddInDeploymentManager, AddInInformation& info)
    at Microsoft.VisualStudio.Tools.Office.Runtime.SolutionInstaller.ProcessInstallerOperation(Boolean uninstall, Boolean silent, Uri manifest, Int32& errorCode, String& errorMessage)
    ************** Loaded Assemblies **************
    mscorlib
    Assembly Version: 4.0.0.0
    Win32 Version: 4.7.3416.0 built by: NET472REL1LAST_B
    CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll
    ----------------------------------------
    Microsoft.VisualStudio.Tools.Office.Runtime
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.60828.0
    CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Office.Runtime/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Office.Runtime.dll
    ----------------------------------------
    System.Core
    Assembly Version: 4.0.0.0
    Win32 Version: 4.7.3362.0 built by: NET472REL1LAST_C
    CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll
    ----------------------------------------
    System
    Assembly Version: 4.0.0.0
    Win32 Version: 4.7.3416.0 built by: NET472REL1LAST_B
    CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll
    ----------------------------------------
    Microsoft.VisualStudio.Tools.Applications.Hosting
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.60828.0
    CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.Hosting/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.Hosting.dll
    ----------------------------------------
    System.Windows.Forms
    Assembly Version: 4.0.0.0
    Win32 Version: 4.7.3324.0 built by: NET472REL1LAST_C
    CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll
    ----------------------------------------
    System.Drawing
    Assembly Version: 4.0.0.0
    Win32 Version: 4.7.3190.0 built by: NET472REL1LAST_C
    CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll
    ----------------------------------------
    Microsoft.VisualStudio.Tools.Applications.ServerDocument
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.60828.0
    CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.ServerDocument/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.ServerDocument.dll
    ----------------------------------------
    System.Deployment
    Assembly Version: 4.0.0.0
    Win32 Version: 4.7.3190.0 built by: NET472REL1LAST_C
    CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/System.Deployment/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Deployment.dll
    ----------------------------------------
    Microsoft.VisualStudio.Tools.Applications.Runtime
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.60828.0
    CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.Runtime/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.Runtime.dll
    ----------------------------------------
    Error: (07/19/2019 04:19:03 PM) (Source: VSTO 4.0) (EventID: 4096) (User: )
    Description: Customization URI: file:///C:/ProgramData/Logishrd/LogiOptions/Plugins/4caa44eb-cdf0-4ecd-b823-38b28187e59a/Content/publish/LogiOptionsExcelAddin.vsto
    Exception: Attempting to uninstall a customization that has not been installed on this computer or has already been uninstalled from this computer. Please correct the parameter values and try again.
    ************** Exception Text **************
    Microsoft.VisualStudio.Tools.Office.Runtime.SolutionInstallerException: Attempting to uninstall a customization that has not been installed on this computer or has already been uninstalled from this computer. Please correct the parameter values and try again.
    at Microsoft.VisualStudio.Tools.Office.Runtime.SolutionInstaller.ProcessInstallerOperation(ClickOnceAddInDeploymentManager clickOnceAddInDeploymentManager, OfficeAddInDeploymentManager officeAddInDeploymentManager, AddInInformation& info)
    at Microsoft.VisualStudio.Tools.Office.Runtime.SolutionInstaller.ProcessInstallerOperation(Boolean uninstall, Boolean silent, Uri manifest, Int32& errorCode, String& errorMessage)
    ************** Loaded Assemblies **************
    mscorlib
    Assembly Version: 4.0.0.0
    Win32 Version: 4.7.3416.0 built by: NET472REL1LAST_B
    CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll
    ----------------------------------------
    Microsoft.VisualStudio.Tools.Office.Runtime
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.60828.0
    CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Office.Runtime/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Office.Runtime.dll
    ----------------------------------------
    System.Core
    Assembly Version: 4.0.0.0
    Win32 Version: 4.7.3362.0 built by: NET472REL1LAST_C
    CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll
    ----------------------------------------
    System
    Assembly Version: 4.0.0.0
    Win32 Version: 4.7.3416.0 built by: NET472REL1LAST_B
    CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll
    ----------------------------------------
    Microsoft.VisualStudio.Tools.Applications.Hosting
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.60828.0
    CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.Hosting/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.Hosting.dll
    ----------------------------------------
    System.Windows.Forms
    Assembly Version: 4.0.0.0
    Win32 Version: 4.7.3324.0 built by: NET472REL1LAST_C
    CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll
    ----------------------------------------
    System.Drawing
    Assembly Version: 4.0.0.0
    Win32 Version: 4.7.3190.0 built by: NET472REL1LAST_C
    CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll
    ----------------------------------------
    Microsoft.VisualStudio.Tools.Applications.ServerDocument
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.60828.0
    CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.ServerDocument/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.ServerDocument.dll
    ----------------------------------------
    System.Deployment
    Assembly Version: 4.0.0.0
    Win32 Version: 4.7.3190.0 built by: NET472REL1LAST_C
    CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/System.Deployment/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Deployment.dll
    ----------------------------------------
    Microsoft.VisualStudio.Tools.Applications.Runtime
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.60828.0
    CodeBase: file:///C:/Windows/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.Runtime/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.Runtime.dll
    ----------------------------------------
    Error: (07/19/2019 09:33:10 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 13140203
    Error: (07/19/2019 09:33:10 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 13140203
    System errors:
    =============
    Error: (07/28/2019 01:35:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The NVIDIA LocalSystem Container service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
    Error: (07/28/2019 01:35:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Realtek Audio Universal Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
    Error: (07/28/2019 01:35:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The NVIDIA Display Container LS service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
    Error: (07/28/2019 01:02:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
    Windows.SecurityCenter.WscDataProtection
    and APPID
    Unavailable
    to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
    Error: (07/28/2019 01:01:13 PM) (Source: DCOM) (EventID: 10016) (User: WORK)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
    and APPID
    {15C20B67-12E7-4BB6-92BB-7AFF07997402}
    to the user WORK\Home SID (S-1-5-21-2667368444-1927000229-3924509202-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
    Error: (07/28/2019 01:00:27 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
    and APPID
    {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
    to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
    Error: (07/28/2019 01:00:27 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
    and APPID
    {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
    to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
    Error: (07/27/2019 10:54:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Microsoft Passport Container service failed to start due to the following error:
    The service did not start due to a logon failure.
    Windows Defender:
    ===================================
    Date: 2019-05-26 08:45:47.884
    Description:
    Windows Defender Antivirus has detected malware or other potentially unwanted software.
    For more information please see the following:
    https://go.microsoft.com/fwlink/?li...in32/Patcher&threatid=2147659947&enterprise=0
    Name: HackTool:Win32/Patcher
    ID: 2147659947
    Severity: High
    Category: Tool
    Path: file:_C:\Users\Home\Desktop\Adobedownload.ORG.AMT.Emulator.v0.9.2\amtemu.v0.9.2-painter.exe
    Detection Origin: Local machine
    Detection Type: Concrete
    Detection Source: Real-Time Protection
    Process Name: C:\Windows\System32\SearchProtocolHost.exe
    Signature Version: AV: 1.293.2321.0, AS: 1.293.2321.0, NIS: 1.293.2321.0
    Engine Version: AM: 1.1.15900.4, NIS: 1.1.15900.4
    Date: 2019-05-26 08:45:42.710
    Description:
    Windows Defender Antivirus has detected malware or other potentially unwanted software.
    For more information please see the following:
    https://go.microsoft.com/fwlink/?li...in32/Patcher&threatid=2147659947&enterprise=0
    Name: HackTool:Win32/Patcher
    ID: 2147659947
    Severity: High
    Category: Tool
    Path: file:_C:\Users\Home\Desktop\Adobedownload.ORG.AMT.Emulator.v0.9.2\amtemu.v0.9.2-painter.exe
    Detection Origin: Local machine
    Detection Type: Concrete
    Detection Source: Real-Time Protection
    Process Name: C:\Windows\explorer.exe
    Signature Version: AV: 1.293.2321.0, AS: 1.293.2321.0, NIS: 1.293.2321.0
    Engine Version: AM: 1.1.15900.4, NIS: 1.1.15900.4
    Date: 2019-05-25 20:06:23.789
    Description:
    Windows Defender Antivirus has detected malware or other potentially unwanted software.
    For more information please see the following:
    https://go.microsoft.com/fwlink/?li...:Win32/Patch&threatid=2147649714&enterprise=0
    Name: HackTool:Win32/Patch
    ID: 2147649714
    Severity: High
    Category: Tool
    Path: file:_C:\Users\Home\Downloads\New folder\Crack\Adobe CC 2015 Universal Patcher 1.5\adobe.snr.patch-painter.exe
    Detection Origin: Local machine
    Detection Type: Concrete
    Detection Source: Real-Time Protection
    Process Name: C:\Windows\System32\SearchProtocolHost.exe
    Signature Version: AV: 1.293.2321.0, AS: 1.293.2321.0, NIS: 1.293.2321.0
    Engine Version: AM: 1.1.15900.4, NIS: 1.1.15900.4
    Date: 2019-05-25 20:06:04.005
    Description:
    Windows Defender Antivirus has detected malware or other potentially unwanted software.
    For more information please see the following:
    https://go.microsoft.com/fwlink/?li...:Win32/Patch&threatid=2147649714&enterprise=0
    Name: HackTool:Win32/Patch
    ID: 2147649714
    Severity: High
    Category: Tool
    Path: file:_C:\Users\Home\Downloads\New folder\Crack\Adobe CC 2015 Universal Patcher 1.5\adobe.snr.patch-painter.exe
    Detection Origin: Local machine
    Detection Type: Concrete
    Detection Source: Real-Time Protection
    Process Name: C:\Windows\System32\SearchProtocolHost.exe
    Signature Version: AV: 1.293.2321.0, AS: 1.293.2321.0, NIS: 1.293.2321.0
    Engine Version: AM: 1.1.15900.4, NIS: 1.1.15900.4
    Date: 2019-05-25 20:05:55.166
    Description:
    Windows Defender Antivirus has detected malware or other potentially unwanted software.
    For more information please see the following:
    https://go.microsoft.com/fwlink/?li...:Win32/Patch&threatid=2147649714&enterprise=0
    Name: HackTool:Win32/Patch
    ID: 2147649714
    Severity: High
    Category: Tool
    Path: file:_C:\Users\Home\Downloads\New folder\Crack\Adobe CC 2015 Universal Patcher 1.5\adobe.snr.patch-painter.exe
    Detection Origin: Local machine
    Detection Type: Concrete
    Detection Source: Real-Time Protection
    Process Name: C:\Windows\explorer.exe
    Signature Version: AV: 1.293.2321.0, AS: 1.293.2321.0, NIS: 1.293.2321.0
    Engine Version: AM: 1.1.15900.4, NIS: 1.1.15900.4
    Date: 2019-06-18 17:35:07.802
    Description:
    Windows Defender Antivirus has encountered an error trying to update signatures.
    New Signature Version:
    Previous Signature Version: 1.293.2321.0
    Update Source: Microsoft Malware Protection Center
    Signature Type: AntiVirus
    Update Type: Full
    Current Engine Version:
    Previous Engine Version: 1.1.15900.4
    Error code: 0x80072ee7
    Error description: The server name or address could not be resolved
    Date: 2019-06-18 17:35:07.802
    Description:
    Windows Defender Antivirus has encountered an error trying to update signatures.
    New Signature Version:
    Previous Signature Version: 1.293.2321.0
    Update Source: Microsoft Malware Protection Center
    Signature Type: AntiSpyware
    Update Type: Full
    Current Engine Version:
    Previous Engine Version: 1.1.15900.4
    Error code: 0x80072ee7
    Error description: The server name or address could not be resolved
    Date: 2019-06-18 17:35:07.802
    Description:
    Windows Defender Antivirus has encountered an error trying to update signatures.
    New Signature Version:
    Previous Signature Version: 1.293.2321.0
    Update Source: Microsoft Malware Protection Center
    Signature Type: AntiVirus
    Update Type: Full
    Current Engine Version:
    Previous Engine Version: 1.1.15900.4
    Error code: 0x80072ee7
    Error description: The server name or address could not be resolved
    Date: 2019-06-18 17:35:07.794
    Description:
    Windows Defender Antivirus has encountered an error trying to update signatures.
    New Signature Version:
    Previous Signature Version: 1.293.2321.0
    Update Source: Microsoft Malware Protection Center
    Signature Type: AntiVirus
    Update Type: Full
    Current Engine Version:
    Previous Engine Version: 1.1.15900.4
    Error code: 0x80072ee7
    Error description: The server name or address could not be resolved
    Date: 2019-06-18 17:35:07.794
    Description:
    Windows Defender Antivirus has encountered an error trying to update signatures.
    New Signature Version:
    Previous Signature Version: 1.293.2321.0
    Update Source: Microsoft Malware Protection Center
    Signature Type: AntiSpyware
    Update Type: Full
    Current Engine Version:
    Previous Engine Version: 1.1.15900.4
    Error code: 0x80072ee7
    Error description: The server name or address could not be resolved
    CodeIntegrity:
    ===================================
    Date: 2019-07-27 16:06:31.937
    Description:
    Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
    Date: 2019-07-27 16:06:31.927
    Description:
    Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
    Date: 2019-07-27 16:06:31.915
    Description:
    Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
    Date: 2019-07-27 16:06:31.903
    Description:
    Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
    Date: 2019-07-27 16:06:31.893
    Description:
    Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
    Date: 2019-07-27 16:06:31.882
    Description:
    Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
    Date: 2019-07-27 16:06:31.871
    Description:
    Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
    Date: 2019-07-27 16:06:31.859
    Description:
    Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
    ==================== Memory info ===========================
    BIOS: Dell Inc. 1.11.2 05/29/2019
    Motherboard: Dell Inc. 0D0T05
    Processor: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
    Percentage of memory in use: 24%
    Total physical RAM: 16119.1 MB
    Available physical RAM: 12131.74 MB
    Total Virtual: 18551.1 MB
    Available Virtual: 13580.78 MB
    ==================== Drives ================================
    Drive c: (OS) (Fixed) (Total:461.34 GB) (Free:384.91 GB) NTFS
    \\?\Volume{42cb31cd-d07c-4699-986d-98f19f2d4fd2}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.56 GB) NTFS
    \\?\Volume{730edaac-4564-4332-9a47-721ca4036797}\ (Image) (Fixed) (Total:12.72 GB) (Free:0.2 GB) NTFS
    \\?\Volume{1db93915-d7da-4693-8859-65038bfb6b92}\ (DELLSUPPORT) (Fixed) (Total:1.12 GB) (Free:0.48 GB) NTFS
    \\?\Volume{1f0ec6b5-5793-4de1-96ca-57228079fe4a}\ (ESP) (Fixed) (Total:0.66 GB) (Free:0.58 GB) FAT32
    ==================== MBR & Partition Table ==================
    ========================================================
    Disk: 0 (Size: 476.9 GB) (Disk ID: 12DDEE9E)
    Partition: GPT.
    ==================== End of Addition.txt ============================
     
