Login

Register

Login

Register

Popup ‘Advertorial’ Firefox browser window | #firefox | #chrome | #microsoftedge | #cybersecurity | #infosecurity | #hacker


Hello,

Recently, what appears to be a Firefox browser ‘Advertorial’ window with a ‘headlinesfromtheworld’ URL is popping-up while I am surfing with Mozilla Firefox. I have run various a/v apps such as Malwarebytes, tdsskiller, Microsoft Safety Scanner, Hittman_Pro, AdwCleaner in addition to a few other popular free a/v apps. Adwcleaner is the only app showing results as follows:

# ——————————-
# Malwarebytes AdwCleaner 8.2.0.0
# ——————————-
# Build:    03-22-2021
# Database: 2021-05-17.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# ——————————-
# Mode: Clean
# ——————————-
# Start:    06-21-2021
# Duration: 00:00:23
# OS:       Windows 10 Home
# Cleaned:  4
# Failed:   0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:Userssspur_000AppDataRoamingIObitAdvanced SystemCare

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted       C:WindowsSystem32TasksDRIVER BOOSTER SCHEDULER

***** [ Registry ] *****

Deleted       HKLMSOFTWAREMicrosoftWindows NTCurrentVersionScheduleTaskCacheTasks{61E15B2A-D02E-4353-BCBD-6FF357F1E48E}
Deleted       HKLMSOFTWAREMicrosoftWindows NTCurrentVersionScheduleTaskCacheTreeDriver Booster Scheduler

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt – [1301 octets] – [10/06/2018 17:45:47]
AdwCleaner[C00].txt – [1429 octets] – [11/06/2018 11:02:29]
AdwCleaner[S01].txt – [1364 octets] – [04/07/2018 10:53:35]
AdwCleaner[S02].txt – [1674 octets] – [27/07/2018 08:59:51]
AdwCleaner[C02].txt – [1782 octets] – [27/07/2018 09:02:17]
AdwCleaner[S03].txt – [1547 octets] – [18/08/2018 10:02:07]
AdwCleaner[S04].txt – [1604 octets] – [20/09/2018 09:26:15]
AdwCleaner[S05].txt – [2041 octets] – [23/11/2018 14:34:37]
AdwCleaner[C05].txt – [2149 octets] – [23/11/2018 14:35:01]
AdwCleaner[S06].txt – [1799 octets] – [16/01/2019 10:03:33]
AdwCleaner[S07].txt – [1860 octets] – [16/01/2019 10:39:15]
AdwCleaner[C07].txt – [2046 octets] – [16/01/2019 11:18:04]
AdwCleaner[S08].txt – [1982 octets] – [05/02/2019 11:04:51]
AdwCleaner[S09].txt – [2919 octets] – [27/04/2019 16:24:02]
AdwCleaner[C09].txt – [2330 octets] – [27/04/2019 17:28:31]
AdwCleaner[S10].txt – [3041 octets] – [01/06/2019 10:36:41]
AdwCleaner[C10].txt – [2693 octets] – [01/06/2019 10:37:14]
AdwCleaner[S11].txt – [2680 octets] – [22/06/2019 13:32:03]
AdwCleaner[C11].txt – [2752 octets] – [22/06/2019 13:34:35]
AdwCleaner_Debug.log – [58302 octets] – [24/09/2019 15:16:27]
AdwCleaner[S12].txt – [2833 octets] – [24/09/2019 16:54:54]
AdwCleaner[C12].txt – [2977 octets] – [24/09/2019 16:57:05]
AdwCleaner[S13].txt – [2670 octets] – [28/09/2019 13:30:03]
AdwCleaner[S14].txt – [4122 octets] – [14/06/2021 15:53:17]
AdwCleaner[C14].txt – [3974 octets] – [14/06/2021 16:03:39]
AdwCleaner[S15].txt – [2998 octets] – [14/06/2021 16:49:21]
AdwCleaner[C15].txt – [3168 octets] – [14/06/2021 16:51:15]
AdwCleaner[S16].txt – [3055 octets] – [14/06/2021 17:34:31]
AdwCleaner[C16].txt – [3245 octets] – [14/06/2021 17:36:25]
AdwCleaner[S17].txt – [3218 octets] – [15/06/2021 09:56:57]
AdwCleaner[C17].txt – [3388 octets] – [15/06/2021 10:19:52]
AdwCleaner[S18].txt – [3299 octets] – [15/06/2021 10:22:33]
AdwCleaner[C18].txt – [3489 octets] – [15/06/2021 10:22:56]
AdwCleaner[S19].txt – [3421 octets] – [15/06/2021 16:22:08]
AdwCleaner[S20].txt – [3482 octets] – [18/06/2021 17:57:12]
AdwCleaner[S21].txt – [3907 octets] – [21/06/2021 15:21:38]

########## EOF – C:AdwCleanerLogsAdwCleaner[C21].txt ##########

 

Follow-up AdwCleaner scans were clean for awhile. I got an ‘Advertorial’ popup today, but a negative AdwCleaner scan.

 

FRST scan log:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-06-2021
Ran by sspur_000 (administrator) on DAN (ASUSTeK COMPUTER INC. CM1735) (01-07-2021 11:56:26)
Running from C:Userssspur_000Desktop
Loaded Profiles: sspur_000
Platform: Windows 10 Home Version 2004 19041.1052 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCCC.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticMOM.exe
(Advanced Micro Devices, Inc.) [File not signed] C:Program FilesATI TechnologiesATI.ACEFuelFuel.Service.exe
(Apple Inc. -> Apple Inc.) C:Program FilesBonjourmDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:Program Files (x86)AviraSoftwareUpdaterAvira.SoftwareUpdater.ServiceHost.exe
(Comodo Security Solutions, Inc. -> COMODO) C:Program Files (x86)ComodoInternet Security Essentialsisesrv.exe
(Comodo Security Solutions, Inc. -> COMODO) C:Program Files (x86)ComodoInternet Security Essentialsvkise.exe
(Glarysoft LTD -> Glarysoft Ltd) C:Program Files (x86)Glary Utilities 5GUBootService.exe
(Glarysoft LTD -> Glarysoft Ltd) C:Program Files (x86)Glary Utilities 5Integrator.exe
(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.82GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.82GoogleCrashHandler64.exe
(ICEpower a/s -> ICEpower) C:WindowsSystem32ICEsoundService64.exe
(Intuit, Inc. -> Intuit Inc.) C:Program Files (x86)Common FilesIntuitUpdate Service v4IntuitUpdateService.exe
(IObit Information Technology -> IObit) C:Program Files (x86)IObitIObit UninstallerUninstallMonitor.exe
(LogMeIn, Inc. -> LastPass) C:Program Files (x86)LastPassnplastpass.exe
(Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:Program FilesMalwarebytesAnti-Malwarembamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:Program Files (x86)Microsoft OfficeOffice14MSOSYNC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:Program Files (x86)Microsoft OfficeOffice14OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:Program FilesCommon Filesmicrosoft sharedOfficeSoftwareProtectionPlatformOSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:Program FilesMicrosoft Mouse and Keyboard Centeripoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:Program FilesMicrosoft Mouse and Keyboard Centeritype.exe
(Microsoft Corporation -> Microsoft Corporation) C:Program FilesMicrosoft Mouse and Keyboard CenterMKCHelper.exe
(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbweCalculator.exe
(Microsoft Corporation) C:Program FilesWindowsAppsmicrosoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbweHxCalendarAppImm.exe
(Microsoft Corporation) C:Program FilesWindowsAppsmicrosoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbweHxTsr.exe
(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbweWinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:WindowsSystem32atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:WindowsSystem32atiesrxx.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2105.5-0MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2105.5-0NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:Program FilesMozilla Firefoxfirefox.exe <8>
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:Program Files (x86)NuancePaperPortPDFProFiltSrvPP.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARtkNGUI64.exe
(Shenzhen Saiboen Software Technology Co., Ltd. -> Cybertron Software, Co., Ltd.) C:Program FilesCybertronPrivacy EraserPrivacyEraser64.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:Program FilesSUPERAntiSpywareSASCore64.exe
(SurfRight B.V. -> SurfRight B.V.) C:Program FilesHitmanProhmpsched.exe
(TEFINCOM S.A. -> TEFINCOM S.A.) C:Program FilesNordVPNnordvpn-service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM…Run: [RTHDVCPL] => C:Program FilesRealtekAudioHDARtkNGUI64.exe [11236136 2021-03-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM…Run: [Eraser] => C:Program FilesEraserEraser.exe [1068624 2020-10-11] (Heidi Computers Ltd -> The Eraser Project)
HKLM-x32…Run: [BCSSync] => C:Program Files (x86)Microsoft OfficeOffice14BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32…Run: [HP Software Update] => C:Program Files (x86)HpHP Software UpdateHPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32…Run: [IseUI] => C:Program Files (x86)COMODOInternet Security Essentialsvkise.exe [4187856 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
HKLM-x32…Run: [StartCCC] => C:Program Files (x86)ATI TechnologiesATI.ACECore-Staticamd64CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKUS-1-5-21-1774870481-1400008346-3143672678-1001…Run: [Privacy Eraser] => C:Program FilesCybertronPrivacy EraserPrivacyEraser64.exe [8257368 2021-06-26] (Shenzhen Saiboen Software Technology Co., Ltd. -> Cybertron Software, Co., Ltd.)
HKUS-1-5-21-1774870481-1400008346-3143672678-1001…Run: [GUDelayStartup] => C:Program Files (x86)Glary Utilities 5StartupManager.exe [44416 2021-05-28] (Glarysoft LTD -> Glarysoft Ltd)
HKUS-1-5-21-1774870481-1400008346-3143672678-1001…Run: [OfficeSyncProcess] => C:Program Files (x86)Microsoft OfficeOffice14MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation -> Microsoft Corporation)
HKUS-1-5-21-1774870481-1400008346-3143672678-1001…Run: [CCleaner Smart Cleaning] => C:Program FilesCCleanerCCleaner64.exe [34508416 2021-06-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKUS-1-5-21-1774870481-1400008346-3143672678-1001…Run: [GarminExpress] => C:Program Files (x86)GarminExpressexpress.exe [31171504 2021-06-24] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKLM…PrintMonitorsAdobe PDF Port Monitor: C:WINDOWSsystem32AdobePDF.dll [51032 2008-04-07] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM…PrintMonitorsHP 5C12 Status Monitor: C:WINDOWSsystem32hpinksts5C12LM.dll [331664 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM…PrintMonitorsHP Discovery Port Monitor (HP Officejet 6700): C:WINDOWSsystem32HPDiscoPM5C12.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLMSoftwareMicrosoftActive SetupInstalled Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:Program Files (x86)GoogleChromeApplication91.0.4472.124Installerchrmstp.exe [2021-06-25] (Google LLC -> Google LLC)
Startup: C:Userssspur_000AppDataRoamingMicrosoftWindowsStart MenuProgramsStartupMailWasher.lnk [2021-03-26]
ShortcutTarget: MailWasher.lnk -> C:Program Files (x86)FiretrustMailWasherMailWasher.exe (Firetrust Ltd -> Firetrust)
BootExecute: autocheck autochk *  
Policies: C:ProgramDataNTUSER.pol: Restriction <==== ATTENTION
HKLMSOFTWAREPoliciesMozillaFirefox: Restriction <==== ATTENTION
HKLMSOFTWAREPoliciesGoogle: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {115D9D8A-2005-417A-859D-A08EA3386D5F} – System32TasksMicrosoft_Hardware_Launch_mousekeyboardcenter_exe => C:Program FilesMicrosoft Mouse and Keyboard Centermousekeyboardcenter.exe [2311528 2020-09-28] (Microsoft Corporation -> Microsoft)
Task: {1EBBD40C-3B77-4796-A237-EC6DBEB51CF2} – System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [154920 2019-06-24] (Google Inc -> Google LLC)
Task: {25D2535C-9290-438C-95EE-1640D72753E7} – System32TasksGarminUpdaterTask => C:Program Files (x86)GarminExpress SelfUpdaterExpressSelfUpdater.exe [40880 2021-06-24] (Garmin International, Inc. -> )
Task: {2C42678F-1AC6-49F3-A1D2-7F2BD5DA9BD5} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Scheduled Scan => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2105.5-0MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {30047900-BDA2-40FF-95DB-85BA378F7976} – System32TasksMicrosoft_MKC_Logon_Task_ceip.exe => C:Program FilesMicrosoft Mouse and Keyboard Centerceip.exe [32624 2020-09-28] (Microsoft Corporation -> Microsoft)
Task: {3560584B-99F7-46A8-A1BD-9D5A73FD87BE} – System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [154920 2019-06-24] (Google Inc -> Google LLC)
Task: {3669CA0D-B9A3-4342-A1E0-5BD2D2CF2EB3} – System32TasksCybertronPrivacy EraserSchedule_sspur_000 => C:Program FilesCybertronPrivacy EraserPrivacyEraser64.exe [8257368 2021-06-26] (Shenzhen Saiboen Software Technology Co., Ltd. -> Cybertron Software, Co., Ltd.)
Task: {45B54990-D45A-48D5-9D82-F2E95CA0925A} – System32TasksUninstaller_SkipUac_sspur_000 => C:Program Files (x86)IObitIObit UninstallerIObitUninstaler.exe [6671824 2021-01-14] (IObit Information Technology -> IObit)
Task: {4D248DFF-86AB-4F07-834B-C92EF5C672E2} – System32TasksGlaryInitialize 5 => C:Program Files (x86)Glary Utilities 5Initialize.exe [137088 2021-05-28] (Glarysoft LTD -> Glarysoft Ltd)
Task: {65880A9E-1467-499C-8753-DFBDD7EF77A8} – System32TasksEOSv3 Scheduler onTime => C:Userssspur_000AppDataLocalESETESETOnlineScannerESETOnlineScanner.exe [18007968 2021-06-22] (ESET, spol. s r.o. -> ESET)
Task: {6A2A9B89-B010-4761-8E7A-8637B7CACAF4} – System32TasksMicrosoft_Hardware_Launch_itype_exe => C:Program FilesMicrosoft Mouse and Keyboard Centeritype.exe [1910136 2020-09-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {789436A5-463C-4779-AEAA-FF8F3C08C0FC} – System32TasksAppleAppleSoftwareUpdate => C:Program Files (x86)Apple Software UpdateSoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {7B681B8D-79BC-448A-A8EA-519EC734FD64} – System32Tasks2BrightSparksSyncBackFreeDAN-sspur_000SyncBackFree group => C:Program Files (x86)2BrightSparksSyncBackFreeSyncBackFree.exe [72934480 2021-06-01] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.)
Task: {7BB76D47-0D95-4A09-BAF4-266DF5819C19} – System32TasksMicrosoft_MKC_Logon_Task_itype.exe => C:Program FilesMicrosoft Mouse and Keyboard Centeritype.exe [1910136 2020-09-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {8616905C-5D03-4CD8-B5F0-9FAB3B152C2F} – System32TasksCybertronPrivacy EraserSkipUAC_sspur_000 => C:Program FilesCybertronPrivacy EraserPrivacyEraser64.exe [8257368 2021-06-26] (Shenzhen Saiboen Software Technology Co., Ltd. -> Cybertron Software, Co., Ltd.)
Task: {899D0E7D-B31D-473C-9DD9-4B454D5621F8} – System32TasksMicrosoft_Hardware_Launch_ipoint_exe => C:Program FilesMicrosoft Mouse and Keyboard Centeripoint.exe [2434424 2020-09-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {8CF7AE81-63C2-4A1D-9CFF-DDB319738461} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cleanup => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2105.5-0MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {97DC76AB-EC3F-409E-AB9D-90D015FD4FE6} – System32TasksCreateExplorerShellUnelevatedTask => C:WINDOWSexplorer.exe /NoUACCheck
Task: {9E15DAA7-651A-428E-B392-40DE1D9DFEEE} – System32TasksApple Diagnostics => eReporter-AppX.exe
Task: {A832B18E-2525-4E26-91EF-AF6E33C60699} – System32TasksMozillaFirefox Default Browser Agent 308046B0AF4A39CB => C:Program FilesMozilla Firefoxdefault-browser-agent.exe [690616 2021-06-27] (Mozilla Corporation -> Mozilla Foundation)
Task: {AC77D2F9-C89B-4677-AAE1-17C366118B04} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Verification => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2105.5-0MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B249FA43-7781-4E62-8918-D8938AC764C8} – System32TasksLastPassUpdater => C:Program Files (x86)LastPassUpdaterUpdater.exe [2865080 2020-02-18] (LogMeIn, Inc. -> )
Task: {B3CBED60-F99A-4D47-82F1-8393592DF740} – System32TasksMicrosoft_MKC_Logon_Task_ipoint.exe => C:Program FilesMicrosoft Mouse and Keyboard Centeripoint.exe [2434424 2020-09-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {B9088328-CA9D-44FC-B1A8-E7A82F3029DE} – System32TasksOneDrive Per-Machine Standalone Update Task => C:Program Files (x86)Microsoft OneDriveOneDriveStandaloneUpdater.exe [2822520 2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {D820D392-A8A5-4741-B8EA-BF79C6FDF2B1} – System32TasksCCleanerSkipUAC => C:Program FilesCCleanerCCleaner.exe [28880512 2021-06-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D93700C7-AD22-4B7C-B422-69745D7CC284} – System32TasksEOSv3 Scheduler onLogOn => C:Userssspur_000AppDataLocalESETESETOnlineScannerESETOnlineScanner.exe [18007968 2021-06-22] (ESET, spol. s r.o. -> ESET)
Task: {E7D7D592-46BA-4B61-A268-4311E22A3777} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cache Maintenance => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2105.5-0MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F232EE15-D56B-4DB5-AD1F-7B9D956B0B00} – System32TasksCCleaner Update => C:Program FilesCCleanerCCUpdate.exe [684976 2021-06-16] (Piriform Software Ltd -> Piriform)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
TcpipParameters: [DhcpNameServer] 204.186.80.229 204.186.110.114 204.186.0.180
Tcpip..Interfaces{f5361ea3-4301-47b6-aac9-12e4e6f35668}: [DhcpNameServer] 204.186.80.229 204.186.110.114 204.186.0.180

