avenciorh | 11.09.2019 17:50 | addition Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-09-2019
Ran by avencio (11-09-2019 18:46:00)
Running from C:\Users\avencio\Desktop
Windows 10 Home Version 1903 18362.295 (X64) (2019-08-26 11:11:06)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2309614686-2655472223-349006943-500 - Administrator - Disabled)
avencio (S-1-5-21-2309614686-2655472223-349006943-1001 - Administrator - Enabled) => C:\Users\avencio
DefaultAccount (S-1-5-21-2309614686-2655472223-349006943-503 - Limited - Disabled)
Guest (S-1-5-21-2309614686-2655472223-349006943-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2309614686-2655472223-349006943-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Free (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Audacity 2.3.2 (HKLM-x32\...\Audacity_is1) (Version: 2.3.2 - Audacity Team)
Avid Link (HKLM\...\{852D24C6-60A0-4822-B05D-A005A6CD2F87}) (Version: 19.4.0.501 - Avid Technology, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
DaVinci Resolve (HKLM\...\{9C580903-AE40-49FC-8D8A-77B9813597CD}) (Version: 15.2.4006 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{B1782967-E600-4BBD-B2F1-AEF3F2FE0A12}) (Version: 1.2.1.0 - Blackmagic Design)
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC13084E6700}) (Version: 19.008.20071 - Adobe Systems Incorporated)
FFmpeg (Windows) for Audacity version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.132 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Gramblr (HKLM\...\Gramblr) (Version: 2.9.201 - Gramblr Team)
HandBrake 1.2.2 (HKLM-x32\...\HandBrake) (Version: 1.2.2 - )
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.15.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{cdb5f70f-5107-4613-bf69-15de903b5b5d}) (Version: 5.5.22560 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{3FC961DB-BD36-4D8D-B276-0C456A2BB638}) (Version: 1.4.0.441 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{F213102E-FD30-4E22-AF73-4C682D65FFEE}) (Version: 1.4.441.0 - HP Inc.)
HP PC Hardware Diagnostics Windows (HKLM-x32\...\{5C591A5B-EA74-44F7-81DD-A757B5935AAD}) (Version: 1.5.0.0 - HP Inc)
HP System Event Utility (HKLM-x32\...\{5D308D1F-E37B-431A-8D35-67D16287467D}) (Version: 1.4.28 - HP Inc.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10208.5644 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1061 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 24.20.100.6025 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.0.2.1086 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1725.1 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000060-0200-1031-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{44ded3eb-1686-46a6-9770-fd79096c29f7}) (Version: 10.1.1.45 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2309614686-2655472223-349006943-1001\...\OneDriveSetup.exe) (Version: 19.152.0801.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27027 (HKLM-x32\...\{fd9b6070-d13e-45dc-819b-41806bf45b6b}) (Version: 14.16.27027.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27027 (HKLM-x32\...\{39e28474-b67b-4209-af1b-e9ad0a83d8ca}) (Version: 14.16.27027.1 - Microsoft Corporation)
Morrowind mod manager 0.8.4 (HKLM-x32\...\Morrowind mod manager_is1) (Version: - Timeslip)
Mozilla Firefox 69.0 (x64 de) (HKLM\...\Mozilla Firefox 69.0 (x64 de)) (Version: 69.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0 - Mozilla)
Neuratron PhotoScore && NotateMe Lite (HKLM-x32\...\Neuratron PhotoScore && NotateMe Lite) (Version: 8.8.6 - Neuratron Ltd)
NVIDIA GeForce Experience 3.12.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.12.0.84 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
PDF24 Creator 8.6.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.16299.21304 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8656 - Realtek Semiconductor Corp.)