  2. ramesh help

    ramesh help Established Techie7 Member

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-07-2019 01
    Ran by Home (administrator) on WORK (Dell Inc. XPS 15 9570) (28-07-2019 13:39:38)
    Running from C:\Users\Home\Downloads\Virus Scan
    Loaded Profiles: Home (Available Profiles: Home)
    Platform: Windows 10 Home Single Language Version 1809 17763.615 (X64) Language: English (United States)
    Default browser: Chrome
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
    ==================== Processes (Whitelisted) =================
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
    (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
    (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
    (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
    (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\elevation_service.exe
    (IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
    (IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
    (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
    (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127034.inf_amd64_67158b9e3d4a0df5\igfxCUIService.exe
    (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_eea3cf789013ad4f\RstMwService.exe
    (Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
    (Intel(R) Software Development Products -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_10d045798a3d667e\aesm_service.exe
    (Intel(R) Trust Services -> Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe
    (Ivaylo Beltchev -> IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
    (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
    (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
    (Malwarebytes Corporation -> Malwarebytes) C:\Users\Home\Downloads\JRT.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
    (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
    (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\MsMpEng.exe
    (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\NisSrv.exe
    (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_2fc3119a95e0b946\Display.NvContainer\NVDisplay.Container.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_2fc3119a95e0b946\Display.NvContainer\NVDisplay.Container.exe
    (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) C:\Program Files\Portrait Displays\Dell PremierColor\PremierColorService.exe
    (Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
    (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
    (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
    (Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
    (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_8d6ed1504b570116\WavesSysSvc64.exe
    ==================== Registry (Whitelisted) ===========================
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
    HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [838648 2019-03-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
    HKLM\...\Run: [WavesSvc] => C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_8d6ed1504b570116\WavesSvc64.exe [1222928 2018-05-26] (Waves Inc -> Waves Audio Ltd.)
    HKLM\...\Run: [DellMobileConnectWelcome] => C:\Program Files\Dell\DellMobileConnectDrivers\DellMobileConnectWStartup.exe [313064 2018-10-05] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
    HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2018-07-15] (Ivaylo Beltchev -> IvoSoft)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
    HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
    HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3943056 2017-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.)
    HKLM\...\Run: [PremierColor] => C:\Program Files\Portrait Displays\Dell PremierColor\PremierColor.exe [5538144 2017-12-19] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.)
    HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [318920 2019-05-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
    HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2177160 2019-06-30] (Logitech Inc -> Logitech, Inc.)
    HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [4992048 2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
    HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2622520 2019-05-19] (Adobe Inc. -> Adobe Inc.)
    HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [5782336 2019-07-17] (Dropbox, Inc -> Dropbox, Inc.)
    HKU\S-1-5-21-2667368444-1927000229-3924509202-1001\...\Run: [uTorrent] => C:\Users\Home\AppData\Roaming\uTorrent\uTorrent.exe [1818352 2019-07-04] (BitTorrent Inc -> BitTorrent Inc.)
    HKU\S-1-5-21-2667368444-1927000229-3924509202-1001\...\Run: [Mail Attachment Downloader] => C:\Program Files (x86)\GearMage\Mail Attachment Downloader v3.2\MailAttachmentDownloader.exe [994304 2018-10-29] (GEARMAGE, LLC) [File not signed]
    HKU\S-1-5-21-2667368444-1927000229-3924509202-1001\...\Policies\Explorer: [NoSecurityTab] 1
    HKU\S-1-5-21-2667368444-1927000229-3924509202-1001\...\MountPoints2: {1b1d6ddd-a164-11e9-b8d9-9cb6d0c6abda} - "D:\OnePlus_setup.exe" /s
    HKU\S-1-5-21-2667368444-1927000229-3924509202-1001\...\MountPoints2: {4cb1ed6d-7f91-11e9-b8ba-9cb6d0c6abda} - "D:\OnePlus_setup.exe" /s
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-28] (Google LLC -> Google LLC)
    ==================== Scheduled Tasks (Whitelisted) =============
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
    Task: {00923C81-EE88-4A6D-BAA3-4C7E14931883} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2302656 2018-05-17] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
    Task: {05491090-6862-493D-AFC6-8E56738372B6} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 2018-05-17] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
    Task: {0CB2B700-7014-423D-BF48-01AF9CE8F74D} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 2018-05-17] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
    Task: {10E72414-BAA6-43DA-B131-9F303234A8AF} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {19289CCB-F508-46B1-8F01-6E4A07359C85} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-05-26] (Dropbox, Inc -> Dropbox, Inc.)
    Task: {1A38DA01-BA3E-42B9-89A4-DCC372C199E7} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [103464 2019-07-12] (Microsoft Corporation -> Microsoft Corporation)
    Task: {1BB85617-0A03-4C5A-A1E1-2B5BB5B290AD} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {1C01AEB0-4876-446A-A9D6-ED1AB5BE2EC9} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [899056 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {2B2BDE7C-561F-40C4-BB3E-BC853CC1D91D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-28] (Google Inc -> Google LLC)
    Task: {2C1C615F-808F-44F3-B6BF-9A0D45D02D63} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
    Task: {2C21B2E1-B842-4284-9D5D-02D837F94C2F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1403536 2019-07-12] (Microsoft Corporation -> Microsoft Corporation)
    Task: {2C8360C3-D7A2-4D56-A443-6646445C0F9F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648504 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {2D577FA5-1F1B-41FB-BCBB-3A5066B1ACF4} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
    Task: {2FED8FC9-7C01-42CD-B858-C326254D7CC8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26045472 2019-06-27] (Microsoft Corporation -> Microsoft Corporation)
    Task: {33FA06F2-8BFF-4019-8C60-DBC7B71B6B6E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [899056 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {3C6525FA-41D7-4855-81F2-C113EB8D2353} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26045472 2019-06-27] (Microsoft Corporation -> Microsoft Corporation)
    Task: {412D0B06-84C3-4DDA-885E-6883AC9CDBAD} - System32\Tasks\AdwCleaner_onReboot => C:\Users\Home\Downloads\adwcleaner_7.3.exe
    Task: {425EF419-F24A-4789-AF1F-14FEB4DA26F7} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {553C7FF4-BF82-4AC7-BA49-C2F41B1ABC35} - System32\Tasks\AdobeGCInvoker-1.0-HOME-Home => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
    Task: {5A6384E6-E5C0-4884-925E-3AD3C7691ABB} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
    Task: {6FC414AD-6417-483B-B83A-F7B005871186} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-02-28] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {7DA82BE8-40AB-4ABF-972D-463BD72F1F6D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1403536 2019-07-12] (Microsoft Corporation -> Microsoft Corporation)
    Task: {7F4F5E60-B470-47ED-8CEC-59349E14B38C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-27] (Microsoft Windows Publisher -> Microsoft Corporation)
    Task: {800D4184-4141-4B8F-ADB8-0C10B5157D57} - System32\Tasks\SUPERAntiSpyware Scheduled Task c4bfde98-24ad-4056-89ed-3e469359271d => C:\Program Files\SUPERAntiSpyware\SASTask.exe
    Task: {81EEDDB5-0035-44EA-9660-322C41F29EB1} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-02-28] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {84C319E6-B96D-4950-A0A3-E36420B4B1C3} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-05-22] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {85DC28B3-3E74-42BD-92D5-8B140DB05114} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-05-26] (Dropbox, Inc -> Dropbox, Inc.)
    Task: {8B907925-EF87-4CF1-836D-61C486048394} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
    Task: {9BD42E74-DB65-472E-8B19-674B9AEE2949} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3787304 2019-05-23] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {9FEE5E8C-EAC8-40B5-8D3E-4199527F7EAB} - System32\Tasks\SUPERAntiSpyware Scheduled Task 6c948fde-04e2-4ca7-bd8d-b436def991cc => C:\Program Files\SUPERAntiSpyware\SASTask.exe
    Task: {A01D985A-BB46-4629-80DA-4D277780C223} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-27] (Microsoft Windows Publisher -> Microsoft Corporation)
    Task: {A02C3843-7DC5-4A55-8F43-8F9989E70E52} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [103464 2019-07-12] (Microsoft Corporation -> Microsoft Corporation)
    Task: {A4744094-8B19-4069-8F67-2F3D68272C1E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    Task: {ABCE7572-F6FD-48AB-B0A6-2E0F5BC5405D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-27] (Microsoft Windows Publisher -> Microsoft Corporation)
    Task: {AD8BE5AA-10BB-431A-A5FA-9D50B6344963} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4404888 2019-07-12] (Microsoft Corporation -> Microsoft Corporation)
    Task: {B071FDBE-994F-48BF-A029-FAEAF20D217F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4404888 2019-07-12] (Microsoft Corporation -> Microsoft Corporation)
    Task: {BA8F7759-3612-425C-A10E-6815151EFC0F} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 2018-05-17] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
    Task: {E3B1B68A-A5E9-4C9D-80DF-0D7DF55EDCD5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-27] (Microsoft Windows Publisher -> Microsoft Corporation)
    Task: {E5056783-BE18-40D8-A8BF-B463AEC64635} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-28] (Google Inc -> Google LLC)
    Task: {E89FC7BD-E3AE-4D46-81EA-6F534D07B587} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
    Task: {FD891A17-E68A-462D-A32C-92F446AB4B24} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
    Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 6c948fde-04e2-4ca7-bd8d-b436def991cc.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task c4bfde98-24ad-4056-89ed-3e469359271d.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    ==================== Internet (Whitelisted) ====================
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{e54b12a9-d245-4946-b6c5-7c318e21d75f}: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{f8da32d9-25de-43f1-b178-bf4dda2b574a}: [NameServer] ,,,116.203.6.218,8.8.8.8,8.8.4.4