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:Userssspur_000AppDataLocalMicrosoftEdgeUser DataDefault [2021-07-01]
Edge StartupUrls: Default -> “hxxps://www.townofbethanybeach.com/365/Beach-Cams”
Edge Extension: (LastPass: Free Password Manager) – C:Userssspur_000AppDataLocalMicrosoftEdgeUser DataDefaultExtensionsbbcinlkgjjkejfdpemiealijmmooekmp [2021-06-14]
Edge Extension: (Malwarebytes Browser Guard) – C:Userssspur_000AppDataLocalMicrosoftEdgeUser DataDefaultExtensionsihcjicgdanjaechkgeegckofjjedodee [2021-06-14]
Edge HKLM-x32…EdgeExtension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: vcxhoos1.default
FF ProfilePath: C:Userssspur_000AppDataRoamingMozillaFirefoxProfilesvcxhoos1.default [2020-01-20]
FF ProfilePath: C:Userssspur_000AppDataRoamingMozillaFirefoxProfiles9kwov2kv.default-release-1624372650425 [2021-07-01]
FF Homepage: MozillaFirefoxProfiles9kwov2kv.default-release-1624372650425 -> hxxps://www.townofbethanybeach.com/365/Beach-Cams
FF Notifications: MozillaFirefoxProfiles9kwov2kv.default-release-1624372650425 -> hxxps://www.accuweather.com; hxxps://www.wnep.com
FF Extension: (Facebook Container) – C:Userssspur_000AppDataRoamingMozillaFirefoxProfiles9kwov2kv.default-release-1624372650425Extensions@contain-facebook.xpi [2021-06-22]
FF Extension: (Library Extension) – C:Userssspur_000AppDataRoamingMozillaFirefoxProfiles9kwov2kv.default-release-1624372650425Extensionsfirefox@libraryextension.com.xpi [2021-06-28]
FF Extension: (NordVPN #1 VPN Extension: Get VPN for Firefox) – C:Userssspur_000AppDataRoamingMozillaFirefoxProfiles9kwov2kv.default-release-1624372650425Extensionsnordvpnproxy@nordvpn.com.xpi [2021-06-22]
FF Extension: (RetailMeNot Deal Finder) – C:Userssspur_000AppDataRoamingMozillaFirefoxProfiles9kwov2kv.default-release-1624372650425Extensionsretailmenot-genie@rmn.com.xpi [2021-06-30]
FF Extension: (LastPass: Free Password Manager) – C:Userssspur_000AppDataRoamingMozillaFirefoxProfiles9kwov2kv.default-release-1624372650425Extensionssupport@lastpass.com.xpi [2021-07-01]
FF Extension: (Capital One Shopping: Save in seconds) – C:Userssspur_000AppDataRoamingMozillaFirefoxProfiles9kwov2kv.default-release-1624372650425Extensions{aff8af88-06a9-4eee-b383-3af08c47b8c8}.xpi [2021-06-22]
FF Extension: (Adblock Plus – free ad blocker) – C:Userssspur_000AppDataRoamingMozillaFirefoxProfiles9kwov2kv.default-release-1624372650425Extensions{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-06-22]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:PROGRA~1MICROS~1Office14NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:Program FilesVideoLANVLCnpvlc.dll [2021-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:Program FilesVideoLANVLCnpvlc.dll [2021-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:Program FilesVideoLANVLCnpvlc.dll [2021-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:Program FilesVideoLANVLCnpvlc.dll [2021-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.15 -> C:Program FilesVideoLANVLCnpvlc.dll [2021-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:Program FilesVideoLANVLCnpvlc.dll [2021-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:PROGRA~2MICROS~1Office14NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:PROGRA~2MICROS~1Office14NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:Userssspur_000AppDataRoamingmozillapluginsnpatgpc.dll [2020-01-13]