Sibelius (HKLM\...\{9A99A7EA-856E-42FE-AECC-8C6A335D5E2E}) (Version: 19.5.0.1469 - Avid Technology)
Sibelius OpenType Fonts (HKLM-x32\...\{603AEE7A-6967-4CDB-8528-0CAC729A004B}) (Version: 18.6.0 - Avid)
Skype version 8.51 (HKLM-x32\...\Skype_is1) (Version: 8.51 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2309614686-2655472223-349006943-1001\...\Spotify) (Version: 1.1.14.475.g566c8beb - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics WBF FP Reader (HKLM\...\{CEE492C3-6673-44AB-827B-1F2412EDE8B1}) (Version: 5.5.5.1093 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.1.70.1 (HKLM\...\VulkanRT1.1.70.1) (Version: 1.1.70.1 - LunarG, Inc.) Hidden
WhatsApp (HKU\S-1-5-21-2309614686-2655472223-349006943-1001\...\WhatsApp) (Version: 0.3.4479 - WhatsApp)
WinRAR 5.60 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
Packages:
=========
Connect -> C:\Windows\SystemApps\Microsoft.Windows.DevicesFlowHost_cw5n1h2txyewy [2019-08-26] (Microsoft Corporation)
Floor Adjustment -> C:\Windows\SystemApps\RoomAdjustment_cw5n1h2txyewy [2019-08-26] (Microsoft Corporation)
HP Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.HPAudioControl_1.2.173.0_x64__dt26b99r8h8gj [2019-08-26] (Realtek Semiconductor Corp)
HP Command Center -> C:\Program Files\WindowsApps\AD2F1837.HPThermalControl_1.2.22.0_x64__v10z8vjag6ke6 [2019-09-01] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.0.37.0_x64__v10z8vjag6ke6 [2019-08-22] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_100.1.581.0_x64__v10z8vjag6ke6 [2019-07-24] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.5.262.0_x64__v10z8vjag6ke6 [2019-08-20] (HP Inc.)
Learn about Mixed Reality -> C:\Windows\SystemApps\MixedRealityLearning_cw5n1h2txyewy [2019-08-26] (Microsoft Corporation)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-07] (Microsoft Corporation) [MS Ad]
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.11929.20254.0_x86__8wekyb3d8bbwe [2019-09-01] (Microsoft Corporation)
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x64__8wekyb3d8bbwe [2019-03-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x86__8wekyb3d8bbwe [2019-03-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-26] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.11929.20254.0_x86__8wekyb3d8bbwe [2019-09-01] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.11929.20254.0_x86__8wekyb3d8bbwe [2019-09-01] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11929.20254.0_x86__8wekyb3d8bbwe [2019-09-01] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.11929.20254.0_x86__8wekyb3d8bbwe [2019-09-01] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.11929.20254.0_x86__8wekyb3d8bbwe [2019-09-01] (Microsoft Corporation)
Microsoft To-Do -> C:\Program Files\WindowsApps\Microsoft.Todos_1.64.22332.0_x64__8wekyb3d8bbwe [2019-09-01] (Microsoft Corporation)
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.11929.20254.0_x86__8wekyb3d8bbwe [2019-09-01] (Microsoft Corporation)
New for You -> C:\Windows\SystemApps\WhatsNew_cw5n1h2txyewy [2019-08-26] (Microsoft Corporation)
nkoda -> C:\Program Files\WindowsApps\nkoda.nkoda_1.0.456.0_x64__4p0qrka7t3tvw [2019-07-15] (nkoda)
Passthrough -> C:\Windows\SystemApps\passthrough_cw5n1h2txyewy [2019-08-26] (Microsoft Corporation)
Sign In -> C:\Windows\SystemApps\WebAuthBridgeInternet_cw5n1h2txyewy [2019-08-26] (ms-resource:PublisherDisplayName)
Sign In -> C:\Windows\SystemApps\WebAuthBridgeInternetSso_cw5n1h2txyewy [2019-08-26] (ms-resource:PublisherDisplayName)
Sign In -> C:\Windows\SystemApps\WebAuthBridgeIntranetSso_cw5n1h2txyewy [2019-08-26] (ms-resource:PublisherDisplayName)
Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2019-07-12] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1c41cc68747d972b\igfxDTCM.dll [2019-02-18] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-04-06] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\avencio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> www1.online\?w=RD4345
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> www1.online\?w=RD4345
==================== Loaded Modules (Whitelisted) ==============
2019-09-04 10:06 - 2019-09-04 10:06 - 000138240 _____ ( ) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\f42cd1593afc19a7f2f257be3524badc\Interop.IWshRuntimeLibrary.ni.dll
2019-04-23 12:10 - 2019-04-23 12:10 - 000017408 _____ () [File not signed] C:\Program Files\Avid\Avid Link\FTF_JNI.dll
2016-11-10 13:34 - 2016-11-10 13:34 - 008419840 _____ () [File not signed] c:\program files\avid\avid link\jre\bin\server\jvm.dll
2018-10-10 21:46 - 2018-10-10 21:46 - 000014848 _____ () [File not signed] C:\Program Files\Avid\Avid Link\libEGL.DLL
2018-10-10 21:46 - 2018-10-10 21:46 - 002521600 _____ () [File not signed] C:\Program Files\Avid\Avid Link\libGLESv2.dll
2019-02-23 19:07 - 2019-02-23 19:07 - 053305344 _____ () [File not signed] C:\Program Files\HandBrake\hb.DLL
2019-09-04 10:05 - 2019-09-04 10:05 - 000160768 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\9278220389fba4b1d16dc9e411dd3651\BRIDGECommon.ni.dll
2019-09-04 10:05 - 2019-09-04 10:05 - 000125440 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\bdd60efd5ac09c9ac8d93415d0896904\BridgeExtension.ni.dll
2019-09-04 10:06 - 2019-09-04 10:06 - 000395264 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\1605819eadd4a0fde0656445bddebba9\CleanStartController.ni.dll
2019-09-04 10:05 - 2019-09-04 10:05 - 000079872 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NativeInterop\c5fb428cfd6275df79b6631117bf4ef4\NativeInterop.ni.dll
2019-09-04 10:06 - 2019-09-04 10:06 - 000145920 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Registratio4eabc192#\ec50173f1dea33b86d304d4b6294ecdf\RegistrationUtilities.ni.dll
2019-09-04 10:06 - 2019-09-04 10:06 - 000134656 _____ (hardcodet.net) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\702eaa7efcf38f41f12365a3a3eb9498\Hardcodet.Wpf.TaskbarNotification.ni.dll
2019-09-04 10:05 - 2019-09-04 10:05 - 000136192 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CommonPortable\45264cc6d3950317a1e10c98f6597aea\CommonPortable.ni.dll
2019-09-04 10:06 - 2019-09-04 10:06 - 001701888 _____ (Mark Heath & Contributors) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\285f1d03235c7ffd1436b2f5fd3b4094\NAudio.ni.dll
2016-11-10 13:34 - 2016-11-10 13:34 - 000153088 _____ (N/A) [File not signed] c:\program files\avid\avid link\jre\bin\java.dll
2016-11-10 13:34 - 2016-11-10 13:34 - 000030720 _____ (N/A) [File not signed] C:\Program Files\Avid\Avid Link\jre\bin\management.dll
2016-11-10 13:34 - 2016-11-10 13:34 - 000088576 _____ (N/A) [File not signed] C:\Program Files\Avid\Avid Link\jre\bin\net.dll
2016-11-10 13:34 - 2016-11-10 13:34 - 000054272 _____ (N/A) [File not signed] C:\Program Files\Avid\Avid Link\jre\bin\nio.dll
2016-11-10 13:34 - 2016-11-10 13:34 - 000128512 _____ (N/A) [File not signed] C:\Program Files\Avid\Avid Link\jre\bin\sunec.dll
2016-11-10 13:34 - 2016-11-10 13:34 - 000043008 _____ (N/A) [File not signed] c:\program files\avid\avid link\jre\bin\verify.dll
2016-11-10 13:34 - 2016-11-10 13:34 - 000071168 _____ (N/A) [File not signed] c:\program files\avid\avid link\jre\bin\zip.dll