    Tcpip\..\Interfaces\{f8da32d9-25de-43f1-b178-bf4dda2b574a}: [DhcpNameServer] 192.168.1.1
    Internet Explorer:
    ==================
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    SearchScopes: HKU\S-1-5-21-2667368444-1927000229-3924509202-1001 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL =
    BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-07-12] (Microsoft Corporation -> Microsoft Corporation)
    BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft)
    BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft)
    BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-06-04] (Microsoft Corporation -> Microsoft Corporation)
    BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft)
    BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft)
    BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft)
    Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft)
    Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-12] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-12] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-12] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-12] (Microsoft Corporation -> Microsoft Corporation)
    FireFox:
    ========
    FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
    FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
    FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
    FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-05-19] (Adobe Inc. -> Adobe Systems)
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-06-04] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-05-25] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.13\npGoogleUpdate3.dll [2019-07-28] (Google Inc -> Google LLC)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.13\npGoogleUpdate3.dll [2019-07-28] (Google Inc -> Google LLC)
    FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
    FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
    FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-05-19] (Adobe Inc. -> Adobe Systems)
    Chrome:
    =======
    CHR DefaultProfile: Default
    CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default [2019-07-28]
    CHR Extension: (Slides) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-07-28]
    CHR Extension: (Docs) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-07-28]
    CHR Extension: (Google Drive) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-07-28]
    CHR Extension: (YouTube) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-07-28]
    CHR Extension: (Adobe Acrobat) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-07-28]
    CHR Extension: (Sheets) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-07-28]
    CHR Extension: (Google Docs Offline) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-07-28]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-07-28]
    CHR Extension: (Gmail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-07-28]
    CHR Extension: (Chrome Media Router) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-07-28]
    CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-07-28]
    CHR Extension: (Slides) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-07-28]
    CHR Extension: (Docs) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-07-28]
    CHR Extension: (Google Drive) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-07-28]
    CHR Extension: (YouTube) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-07-28]
    CHR Extension: (Adobe Acrobat) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-07-28]
    CHR Extension: (Sheets) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-07-28]
    CHR Extension: (Google Docs Offline) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-07-28]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-07-28]
    CHR Extension: (Gmail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-07-28]
    CHR Extension: (Chrome Media Router) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-07-28]
    CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\System Profile [2019-07-28]
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
    ==================== Services (Whitelisted) ====================
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
    R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [816184 2019-05-19] (Adobe Inc. -> Adobe Inc.)
    R2 AESMService; C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_10d045798a3d667e\aesm_service.exe [3367272 2019-01-04] (Intel(R) Software Development Products -> Intel Corporation)
    R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
    R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
    R2 AtherosSvc; C:\Windows\System32\drivers\AdminService.exe [420472 2019-03-08] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
    R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11153952 2019-06-27] (Microsoft Corporation -> Microsoft Corporation)
    S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-05-26] (Dropbox, Inc -> Dropbox, Inc.)
    S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-05-26] (Dropbox, Inc -> Dropbox, Inc.)
    R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2019-07-17] (Dropbox, Inc -> Dropbox, Inc.)
    S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [313440 2019-03-27] (Dell Inc -> Dell Inc.)
    S4 Dell Digital Delivery Services; c:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [38048 2019-03-16] (Dell Inc -> )
    S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{A2C10AEB-09F3-4766-BAC9-9005934C8AB4} [21304 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
    S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{A2C10AEB-09F3-4766-BAC9-9005934C8AB4} [21304 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
    R2 DellPremierColorService; C:\Program Files\Portrait Displays\Dell PremierColor\PremierColorService.exe [223584 2017-12-19] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.)
    R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [26984 2019-07-25] (IDSA Production signing key -> Intel)
    R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [80744 2019-07-25] (IDSA Production signing key -> Intel)
    R2 esifsvc; C:\Windows\System32\Intel\DPTF\esif_uf.exe [1892512 2018-12-14] (Intel Corporation -> Intel Corporation)
    S3 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [885560 2019-05-15] (Intel(R) Software Development Products -> )
    S4 HfcDisableService; C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_eea3cf789013ad4f\HfcDisableService.exe [1881672 2019-05-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
    S3 iaStorAfsService; C:\Windows\System32\iaStorAfsService.exe [2859592 2019-05-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
    R3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [762568 2018-06-09] (Intel(R) Trust Services -> Intel(R) Corporation)
    S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
    S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [714952 2018-06-09] (Intel(R) Trust Services -> Intel(R) Corporation)
    S4 IntelAudioService; C:\Windows\system32\cAVS\Intel(R) Audio Service\IntelAudioService.exe [364256 2019-03-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel)
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [218176 2018-07-16] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
    R2 Killer Network Service; C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2671216 2019-03-08] (Rivet Networks LLC -> Rivet Networks)
    S3 KNDBWM; C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [72800 2019-03-08] (Rivet Networks LLC -> CloudBees, Inc.)
    R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
    R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-02-28] (NVIDIA Corporation -> NVIDIA Corporation)
    S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-02-28] (NVIDIA Corporation -> NVIDIA Corporation)
    R2 QcomWlanSrv; C:\Windows\System32\drivers\QcomWlanSrvx64.exe [191976 2019-03-07] (Qualcomm Atheros -> Qualcomm Technologies Inc.)
    R2 RstMwService; C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_eea3cf789013ad4f\RstMwService.exe [2156616 2019-05-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
    R2 RtkAudioUniversalService; C:\Windows\System32\RtkAudUService64.exe [838648 2019-03-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
    R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [205112 2019-05-15] (Intel(R) Software Development Products -> )
    S3 ThunderboltService; C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [2302656 2018-05-17] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
    S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [885560 2019-05-15] (Intel(R) Software Development Products -> )
    R2 WavesSysSvc; C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_8d6ed1504b570116\WavesSysSvc64.exe [885008 2018-05-26] (Waves Inc -> Waves Audio Ltd.)
    R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-07-27] (Microsoft Windows Publisher -> Microsoft Corporation)
    R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-07-27] (Microsoft Windows Publisher -> Microsoft Corporation)
    R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_2fc3119a95e0b946\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_2fc3119a95e0b946\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
    R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
    ===================== Drivers (Whitelisted) ======================
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
    S3 DDDriver; C:\Windows\System32\drivers\dddriver64Dcsa.sys [40824 2019-02-27] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
    R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [78832 2018-12-14] (Intel Corporation -> Intel Corporation)
    R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [75248 2018-12-14] (Intel Corporation -> Intel Corporation)
    R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [403440 2018-12-14] (Intel Corporation -> Intel Corporation)
    R3 HfAudio; C:\Windows\System32\drivers\HfAudio.sys [91200 2018-10-05] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
    R3 HidEventFilter; C:\Windows\System32\DriverStore\FileRepository\hideventfilter.inf_amd64_1ed78f101bc29129\HidEventFilter.sys [84104 2018-11-20] (Intel(R) Software -> Intel Corporation)
    S3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [123520 2018-05-03] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
    R0 iaStorAC; C:\Windows\System32\drivers\iaStorAC.sys [1033288 2019-05-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
    S3 iaStorAfs; C:\Windows\System32\drivers\iaStorAfs.sys [72776 2019-05-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
    R3 IntcAudioBus; C:\Windows\System32\drivers\IntcAudioBus.sys [299176 2019-03-22] (Smart Sound Technology -> Intel(R) Corporation)
    R3 IntcOED; C:\Windows\System32\drivers\IntcOED.sys [1168040 2019-03-22] (Smart Sound Technology -> Intel(R) Corporation)
    R3 KfeCoSvc; C:\Windows\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [151688 2019-03-08] (Rivet Networks LLC -> Rivet Networks, LLC.)
    S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
    R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-07-27] (Malwarebytes Corporation -> Malwarebytes)
    S3 Netwtw06; C:\Windows\System32\drivers\Netwtw06.sys [8723968 2018-09-15] (Microsoft Windows -> Intel Corporation)
    R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_2fc3119a95e0b946\nvlddmkm.sys [21672320 2019-05-08] (NVIDIA Corporation -> NVIDIA Corporation)
    S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-05-10] (NVIDIA Corporation -> NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
    R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [66792 2018-10-04] (NVIDIA Corporation -> NVIDIA Corporation)
    R3 Qcamain10x64; C:\Windows\System32\drivers\Qcamain10x64.sys [2372072 2019-03-07] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)