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:Userssspur_000AppDataLocalGoogleChromeUser DataDefault [2021-06-26]
CHR Extension: (Google Drive) – C:Userssspur_000AppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2019-06-24]
CHR Extension: (YouTube) – C:Userssspur_000AppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2019-06-24]
CHR Extension: (Google Docs Offline) – C:Userssspur_000AppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-06-24]
CHR Extension: (LastPass: Free Password Manager) – C:Userssspur_000AppDataLocalGoogleChromeUser DataDefaultExtensionshdokiejnpimakedhajhdlcegeplioahd [2019-12-16]
CHR Extension: (Application Launcher for Drive (by Google)) – C:Userssspur_000AppDataLocalGoogleChromeUser DataDefaultExtensionslmjegmlicamnimmfhcmpkclmigmmcbeh [2019-10-22]
CHR Extension: (Chrome Web Store Payments) – C:Userssspur_000AppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2019-10-22]
CHR Extension: (Gmail) – C:Userssspur_000AppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2019-06-24]
CHR Extension: (Chrome Media Router) – C:Userssspur_000AppDataLocalGoogleChromeUser DataDefaultExtensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-16]
CHR Profile: C:Userssspur_000AppDataLocalGoogleChromeUser DataGuest Profile [2021-06-26]
CHR Profile: C:Userssspur_000AppDataLocalGoogleChromeUser DataProfile 1 [2021-06-26]
CHR Extension: (Slides) – C:Userssspur_000AppDataLocalGoogleChromeUser DataProfile 1Extensionsaapocclcgogkmnckokdopfmhonfmgoek [2019-12-19]
CHR Extension: (Docs) – C:Userssspur_000AppDataLocalGoogleChromeUser DataProfile 1Extensionsaohghmighlieiainnegkcijnfilokake [2019-12-19]
CHR Extension: (Google Drive) – C:Userssspur_000AppDataLocalGoogleChromeUser DataProfile 1Extensionsapdfllckaahabafndbhieahigkjlhalf [2021-02-16]
CHR Extension: (YouTube) – C:Userssspur_000AppDataLocalGoogleChromeUser DataProfile 1Extensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2019-12-19]
CHR Extension: (Sheets) – C:Userssspur_000AppDataLocalGoogleChromeUser DataProfile 1Extensionsfelcaaldnbdncclmgdcncolpebgiejap [2019-12-19]
CHR Extension: (Google Docs Offline) – C:Userssspur_000AppDataLocalGoogleChromeUser DataProfile 1Extensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-12]
CHR Extension: (LastPass: Free Password Manager) – C:Userssspur_000AppDataLocalGoogleChromeUser DataProfile 1Extensionshdokiejnpimakedhajhdlcegeplioahd [2021-06-12]
CHR Extension: (Malwarebytes Browser Guard) – C:Userssspur_000AppDataLocalGoogleChromeUser DataProfile 1Extensionsihcjicgdanjaechkgeegckofjjedodee [2021-06-12]
CHR Extension: (Application Launcher For Drive (by Google)) – C:Userssspur_000AppDataLocalGoogleChromeUser DataProfile 1Extensionslmjegmlicamnimmfhcmpkclmigmmcbeh [2021-02-17]
CHR Extension: (Chrome Web Store Payments) – C:Userssspur_000AppDataLocalGoogleChromeUser DataProfile 1Extensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-02-17]
CHR Extension: (Gmail) – C:Userssspur_000AppDataLocalGoogleChromeUser DataProfile 1Extensionspjkljhegncpnkpknbcohdijeoejaedia [2021-02-16]
CHR Extension: (Chrome Media Router) – C:Userssspur_000AppDataLocalGoogleChromeUser DataProfile 1Extensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-12]
CHR Profile: C:Userssspur_000AppDataLocalGoogleChromeUser DataSystem Profile [2021-06-26]
CHR HKUS-1-5-21-1774870481-1400008346-3143672678-1001SOFTWAREGoogleChromeExtensions…ChromeExtension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32…ChromeExtension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32…ChromeExtension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32…ChromeExtension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32…ChromeExtension: [hdokiejnpimakedhajhdlcegeplioahd]
CHR HKLM-x32…ChromeExtension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:Program FilesSUPERAntiSpywareSASCORE64.EXE [173472 2021-01-09] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AMD FUEL Service; C:Program FilesATI TechnologiesATI.ACEFuelFuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [File not signed]
R2 Apple Mobile Device Service; C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe [99104 2021-03-16] (Apple Inc. -> Apple Inc.)
R2 AviraUpdaterService; C:Program Files (x86)AviraSoftwareUpdaterAvira.SoftwareUpdater.ServiceHost.exe [159080 2021-04-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 FileSyncHelper; C:Program Files (x86)Microsoft OneDrive21.109.0530.0001FileSyncHelper.exe [2262904 2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
S3 FLEXnet Licensing Service; C:Program Files (x86)Common FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe [651720 2019-06-24] (Macrovision Corporation -> Macrovision Europe Ltd.) [File not signed]
R2 GUBootService; C:Program Files (x86)Glary Utilities 5GUBootService.exe [867712 2021-05-28] (Glarysoft LTD -> Glarysoft Ltd)
R2 HitmanProScheduler; C:Program FilesHitmanProhmpsched.exe [151496 2021-06-22] (SurfRight B.V. -> SurfRight B.V.)
S2 IObitUnSvr; C:Program Files (x86)IObitIObit UninstallerIUService.exe [158992 2020-10-19] (IObit Information Technology -> IObit)
R2 isesrv; C:Program Files (x86)COMODOInternet Security Essentialsisesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
R2 MBAMService; C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe [7391408 2021-05-30] (Malwarebytes Inc -> Malwarebytes)
R2 nordvpn-service; C:Program FilesNordVPNnordvpn-service.exe [275200 2020-10-16] (TEFINCOM S.A. -> TEFINCOM S.A.)
S3 OneDrive Updater Service; C:Program Files (x86)Microsoft OneDrive21.109.0530.0001OneDriveUpdaterService.exe [2728312 2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
R2 PDFProFiltSrvPP; C:Program Files (x86)NuancePaperPortPDFProFiltSrvPP.exe [219496 2011-10-28] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R3 WdNisSvc; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2105.5-0NisSrv.exe [2644776 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2105.5-0MsMpEng.exe [136656 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ahcix64s; C:WINDOWSSystem32driversahcix64s.sys [291624 2012-03-16] (Promise Technology -> Advanced Micro Devices, Inc)
R2 AODDriver4.3; C:Program FilesATI TechnologiesATI.ACEFuelamd64AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 AppleKmdfFilter; C:WINDOWSSystem32driversAppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:WINDOWSSystem32driversAppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 DSI_SiUSBXp_3_1; C:WINDOWSsystem32driversDSI_SiUSBXp_3_1.sys [16384 2007-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Silicon Laboratories)
R1 GUBootStartup; C:WINDOWSSystem32driversGUBootStartup.sys [30720 2021-02-17] (Microsoft Windows Hardware Compatibility Publisher -> Glarysoft Ltd)
R1 HWiNFO32; C:WINDOWSSysWOW64driversHWiNFO64A.SYS [27552 2019-11-08] (Martin Malik – REALiX -> REALiX™)
R1 isedrv; C:WINDOWSsystem32driversisedrv.sys [63256 2018-08-29] (Comodo Security Solutions, Inc. -> COMODO)
R3 IUFileFilter; C:Program Files (x86)IObitIObit Uninstallerdriverswin10_amd64IUFileFilter.sys [43896 2020-07-31] (IObit Information Technology -> IObit)
R3 IUProcessFilter; C:Program Files (x86)IObitIObit Uninstallerdriverswin10_amd64IUProcessFilter.sys [37112 2020-07-31] (IObit Information Technology -> IObit)
R3 IURegistryFilter; C:Program Files (x86)IObitIObit Uninstallerdriverswin10_amd64IURegistryFilter.sys [51128 2020-07-31] (IObit Information Technology -> IObit)
S3 libusb0; C:WINDOWSsystem32DRIVERSlibusb0.sys [52832 2019-06-18] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
R2 MBAMChameleon; C:WINDOWSSystem32DriversMbamChameleon.sys [220752 2021-07-01] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:WINDOWSSystem32DRIVERSMbamElam.sys [19912 2020-12-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:WINDOWSSystem32Driversmbamswissarmy.sys [248992 2021-06-22] (Malwarebytes Inc -> Malwarebytes)
R3 MpKsl6b1c911b; C:ProgramDataMicrosoftWindows DefenderDefinition Updates{CC44F033-D01E-4FF6-975B-BE450415CDB9}MpKslDrv.sys [107752 2021-07-01] (Microsoft Windows -> Microsoft Corporation)
R2 NDivert; C:WINDOWSSystem32driversNDivert.sys [105184 2021-02-01] (TEFINCOM S.A. -> )
R3 nlwt; C:WINDOWSsystem32DRIVERSnlwt.sys [39360 2020-10-26] (TEFINCOM S.A. -> WireGuard LLC)
R1 nordlwf; C:WINDOWSsystem32DRIVERSnordlwf.sys [38608 2020-07-10] (TEFINCOM S.A. -> TEFINCOM S.A.)
R0 pwdrvio; C:WINDOWSSystem32pwdrvio.sys [19152 2019-05-29] (MiniTool Solution Ltd -> )
S3 pwdspio; C:WINDOWSsystem32pwdspio.sys [12504 2019-05-29] (MiniTool Solution Ltd -> )
R1 SASDIFSV; C:Program FilesSUPERAntiSpywareSASDIFSV64.SYS [14928 2021-01-09] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:Program FilesSUPERAntiSpywareSASKUTIL64.SYS [12368 2021-01-09] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 ssudcdf; C:WINDOWSSystem32driversssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:WINDOWSSystem32driversssuddmgr.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:WINDOWSSystem32driversssudobex.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:WINDOWSSystem32driversssudqcfilter.sys [64912 2017-05-18] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S3 ssudrmnet; C:WINDOWSSystem32driversssudrmnet.sys [70400 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 ssudserd; C:WINDOWSSystem32driversssudserd.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver; C:WINDOWSSystem32Driversss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
R3 tap0901; C:WINDOWSSystem32driverstap0901.sys [36168 2019-06-11] (McAfee, Inc. -> The OpenVPN Project)
R3 tapnordvpn; C:WINDOWSSystem32driverstapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
S3 USBAAPL64; C:WINDOWSSystem32Driversusbaapl64.sys [54784 2018-05-04] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:WINDOWSSystem32driverswdWdBoot.sys [49568 2021-06-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:WINDOWSSystem32driverswdWdFilter.sys [425184 2021-06-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:WINDOWSSystem32driverswdWdNisDrv.sys [76000 2021-06-12] (Microsoft Windows -> Microsoft Corporation)
U1 avgbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-07-01 11:56 – 2021-07-01 11:58 – 000031619 _____ C:Userssspur_000DesktopFRST.txt
2021-07-01 11:55 – 2021-07-01 11:57 – 000000000 ____D C:FRST
2021-07-01 11:51 – 2021-07-01 11:51 – 002300416 _____ (Farbar) C:Userssspur_000DesktopFRST64.exe
2021-07-01 11:43 – 2021-07-01 11:44 – 008553680 _____ (Malwarebytes) C:Userssspur_000Desktopadwcleaner_8.3.0.exe
2021-07-01 10:37 – 2021-07-01 10:37 – 000220752 _____ (Malwarebytes) C:WINDOWSsystem32DriversMbamChameleon.sys
2021-07-01 10:10 – 2021-07-01 10:10 – 000000000 ____D C:WINDOWSsystem32TasksAvira
2021-07-01 09:49 – 2021-07-01 09:49 – 008553680 _____ (Malwarebytes) C:Userssspur_000Downloadsadwcleaner_8.3.0.exe
2021-06-30 17:53 – 2021-07-01 10:37 – 000000000 ____D C:ProgramDataAVG
2021-06-30 14:09 – 2021-06-30 14:09 – 000009083 _____ C:Userssspur_000DesktopATC income.xlsx
2021-06-30 09:38 – 2021-06-30 09:38 – 000000000 ____D C:UsersPublicSecurity Sessions
2021-06-30 09:26 – 2021-06-30 09:26 – 000000000 ____H C:WINDOWSsystem32DriversMsft_Kernel_avusbflt_01011.Wdf
2021-06-30 09:23 – 2021-06-30 09:38 – 000000000 ____D C:Userssspur_000AppDataLocalAvira
2021-06-30 09:22 – 2021-07-01 11:01 – 000000000 ____D C:ProgramDataAvira
2021-06-30 09:22 – 2021-07-01 10:59 – 000000000 ____D C:Program Files (x86)Avira
2021-06-30 09:11 – 2021-06-30 09:11 – 000000000 ____D C:WINDOWSsystem32TasksMozilla
2021-06-29 14:11 – 2021-06-29 14:11 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsGarmin
2021-06-29 12:39 – 2021-06-29 13:03 – 004197518 _____ C:Userssspur_000DesktopLiken.pdf
2021-06-28 07:33 – 2021-06-28 07:33 – 000001538 _____ C:Userssspur_000Desktopblocked senders.txt
2021-06-27 08:55 – 2021-07-01 10:17 – 000000000 ____D C:Program FilesMozilla Firefox
2021-06-25 10:30 – 2021-06-27 13:07 – 000000000 ____D C:Userssspur_000Desktopremodel
2021-06-22 11:00 – 2021-06-22 11:00 – 000248992 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbamswissarmy.sys
2021-06-22 10:14 – 2021-06-22 10:14 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsHitmanPro
2021-06-22 10:14 – 2021-06-22 10:14 – 000000000 ____D C:Program FilesHitmanPro
2021-06-22 10:11 – 2021-06-22 10:44 – 000000000 ____D C:ProgramDataHitmanPro
2021-06-17 17:29 – 2021-06-17 17:33 – 000688369 _____ C:Userssspur_000DesktopWaterPic.pdf
2021-06-15 09:52 – 2021-06-15 09:55 – 000325118 _____ C:TDSSKiller.3.1.0.28_15.06.2021_09.52.39_log.txt
2021-06-15 09:32 – 2021-06-15 09:35 – 000324398 _____ C:TDSSKiller.3.1.0.28_15.06.2021_09.32.52_log.txt
2021-06-10 11:26 – 2021-06-10 11:26 – 002755584 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mshtml.tlb
2021-06-10 11:26 – 2021-06-10 11:26 – 002755584 _____ (Microsoft Corporation) C:WINDOWSsystem32mshtml.tlb
2021-06-10 11:26 – 2021-06-10 11:26 – 001314120 _____ (Microsoft Corporation) C:WINDOWSsystem32SecConfig.efi
2021-06-10 11:26 – 2021-06-10 11:26 – 000568832 _____ (Microsoft Corporation) C:WINDOWSsystem32inetcpl.cpl
2021-06-10 11:26 – 2021-06-10 11:26 – 000451072 _____ (Microsoft Corporation) C:WINDOWSSysWOW64inetcpl.cpl
2021-06-10 11:26 – 2021-06-10 11:26 – 000011353 _____ C:WINDOWSsystem32DrtmAuthTxt.wim
2021-06-10 11:25 – 2021-06-10 11:25 – 001864192 _____ (The ICU Project) C:WINDOWSSysWOW64icu.dll
2021-06-10 11:25 – 2021-06-10 11:25 – 001823792 _____ (Microsoft Corporation) C:WINDOWSsystem32winload.efi
2021-06-10 11:25 – 2021-06-10 11:25 – 001393496 _____ (Microsoft Corporation) C:WINDOWSsystem32winresume.efi
2021-06-10 11:25 – 2021-06-10 11:25 – 000468440 _____ C:WINDOWSSysWOW64WindowManagementAPI.dll
2021-06-10 11:25 – 2021-06-10 11:25 – 000423936 _____ (Microsoft Corporation) C:WINDOWSSysWOW64winspool.drv
2021-06-10 11:25 – 2021-06-10 11:25 – 000223744 _____ C:WINDOWSSysWOW64TpmTool.exe
2021-06-10 11:24 – 2021-06-10 11:24 – 002260480 _____ (The ICU Project) C:WINDOWSsystem32icu.dll
2021-06-10 11:24 – 2021-06-10 11:24 – 000657464 _____ C:WINDOWSsystem32WindowManagementAPI.dll
2021-06-10 11:24 – 2021-06-10 11:24 – 000563712 _____ (Microsoft Corporation) C:WINDOWSsystem32winspool.drv
2021-06-10 11:24 – 2021-06-10 11:24 – 000287232 _____ C:WINDOWSsystem32CoreMas.dll
2021-06-10 11:24 – 2021-06-10 11:24 – 000272384 _____ C:WINDOWSsystem32TpmTool.exe
2021-06-10 11:24 – 2021-06-10 11:24 – 000097280 _____ C:WINDOWSsystem32Driverscimfs.sys
2021-06-09 09:36 – 2021-06-27 17:50 – 000003850 _____ C:WINDOWSsystem32TasksEOSv3 Scheduler onLogOn
2021-06-09 09:36 – 2021-06-27 17:50 – 000003408 _____ C:WINDOWSsystem32TasksEOSv3 Scheduler onTime
2021-06-08 13:47 – 2021-06-27 17:50 – 000001393 _____ C:Userssspur_000AppDataRoamingMicrosoftWindowsStart MenuProgramsESET Online Scanner.lnk
2021-06-08 13:47 – 2021-06-08 13:47 – 000000000 ____D C:Userssspur_000AppDataLocalESET
2021-06-03 19:33 – 2021-07-01 10:36 – 103546880 _____ C:WINDOWSsystem32configSOFTWARE
2021-06-03 15:52 – 2021-06-27 18:01 – 000000000 ____D C:Userssspur_000AppDataLocalLowIGDump