2019-09-04 10:05 - 2019-09-04 10:05 - 002306560 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\cf4ca75a9d360705bc1f84bbd2005933\Newtonsoft.Json.ni.dll
2019-09-04 10:06 - 2019-09-04 10:06 - 003060736 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\f7f0a882ba6d8f5c271bf6d4557184c5\Newtonsoft.Json.ni.dll
2019-09-04 10:06 - 2019-09-04 10:06 - 000793088 _____ (The Apache Software Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\8a43408677d829d6577c861d86ed1035\log4net.ni.dll
2019-04-23 12:10 - 2019-04-23 12:10 - 001809920 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Avid\Avid Link\LIBEAY32.dll
2019-04-23 12:10 - 2019-04-23 12:10 - 000349696 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Avid\Avid Link\ssleay32.dll
2018-10-10 21:50 - 2018-10-10 21:50 - 000047104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Avid Link\bearer\qgenericbearer.dll
2018-10-10 21:50 - 2018-10-10 21:50 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Avid Link\imageformats\qgif.dll
2018-10-10 21:50 - 2018-10-10 21:50 - 000041472 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Avid Link\imageformats\qicns.dll
2018-10-10 21:49 - 2018-10-10 21:49 - 000032768 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Avid Link\imageformats\qico.dll
2018-10-10 21:50 - 2018-10-10 21:50 - 000278016 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Avid Link\imageformats\qjpeg.dll
2018-10-10 21:51 - 2018-10-10 21:51 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Avid Link\imageformats\qsvg.dll
2018-10-10 21:50 - 2018-10-10 21:50 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Avid Link\imageformats\qtga.dll
2018-10-10 21:50 - 2018-10-10 21:50 - 000371712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Avid Link\imageformats\qtiff.dll
2018-10-10 21:50 - 2018-10-10 21:50 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Avid Link\imageformats\qwbmp.dll
2018-10-10 21:51 - 2018-10-10 21:51 - 000505856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Avid Link\imageformats\qwebp.dll
2019-04-23 12:20 - 2019-04-23 12:20 - 001337856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Avid Link\platforms\qwindows.dll
2019-04-23 12:22 - 2019-04-23 12:22 - 005652992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Avid Link\Qt5Core.dll
2019-04-23 12:20 - 2019-04-23 12:20 - 006032384 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Avid Link\Qt5Gui.dll
2019-04-23 12:20 - 2019-04-23 12:20 - 001225728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Avid Link\Qt5Network.dll
2018-10-10 22:03 - 2018-10-10 22:03 - 000286720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Avid Link\Qt5Positioning.dll
2018-10-10 21:49 - 2018-10-10 21:49 - 000319488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Avid Link\Qt5PrintSupport.dll
2018-10-10 21:53 - 2018-10-10 21:53 - 003432960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Avid Link\Qt5Qml.dll
2018-10-10 21:54 - 2018-10-10 21:54 - 003465728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Avid Link\Qt5Quick.dll
2018-10-10 21:54 - 2018-10-10 21:54 - 000072192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Avid Link\Qt5QuickWidgets.dll
2019-04-23 12:20 - 2019-04-23 12:20 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Avid Link\Qt5Svg.dll
2018-10-10 22:00 - 2018-10-10 22:00 - 000111616 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Avid Link\Qt5WebChannel.dll
2018-10-10 23:47 - 2018-10-10 23:47 - 000352256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Avid Link\Qt5WebEngine.dll
2018-10-10 23:43 - 2018-10-10 23:43 - 074279424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Avid Link\Qt5WebEngineCore.dll