    R3 RTSPER; C:\Windows\System32\drivers\RtsPer.sys [992040 2019-04-17] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
    S3 rtux64w10; C:\Windows\System32\drivers\rtux64w10.sys [550336 2018-10-23] (Realtek Semiconductor Corp. -> Realtek Corporation )
    R3 ScrHIDDriver2; C:\Windows\System32\drivers\ScrHIDDriver2.sys [75800 2018-10-05] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
    S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [43008 2019-05-15] (Intel Corporation -> )
    R3 ST_ACCEL; C:\Windows\System32\drivers\ST_Accel.sys [134280 2018-05-18] ("STMicroelectronics Srl" -> STMicroelectronics)
    S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [47496 2019-07-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
    S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
    R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [344288 2019-07-27] (Microsoft Windows -> Microsoft Corporation)
    R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [54496 2019-07-27] (Microsoft Windows -> Microsoft Corporation)
    ==================== NetSvcs (Whitelisted) ===================
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
    ==================== One month (created) ========
    (If an entry is included in the fixlist, the file/folder will be moved.)
    2019-07-28 13:34 - 2019-07-28 13:34 - 007623880 _____ (Malwarebytes) C:\Users\Home\Downloads\AdwCleaner.exe
    2019-07-28 13:33 - 2019-07-28 13:34 - 000002192 _____ C:\Users\Home\Desktop\Rkill.txt
    2019-07-28 13:33 - 2019-07-28 13:33 - 001790024 _____ (Malwarebytes) C:\Users\Home\Downloads\JRT.exe
    2019-07-28 13:31 - 2019-07-28 13:32 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Home\Downloads\rkill.exe
    2019-07-28 13:01 - 2019-07-28 13:01 - 000003418 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2019-07-28 13:01 - 2019-07-28 13:01 - 000003294 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2019-07-28 13:01 - 2019-07-28 13:01 - 000002480 _____ C:\Users\Home\Desktop\Person 2 - Chrome.lnk
    2019-07-28 13:01 - 2019-07-28 13:01 - 000002436 _____ C:\Users\Home\Desktop\Person 1 - Chrome.lnk
    2019-07-28 13:01 - 2019-07-28 13:01 - 000002379 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2019-07-28 13:01 - 2019-07-28 13:01 - 000002338 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2019-07-27 22:54 - 2019-07-27 22:54 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
    2019-07-27 21:59 - 2019-07-27 22:00 - 047210760 _____ (Microsoft Corporation) C:\Users\Home\Downloads\Windows-KB890830-x64-V5.74.exe
    2019-07-27 21:55 - 2019-07-27 21:55 - 000000000 ____D C:\ProgramData\SUPERSetup
    2019-07-27 21:47 - 2019-07-27 22:54 - 000000518 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task c4bfde98-24ad-4056-89ed-3e469359271d.job
    2019-07-27 21:47 - 2019-07-27 22:54 - 000000518 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 6c948fde-04e2-4ca7-bd8d-b436def991cc.job
    2019-07-27 21:47 - 2019-07-27 22:54 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
    2019-07-27 21:47 - 2019-07-27 21:47 - 000003734 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 6c948fde-04e2-4ca7-bd8d-b436def991cc
    2019-07-27 21:47 - 2019-07-27 21:47 - 000003652 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task c4bfde98-24ad-4056-89ed-3e469359271d
    2019-07-27 21:47 - 2019-07-27 21:47 - 000000000 ____D C:\Users\Home\AppData\Roaming\SUPERAntiSpyware.com
    2019-07-27 21:28 - 2019-07-28 13:01 - 000000000 ____D C:\Users\Home\AppData\Local\Google
    2019-07-27 21:28 - 2019-07-28 13:01 - 000000000 ____D C:\Program Files (x86)\Google
    2019-07-27 21:26 - 2019-07-27 21:26 - 000011862 _____ C:\Users\Home\Desktop\Vertical bangsar south office.xlsx
    2019-07-27 16:45 - 2019-07-27 16:45 - 000000000 ____D C:\Program Files (x86)\GUM44AB.tmp
    2019-07-27 16:34 - 2019-07-27 16:35 - 058891008 _____ (Google LLC) C:\Users\Home\Downloads\ChromeStandaloneSetup64.exe
    2019-07-27 16:30 - 2019-07-27 16:30 - 001151544 _____ (Google LLC) C:\Users\Home\Downloads\ChromeSetup.exe
    2019-07-27 16:13 - 2019-07-27 16:13 - 000000258 __RSH C:\Users\Home\ntuser.pol
    2019-07-27 16:11 - 2019-07-27 16:12 - 000000258 __RSH C:\ProgramData\ntuser.pol
    2019-07-27 16:03 - 2019-07-27 16:03 - 000003877 _____ C:\Users\Home\Downloads\Bangsar South Vertical Business Suite.xlsx
    2019-07-27 15:40 - 2019-07-27 15:53 - 000000000 ____D C:\Users\Home\AppData\Local\Mail.Ru
    2019-07-27 15:40 - 2019-07-27 15:40 - 000000000 ____D C:\Users\Home\AppData\Roaming\jccgyqohxgco
    2019-07-27 15:40 - 2019-07-27 15:40 - 000000000 ____D C:\ProgramData\Mail.Ru
    2019-07-27 15:40 - 2019-07-27 15:40 - 000000000 ____D C:\ProgramData\Loosger
    2019-07-27 15:38 - 2019-07-27 15:38 - 001034291 _____ C:\Users\Home\Downloads\Setup_57471.zip
    2019-07-27 15:36 - 2019-07-27 15:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CogniView
    2019-07-27 15:35 - 2019-07-27 15:49 - 000000000 ____D C:\ProgramData\CogniView
    2019-07-27 15:35 - 2019-07-27 15:35 - 000000000 ____D C:\Users\Home\AppData\Roaming\CogniView
    2019-07-27 15:35 - 2019-07-27 15:35 - 000000000 ____D C:\Program Files (x86)\CogniView
    2019-07-27 15:31 - 2018-01-06 11:07 - 000000000 ____D C:\Users\Home\Downloads\CogniView PDF2XL Enterprise_6.5.7.2_fu11
    2019-07-27 14:19 - 2019-07-27 14:19 - 000000000 ____D C:\Users\Home\Desktop\Vista kiara B-16-2
    2019-07-26 20:14 - 2019-07-26 21:33 - 000000288 _____ C:\ProgramData\PDF2XL-6-5.TrialData
    2019-07-26 13:12 - 2019-07-26 13:12 - 000000000 ____D C:\Program Files (x86)\Property Database System
    2019-07-25 21:33 - 2019-07-25 21:33 - 012577399 _____ C:\Users\Home\Downloads\malaysia-real-estate-highlights-1h-2019-6532.pdf
    2019-07-25 21:31 - 2019-07-27 15:27 - 000000000 ____D C:\Users\Home\Desktop\Propnex MasterList
    2019-07-25 18:21 - 2019-07-25 19:11 - 000000000 ____D C:\Program Files (x86)\Listing Database
    2019-07-24 16:37 - 2019-07-24 16:37 - 000498889 _____ C:\Users\Home\Downloads\senarai-fiah-dan-dl.xlsx
    2019-07-21 19:39 - 2019-07-21 19:39 - 000493526 _____ C:\Users\Home\Desktop\ACFrOgBnZmfeTdSJJJV876eBCxVwn-ig7oGp0LHhGoEE-dA5Y4-OIit1AqMSN8mwU6Iebotmisrnq0am3mDyytmxDWFSYnX_tzRuYV9oU0dNuyZs5SfUxRzIq0w61drIIFIjYCEGtTe_q6WhMQau.pdf
    2019-07-21 19:15 - 2019-07-21 19:17 - 001765606 _____ C:\Users\Home\Desktop\Accreditation - Lembaga Penilai, Pentaksir & Ejen Harta Tanah Malaysia.pdf
    2019-07-21 17:43 - 2019-07-21 17:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
    2019-07-21 17:43 - 2019-07-21 17:43 - 000000000 ____D C:\ProgramData\Malwarebytes
    2019-07-21 17:43 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
    2019-07-21 17:43 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
    2019-07-19 20:52 - 2019-07-27 16:04 - 000002131 _____ C:\Users\Home\Desktop\lead.txt
    2019-07-19 16:19 - 2019-07-19 16:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
    2019-07-19 16:18 - 2019-07-19 16:18 - 000000000 ____D C:\Program Files\Logitech
    2019-07-18 15:49 - 2019-07-18 15:49 - 026808320 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 023454208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 022115472 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 020816384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 019012096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 015221248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 012938752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 012243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 009683472 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2019-07-18 15:49 - 2019-07-18 15:49 - 008900608 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 007921664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 007884288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 007876096 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 007727336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 007645600 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 006925312 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 006545304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 006441472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 006308232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 006068224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 005764608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 005587976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 005566464 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 005528064 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 005436696 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 005297664 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 005115384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 004880896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 004588752 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
    2019-07-18 15:49 - 2019-07-18 15:49 - 004303872 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 004056576 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 003818416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
    2019-07-18 15:49 - 2019-07-18 15:49 - 003738624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 003656192 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 003636224 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
    2019-07-18 15:49 - 2019-07-18 15:49 - 003630592 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Service.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 003550384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 003427328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 003363640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
    2019-07-18 15:49 - 2019-07-18 15:49 - 003081728 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 002982400 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 002942464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 002871816 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
    2019-07-18 15:49 - 2019-07-18 15:49 - 002778760 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 002714624 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 002701000 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 002693120 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 002626872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
    2019-07-18 15:49 - 2019-07-18 15:49 - 002469432 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 002421760 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
    2019-07-18 15:49 - 2019-07-18 15:49 - 002393088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcGenral.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 002323688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 002278784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 002096128 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2019-07-18 15:49 - 2019-07-18 15:49 - 002073472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 002050048 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 002017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2019-07-18 15:49 - 2019-07-18 15:49 - 002013696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 001994760 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 001966904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
    2019-07-18 15:49 - 2019-07-18 15:49 - 001903616 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 001863168 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 001837136 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 001794048 _____ (Microsoft Corporation) C:\Windows\system32\cdprt.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 001763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 001751040 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 001721352 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 001702088 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