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-07-01 11:53 – 2018-01-02 19:26 – 000000000 ____D C:Userssspur_000DocumentsOutlook Files
2021-07-01 11:47 – 2019-12-07 05:14 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft
2021-07-01 11:30 – 2020-02-07 12:22 – 000000000 ____D C:Userssspur_000AppDataLocalLowLastPass
2021-07-01 10:56 – 2019-06-24 11:35 – 000000000 ____D C:ProgramDataMozilla
2021-07-01 10:55 – 2021-05-11 11:49 – 000000000 ____D C:Userssspur_000AppDataLocalLowMozilla
2021-07-01 10:47 – 2019-12-21 18:11 – 000000000 ____D C:Program Files (x86)Glary Utilities 5
2021-07-01 10:46 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSServiceState
2021-07-01 10:39 – 2019-09-19 10:09 – 000000000 ____D C:Program FilesCCleaner
2021-07-01 10:37 – 2020-10-21 18:54 – 000000006 ____H C:WINDOWSTasksSA.DAT
2021-07-01 10:37 – 2020-10-21 18:25 – 000008192 ___SH C:DumpStack.log.tmp
2021-07-01 10:36 – 2019-12-07 05:03 – 000786432 _____ C:WINDOWSsystem32configBBI
2021-07-01 10:27 – 2019-06-26 15:51 – 000000000 ____D C:ProgramDataProductData
2021-07-01 10:17 – 2021-03-30 11:56 – 000000000 ____D C:Program Files (x86)Microsoft OneDrive
2021-07-01 10:17 – 2020-10-21 18:25 – 000455312 _____ C:WINDOWSsystem32FNTCACHE.DAT
2021-07-01 10:17 – 2019-06-24 11:35 – 000000000 ____D C:Program Files (x86)Mozilla Maintenance Service
2021-07-01 10:07 – 2019-12-07 05:13 – 000000000 ____D C:WINDOWSINF
2021-07-01 10:02 – 2019-12-07 05:14 – 000000000 ___HD C:WINDOWSELAMBKUP
2021-07-01 09:56 – 2020-10-21 18:25 – 000000000 ____D C:WINDOWSsystem32SleepStudy
2021-07-01 08:44 – 2020-10-21 18:54 – 000004152 _____ C:WINDOWSsystem32TasksUser_Feed_Synchronization-{A2CE5622-5043-433A-8A66-E54E937EF282}
2021-07-01 08:44 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSAppReadiness
2021-06-30 09:11 – 2019-06-24 11:35 – 000001012 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsFirefox.lnk
2021-06-30 09:07 – 2019-06-26 15:49 – 000000000 ____D C:Userssspur_000AppDataRoamingIObit
2021-06-30 06:22 – 2019-12-07 05:14 – 000000000 ___HD C:Program FilesWindowsApps
2021-06-30 06:21 – 2019-06-24 10:35 – 000000000 ____D C:ProgramDataPackages
2021-06-29 14:15 – 2019-07-07 13:37 – 000000000 ____D C:ProgramDataGarmin
2021-06-29 14:11 – 2020-10-21 18:54 – 000003624 _____ C:WINDOWSsystem32TasksGarminUpdaterTask
2021-06-29 14:11 – 2019-07-07 15:17 – 000000000 ____D C:Program Files (x86)Garmin
2021-06-29 14:11 – 2019-06-24 10:07 – 000000000 ____D C:ProgramDataPackage Cache
2021-06-29 08:54 – 2020-03-23 13:31 – 000000000 ____D C:Userssspur_000DesktopHealth Care
2021-06-29 07:40 – 2020-10-21 18:32 – 000000000 ____D C:Userssspur_000
2021-06-28 13:39 – 2021-03-30 11:57 – 000003206 _____ C:WINDOWSsystem32TasksOneDrive Per-Machine Standalone Update Task
2021-06-28 13:39 – 2021-03-30 11:57 – 000002181 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsOneDrive.lnk
2021-06-28 13:39 – 2018-01-03 15:28 – 000000000 ___RD C:Userssspur_000OneDrive
2021-06-26 12:54 – 2019-06-24 10:21 – 000000000 ____D C:Userssspur_000AppDataLocalPlaceholderTileLogoFolder
2021-06-26 12:38 – 2020-10-21 18:45 – 000844670 _____ C:WINDOWSsystem32PerfStringBackup.INI
2021-06-26 12:30 – 2020-10-27 17:30 – 000000000 ____D C:Program FilesSUPERAntiSpyware
2021-06-26 12:02 – 2020-07-09 11:31 – 000000000 ____D C:Userssspur_000Desktop30 Seconds
2021-06-26 10:49 – 2019-06-24 10:28 – 000000000 ____D C:Userssspur_000AppDataLocalMicrosoft Help
2021-06-25 18:20 – 2020-07-12 00:12 – 000002445 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk
2021-06-25 08:58 – 2019-06-24 11:00 – 000002308 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk
2021-06-22 14:18 – 2020-10-16 10:48 – 000000000 ____D C:Userssspur_000DesktopPCFC recent
2021-06-21 12:10 – 2019-06-27 11:58 – 000000000 ____D C:Userssspur_000AppDataRoaming.oit
2021-06-21 12:10 – 2018-01-16 13:07 – 004352544 ____H C:Userssspur_000DesktopPP11Thumbs.ptn
2021-06-21 12:10 – 2018-01-16 13:07 – 000001529 ____H C:Userssspur_000DesktopPP11Thumbs.ptn2
2021-06-21 12:10 – 2018-01-16 13:07 – 000000457 ____H C:Userssspur_000Desktopmaxdesk.ini2
2021-06-21 12:10 – 2018-01-16 12:47 – 000000000 ____D C:Userssspur_000DocumentsMy PaperPort Documents
2021-06-21 11:41 – 2021-05-31 12:04 – 000000000 ____D C:ProgramDataTEMP
2021-06-21 08:30 – 2018-01-02 21:43 – 000000000 ___RD C:Userssspur_000Desktopmedical
2021-06-21 07:48 – 2019-06-27 15:12 – 000000000 ____D C:Userssspur_000AppDataLocalCrashDumps
2021-06-20 09:14 – 2020-08-22 23:09 – 000000000 ____D C:Program FilesMicrosoft Update Health Tools
2021-06-18 09:18 – 2019-06-24 10:18 – 000000000 ____D C:Userssspur_000AppDataLocalPackages
2021-06-17 14:38 – 2020-10-21 18:54 – 000003936 _____ C:WINDOWSsystem32TasksCCleaner Update
2021-06-15 01:01 – 2018-01-04 11:26 – 000000000 ____D C:Userssspur_000DocumentsMiscellaneous
2021-06-14 16:03 – 2019-06-26 15:49 – 000000000 ____D C:ProgramDataIObit
2021-06-12 18:37 – 2019-06-24 10:16 – 000000000 ____D C:WINDOWSsystem32Driverswd
2021-06-12 11:01 – 2018-01-15 09:13 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsSUPERAntiSpyware
2021-06-12 10:59 – 2020-08-24 09:45 – 000001418 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsSyncBackFree.lnk
2021-06-12 10:55 – 2019-06-24 11:00 – 000000000 ____D C:Userssspur_000AppDataLocalGoogle
2021-06-12 10:55 – 2019-06-24 11:00 – 000000000 ____D C:Program Files (x86)Google
2021-06-12 09:06 – 2020-02-22 10:00 – 000000000 ____D C:updaterlogs
2021-06-10 11:47 – 2019-12-07 05:14 – 000000000 ___RD C:WINDOWSImmersiveControlPanel
2021-06-10 11:36 – 2019-12-07 05:14 – 000000000 ___RD C:WINDOWSPrintDialog
2021-06-10 11:36 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSSysWOW64lv-LV
2021-06-10 11:36 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSSysWOW64et-EE
2021-06-10 11:36 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSSysWOW64es-MX
2021-06-10 11:36 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSSysWOW64Dism
2021-06-10 11:36 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSSystemResources
2021-06-10 11:36 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSsystem32oobe
2021-06-10 11:36 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSsystem32migwiz
2021-06-10 11:36 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSsystem32lv-LV
2021-06-10 11:36 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSsystem32et-EE
2021-06-10 11:36 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSsystem32es-MX
2021-06-10 11:36 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSsystem32Dism
2021-06-10 11:36 – 2019-12-07 05:14 – 000000000 ____D C:WINDOWSbcastdvr
2021-06-10 11:34 – 2019-12-07 05:03 – 000000000 ____D C:WINDOWSCbsTemp
2021-06-10 10:56 – 2018-01-02 21:43 – 000000000 ____D C:Userssspur_000DesktopPLCB
2021-06-08 13:36 – 2019-06-25 10:11 – 000000000 ____D C:WINDOWSsystem32MRT
2021-06-08 13:23 – 2019-06-25 10:11 – 132447432 ____C (Microsoft Corporation) C:WINDOWSsystem32MRT.exe
2021-06-03 19:33 – 2020-07-03 15:19 – 000000000 ____D C:WINDOWSMicrosoft Antimalware