2018-10-10 23:47 - 2018-10-10 23:47 - 000226304 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Avid Link\Qt5WebEngineWidgets.dll
2019-04-23 12:20 - 2019-04-23 12:20 - 000148992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Avid Link\Qt5WebSockets.dll
2019-04-23 12:20 - 2019-04-23 12:20 - 005564928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Avid Link\Qt5Widgets.dll
2019-04-23 12:20 - 2019-04-23 12:20 - 000193024 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Avid\Avid Link\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\avencio\Desktop\Angebot Sparkasse Hannover.jpeg:3or4kl4x13tuuug3Byamue2s4b [85]
AlternateDataStreams: C:\Users\avencio\Desktop\Angebot Sparkasse Hannover.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\avencio\Desktop\formular1.jpeg:3or4kl4x13tuuug3Byamue2s4b [85]
AlternateDataStreams: C:\Users\avencio\Desktop\formular1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\avencio\Desktop\formular2.jpeg:3or4kl4x13tuuug3Byamue2s4b [85]
AlternateDataStreams: C:\Users\avencio\Desktop\formular2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\avencio\Desktop\freistellungsauftrag.jpeg:3or4kl4x13tuuug3Byamue2s4b [85]
AlternateDataStreams: C:\Users\avencio\Desktop\freistellungsauftrag.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 01:38 - 2018-04-12 01:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Common Files\Propellerhead Software\ReWire\;C:\Program Files\Common Files\Propellerhead Software\ReWire\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\ProgramData\chocolatey\bin;
HKU\S-1-5-21-2309614686-2655472223-349006943-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\avencio\Desktop\r2vQDqE.png
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKU\S-1-5-21-2309614686-2655472223-349006943-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2309614686-2655472223-349006943-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-2309614686-2655472223-349006943-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2309614686-2655472223-349006943-1001\...\StartupApproved\Run: => "Steam"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{099F525A-52B7-4BE6-81C1-9191E9B155FF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E8CB8D1A-8542-44CD-8CDB-590BB99505D7}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{E924F959-0D94-4B10-AA64-17577D6448FE}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Block) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [TCP Query User{AE987344-3E8F-4D54-BF03-55A4D924E0CA}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Block) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [{0D06265B-DD81-4B4F-94D8-D771D11E1C8A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{12D9A3E0-F6BC-4DBD-93E3-1BFC502F341A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [UDP Query User{0B8A3EFB-BA8D-4036-A3C0-2E5CC2BD4225}C:\users\avencio\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\avencio\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{80000A3D-9C5A-4F2F-A90A-D70BA5EECFDC}C:\users\avencio\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\avencio\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D007BB8A-7E4F-42E3-883A-DF5CE26C0A7A}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{40AC10B0-F1E1-4FFC-B830-6E6A55EB354D}] => (Allow) C:\Program Files\Avid\Avid Link\AvidAppManHelper.exe (Avid Technology, Inc. -> Avid Technology, Inc.)
FirewallRules: [{784F99B8-C8CC-4FB8-88F9-8C8E70E10278}] => (Allow) C:\Program Files\Avid\Avid Link\Avid Link.exe (Avid Technology, Inc. -> Avid Technology, Inc.)