    2019-07-18 15:49 - 2019-07-18 15:49 - 001701888 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 001668752 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 001622016 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 001605632 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 001516544 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
    2019-07-18 15:49 - 2019-07-18 15:49 - 001484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 001477648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 001472808 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
    2019-07-18 15:49 - 2019-07-18 15:49 - 001466368 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 001465464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 001427592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 001345168 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
    2019-07-18 15:49 - 2019-07-18 15:49 - 001316352 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 001309696 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 001266192 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
    2019-07-18 15:49 - 2019-07-18 15:49 - 001259520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 001257472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 001254400 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
    2019-07-18 15:49 - 2019-07-18 15:49 - 001223168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdprt.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 001182448 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
    2019-07-18 15:49 - 2019-07-18 15:49 - 001162320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 001160704 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 001159168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 001145856 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 001132032 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 001125416 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 001075712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 001054928 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
    2019-07-18 15:49 - 2019-07-18 15:49 - 001052672 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 001038336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 001010688 _____ (Microsoft Corporation) C:\Windows\system32\refsutil.exe
    2019-07-18 15:49 - 2019-07-18 15:49 - 000998928 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
    2019-07-18 15:49 - 2019-07-18 15:49 - 000988160 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000964608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000956416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000949248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000912384 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000898048 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000863544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
    2019-07-18 15:49 - 2019-07-18 15:49 - 000833536 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000833024 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000828728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
    2019-07-18 15:49 - 2019-07-18 15:49 - 000810504 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000807480 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
    2019-07-18 15:49 - 2019-07-18 15:49 - 000804744 _____ (Microsoft Corporation) C:\Windows\system32\BioIso.exe
    2019-07-18 15:49 - 2019-07-18 15:49 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\uReFS.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000798736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
    2019-07-18 15:49 - 2019-07-18 15:49 - 000791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000773120 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000771584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
    2019-07-18 15:49 - 2019-07-18 15:49 - 000747568 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
    2019-07-18 15:49 - 2019-07-18 15:49 - 000743216 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
    2019-07-18 15:49 - 2019-07-18 15:49 - 000742912 _____ (Microsoft Corporation) C:\Windows\system32\SpaceControl.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000740664 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000730936 _____ (Microsoft Corporation) C:\Windows\system32\LicensingWinRT.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000703488 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000687896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
    2019-07-18 15:49 - 2019-07-18 15:49 - 000682496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uReFS.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000673520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
    2019-07-18 15:49 - 2019-07-18 15:49 - 000667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapi.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000660032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
    2019-07-18 15:49 - 2019-07-18 15:49 - 000652528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000645120 _____ (Microsoft Corporation) C:\Windows\system32\cdpsvc.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000642048 _____ (Microsoft Corporation) C:\Windows\system32\SharedRealitySvc.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000637968 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000626176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000617784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicensingWinRT.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000616960 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000594944 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000579072 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfh264enc.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000560128 _____ (Microsoft Corporation) C:\Windows\system32\mfh264enc.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000553992 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000553472 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000547840 _____ (Microsoft Corporation) C:\Windows\system32\QuietHours.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000532992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000525824 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
    2019-07-18 15:49 - 2019-07-18 15:49 - 000519168 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000514136 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000514048 _____ (Microsoft Corporation) C:\Windows\system32\cdpusersvc.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000513536 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Notifications.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000487936 _____ (Microsoft Corporation) C:\Windows\system32\InputSwitch.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcext.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000465920 _____ (Microsoft Corporation) C:\Windows\system32\slui.exe
    2019-07-18 15:49 - 2019-07-18 15:49 - 000464912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000463872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000461824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmenrollengine.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000449024 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000447488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
    2019-07-18 15:49 - 2019-07-18 15:49 - 000439096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
    2019-07-18 15:49 - 2019-07-18 15:49 - 000436024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
    2019-07-18 15:49 - 2019-07-18 15:49 - 000431416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
    2019-07-18 15:49 - 2019-07-18 15:49 - 000430080 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
    2019-07-18 15:49 - 2019-07-18 15:49 - 000425984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000414720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
    2019-07-18 15:49 - 2019-07-18 15:49 - 000414208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputSwitch.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000408064 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000397688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000370688 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000365056 _____ (Microsoft Corporation) C:\Windows\system32\NotificationControllerPS.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000362496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000359936 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
    2019-07-18 15:49 - 2019-07-18 15:49 - 000351432 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000349696 _____ (Microsoft Corporation) C:\Windows\system32\AcGenral.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000347136 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000333128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\windows.internal.shellcommon.shareexperience.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000324624 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000323072 _____ (Microsoft Corporation) C:\Windows\system32\sppcommdlg.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapibase.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000309760 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000294912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
    2019-07-18 15:49 - 2019-07-18 15:49 - 000293888 _____ (Microsoft Corporation) C:\Windows\system32\TDLMigration.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000291840 _____ (Microsoft Corporation) C:\Windows\system32\CapabilityAccessManager.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\CXHProvisioningServer.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000290304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MbbCx.sys
    2019-07-18 15:49 - 2019-07-18 15:49 - 000279920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000278528 _____ (Microsoft Corporation) C:\Windows\system32\cmd.exe
    2019-07-18 15:49 - 2019-07-18 15:49 - 000263360 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\DesktopSwitcherDataModel.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000260096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000239616 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
    2019-07-18 15:49 - 2019-07-18 15:49 - 000220672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Radios.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000219448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EditionUpgradeManagerObj.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000201528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
    2019-07-18 15:49 - 2019-07-18 15:49 - 000188416 _____ (Microsoft Corporation) C:\Windows\system32\DMPushRouterCore.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000183808 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
    2019-07-18 15:49 - 2019-07-18 15:49 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\spacebridge.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000176128 _____ (Microsoft Corporation) C:\Windows\system32\dmvdsitf.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\NcaSvc.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000164368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
    2019-07-18 15:49 - 2019-07-18 15:49 - 000157696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
    2019-07-18 15:49 - 2019-07-18 15:49 - 000157024 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Radios.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000155648 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmvdsitf.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000149232 _____ (Microsoft Corporation) C:\Windows\system32\LicensingUI.exe