==================== Files in the root of some directories ========

2019-07-11 14:14 – 2020-12-06 13:50 – 000038444 _____ () C:Userssspur_000AppDataRoamingComma Separated Values (Windows).ADR
2019-10-21 12:39 – 2019-10-21 12:39 – 000012976 _____ () C:Userssspur_000AppDataRoamingComma Separated Values (Windows).CAL

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

 

Addition log:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-06-2021
Ran by sspur_000 (01-07-2021 12:01:12)
Running from C:Userssspur_000Desktop
Windows 10 Home Version 2004 19041.1052 (X64) (2020-10-21 22:55:30)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1774870481-1400008346-3143672678-500 – Administrator – Disabled)
DefaultAccount (S-1-5-21-1774870481-1400008346-3143672678-503 – Limited – Disabled)
Guest (S-1-5-21-1774870481-1400008346-3143672678-501 – Limited – Disabled)
HomeGroupUser$ (S-1-5-21-1774870481-1400008346-3143672678-1003 – Limited – Enabled)
sspur_000 (S-1-5-21-1774870481-1400008346-3143672678-1001 – Administrator – Enabled) => C:Userssspur_000
WDAGUtilityAccount (S-1-5-21-1774870481-1400008346-3143672678-504 – Limited – Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Spybot – Search and Destroy (Disabled – Out of date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}
AV: Windows Defender (Enabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM…7-Zip) (Version: 19.00 – Igor Pavlov)
Adobe Acrobat  9 Standard – English, Français, Deutsch (HKLM-x32…{AC76BA86-1033-F400-BA7E-000000000004}{AC76BA86-1033-F400-BA7E-000000000004}) (Version: 9.0.0 – Adobe Systems)
Adobe Digital Editions 2.0 (HKLM-x32…Adobe Digital Editions 2.0) (Version: 2.0.1 – Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32…WUCCCApp) (Version: 1.00.0000 – AMD)
ANT Drivers Installer x64 (HKLM…{998DF7E5-262F-4391-A117-8D9E383B8C0A}) (Version: 2.3.4 – Garmin Ltd or its subsidiaries) Hidden
ANT Drivers Installer x64 (HKLM…{B34BA01C-F316-41D0-A048-3EC1F33AD702}) (Version: 2.3.4 – Garmin Ltd or its subsidiaries) Hidden
Apple Mobile Device Support (HKLM…{74CC99EB-7DC0-4CB0-847A-F8C2FE39690C}) (Version: 14.5.0.7 – Apple Inc.)
Apple Software Update (HKLM-x32…{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 – Apple Inc.)
Avira Software Updater (HKLM-x32…{5FFF909D-D88F-42B9-9A85-328A1290611C}) (Version: 2.0.6.48309 – Avira Operations GmbH & Co. KG) Hidden
AxCrypt 2.1.1617.0 (HKLM…{BAD23510-2107-94E4-30BE-E2AC07B80235}) (Version: 2.1.1617.0 – AxCrypt AB) Hidden
AxCrypt 2.1.1617.0 (HKLM-x32…{1537faf2-5c7e-463e-8e23-5bccc70dd4ca}) (Version: 2.1.1617.0 – AxCrypt AB)
Backup and Sync from Google (HKLM…{3CBE1074-3A4F-4BA6-95E3-7A660B54FE33}) (Version: 3.55.3625.9414 – Google, Inc.)
Bonjour (HKLM…{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 – Apple Inc.)
calibre 64bit (HKLM…{839721E4-35F6-4563-A3A0-931603356771}) (Version: 5.17.0 – Kovid Goyal)
CCleaner (HKLM…CCleaner) (Version: 5.82 – Piriform)
Cisco Webex Meetings (HKUS-1-5-21-1774870481-1400008346-3143672678-1001…ActiveTouchMeetingClient) (Version:  – Cisco Webex LLC)
Elevated Installer (HKLM-x32…{02E6DB6A-32C9-4002-8835-6C7B88982659}) (Version: 7.7.0.0 – Garmin Ltd or its subsidiaries) Hidden
Eraser 6.2.0.2991 (HKLM…{D13C63B1-1968-466D-A3C4-AE78BDDF35D2}) (Version: 6.2.2991 – The Eraser Project)
Garmin Aviation Trainers (HKLM-x32…{7d585b37-8cd1-4139-bef8-9b1005acca9d}) (Version: 2.7.1.0 – Garmin)
Garmin Express (HKLM-x32…{BEE0A623-5D1D-4911-981F-E8BFA80F369E}) (Version: 7.7.0.0 – Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32…{da7406a3-0367-4beb-ac16-f857e381da29}) (Version: 7.7.0.0 – Garmin Ltd or its subsidiaries)
Garmin GPS Trainer (HKLM-x32…{C123705E-EBD9-48BE-9C40-0D99F39094F2}) (Version: 3.10.2.0 – Garmin) Hidden
Garmin GTN Trainer (HKLM-x32…{8172B297-4066-4338-8FC7-3D799BAD7D25}) (Version: 6.62.4.0 – Garmin) Hidden
Garmin Trainer Databases (HKLM-x32…{8A5A311D-A9E7-4588-BE7F-F738050AB4D8}) (Version: 2.6.0.0 – Garmin) Hidden
Garmin Trainer Launcher (HKLM-x32…{1D4BAADF-183F-4D01-B112-3E85842D8DBF}) (Version: 2.7.1.0 – Garmin) Hidden
Glary Utilities PRO 5.167 (HKLM-x32…Glary Utilities 5) (Version: 5.167.0.193 – Glarysoft Ltd)
Google Chrome (HKLM-x32…Google Chrome) (Version: 91.0.4472.124 – Google LLC)
Google Earth Pro (HKLM…{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 – Google)
H&R Block Deluxe + Efile + State 2019 (HKLM-x32…{CFD891DB-B198-4549-A4F6-D5E8A66BD239}) (Version: 19.05.8601 – HRB Technology, LLC.)
H&R Block Pennsylvania 2019 (HKLM-x32…{A041476A-AAB4-4B1C-8F56-ED86ED288C47}) (Version: 1.19.3901 – H&R Block, Inc.)
HitmanPro 3.8 (HKLM…HitmanPro38) (Version: 3.8.23.318 – SurfRight B.V.)
HP Officejet 6700 Basic Device Software (HKLM…{A1CFA587-90D4-4DE6-B200-68CC0F92252F}) (Version: 28.0.1315.0 – Hewlett-Packard Co.)
HP Officejet 6700 Help (HKLM-x32…{E1AE0CB7-1333-4728-8520-CB3F88A252B4}) (Version: 140.0.2.2 – Hewlett Packard)
HP Update (HKLM-x32…{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 – Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32…{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 – HP)
iCloud Outlook (HKLM…{CCE44610-DD5B-4C2D-A5E4-097A6C703BCE}) (Version: 10.7.0.7 – Apple Inc.)
InfraRecorder 0.53 (x64 edition) (HKLM…{2C22EA92-CB30-4932-0053-000001000000}) (Version: 0.53.00.00 – Christian Kindahl)
Internet Security Essentials (HKLM-x32…ComodoIse) (Version: 1.6.472587.185 – Comodo)
IObit Uninstaller 10 (HKLM-x32…IObitUninstall) (Version: 10.3.0.13 – IObit)
iTunes (HKLM…{653C59E1-B78D-4D82-9259-C14DFD9F6EFC}) (Version: 12.11.3.17 – Apple Inc.)
MailWasher (HKLM-x32…{0E92C85F-30BF-4B21-AD00-E56564A7D9C8}) (Version: 7.12.54 – Firetrust)
Malwarebytes version 4.4.0.117 (HKLM…{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.0.117 – Malwarebytes)
Map Downloader (HKUS-1-5-21-1774870481-1400008346-3143672678-1001…{032cb2d1-4abf-4ed9-b4be-f497cf73c6d1}) (Version: 19.2.0 – Harman International Industries, Incorporated)
Map Downloader (HKUS-1-5-21-1774870481-1400008346-3143672678-1001…{2ff67f1d-f159-44ab-93e9-feb4865ec04c}) (Version: 19.3.18 – Harman International Industries, Incorporated)
Map Downloader (HKUS-1-5-21-1774870481-1400008346-3143672678-1001…{98d47398-4e08-4b52-9712-484077a2061f}) (Version: 19.1.1 – Harman International Industries, Incorporated)
Map Downloader (HKUS-1-5-21-1774870481-1400008346-3143672678-1001…{afd19e7f-d407-466b-84ab-efd29d89a657}) (Version: 19.1.1 – Harman International Industries, Incorporated)
Map Downloader (HKUS-1-5-21-1774870481-1400008346-3143672678-1001…{d1299ead-13ae-4928-9e20-7484f4c26d59}) (Version: 19.2.0 – Harman International Industries, Incorporated)
Map Downloader (HKUS-1-5-21-1774870481-1400008346-3143672678-1001…{e88a2899-87a2-499d-aab1-3f398ac8bb6c}) (Version: 19.2.0 – Harman International Industries, Incorporated)
McAfee Safe Connect (HKLM-x32…{EEF66B7E-C5C2-4A96-AEA0-278C2233BE84}) (Version: 2.4.1 – McAfee) Hidden
MediaHuman Audio Converter version 1.9.6.9 (HKLM-x32…MHAudioConverter_is1) (Version: 1.9.6.9 – MediaHuman)
Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 91.0.864.59 – Microsoft Corporation)
Microsoft Money Plus (HKLM-x32…Money2008b) (Version: 17 – Microsoft)
Microsoft Mouse and Keyboard Center (HKLM…Microsoft Mouse and Keyboard Center) (Version: 13.221.137.0 – Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32…Office14.PROPLUSR) (Version: 14.0.7015.1000 – Microsoft Corporation)
Microsoft OneDrive (HKLM-x32…OneDriveSetup.exe) (Version: 21.109.0530.0001 – Microsoft Corporation)
Microsoft Update Health Tools (HKLM…{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 – Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32…{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 – Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 – Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.4048 (HKLM…{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.4148 (HKLM…{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.6161 (HKLM…{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.4048 (HKLM-x32…{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.4148 (HKLM-x32…{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 – Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable – 10.0.40219 (HKLM…{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 – Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32…{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 – Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.50727 (HKLM-x32…{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 – Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.50727 (HKLM-x32…{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 – Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) – 14.0.24212 (HKLM-x32…{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 – Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) – 14.23.27820 (HKLM-x32…{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 – Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM…Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 – Microsoft Corporation)
MiniTool Partition Wizard Free 11 (HKLM…{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  – MiniTool Software Limited)
Mozilla Firefox 89.0.2 (x64 en-US) (HKLM…Mozilla Firefox 89.0.2 (x64 en-US)) (Version: 89.0.2 – Mozilla)
Mozilla Maintenance Service (HKLM…MozillaMaintenanceService) (Version: 78.0 – Mozilla)
NordVPN (HKLM…{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 6.34.4.0 – TEFINCOM S.A.)
NordVPN network TAP (HKLM-x32…{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 – NordVPN)
NordVPN network TUN (HKLM…{BD0E4F38-D3F6-452D-A32E-B14D721839AC}) (Version: 1.0.1 – NordVPN)
Nuance PaperPort 14 (HKLM-x32…{ACE26AE1-75E0-44A3-A178-A8E99C62FBC5}) (Version: 14.1.0000 – Nuance Communications, Inc.)
OverDrive for Windows (HKLM-x32…{FF27E73D-C30A-4F32-B2D7-22069F01DDB9}) (Version: 3.6.0 – OverDrive, Inc.)
PaperPort Image Printer 64-bit (HKLM…{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0001 – Nuance Communications, Inc.)
Privacy Eraser (HKLM…{CB5AC03C-B8AD-980F-998E-51969A6DFC9F}_is1) (Version: 4.51.6.3012 – Cybertron Software Co., Ltd.)
Realtek High Definition Audio Driver (HKLM-x32…{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8899.1 – Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32…{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  – Microsoft)
SUPERAntiSpyware (HKLM…{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 10.0.1228 – SUPERAntiSpyware.com)
SyncBackFree (HKLM-x32…SyncBackFree_is1) (Version: 9.5.22.0 – 2BrightSparks)
TurboTax 2018 (HKLM-x32…TurboTax 2018) (Version: 2018.0 – Intuit, Inc)
TurboTax 2020 (HKLM-x32…TurboTax 2020) (Version: 2020.0 – Intuit, Inc)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM…{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 – Microsoft Corporation)
VLC media player (HKLM…VLC media player) (Version: 3.0.15 – VideoLAN)
Windows Driver Package – Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM…F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 – Dynastream Innovations, Inc.)
Windows Driver Package – Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM…D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 – Silicon Labs Software)
Zoom (HKUS-1-5-21-1774870481-1400008346-3143672678-1001…ZoomUMX) (Version: 5.1 – Zoom Video Communications, Inc.)