FirewallRules: [{5A9ED429-22C0-4B00-B3EB-B043C0F11577}] => (Allow) C:\Program Files\Avid\Avid Link\jre\bin\java.exe
FirewallRules: [{A6CF4305-047F-44DC-AEF4-69A68D90E794}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{C771E33F-862D-461A-9787-16827E29A763}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe (The Creative Assembly Limited -> Creative Assembly Ltd)
FirewallRules: [{DE7E88A6-3605-4E2C-B780-20FFA93B6B40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Morrowind\Morrowind Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{8EFFF784-E392-488F-A1A1-E1BB83FB97D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Morrowind\Morrowind Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [UDP Query User{9484C37D-3DC8-4DD4-BB5F-48B32848A378}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [TCP Query User{11BAC8C1-ACA9-46B9-B9F8-2D94674C0A9B}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [UDP Query User{4758EE07-4DB0-48D0-9E4D-826825A7A972}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{86CCF0D8-7F5B-4413-BE26-8521876C7A84}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{4A1A216C-D8DC-4D07-8200-3BEE45127C7C}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{C45C5529-D1C2-4934-8E0B-1B2C18422942}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{597E1E7B-D6E4-41BB-B447-F2B6F9F18A76}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe No File
FirewallRules: [{447960D0-0B1E-41DF-88D8-EC992D9A1BD2}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{269D2E9C-3185-4344-8660-1538A5F10D17}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe No File
FirewallRules: [{4D038688-D9DE-4108-892B-A00868CF7608}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe No File
FirewallRules: [{57962B99-0E26-474C-B790-B2B2B906C857}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe () [File not signed]
FirewallRules: [{D4EB16C4-443C-4721-8CBB-904C270FBCDA}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe () [File not signed]
FirewallRules: [{64FB8756-5722-4C4A-9941-C70F13B55E5D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe () [File not signed]
FirewallRules: [{42C627A0-9807-4A66-9DDE-3C697CD69A14}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe () [File not signed]
FirewallRules: [{B738D7BD-1E3F-4A9E-9979-E34EF8D32B82}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe () [File not signed]
FirewallRules: [{A6DA0BD3-ADA9-4898-9158-16A96659F3B6}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{4174BD3D-EBD0-4CC3-906D-21A4AAD92FBF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe No File
FirewallRules: [{E840C292-7AB7-46E0-A164-65AB9B100418}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe No File
FirewallRules: [UDP Query User{79E861A4-3645-4488-B8DE-846FDEEB9AB2}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{DC935403-ED7F-4F17-80B8-1C26F45D630E}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{3B2ED357-50AB-4E4F-BCBA-E1F72CAA15C9}C:\users\avencio\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\avencio\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{BFF2A3C6-6389-4B50-9D18-CDA69025CB37}C:\users\avencio\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\avencio\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{0336C7F0-6994-44C0-A8B8-BF667F19E03A}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe (The Creative Assembly Limited -> The Creative Assembly Ltd)
FirewallRules: [TCP Query User{0EEF0D36-C86C-4397-866A-EC3BCD384BAD}C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe (The Creative Assembly Limited -> The Creative Assembly Ltd)
FirewallRules: [{D098ABDD-8706-424D-92C1-F9E4A1BE9FF2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D022ED4E-C8AC-4982-B512-54F06A0E60A7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{F279BBEC-399E-4C12-BA6D-CA48368768BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe () [File not signed]
FirewallRules: [{B04260A3-70DF-4945-8268-469B1A035C6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe () [File not signed]
FirewallRules: [{73E8D73E-D876-47C6-80E5-5DD84E96BC8F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{52F8F94B-A757-4C44-8A75-22DED13DAFEE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{702F67F5-C4F4-4571-8535-07A6F7891967}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{4DBDE539-1704-40B5-A6E3-C06149FC30F4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{3F591DC1-4212-4A75-A128-C9EC161E7CE9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F87536A8-A104-4DCA-BAC2-64924B62FC65}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8174F7D1-E52B-4E51-901B-47C4AAAA729E}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{775B9BA3-EC26-479B-BAF6-7068297269ED}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{2785A884-AA03-4C2C-B93C-FD5BCD2CBDD2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{77D3BB0B-CA46-4F0E-BD35-31A95269453D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DD685233-47E9-4DE5-ABA6-623F55BA6047}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5C3CA467-8C1F-4674-8754-E558263A6B4A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B462155F-1B40-4A6B-9E9B-965AA4EF739A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9091F431-A595-4808-89AF-952BABAE2BFF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B6638804-49DE-48DE-8E17-60340A1BB394}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{50867BEB-1DF5-4AE6-BF64-607AEAE62861}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{58146D03-0E04-43A2-BC7C-6356098AB828}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2059E059-4D4C-42E1-91F7-2031F2F199E0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{03760FA7-480E-4A2E-AACF-2AA278876AD3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{471D1F8B-9F90-4653-B84D-D96FFE44E31E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C5B3A388-3DC6-46A8-AC9C-4D32F6A0FE25}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{723C992C-4B08-4C38-B24F-756DBBB6044E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11929.20254.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/11/2019 03:50:46 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12096,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/11/2019 03:41:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: gramblr.exe, version: 0.0.0.0, time stamp: 0x5d3adc29
Faulting module name: gramblr.exe, version: 0.0.0.0, time stamp: 0x5d3adc29
Exception code: 0xc0000005
Fault offset: 0x0000000000374460
Faulting process ID: 0x11b0
Faulting application start time: 0x01d568a3025f0fbf
Faulting application path: C:\Program Files\Gramblr\gramblr.exe
Faulting module path: C:\Program Files\Gramblr\gramblr.exe
Report ID: 49b2a929-e9f1-4ed8-8af1-bd4d8c0a6af2
Faulting package full name:
Faulting package-relative application ID:
Error: (09/11/2019 03:37:16 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14800,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/11/2019 03:23:33 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3888,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/11/2019 03:14:13 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (09/11/2019 03:14:13 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (09/11/2019 03:14:13 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (09/11/2019 03:14:13 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
System errors:
=============
Error: (09/11/2019 04:35:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Connectivity Manager for Gramblr service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 500 milliseconds: Restart the service.
Error: (09/11/2019 04:35:25 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Connectivity Manager for Gramblr service terminated with the following error:
Incorrect function.
Error: (09/11/2019 03:41:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Connectivity Manager for Gramblr service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 500 milliseconds: Restart the service.
Error: (09/11/2019 03:15:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The luafv service failed to start due to the following error:
This driver has been blocked from loading
Error: (09/11/2019 03:15:22 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\WINDOWS\system32\IntelWifiIhv04.dll
Error: (09/11/2019 03:15:22 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\WINDOWS\system32\IntelWifiIhv04.dll
Error: (09/11/2019 03:15:22 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\WINDOWS\system32\IntelWifiIhv04.dll
Error: (09/11/2019 03:15:22 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-7DCGCLDK)
Description: The server Microsoft.WindowsStore_11909.1001.7.0_x64__8wekyb3d8bbwe!App did not register with DCOM within the required timeout.
Windows Defender:
===================================
Date: 2019-09-11 12:58:31.031
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.291.484.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15800.1
Error code: 0x80240022
Error description: The program can't check for definition updates.
Date: 2019-09-11 12:58:31.031
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.291.484.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15800.1
Error code: 0x80240022
Error description: The program can't check for definition updates.
Date: 2019-09-11 12:48:29.565
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.291.484.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15800.1
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2019-09-11 12:48:29.565
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.291.484.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15800.1
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2019-09-11 12:48:29.564
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.291.484.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15800.1
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
CodeIntegrity:
===================================
Date: 2019-09-11 12:45:05.867
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2019-09-11 12:45:04.700
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2019-09-11 12:45:04.676
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2019-09-11 12:45:03.827
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2019-09-11 12:45:01.802
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2019-09-11 12:44:59.771
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2019-09-11 12:44:57.742
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2019-09-11 12:44:55.709
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: Insyde F.13 06/07/2018
Motherboard: HP 8482
Processor: Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz
Percentage of memory in use: 32%
Total physical RAM: 16218.16 MB
Available physical RAM: 10986.89 MB
Total Virtual: 18650.16 MB
Available Virtual: 12301.2 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:459.44 GB) (Free:254.42 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:16.27 GB) (Free:1.93 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{fddc5849-0b6e-4480-96a8-f2556fca59fd}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.24 GB) NTFS
\\?\Volume{462bed64-3d0e-453d-b7af-bc036dd03f71}\ () (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: A50E1C7D)
Partition: GPT.
==================== End of Addition.txt ============================ |