    2019-07-18 15:49 - 2019-07-18 15:49 - 000148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
    2019-07-18 15:49 - 2019-07-18 15:49 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000138240 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000137864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\SpaceAgent.exe
    2019-07-18 15:49 - 2019-07-18 15:49 - 000127488 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000121896 _____ (Microsoft Corporation) C:\Windows\system32\kdnet.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000115120 _____ (Microsoft Corporation) C:\Windows\system32\phoneactivate.exe
    2019-07-18 15:49 - 2019-07-18 15:49 - 000098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000093184 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
    2019-07-18 15:49 - 2019-07-18 15:49 - 000092592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys
    2019-07-18 15:49 - 2019-07-18 15:49 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\CompMgmtLauncher.exe
    2019-07-18 15:49 - 2019-07-18 15:49 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000071696 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerUI.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerUI.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
    2019-07-18 15:49 - 2019-07-18 15:49 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\UpgradeResultsUI.exe
    2019-07-18 15:49 - 2019-07-18 15:49 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\spaceman.exe
    2019-07-18 15:48 - 2019-07-18 15:49 - 003385856 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 017484800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 007687784 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 005561312 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 004351448 _____ (Microsoft Corporation) C:\Windows\explorer.exe
    2019-07-18 15:48 - 2019-07-18 15:48 - 003335216 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 002766136 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 002706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
    2019-07-18 15:48 - 2019-07-18 15:48 - 002645504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 002633216 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 002593336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 002189312 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 002085376 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 001929728 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 001893376 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 001676288 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 001674752 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 001662480 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 001321784 _____ (Microsoft Corporation) C:\Windows\system32\wpx.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 001308672 _____ (Microsoft Corporation) C:\Windows\system32\TaskFlowDataEngine.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 001253688 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
    2019-07-18 15:48 - 2019-07-18 15:48 - 001225216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
    2019-07-18 15:48 - 2019-07-18 15:48 - 001208320 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 001199616 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 001052984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ClipSp.sys
    2019-07-18 15:48 - 2019-07-18 15:48 - 001048592 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
    2019-07-18 15:48 - 2019-07-18 15:48 - 001043968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
    2019-07-18 15:48 - 2019-07-18 15:48 - 001007616 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000987736 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000971776 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000895552 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000871784 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000865272 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000850992 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000816640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
    2019-07-18 15:48 - 2019-07-18 15:48 - 000799776 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000774144 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
    2019-07-18 15:48 - 2019-07-18 15:48 - 000773120 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000770096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000768224 _____ (Microsoft Corporation) C:\Windows\system32\pkeyhelper.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000758896 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
    2019-07-18 15:48 - 2019-07-18 15:48 - 000756224 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000731104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
    2019-07-18 15:48 - 2019-07-18 15:48 - 000680176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000652296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
    2019-07-18 15:48 - 2019-07-18 15:48 - 000651792 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
    2019-07-18 15:48 - 2019-07-18 15:48 - 000607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000580024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000541184 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
    2019-07-18 15:48 - 2019-07-18 15:48 - 000527872 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
    2019-07-18 15:48 - 2019-07-18 15:48 - 000521728 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000513544 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000511504 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000506408 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000482104 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
    2019-07-18 15:48 - 2019-07-18 15:48 - 000470528 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000467984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
    2019-07-18 15:48 - 2019-07-18 15:48 - 000425472 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000423480 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000415752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000388096 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
    2019-07-18 15:48 - 2019-07-18 15:48 - 000349184 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000346624 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000310288 _____ (Microsoft Corporation) C:\Windows\system32\computestorage.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000305664 _____ (Microsoft Corporation) C:\Windows\system32\wc_storage.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000298296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
    2019-07-18 15:48 - 2019-07-18 15:48 - 000294000 _____ (Microsoft Corporation) C:\Windows\system32\skci.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000292152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
    2019-07-18 15:48 - 2019-07-18 15:48 - 000290816 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000281600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000274432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000263680 _____ (Microsoft Corporation) C:\Windows\system32\WiFiCloudStore.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000241944 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
    2019-07-18 15:48 - 2019-07-18 15:48 - 000240128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
    2019-07-18 15:48 - 2019-07-18 15:48 - 000216576 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000212792 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
    2019-07-18 15:48 - 2019-07-18 15:48 - 000203272 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000198456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spacedump.sys
    2019-07-18 15:48 - 2019-07-18 15:48 - 000197832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL
    2019-07-18 15:48 - 2019-07-18 15:48 - 000192824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
    2019-07-18 15:48 - 2019-07-18 15:48 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spacebridge.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000163840 _____ (Microsoft Corporation) C:\Windows\system32\profext.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000141216 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profext.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000132608 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
    2019-07-18 15:48 - 2019-07-18 15:48 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\RjvMDMConfig.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000117720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wldp.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
    2019-07-18 15:48 - 2019-07-18 15:48 - 000095544 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
    2019-07-18 15:48 - 2019-07-18 15:48 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
    2019-07-18 15:48 - 2019-07-18 15:48 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\wcimage.dll
    2019-07-18 15:48 - 2019-07-18 15:48 - 000036360 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
    2019-07-18 15:48 - 2019-07-18 15:48 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
    2019-07-18 15:48 - 2019-07-18 15:48 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
    2019-07-18 15:48 - 2019-07-18 15:48 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
    2019-07-18 15:48 - 2019-07-18 15:48 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
    2019-07-18 15:48 - 2019-07-18 15:48 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
    2019-07-18 15:48 - 2019-07-18 15:48 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
    2019-07-18 15:48 - 2019-07-18 15:48 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
    2019-07-18 15:48 - 2019-07-18 15:48 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
    2019-07-18 14:59 - 2019-07-18 14:59 - 000000000 ____D C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MetaGeek
    2019-07-18 14:59 - 2019-07-18 14:59 - 000000000 ____D C:\Users\Home\AppData\Local\SquirrelTemp
    2019-07-18 14:59 - 2019-07-18 14:59 - 000000000 ____D C:\Users\Home\AppData\Local\MetaGeek
    2019-07-18 14:59 - 2019-07-18 14:59 - 000000000 ____D C:\Users\Home\AppData\Local\inSSIDer
    2019-07-18 10:04 - 2019-07-18 10:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
    2019-07-18 10:02 - 2019-07-18 10:02 - 000000000 ____D C:\Program Files\UNP
    2019-07-17 05:25 - 2019-07-17 05:25 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
    2019-07-17 05:25 - 2019-07-17 05:25 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
    2019-07-17 05:25 - 2019-07-17 05:25 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
    2019-07-17 05:25 - 2019-07-17 05:25 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
    2019-07-16 18:12 - 2019-07-16 18:12 - 000201549 _____ C:\Users\Home\Desktop\Latest Sub sales & leasing Chart list as at 16 July 2019.xlsx
    2019-07-16 12:57 - 2019-07-16 12:57 - 000030835 _____ C:\Users\Home\Desktop\20190715- JVV GROUP-PROPERTIES AVAILABLE UNIT FOR RENT LIST可出租單位表 TO AGENT.pdf
    20
    ==================== Files in the root of some directories ================
    2019-06-16 19:28 - 2019-05-31 16:11 - 000004921 _____ () C:\Users\Public\setup.bat
    2019-05-26 09:25 - 2019-05-26 09:25 - 000000000 _____ () C:\Users\Home\AppData\Roaming\MCVi2UserDetail.ini
    2019-05-28 13:22 - 2019-05-28 13:22 - 000000000 _____ () C:\Users\Home\AppData\Local\oobelibMkey.log
    ==================== FLock ================
    2019-05-16 10:38 C:\Recovery
    ==================== SigCheck ===============================
    (There is no automatic fix for files that do not pass verification.)
    ==================== End of FRST.txt ============================
     
  3. ramesh help

    ramesh help Established Techie7 Member

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 8.1.4 (07.09.2017)
    Operating System: Windows 10 Home x64
    Ran by Home (Administrator) on Sun 28/07/2019 at 13:34:57.16
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    File System: 1
    Successfully deleted: C:\Program Files (x86)\GUT44AC.tmp (File)
    Registry: 1
    Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\0316851564236086mcinstcleanup (Registry Key)
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Sun 28/07/2019 at 13:45:58.18
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
  4. ramesh help

    ramesh help Established Techie7 Member

    Malwarebytes
    www.malwarebytes.com
    -Log Details-
    Scan Date: 7/28/19
    Scan Time: 1:48 PM
    Log File: 494acbfe-b0fb-11e9-a02c-9cb6d0c6abda.json
    -Software Information-
    Version: 3.8.3.2965
    Components Version: 1.0.613
    Update Package Version: 1.0.11748
    License: Free
    -System Information-
    OS: Windows 10 (Build 17763.615)
    CPU: x64
    File System: NTFS
    User: WORK\Home
    -Scan Summary-
    Scan Type: Threat Scan
    Scan Initiated By: Manual
    Result: Completed
    Objects Scanned: 285439
    Threats Detected: 0
    Threats Quarantined: 0
    Time Elapsed: 2 min, 21 sec
    -Scan Options-
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Detect
    PUM: Detect
    -Scan Details-
    Process: 0
    (No malicious items detected)
    Module: 0
    (No malicious items detected)
    Registry Key: 0
    (No malicious items detected)
    Registry Value: 0
    (No malicious items detected)
    Registry Data: 0
    (No malicious items detected)
    Data Stream: 0
    (No malicious items detected)
    Folder: 0
    (No malicious items detected)
    File: 0
    (No malicious items detected)
    Physical Sector: 0
    (No malicious items detected)
    WMI: 0
    (No malicious items detected)
    (end)
     
  5. ramesh help

    ramesh help Established Techie7 Member

    # -------------------------------
    # Malwarebytes AdwCleaner 7.4.0.0
    # -------------------------------
    # Build: 07-23-2019
    # Database: 2019-07-22.1 (Cloud)
    # Support: https://www.malwarebytes.com/support
    #
    # -------------------------------
    # Mode: Clean
    # -------------------------------
    # Start: 07-28-2019
    # Duration: 00:00:02
    # OS: Windows 10 Home Single Language
    # Cleaned: 8
    # Failed: 0
    ***** [ Services ] *****
    No malicious services cleaned.
    ***** [ Folders ] *****
    Deleted C:\Users\Home\Downloads\Tweaks
    ***** [ Files ] *****
    No malicious files cleaned.
    ***** [ DLL ] *****
    No malicious DLLs cleaned.
    ***** [ WMI ] *****
    No malicious WMI cleaned.
    ***** [ Shortcuts ] *****
    No malicious shortcuts cleaned.
    ***** [ Tasks ] *****
    No malicious tasks cleaned.
    ***** [ Registry ] *****
    No malicious registry entries cleaned.
    ***** [ Chromium (and derivatives) ] *****
    No malicious Chromium entries cleaned.
    ***** [ Chromium URLs ] *****
    No malicious Chromium URLs cleaned.
    ***** [ Firefox (and derivatives) ] *****
    No malicious Firefox entries cleaned.
    ***** [ Firefox URLs ] *****
    No malicious Firefox URLs cleaned.
    ***** [ Preinstalled Software ] *****
    Deleted Preinstalled.DellCommand|PowerManager
    Deleted Preinstalled.DellSupportAssistAgent
    Deleted Preinstalled.DellUpdateforWindows10
    *************************
    [+] Delete Tracing Keys
    [+] Reset Winsock
    *************************
    AdwCleaner[S00].txt - [1306 octets] - [05/06/2019 10:11:41]
    AdwCleaner[C00].txt - [1472 octets] - [05/06/2019 10:11:57]
    AdwCleaner[S01].txt - [1582 octets] - [27/07/2019 21:36:56]
    AdwCleaner[S02].txt - [1643 octets] - [28/07/2019 13:46:18]
    AdwCleaner[S03].txt - [1704 octets] - [28/07/2019 13:50:46]
    ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C03].txt ##########
     
  6. ramesh help

    ramesh help Established Techie7 Member

    Farbar Service Scanner Version: 27-01-2016
    Ran by Home (administrator) on 28-07-2019 at 14:03:05
    Running from "C:\Users\Home\Downloads"
    Microsoft Windows 10 Home Single Language (X64)
    Boot Mode: Normal
    ****************************************************************
    Internet Services:
    ============
    Connection Status:
    ==============
    Localhost is accessible.
    LAN connected.
    Google IP is accessible.
    Google.com is accessible.
    Yahoo.com is accessible.
    Windows Firewall:
    =============
    Firewall Disabled Policy:
    ==================
    System Restore:
    ============
    System Restore Policy:
    ========================
    Security Center:
    ============
    Windows Update:
    ============
    Windows Autoupdate Disabled Policy:
    ============================
    Windows Defender:
    ==============
    Other Services:
    ==============
    File Check:
    ========
    C:\Windows\System32\nsisvc.dll => File is digitally signed
    C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
    C:\Windows\System32\drivers\afd.sys => File is digitally signed
    C:\Windows\System32\drivers\tdx.sys => File is digitally signed
    C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
    C:\Windows\System32\dnsrslvr.dll => File is digitally signed
    C:\Windows\System32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\System32\mpssvc.dll => File is digitally signed
    C:\Windows\System32\bfe.dll => File is digitally signed
    C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
    C:\Windows\System32\SDRSVC.dll => File is digitally signed
    C:\Windows\System32\vssvc.exe => File is digitally signed
    C:\Windows\System32\wscsvc.dll => File is digitally signed
    C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
    C:\Windows\System32\wuaueng.dll => File is digitally signed
    C:\Windows\System32\qmgr.dll => File is digitally signed
    C:\Windows\System32\es.dll => File is digitally signed
    C:\Windows\System32\cryptsvc.dll => File is digitally signed
    C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
    C:\Windows\System32\ipnathlp.dll => File is digitally signed
    C:\Windows\System32\iphlpsvc.dll => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    **** End of log ****
     
  7. ramesh help

    ramesh help Established Techie7 Member

    Results of screen317's Security Check version 0.99.93
    x64 (UAC is enabled)
    Internet Explorer 11
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Enabled!
    Windows Defender
    WMI entry may not exist for antivirus; attempting automatic update.
    `````````Anti-malware/Other Utilities Check:`````````
    Google Chrome (75.0.3770.142)
    Google Chrome (SetupMetrics...)
    ````````Process Check: objlist.exe by Laurent````````
    Windows Defender MSMpEng.exe
    Malwarebytes Anti-Malware mbamservice.exe
    Malwarebytes Anti-Malware mbamtray.exe
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C: %
    ````````````````````End of Log``````````````````````
     
  8. ramesh help

    ramesh help Established Techie7 Member

    RogueKiller Anti-Malware V13.3.2.0 (x64) [Jul 15 2019] (Free) by Adlice Software
    mail : https://adlice.com/contact/
    Website : https://adlice.com/download/roguekiller/
    Operating System : Windows 10 (10.0.17763) 64 bits
    Started in : Normal mode
    User : Home [Administrator]
    Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
    Signatures : 20190726_165150, Driver : Loaded
    Mode : Standard Scan, Delete -- Date : 2019/07/28 14:08:11 (Duration : 00:03:24)
    Switches : -refid 3
    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Delete ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
    [PUP.MailRU|PUP.Gen1 (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\Mail.Ru -- -> Deleted
    [PUP.MailRU|PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-2667368444-1927000229-3924509202-1001\Software\Mail.Ru -- -> Deleted
    [PUP.MailRU|PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-2667368444-1927000229-3924509202-1001\Software\AppDataLow\Software\Mail.Ru -- -> Deleted
    [PUP.MailRU (Potentially Malicious)] Mail.Ru -- %localappdata%\Mail.Ru -> Deleted
    [PUP.MailRU (Potentially Malicious)] Mail.Ru -- %programdata%\Mail.Ru -> Deleted
     
  9. ramesh help

    ramesh help Established Techie7 Member

    # DelFix v1.010 - Logfile created 28/07/2019 at 14:11:17
    # Updated 26/04/2015 by Xplode
    # Username : Home - WORK
    # Operating System : Windows 10 Home (64 bits)
    ~ Activating UAC ... OK
    ~ Removing disinfection tools ...
    Deleted : C:\FRST
    Deleted : C:\AdwCleaner
    Deleted : C:\Users\Home\Desktop\JRT.txt
    Deleted : C:\Users\Home\Desktop\Rkill.txt
    Deleted : C:\Users\Home\Downloads\FSS.exe
    Deleted : C:\Users\Home\Downloads\FSS.txt
    Deleted : C:\Users\Home\Downloads\RogueKiller_setup_ref3.exe
    Deleted : C:\Users\Home\Downloads\SecurityCheck.exe
    Deleted : C:\Users\Home\Downloads\TFC.exe
    Deleted : HKLM\SOFTWARE\OldTimer Tools
    ~ Creating registry backup ... OK
    ~ Cleaning system restore ...
    Deleted : RP #13 [Installed Dell Command | Integration Suite for System Center. | 07/08/2019 09:26:31]
    Deleted : RP #14 [Windows Update | 07/18/2019 07:43:39]
    Deleted : RP #15 [Removed Bonjour | 07/21/2019 11:44:46]
    Deleted : RP #16 [Installed PDF2XL Evaluation | 07/26/2019 12:14:19]
    Deleted : RP #17 [Removed Dropbox Update Helper | 07/27/2019 14:00:22]
    Deleted : RP #18 [JRT Pre-Junkware Removal | 07/28/2019 05:34:58]
    New restore point created !
    ~ Resetting system settings ... OK
    ########## - EOF - ##########
     
  10. broni

    broni Malware Annihilator Techie7 Moderator Head Security

    At this point all looks clean to me.
    Regarding Chrome issue I suggest new topic in Windows forum.
     
  11. ramesh help

    ramesh help Established Techie7 Member

    hi bronie. i didnt get notification via email your post. thanks for checking it out. after cleaning the virus, google crome seems to work well already :) can close thread already
     
  12. broni

    broni Malware Annihilator Techie7 Moderator Head Security

    Good news :)