Packages:
=========
Candy Crush Friends -> C:Program FilesWindowsAppsking.com.CandyCrushFriends_1.60.1.0_x86__kgqvnymyfvs32 [2021-06-25] (king.com)
Candy Crush Saga -> C:Program FilesWindowsAppsking.com.CandyCrushSaga_1.2050.2.0_x86__kgqvnymyfvs32 [2021-06-30] (king.com)
Libby, by OverDrive -> C:Program FilesWindowsApps2FA138F6.LibbybyOverDrive_1.4.2.0_x64__daecb9042jmvt [2021-02-10] (OverDrive Inc.)
Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-01-23] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-01-23] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:Program FilesWindowsAppsMicrosoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-06-19] (Microsoft Studios) [MS Ad]
OverDrive – Library eBooks & Audiobooks -> C:Program FilesWindowsApps2FA138F6.OverDriveMediaConsole_3.8.0.5_neutral__daecb9042jmvt [2021-01-23] (OverDrive Inc.)
Photos Media Engine Add-on -> C:Program FilesWindowsAppsMicrosoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-01-23] (Microsoft Corporation)
Spotify Music -> C:Program FilesWindowsAppsSpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0 [2021-06-30] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks: Groove GFS Stub Execution Hook – {B5A7F190-DDA6-4420-B3BA-52453494E6CD} – C:Program FilesMicrosoft OfficeOffice14GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook – {B5A7F190-DDA6-4420-B3BA-52453494E6CD} – C:Program Files (x86)Microsoft OfficeOffice14GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [   OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:Program Files (x86)Microsoft OneDrive21.109.0530.0001amd64FileSyncShell64.dll [2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [   OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:Program Files (x86)Microsoft OneDrive21.109.0530.0001amd64FileSyncShell64.dll [2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [   OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:Program Files (x86)Microsoft OneDrive21.109.0530.0001amd64FileSyncShell64.dll [2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [   OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:Program Files (x86)Microsoft OneDrive21.109.0530.0001amd64FileSyncShell64.dll [2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [   OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:Program Files (x86)Microsoft OneDrive21.109.0530.0001amd64FileSyncShell64.dll [2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [   OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:Program Files (x86)Microsoft OneDrive21.109.0530.0001amd64FileSyncShell64.dll [2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [   OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:Program Files (x86)Microsoft OneDrive21.109.0530.0001amd64FileSyncShell64.dll [2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:Program FilesGoogleDrivegoogledrivesync64.dll [2021-03-12] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:Program FilesGoogleDrivegoogledrivesync64.dll [2021-03-12] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:Program FilesGoogleDrivegoogledrivesync64.dll [2021-03-12] (Google LLC -> Google)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:Program Files (x86)Microsoft OneDrive21.109.0530.0001amd64FileSyncShell64.dll [2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:Program Files (x86)Microsoft OneDrive21.109.0530.0001amd64FileSyncShell64.dll [2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:Program Files (x86)Microsoft OneDrive21.109.0530.0001amd64FileSyncShell64.dll [2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:Program Files (x86)Microsoft OneDrive21.109.0530.0001amd64FileSyncShell64.dll [2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:Program Files (x86)Microsoft OneDrive21.109.0530.0001amd64FileSyncShell64.dll [2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:Program Files (x86)Microsoft OneDrive21.109.0530.0001amd64FileSyncShell64.dll [2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:Program Files (x86)Microsoft OneDrive21.109.0530.0001amd64FileSyncShell64.dll [2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:Program Files (x86)Microsoft OneDrive21.109.0530.0001amd64FileSyncShell64.dll [2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:Program Files (x86)AdobeAcrobat 9.0Acrobat ElementsContextMenu64.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [axcrypt.File] -> {C3DFC144-30F8-4138-81F9-578DBEB9324A} => C:Program FilesAxCryptAxCryptShellExt.dll [2021-04-15] (AxCrypt AB -> AxCrypt AB)
ContextMenuHandlers1: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:Program FilesEraserEraser.Shell.dll [2020-10-11] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers1: [Erasext] -> {8BE13461-936F-11D1-A87D-444553540000} => C:WINDOWSSystem32erasext.dll [2009-12-16] (Joel Low -> -)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:Program FilesGoogleDrivecontextmenu64.dll [2021-03-12] (Google LLC -> Google)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:Program Files (x86)IObitIObit UninstallerIUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers2: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:Program FilesEraserEraser.Shell.dll [2020-10-11] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers2: [Erasext] -> {8BE13461-936F-11D1-A87D-444553540000} => C:WINDOWSSystem32erasext.dll [2009-12-16] (Joel Low -> -)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:Program Files (x86)Microsoft OneDrive21.109.0530.0001amd64FileSyncShell64.dll [2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:Program FilesEraserEraser.Shell.dll [2020-10-11] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:Program FilesGoogleDrivecontextmenu64.dll [2021-03-12] (Google LLC -> Google)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:Program Files (x86)IObitIObit UninstallerIUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:Program Files (x86)Microsoft OneDrive21.109.0530.0001amd64FileSyncShell64.dll [2021-06-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:Program Files (x86)ATI TechnologiesATI.ACECore-Staticatiacm64.dll [2015-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:Program FilesEraserEraser.Shell.dll [2020-10-11] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:Program Files (x86)AdobeAcrobat 9.0Acrobat ElementsContextMenu64.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [axcrypt.File] -> {C3DFC144-30F8-4138-81F9-578DBEB9324A} => C:Program FilesAxCryptAxCryptShellExt.dll [2021-04-15] (AxCrypt AB -> AxCrypt AB)
ContextMenuHandlers6: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:Program FilesEraserEraser.Shell.dll [2020-10-11] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers6: [Erasext] -> {8BE13461-936F-11D1-A87D-444553540000} => C:WINDOWSSystem32erasext.dll [2009-12-16] (Joel Low -> -)
ContextMenuHandlers6: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:Program Files (x86)IObitIObit UninstallerIUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:Userssspur_000DocumentsStart MenuProgramsBatchrunDonate (EUR).lnk -> hxxp://www.outertech.com/donate_batchrun_eu
Shortcut: C:Userssspur_000DocumentsStart MenuProgramsBatchrunDonate (USD).lnk -> hxxp://www.outertech.com/donate_batchrun_us
ShortcutWithArgument: C:Userssspur_000AppDataRoamingMicrosoftInternet ExplorerQuick LaunchUser PinnedImplicitAppShortcuts69639df789022856Person 2 – Chrome.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC) -> –profile-directory=”Profile 1″

==================== Loaded Modules (Whitelisted) =============

2014-02-11 08:08 – 2014-02-11 08:08 – 000817152 _____ () [File not signed] C:Program FilesATI TechnologiesATI.ACEFuelDevice.dll
2015-08-21 23:09 – 2015-08-21 23:09 – 000214528 _____ () [File not signed] C:Program FilesATI TechnologiesATI.ACEFuelFuel.Container.PerformanceTuning.dll
2015-08-21 23:09 – 2015-08-21 23:09 – 000102400 _____ () [File not signed] C:Program FilesATI TechnologiesATI.ACEFuelFuel.Proxy.Native.dll
2014-02-11 08:08 – 2014-02-11 08:08 – 003650560 _____ () [File not signed] C:Program FilesATI TechnologiesATI.ACEFuelPlatform.dll
2021-06-11 09:16 – 2021-06-11 09:16 – 000031232 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64A4.Foundation c1d15f0c8f75eeb57f1de78dd5cda83A4.Foundation.ni.dll
2021-06-11 09:16 – 2021-06-11 09:16 – 000022528 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64AEM.Actions5dc83b46#989ef0755734c9247b9e5b6dc5c4f446AEM.Actions.CCAA.Shared.ni.dll
2021-06-11 09:16 – 2021-06-11 09:16 – 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64AEM.Plugin.0a1309f7#2c7a35b6366159054b9d206c47fcc631AEM.Plugin.EEU.Shared.ni.dll
2021-06-11 09:16 – 2021-06-11 09:16 – 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64AEM.Plugin.2b6a6775# 434eb01fe3672312ec7c4dd8726f440AEM.Plugin.Hotkeys.Shared.ni.dll
2021-06-11 09:16 – 2021-06-11 09:16 – 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64AEM.Plugin.54d8abe3#43708db78a14c31958a3ef36c45ad6bfAEM.Plugin.DPPE.Shared.ni.dll
2021-06-11 09:16 – 2021-06-11 09:16 – 000281600 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64AEM.Plugin.5d945b6b#4bae1cfccee9395251c007cd4506d1c9AEM.Plugin.Source.Kit.Server.ni.dll
2021-06-11 09:16 – 2021-06-11 09:16 – 000014848 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64AEM.Plugin.674d2b8a#d6fd5826089b70df97f845248980d53fAEM.Plugin.WinMessages.Shared.ni.dll
2021-06-11 09:16 – 2021-06-11 09:16 – 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64AEM.Plugin.88aba5d2#25868f2fa6d19b782f82422e79dc4794AEM.Plugin.REG.Shared.ni.dll
2021-06-11 09:16 – 2021-06-11 09:16 – 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64AEM.Plugin.GD.Shared18f959fa91107bcc388d9a6cd0086444AEM.Plugin.GD.Shared.ni.dll
2021-06-11 09:16 – 2021-06-11 09:16 – 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64AEM.Server.Shared 5f74ec370f30abc6f498cdabaf98ba5AEM.Server.Shared.ni.dll
2021-06-11 09:16 – 2021-06-11 09:16 – 000267776 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64AEM.Serverf1681c22972cce192b10a26bfe248e7dAEM.Server.ni.dll
2021-06-11 09:16 – 2021-06-11 09:16 – 000055808 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64APM.Foundation3e86bc969576ef077c66d5e2f4bf5733APM.Foundation.ni.dll
2021-06-11 09:19 – 2021-06-11 09:19 – 000122880 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64ATICCCom2587e88488add57d43597f57ed2e2a7fATICCCom.ni.dll
2021-06-11 09:17 – 2021-06-11 09:17 – 000204288 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CCC.Implementationdf4907e11e41410ad9d85c11ecc9420dCCC.Implementation.ni.dll
2021-06-11 09:17 – 2021-06-11 09:17 – 000151040 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.2042675f#362529ae5db1e42dc78c091aca4e4c73CLI.Aspect.CPUPStates.Fuel.Dashboard.ni.dll
2021-06-11 09:17 – 2021-06-11 09:17 – 000128000 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.3399d0ec# 045f16324e2ece1aea671eb9014a3afCLI.Aspect.CustomFormats.Graphics.Shared.ni.dll
2021-06-11 09:17 – 2021-06-11 09:17 – 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.37d3d968#43a4c576a5031045d627d8d78fcf21e2CLI.Aspect.AMDHome.Graphics.Shared.ni.dll
2021-06-11 09:19 – 2021-06-11 09:19 – 000045568 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.382a3def#9ab75af86d30d6b2e636b4723ac8f1fdCLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll
2021-06-11 09:18 – 2021-06-11 09:18 – 000107008 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.3a6f1658#4b24ba0455a80979744f551ca6f13e62CLI.Aspect.TransCode.Graphics.Shared.ni.dll
2021-06-11 09:17 – 2021-06-11 09:17 – 000209920 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.4542c692#e31f544c8636d810419f6c56dde6b609CLI.Aspect.DeviceCRT.Graphics.Shared.ni.dll
2021-06-11 09:18 – 2021-06-11 09:18 – 000132608 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.46819220#5d1588747a9929c754044e7f5a1b1ddfCLI.Aspect.PowerPlayDPPE.Graphics.Runtime.ni.dll
2021-06-11 09:18 – 2021-06-11 09:18 – 000074752 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.4bbb0755#14d5b6cf72834fc16cb078a0d4721e70CLI.Aspect.TransCode.Graphics.Dashboard.ni.dll
2021-06-11 09:18 – 2021-06-11 09:18 – 000152576 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.4ede500c#3dc20fab504a47e527f49e5a266c6055CLI.Aspect.DPPE.Fuel.Dashboard.ni.dll
2021-06-11 09:18 – 2021-06-11 09:18 – 000037888 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.52c6dbaa# 7130a32a034d12b53f1c40dedfcd7feCLI.Aspect.FPS.Graphics.Shared.ni.dll
2021-06-11 09:18 – 2021-06-11 09:18 – 000074752 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.59a12d95#cb2c5b8afc725d3d19856a6301cc22e7CLI.Aspect.PowerPlayDPPE.Graphics.Shared.ni.dll
2021-06-11 09:18 – 2021-06-11 09:18 – 000111616 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.5a772e69#70760ec1d7e393b1f0ec1b63ae9feb2dCLI.Aspect.Fets.Fuel.Dashboard.ni.dll
2021-06-11 09:19 – 2021-06-11 09:19 – 000070656 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.648b65fc#45306a50e0e3fb25faf4290a5485688eCLI.Aspect.WiFi.Fuel.Dashboard.ni.dll
2021-06-11 09:20 – 2021-06-11 09:20 – 000263168 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.73911eb5#682be9492b372e218d4516f79cde533dCLI.Aspect.WirelessDisplay.Graphics.Shared.ni.dll
2021-06-11 09:17 – 2021-06-11 09:17 – 000365056 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.7ec2db45#b956a8a1ed26d9a24bff9707235964f7CLI.Aspect.DeviceDFP.Graphics.Shared.ni.dll
2021-06-11 09:19 – 2021-06-11 09:19 – 000064000 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.8350f5c6#a16d7142cbf9c37923b98b1ba5e88c47CLI.Aspect.UpdateNotification.Graphics.Runtime.ni.dll
2021-06-11 09:18 – 2021-06-11 09:18 – 000678912 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.846fa813#d1ca8b73a69d072557d2ab1999538555CLI.Aspect.MMVideo.Graphics.Dashboard.ni.dll
2021-06-11 09:18 – 2021-06-11 09:18 – 000745472 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.8d333b6b#6c5efa7b1e0e999b8131295a547ac30dCLI.Aspect.Radeon3D.Graphics.Shared.ni.dll
2021-06-11 09:17 – 2021-06-11 09:17 – 000449536 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.8e996306#a63f68aa3755937713761e1ee34bbb6fCLI.Aspect.CrossDisplay.Graphics.Dashboard.ni.dll
2021-06-11 09:18 – 2021-06-11 09:18 – 000089088 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.9cd1e9e7#9aa638b00bce200ee686f4bea45b58faCLI.Aspect.FPS.Graphics.Dashboard.ni.dll
2021-06-11 09:17 – 2021-06-11 09:17 – 000158208 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.a0ae52bc#188c3dacabbe59e19b7ee0dcb5671f8bCLI.Aspect.DeviceLCD.Graphics.Shared.ni.dll
2021-06-11 09:18 – 2021-06-11 09:18 – 000057856 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.a6cd7fff#97b2ac0ecb711851c0300daad6355c46CLI.Aspect.FPS.Graphics.Runtime.ni.dll
2021-06-11 09:19 – 2021-06-11 09:19 – 000082944 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.a765109e#34366e33cc7e0749782e9222513df6baCLI.Aspect.UpdateNotification.Graphics.Dashboard.ni.dll
2021-06-11 09:17 – 2021-06-11 09:17 – 000462336 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.acb9d930# ab37b9c93f307de9d2f0b43dd404dbaCLI.Aspect.DeviceProperty.Graphics.Shared.ni.dll
2021-06-11 09:18 – 2021-06-11 09:18 – 000086528 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.ae5e117c#8f6461aa71027cf4122570010471cff9CLI.Aspect.DisplaysColour2.Graphics.Shared.ni.dll
2021-06-11 09:18 – 2021-06-11 09:18 – 000067072 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.b0a7c1fb#721ef79d06a69060929357271478d636CLI.Aspect.DisplaysOptions.Graphics.Dashboard.ni.dll
2021-06-11 09:19 – 2021-06-11 09:19 – 000023552 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.c2a2b491#79dd7ce8ad3aa2c5ab2bfcd05cff8d4cCLI.Aspect.WiFi.Fuel.Shared.ni.dll
2021-06-11 09:18 – 2021-06-11 09:18 – 000340992 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.c7aaa0f8#a66eb38a1b57cbc33efe484210a00d15CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll
2021-06-11 09:17 – 2021-06-11 09:17 – 000017920 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.c854b457#c70b816ebd3e5301f3b0a24d7290187bCLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll
2021-06-11 09:18 – 2021-06-11 09:18 – 000081408 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.caa5cc64#940e3be14ea8c99b9d457aebe67a2ce3CLI.Aspect.Fets.Fuel.Shared.ni.dll
2021-06-11 09:19 – 2021-06-11 09:19 – 001315840 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.d7e090dc#981b69ac57e9c0f5b70523e3c2f59d8fCLI.Aspect.User.Fuel.Dashboard.ni.dll
2021-06-11 09:18 – 2021-06-11 09:18 – 000276480 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.e8635fc7#cb7bac3b53ca0452a153a719884dda6cCLI.Aspect.InfoCentre.Graphics.Dashboard.ni.dll
2021-06-11 09:18 – 2021-06-11 09:18 – 003312640 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.e9fd7406#546a31c25a811a1bbb5f9912a1e69b0fCLI.Aspect.Radeon3D.Graphics.Dashboard.ni.dll
2021-06-11 09:17 – 2021-06-11 09:17 – 000240640 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.eda8935e#b6fe90a915fa3c1ff357c4b3fafdc200CLI.Aspect.MMVideo.Graphics.Shared.ni.dll
2021-06-11 09:18 – 2021-06-11 09:18 – 000047616 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.ef3eaa4d#39cc50fd28c1b239a322858ad8018121CLI.Aspect.TransCode.Graphics.Runtime.ni.dll
2021-06-11 09:17 – 2021-06-11 09:17 – 000070656 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.efd83192#4134b915cb6f2dfb34f615bd28f01d5fCLI.Aspect.CPUPStates.Fuel.Shared.ni.dll
2021-06-11 09:18 – 2021-06-11 09:18 – 000057856 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.f45bd021# d87db2f28dce7751b123e14d3623de3CLI.Aspect.DPPE.Fuel.Shared.ni.dll
2021-06-11 09:19 – 2021-06-11 09:19 – 000050688 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.f480a2f3#746fa56df84c9e8e9ba8243c5173131aCLI.Aspect.UpdateNotification.Graphics.Shared.ni.dll
2021-06-11 09:19 – 2021-06-11 09:19 – 000051200 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Caste.A4.Runtimeaa53f1e19fd2acee5f2a5760fe0d70fdCLI.Caste.A4.Runtime.ni.dll
2021-06-11 09:17 – 2021-06-11 09:17 – 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Caste.A4.Shared 2716764e807682a5c5b7cb13f6a32e0CLI.Caste.A4.Shared.ni.dll
2021-06-11 09:19 – 2021-06-11 09:19 – 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Caste.Af820fedc#67e4232f6301a2795be05995ce9675e4CLI.Caste.A4.Dashboard.ni.dll
2021-06-11 09:17 – 2021-06-11 09:17 – 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Caste.F24de14fe#30e7d9572264ff8afa6284c072b86c18CLI.Caste.Fuel.Shared.ni.dll
2021-06-11 09:19 – 2021-06-11 09:19 – 000311296 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Caste.F36b07a2b#8732413b5f26f451cc62fc631e697a02CLI.Caste.Fuel.Runtime.ni.dll
2021-06-11 09:19 – 2021-06-11 09:19 – 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Caste.Ff3085433# 0885304f17640c0fd4fd5fad75edb76CLI.Caste.Fuel.Dashboard.ni.dll
2021-06-11 09:18 – 2021-06-11 09:18 – 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Caste.G60338cc0#c7c98b7a0e47abf1635348b03ef27deaCLI.Caste.Graphics.Runtime.Shared.Private.ni.dll
2021-06-11 09:17 – 2021-06-11 09:17 – 001555456 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Caste.Gd9d9b43b#cb3ca3989b0163936db2d07d834c79e7CLI.Caste.Graphics.Dashboard.Shared.ni.dll
2021-06-11 09:17 – 2021-06-11 09:17 – 000587776 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Caste.Gee7d2dbc#2ea74de8c8c36132c89900b223ff999dCLI.Caste.Graphics.Dashboard.ni.dll
2021-06-11 09:19 – 2021-06-11 09:19 – 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Caste.H18c99613# 38f027cf1166f8aaa8c32be1aa28162CLI.Caste.HydraVision.Runtime.ni.dll
2021-06-11 09:19 – 2021-06-11 09:19 – 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Caste.H92ba4e46#424771174285d536183addfdd5699f51CLI.Caste.HydraVision.Shared.ni.dll
2021-06-11 09:19 – 2021-06-11 09:19 – 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Caste.Hbb906c0b# 28fe00bd9c7b969c188fbc7d3dd0fc5CLI.Caste.HydraVision.Dashboard.ni.dll
2021-06-11 09:19 – 2021-06-11 09:19 – 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Caste.Pac40511b#9f8c68952482b445f128a208ce2ac30dCLI.Caste.Platform.Shared.ni.dll
2021-06-11 09:19 – 2021-06-11 09:19 – 000044032 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Caste.Pdb36d56e#d43a4f8418d9eb84625c4c85f6ae75ddCLI.Caste.Platform.Runtime.ni.dll
2021-06-11 09:19 – 2021-06-11 09:19 – 000024064 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Caste.Pfeefa2b6#565bad19bf9c575c577994dac49c0fbdCLI.Caste.Platform.Dashboard.ni.dll
2021-06-11 09:19 – 2021-06-11 09:19 – 000350720 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Combinee84f0351#b02c975e6a303981cb2981dbb802de5cCLI.Combined.Fusion.Aspects.Runtime.ni.dll
2021-06-11 09:16 – 2021-06-11 09:16 – 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Compone1b4a8c97#b05de80840e3839813864a5cffe224a8CLI.Component.Runtime.Shared.ni.dll
2021-06-11 09:20 – 2021-06-11 09:20 – 000901632 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Compone26c9c557#b55112ef7e136eb651e57882388be4c0CLI.Component.Systemtray.ni.dll
2021-06-11 09:19 – 2021-06-11 09:19 – 000173568 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Compone29e547cc#a86b378490c7f585e609fc59af7753d6CLI.Component.Dashboard.ProfileManager2.ni.dll
2021-06-11 09:17 – 2021-06-11 09:17 – 000151040 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Compone59f353b4#bf4cb1ad68433493844025d9a7e9cdd0CLI.Component.Runtime.Shared.Private.ni.dll
2021-06-11 09:19 – 2021-06-11 09:19 – 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Componeb4d0485c#969f5cc0bb65d1ede2f72e9a13099dceCLI.Component.Runtime.Extension.EEU.ni.dll
2021-06-11 09:17 – 2021-06-11 09:17 – 001609728 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Componec89c3bec#b99003f8ed9327592d822e8061867bf6CLI.Component.Dashboard.Shared.Private.ni.dll
2021-06-11 09:17 – 2021-06-11 09:17 – 000018432 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Componef1fd67b2#c305e5e2f48d7ffb680bb1aefc6d6282CLI.Component.Client.Shared.ni.dll
2021-06-11 09:17 – 2021-06-11 09:17 – 000085504 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Componef4cf054f# e78105012bad7856f747ff5eea6b3c3CLI.Component.Dashboard.Shared.ni.dll
2021-06-11 09:17 – 2021-06-11 09:17 – 000089600 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Foundat3d5d3945#e9cbcf7c2050381fd38c95514459b84dCLI.Foundation.Private.ni.dll
2021-06-11 09:20 – 2021-06-11 09:20 – 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Foundat60cdf5df#7c67776af3239c8232774d5797dffab1CLI.Foundation.XManifest.ni.dll
2021-06-11 09:16 – 2021-06-11 09:16 – 000091136 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Foundat619559bd#b56f3a0026dd37f455ea922a830bc8deCLI.Foundation.CoreAudioAPI.ni.dll
2021-06-11 09:17 – 2021-06-11 09:17 – 001079808 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Foundatd3771151#7eb04ee04edcb41b78c16d827337888cCLI.Foundation.Client.ni.dll
2021-06-11 09:16 – 2021-06-11 09:16 – 000301568 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Foundation1e76b7cd8982b2e14c42b0525d117448CLI.Foundation.ni.dll
2021-06-11 09:16 – 2021-06-11 09:16 – 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64DEM.Foundationc3db4fe5b716a02d583a021ea32bd55cDEM.Foundation.ni.dll
2021-06-11 09:16 – 2021-06-11 09:16 – 000115200 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64DEM.Graphics.I060137ee3fd0b3c7596cdf4947bade36e6aeDEM.Graphics.I0601.ni.dll
2021-06-11 09:16 – 2021-06-11 09:16 – 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64DEM.Graphicsfccd7d79db17c4f18ddb55f28a558e8cDEM.Graphics.ni.dll
2021-06-11 09:19 – 2021-06-11 09:19 – 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64Fuel.Foundation3b1e3137319873697b4c88cd3774fdf6Fuel.Foundation.ni.dll
2021-06-11 09:20 – 2021-06-11 09:20 – 000296960 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64LOG.Foundat03490438#3e4a82fe38770169cf3eafc19af28695LOG.Foundation.Implementation.ni.dll
2021-06-11 09:16 – 2021-06-11 09:16 – 000150016 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64LOG.Foundat5023f8e7#10e08f835d26b2f5bebc17e78ac11ae4LOG.Foundation.Private.ni.dll
2021-06-11 09:17 – 2021-06-11 09:17 – 000087552 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64LOG.Foundatcaafa75b#4b59146af6e14703be5ec5d9eb99861bLOG.Foundation.Implementation.Private.ni.dll
2021-06-11 09:16 – 2021-06-11 09:16 – 000132608 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64LOG.Foundation157a279faaa67bc34c5b1b05e38e43f1LOG.Foundation.ni.dll
2021-06-11 09:17 – 2021-06-11 09:17 – 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64MOM.Foundationfaca851a493fa180c4314ac2575c25e2MOM.Foundation.ni.dll
2021-06-11 09:21 – 2021-06-11 09:21 – 000402944 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64MOM.Implementation2320cfa6c93084427342851c95404944MOM.Implementation.ni.dll
2021-06-11 09:16 – 2021-06-11 09:16 – 000055296 _____ (Advanced Micro Devices Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64NEWAEM.Foundation 842391dd5576e5dc7e59b24bffab281NEWAEM.Foundation.ni.dll
2021-06-11 09:16 – 2021-06-11 09:16 – 000897024 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64ADL.Foundation 3db6d6dfa4a38c38f0a6db02e243353ADL.Foundation.ni.dll
2021-06-11 09:17 – 2021-06-11 09:17 – 000256000 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64APM.Serverea8d078a7aa4f27fc30e6b065ddd9170APM.Server.ni.dll
2021-06-11 09:18 – 2021-06-11 09:18 – 000298496 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.9b707b25#3dc895485ad7f26d3d705845cbad5e1cCLI.Aspect.DeviceProperty.Graphics.Runtime.ni.dll
2021-06-11 09:17 – 2021-06-11 09:17 – 001654272 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.aa59351a#842ad54a8febfeb098b48ccc22245ce8CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.ni.dll
2021-06-11 09:17 – 2021-06-11 09:17 – 006336512 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.e6d9f3a8# 411199b1138bc5c931fa8474ccf4d16CLI.Aspect.DeviceDFP.Graphics.Dashboard.ni.dll
2021-06-11 09:19 – 2021-06-11 09:19 – 008027648 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Combine0616f305#c64819ff953c79ff9b174653c77ab2d8CLI.Combined.Graphics.Aspects1.Dashboard.ni.dll
2021-06-11 09:19 – 2021-06-11 09:19 – 001159680 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Combine7332395e#178c369e908371ab2772b156d9329109CLI.Combined.Graphics.Aspects2.Runtime.ni.dll
2021-06-11 09:17 – 2021-06-11 09:17 – 000136704 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Compone168638d1#37d54274a25683039eb93aac11a5f87eCLI.Component.Client.Shared.Private.ni.dll
2021-06-11 09:19 – 2021-06-11 09:19 – 000234496 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Compone6692ca50#23234ee838d180666fbfe463c6742cacCLI.Component.Runtime.ni.dll
2021-06-11 09:19 – 2021-06-11 09:19 – 000929280 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Compone6bf88b08# e7b46d821b6ddc59dee4203fea05497CLI.Component.Dashboard.ni.dll
2021-06-11 09:18 – 2021-06-11 09:18 – 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64DEM.Graphics.I0706e5f39883c7053b426534c68acc5a25c4DEM.Graphics.I0706.ni.dll
2021-06-11 09:18 – 2021-06-11 09:18 – 000084480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64DEM.Graphics.I0709e0652bd44a408a2e2750325f922aa2a4DEM.Graphics.I0709.ni.dll
2021-06-11 09:18 – 2021-06-11 09:18 – 000012288 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64DEM.Graphics.I0712a2b407775224621801afe1d1425d83c7DEM.Graphics.I0712.ni.dll
2021-06-11 09:18 – 2021-06-11 09:18 – 000018432 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64DEM.Graphics.I0804eed1e6faac55f297b024601065e795c9DEM.Graphics.I0804.ni.dll
2021-06-11 09:20 – 2021-06-11 09:20 – 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64DEM.Graphics.I08055c1083bfa99265c59771635151d2d1f0DEM.Graphics.I0805.ni.dll
2021-06-11 09:20 – 2021-06-11 09:20 – 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64DEM.Graphics.I0812fa6d368b34df4ecbad78d93ed5f01280DEM.Graphics.I0812.ni.dll
2021-06-11 09:19 – 2021-06-11 09:19 – 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64DEM.Graphics.I0906f413b48cfe5a6549ba759462d6524f94DEM.Graphics.I0906.ni.dll
2021-06-11 09:18 – 2021-06-11 09:18 – 000014336 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64DEM.Graphics.I09121c1e463fdd278b2bab57bba1e9fee335DEM.Graphics.I0912.ni.dll
2021-06-11 09:19 – 2021-06-11 09:19 – 000035840 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64DEM.Graphics.I1010be591ac6df66b1574cfa0ca827d9c0d7DEM.Graphics.I1010.ni.dll
2021-06-11 09:17 – 2021-06-11 09:17 – 001139200 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64Localizatio01dbc1c0#1cf40bb0afc79f93f67f659e4c194ef4Localization.Foundation.Private.ni.dll
2021-06-11 09:21 – 2021-06-11 09:21 – 000244736 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64ResourceMan446ca0e5#e1189c4c7e1a9270c97674a59712109bResourceManagement.Foundation.Implementation.ni.dll
2021-06-11 09:17 – 2021-06-11 09:17 – 000023552 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64ResourceManf163905a#9e1a941f33e5e5e8fbf388ee00abd701ResourceManagement.Foundation.Private.ni.dll
2021-06-11 09:17 – 2021-06-11 09:17 – 000091648 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Aspect.ec8786e5#4d1e6a48bbf6f356e84c58a68d050656CLI.Aspect.AMDHome.Graphics.Dashboard.ni.dll
2021-06-11 09:17 – 2021-06-11 09:17 – 002845696 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Caste.G60a7b4d1# f9b1a40fb3faa1cba6b15731a354cf9CLI.Caste.Graphics.Shared.ni.dll
2021-06-11 09:19 – 2021-06-11 09:19 – 003268096 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64CLI.Caste.G962aa464#3d02face23e34925f169be9f9d9eda1aCLI.Caste.Graphics.Runtime.ni.dll
2019-07-03 10:39 – 2019-02-21 12:00 – 000078336 ____N (Igor Pavlov) [File not signed] C:Program Files7-Zip7-zip.dll
2021-06-11 09:17 – 2021-06-11 09:17 – 000335360 _____ (Microsoft) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64Microsoft.W8090224c#8b8fd521622167703742fadf1cef8b1cMicrosoft.WindowsAPICodePack.ni.dll
2021-06-11 09:17 – 2021-06-11 09:17 – 002546688 _____ (Microsoft) [File not signed] C:WINDOWSassemblyNativeImages_v4.0.30319_64Microsoft.Wfbf9373c#9b449861284497fe55cdd628e60456baMicrosoft.WindowsAPICodePack.Shell.ni.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:ProgramDataTEMP:FD9CE1F3 [486]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

HKLMSYSTEMCurrentControlSetControlSafeBootMinimal36212536.sys => “”=”Driver”
HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMBAMService => “”=”Service”
HKLMSYSTEMCurrentControlSetControlSafeBootNetwork36212536.sys => “”=”Driver”
HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMBAMService => “”=”Service”

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKUS-1-5-21-1774870481-1400008346-3143672678-1001SoftwareMicrosoftInternet ExplorerMain,Start Page = hxxp://www.indianriverinletcam.com/
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:Program Files (x86)IObitIObit UninstallerUninstallExplorer.dll [2020-01-31] (IObit Information Technology -> IObit)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:Program FilesMicrosoft OfficeOffice14GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:Program FilesMicrosoft OfficeOffice14URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:Program Files (x86)Microsoft OfficeOffice14GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:Program Files (x86)Microsoft OfficeOffice14URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 – Adobe PDF – {47833539-D0C5-4125-9FA8-0819E2EAAC93} – C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKUS-1-5-21-1774870481-1400008346-3143672678-1001 -> No Name – {47833539-D0C5-4125-9FA8-0819E2EAAC93} –  No File

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKUS-1-5-21-1774870481-1400008346-3143672678-1001…



Original Source link

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


Ads

NATIONAL CYBER SECURITY RADIO

Ads

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW