Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13.03.2019 01
Ran by gladieu1 (administrator) on N-20HEPF19YMVJ (14-03-2019 10:43:06)
Running from C:\Users\gladieu1\Desktop
Loaded Profiles: gladieu1 (Available Profiles: gladieu1)
Platform: Windows 10 Enterprise Version 1709 16299.967 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo -> Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wscript.exe
(Prim'X Technologies -> Prim'X Technologies) C:\Windows\System32\zcs.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_a00e34a139761b2b\igfxCUIService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Adaptive Protocols, Inc. -> Adaptiva) C:\Program Files (x86)\Adaptiva\AdaptivaClient\bin\AdaptivaClientService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_a00e34a139761b2b\IntelCpHDCPSvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\AppVClient.exe
(Kollective Technology, Inc -> Kollective Inc.) C:\Program Files (x86)\Kollective\KService.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(SafeCom a/s) [File not signed] C:\Program Files (x86)\SafeCom\SafeComPrintClient\scPrintClient.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.0.3876.1100.105\Bin\ccSvcHst.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.0.3876.1100.105\SAEP\IDS\bin\SISIDSService.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.0.3876.1100.105\SAEP\IPS\bin\SISIPSService.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.0.3876.1100.105\SAEP\IPS\bin\sisipsutil.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Splunk, Inc. -> Splunk Inc.) C:\Program Files\Splunk\bin\splunkd.exe
(Prim'X Technologies -> Prim'X Technologies) C:\Windows\System32\zps.exe
(Adaptive Protocols, Inc. -> Adaptiva) C:\Program Files (x86)\Adaptiva\AdaptivaClient\bin\OneSiteClient64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Prim'X Technologies -> Prim'X Technologies) C:\Windows\System32\cysvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_a00e34a139761b2b\IntelCpHeciSvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.0.3876.1100.105\Bin\ccSvcHst.exe
(Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpfsm.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Lenovo -> Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.0.3876.1100.105\Bin\SmcGui.exe
(Microsoft Windows -> ) C:\Windows\System32\AppV\AppVStreamingUX.exe
(Prim'X Technologies -> Prim'X Technologies) C:\RDIP\ZoneCentral\zpu.exe
(Prim'X Technologies -> Prim'X Technologies) C:\RDIP\ZoneCentral\zcu.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor Corp. -> Realtek semiconductor) C:\Windows\RTFTrack.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_a00e34a139761b2b\igfxEM.exe
(Prim'X Technologies -> Prim'X Technologies) C:\RDIP\Cryhod\cyu.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\gladieu1\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Cisco Systems Inc. -> Cisco Systems, Inc) C:\Program Files (x86)\Cisco Systems\Cisco Jabber\CiscoJabber.exe
(Splunk, Inc. -> MongoDB, Inc) C:\Program Files\Splunk\bin\mongod.exe
(Hewlett Packard Enterprise Company -> Hewlett-Packard Company) C:\Program Files (x86)\HP\AMI.Scanner.Nokia\AMI.Scanner.Client.exe
(DXC) [File not signed] C:\Program Files (x86)\DXC\UDM\UDM.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Kollective Technology, Inc -> Kontiki Inc.) C:\Program Files (x86)\Kollective\KHost.exe
(Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wscript.exe
(Splunk, Inc. -> ) C:\Program Files\Splunk\bin\python.exe
(Splunk, Inc. -> Splunk Inc.) C:\Program Files\Splunk\bin\splunkd.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Cisco Systems Inc. -> Cisco Systems, Inc) C:\Program Files (x86)\Cisco Systems\Cisco Jabber\CiscoJabber.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Cisco WebEx LLC -> WebEx) C:\Program Files (x86)\Cisco Systems\Cisco Jabber\wbxcOIEx.exe
(Sennheiser Communications -> Sennheiser Communications) C:\Program Files (x86)\Sennheiser\SoftphoneSDK\SecomSDK.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(Intel(R) Software Development Products -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_1781f8bae8fdf5c0\aesm_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Hewlett Packard Enterprise Company -> Hewlett-Packard Company) C:\Program Files (x86)\HP\AMI.Scanner.Nokia\AMI.Scanner.Nokia.Service.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\CCM\CcmExec.exe
(Intel(R) Trust Services -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\CCM\RemCtrl\CmRcService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\CCM\SCNotification.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [ZMCDBO32W] => C:\RDIP\ZoneCentral\zedmail32.dll [4400512 2018-12-21] (Prim'X Technologies -> Prim'X Technologies)
HKLM\...\Run: [Cryhod User Deamon] => C:\RDIP\Cryhod\cyu.exe [3581824 2018-12-12] (Prim'X Technologies -> Prim'X Technologies)
HKLM-x32\...\Run: [AMI.Scanner.Client.Nokia] => C:\Program Files (x86)\HP\AMI.Scanner.Nokia\AMI.Scanner.Client.exe [14144 2015-11-11] (Hewlett Packard Enterprise Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [UDM] => C:\Program Files (x86)\DXC\UDM\UDM.exe [195072 2018-01-03] (DXC) [File not signed]
HKLM-x32\...\Run: [Cisco Jabber] => C:\Program Files (x86)\Cisco Systems\Cisco Jabber\CiscoJabber.exe [156248 2018-05-03] (Cisco Systems Inc. -> Cisco Systems, Inc)
HKLM-x32\...\Run: [kdx] => C:\Program Files (x86)\Kollective\KHost.exe [1666920 2018-02-11] (Kollective Technology, Inc -> Kontiki Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1321984 2018-09-05] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
HKLM\...\Winlogon: [Userinit] cmd /c set UserInitLogonScript=&start "" "C:\WINDOWS\system32\userinit.exe" <==== ATTENTION
HKLM\...\Policies\Explorer: [NoPublishingWizard] 1
HKLM\...\Policies\Explorer: [NoWebServices] 1
HKLM\...\Policies\Explorer: [NoOnlinePrintsWizard] 1
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKLM\...\Policies\Explorer: [SettingsPageVisibility] hide:gaming-gamebar;gaming-gamedvr;gaming-broadcasting;gaming-gamemode;quietmomentsgame;gaming-trueplay;gaming-XboxNetworking
HKLM\...\Policies\Explorer: [NoAutorun] 1
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig] <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1593251271-2640304127-1825641215-2135140\...\Run: [Cisco Jabber] => C:\Program Files (x86)\Cisco Systems\Cisco Jabber\CiscoJabber.exe [156248 2018-05-03] (Cisco Systems Inc. -> Cisco Systems, Inc)
HKU\S-1-5-21-1593251271-2640304127-1825641215-2135140\...\Run: [HLXNX5KRMT] => "C:\Users\gladieu1\AppData\Roaming\Mondial-Relay-Suivi-Colis.vbs"
HKU\S-1-5-21-1593251271-2640304127-1825641215-2135140\...\Run: [heDghqlNJV] => wscript.exe //B "C:\Users\gladieu1\AppData\Roaming\heDghqlNJV.vbs"
HKU\S-1-5-21-1593251271-2640304127-1825641215-2135140\...\Policies\system: [HideLogoffScripts] 0
HKU\S-1-5-21-1593251271-2640304127-1825641215-2135140\...\Policies\system: [HideLogonScripts] 0
HKU\S-1-5-21-1593251271-2640304127-1825641215-2135140\...\Policies\system: [HideLegacyLogonScripts] 0
HKU\S-1-5-21-1593251271-2640304127-1825641215-2135140\...\Policies\Explorer: [DisallowCpl] 1
HKU\S-1-5-21-1593251271-2640304127-1825641215-2135140\...\Policies\Explorer: [NoStartMenuMyGames] 1
HKU\S-1-5-21-1593251271-2640304127-1825641215-2135140\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1593251271-2640304127-1825641215-2135140\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-1593251271-2640304127-1825641215-2135140\...\Policies\Explorer\DisallowRun: [1] Narrator.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> %SystemRoot%\inf\unregmp2.exe /ShowWMP
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{1A635039-F823-407D-AA50-18E4933C8799}] -> msiexec /fup {1A635039-F823-407D-AA50-18E4933C8799} /qn
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{36250601-FD28-4953-B6BB-8CEA4FA4EEE1}] -> cmd.exe /c REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SCRIPTURL_MITIGATION" /v CiscoJabber.exe /t REG_DWORD /d 1 /f
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\Installer\chrmstp.exe [2019-03-06] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{AC76BA86-7AD7-1033-7B44-AC0F074E4100}] -> msiexec.exe /fup {AC76BA86-7AD7-1033-7B44-AC0F074E4100} /qn
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{EC66B856-946E-4B66-ACF9-CAF472A16E1A}] -> msiexec.exe /fup {EC66B856-946E-4B66-ACF9-CAF472A16E1A} /qb!
HKLM\Software\...\Authentication\Credential Providers: [{00001043-8804-4CA8-8868-36F59DEFD14D}] -> C:\RDIP\ZoneCentral\zccp.dll [2018-12-21] (Prim'X Technologies -> Prim'X Technologies)
HKLM\Software\...\Authentication\Credential Provider Filters: [{00001042-8804-4CA8-8868-36F59DEFD14D}] -> C:\RDIP\ZoneCentral\zccp.dll [2018-12-21] (Prim'X Technologies -> Prim'X Technologies)
HKLM\Software\...\Winlogon\GPExtensions: [{346193F5-F2FD-4DBD-860C-B88843475FD3}] -> C:\WINDOWS\system32\CcmUsrCse.dll [2018-07-14] (Microsoft Corporation -> Microsoft Corporation)
Lsa: [Notification Packages] scecli cywlx
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

AutoConfigURL: [.DEFAULT] => hxxp://proxyconf.glb.nokia.com/proxy.pac
AutoConfigURL: [S-1-5-21-1593251271-2640304127-1825641215-2135140] => hxxp://proxyconf.glb.nokia.com/proxy.pac
Tcpip\Parameters: [DhcpNameServer] 139.54.40.8 135.239.25.53
Tcpip\..\Interfaces\{897bc738-ec4b-43d6-943b-9ff81e81daeb}: [DhcpNameServer] 135.239.25.53
Tcpip\..\Interfaces\{c2176235-2235-4a00-97c4-728bc600e8f0}: [DhcpNameServer] 139.54.40.8 135.239.25.53
ManualProxies: 0hxxp://proxyconf.glb.nokia.com/proxy.pac

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-1593251271-2640304127-1825641215-2135140\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-1593251271-2640304127-1825641215-2135140\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://nokia.sharepoint.com/sites/nokiacentral
SearchScopes: HKU\S-1-5-21-1593251271-2640304127-1825641215-2135140 -> DefaultScope {D1F53B0F-CD83-42D6-B8D7-DDE1BB744A19} URL =
SearchScopes: HKU\S-1-5-21-1593251271-2640304127-1825641215-2135140 -> {D1F53B0F-CD83-42D6-B8D7-DDE1BB744A19} URL =
BHO: No Name -> {00000117-8804-4CA8-8868-36F59DEFD14D} -> C:\RDIP\ZoneCentral\zcush.dll [2018-12-21] (Prim'X Technologies -> Prim'X Technologies)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO: WebEx Productivity Tools -> {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} -> C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli64.dll [2016-11-24] (Cisco WebEx LLC -> Cisco WebEx LLC)
BHO-x32: No Name -> {00000117-8804-4CA8-8868-36F59DEFD14D} -> C:\RDIP\ZoneCentral\zcush32.dll [2018-12-21] (Prim'X Technologies -> Prim'X Technologies)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\jre1.8.0_152\jre1.8.0_152\bin\ssv.dll [2018-08-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\jre1.8.0_152\jre1.8.0_152\bin\jp2ssv.dll [2018-08-27] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - WebEx Productivity Tools - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli64.dll [2016-11-24] (Cisco WebEx LLC -> Cisco WebEx LLC)
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-01-21] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: a9cii2hl.default
FF ProfilePath: C:\Users\gladieu1\AppData\Roaming\Mozilla\Firefox\Profiles\a9cii2hl.default [2018-12-12]
FF Homepage: Mozilla\Firefox\Profiles\a9cii2hl.default -> hxxps://nokia.sharepoint.com/sites/nokiacentral
FF NetworkProxy: Mozilla\Firefox\Profiles\a9cii2hl.default -> autoconfig_url", "hxxp://proxyconf.glb.nsn-net.net/proxy.pac"
FF Extension: (Cisco WebEx Extension) - C:\Users\gladieu1\AppData\Roaming\Mozilla\Firefox\Profiles\a9cii2hl.default\Extensions\ciscowebexstart1@cisco.com.xpi [2018-12-11]
FF Extension: (GPO For Firefox) - C:\Users\gladieu1\AppData\Roaming\Mozilla\Firefox\Profiles\a9cii2hl.default\Extensions\gpofirefox@extensions.org.xpi [2018-12-11] [Legacy]
FF Extension: (Cisco WebEx Extension) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\ciscowebexstart1@cisco.com.xpi [2018-08-31]
FF Extension: (GPO For Firefox) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\gpofirefox@extensions.org.xpi [2016-08-09] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [@jabbercallsaddon] - C:\Program Files (x86)\Cisco Systems\Cisco Jabber\Plugins\Click2XPlugin\jabber_calls_add_on-11.5.0002-fx-windows.xpi
FF Extension: (Jabber Calls Add-on) - C:\Program Files (x86)\Cisco Systems\Cisco Jabber\Plugins\Click2XPlugin\jabber_calls_add_on-11.5.0002-fx-windows.xpi [2018-02-10] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_142.dll [2019-03-07] (Adobe Systems Incorporated -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @primx.eu/ZPBP -> C:\RDIP\ZoneCentral\npzpbp32.dll [2018-12-21] (Prim'X Technologies -> Prim'X Technologies)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_142.dll [2019-03-07] (Adobe Systems Incorporated -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.152.2 -> C:\Program Files (x86)\jre1.8.0_152\jre1.8.0_152\bin\dtplugin\npDeployJava1.dll [2018-08-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.152.2 -> C:\Program Files (x86)\jre1.8.0_152\jre1.8.0_152\bin\plugin2\npjp2.dll [2018-08-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-01-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @primx.eu/ZPBP -> C:\RDIP\ZoneCentral\npzpbp32.dll [2018-12-21] (Prim'X Technologies -> Prim'X Technologies)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-14] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-14] (Google Inc -> Google Inc.)
FF Plugin-x32: @webex.com/npatgpc -> C:\Program Files (x86)\Webex\npatgpc.dll [2018-08-31] (Cisco WebEx LLC -> Cisco WebEx LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-19] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\gladieu1\AppData\Roaming\mozilla\plugins\npatgpc.dll [2019-01-28]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\all.js [2017-03-29] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\mozilla.cfg [2017-05-18] <==== ATTENTION

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\gladieu1\AppData\Local\Google\Chrome\User Data\Default [2019-03-14]
CHR Extension: (Slides) - C:\Users\gladieu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-28]
CHR Extension: (Docs) - C:\Users\gladieu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-28]
CHR Extension: (Google Drive) - C:\Users\gladieu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-08-28]
CHR Extension: (YouTube) - C:\Users\gladieu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-28]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\gladieu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-03-14]
CHR Extension: (Adobe Acrobat) - C:\Users\gladieu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-09-06]
CHR Extension: (Easy AdBlocker) - C:\Users\gladieu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\enlmiihbdlkpihokdgndjhahhkfmfcga [2019-02-27]
CHR Extension: (Sheets) - C:\Users\gladieu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-28]
CHR Extension: (Google Docs Offline) - C:\Users\gladieu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-28]
CHR Extension: (Multimedia Conference Screen Sharing) - C:\Users\gladieu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieneafanlmoiaiddiihdpamikkcengdg [2018-11-09]
CHR Extension: (Cisco Webex Extension) - C:\Users\gladieu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2018-10-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\gladieu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-28]
CHR Extension: (Gmail) - C:\Users\gladieu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-08-28]
CHR Extension: (Chrome Media Router) - C:\Users\gladieu1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-21]
CHR Profile: C:\Users\gladieu1\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-12-05]
CHR HKU\S-1-5-21-1593251271-2640304127-1825641215-2135140\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdaptivaClient; C:\Program Files (x86)\Adaptiva\AdaptivaClient\bin\AdaptivaClientService.exe [720168 2018-09-25] (Adaptive Protocols, Inc. -> Adaptiva)
R2 AESMService; C:\WINDOWS\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_1781f8bae8fdf5c0\aesm_service.exe [3233064 2018-01-26] (Intel(R) Software Development Products -> Intel Corporation)
R2 AMI.Scanner.Nokia; C:\Program Files (x86)\HP\AMI.Scanner.Nokia\AMI.Scanner.Nokia.Service.exe [14472 2015-11-12] (Hewlett Packard Enterprise Company -> Hewlett-Packard Company)
S2 CAF; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.0.3876.1100.105\SAEP\Common Agent Framework\CAFServiceMain.exe [3620160 2018-08-27] (Symantec Corporation -> Symantec Corporation)
R2 CcmExec; C:\WINDOWS\CCM\CcmExec.exe [2182528 2018-07-14] (Microsoft Corporation -> Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9678624 2019-02-07] (Microsoft Corporation -> Microsoft Corporation)
R2 CmRcService; C:\WINDOWS\CCM\RemCtrl\CmRcService.exe [699776 2018-07-14] (Microsoft Corporation -> Microsoft Corporation)
R2 CYP; C:\WINDOWS\system32\cyp.dll [1204608 2018-12-12] (Prim'X Technologies -> Prim'X Technologies)
R2 CYSVC; C:\WINDOWS\system32\cysvc.exe [2923392 2018-12-12] (Prim'X Technologies -> Prim'X Technologies)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [197120 2017-07-13] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
S2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [515232 2017-06-22] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [742704 2017-09-20] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [668472 2017-09-20] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [197264 2017-09-25] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 KService; C:\Program Files (x86)\Kollective\KService.exe [5880680 2018-02-11] (Kollective Technology, Inc -> Kollective Inc.)
S3 lpasvc; C:\Program Files\Microsoft Policy Platform\policyHost.exe [50360 2016-09-18] (Microsoft Corporation -> Microsoft Corporation)
R2 LPlatSvc; C:\WINDOWS\System32\LPlatSvc.exe [774552 2017-12-04] (Lenovo -> Lenovo.)
S3 lppsvc; C:\Program Files\Microsoft Policy Platform\policyHost.exe [50360 2016-09-18] (Microsoft Corporation -> Microsoft Corporation)
S3 MBAMAgent; C:\Program Files\Microsoft\MDOP MBAM\MBAMAgent.exe [383208 2015-06-18] (Microsoft Corporation -> Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2016-06-15] (HP Inc.) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2016-06-15] (HP Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324576 2017-09-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SafeCom Print Client; C:\Program Files (x86)\SafeCom\SafeComPrintClient\scPrintClient.exe [535040 2015-03-13] (SafeCom a/s) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SepMasterService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.0.3876.1100.105\Bin\ccSvcHst.exe [157976 2017-12-21] (Symantec Corporation -> Symantec Corporation)
R2 SISIDSService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.0.3876.1100.105\SAEP\IDS\bin\SISIDSService.exe [3177792 2018-08-27] (Symantec Corporation -> Symantec Corporation)
R2 SISIPSService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.0.3876.1100.105\SAEP\IPS\bin\SISIPSService.exe [101184 2018-08-27] (Symantec Corporation -> Symantec Corporation)
R2 SISIPSUtil; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.0.3876.1100.105\SAEP\IPS\bin\SISIPSUtil.exe [273728 2018-08-27] (Symantec Corporation -> Symantec Corporation)
S3 smstsmgr; C:\WINDOWS\CCM\TSManager.exe [322944 2018-07-14] (Microsoft Corporation -> Microsoft Corporation)
S3 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.0.3876.1100.105\Bin64\snac64.exe [378048 2017-12-21] (Symantec Corporation -> Symantec Corporation)
R2 Splunkd; C:\Program Files\Splunk\bin\splunkd.exe [38842160 2019-02-05] (Splunk, Inc. -> Splunk Inc.)
S2 splunkweb; C:\Program Files\Splunk\bin\splunkweb.exe [27440 2019-02-05] (Splunk, Inc. -> )
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [277000 2018-07-13] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation -> Microsoft Corporation)
R2 ZCP; C:\WINDOWS\system32\zcp.dll [1287040 2018-12-21] (Prim'X Technologies -> Prim'X Technologies)
R2 ZCS; C:\WINDOWS\system32\zcs.exe [1954688 2018-12-21] (Prim'X Technologies -> Prim'X Technologies)
R2 ZPS; C:\WINDOWS\system32\zps.exe [881024 2018-12-21] (Prim'X Technologies -> Prim'X Technologies)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AdaptivaClientCache; C:\WINDOWS\system32\drivers\AdaptivaClientCache64.sys [41600 2019-02-04] (Adaptive Protocols, Inc. -> Adaptiva)
R3 AdaptiveProtocolClient; C:\WINDOWS\system32\drivers\AdaptivaClientTransport64.sys [132736 2019-02-04] (Adaptive Protocols, Inc. -> Adaptiva)
R1 BHDrvx64; C:\ProgramData\Symantec\Symantec Endpoint Protection\14.0.3876.1100.105\Data\Definitions\BASHDefs\20190312.001\BHDrvx64.sys [1934048 2019-03-13] (Symantec Corporation -> Symantec Corporation)
R1 ccSettings_{4130ECC8-226D-4C9F-B32C-CD3C19EBC1B7}; C:\WINDOWS\System32\Drivers\SEP\0E000F24\044C.105\x64\ccSetx64.sys [179360 2017-12-21] (Symantec Corporation -> Symantec Corporation)
R0 CYCK; C:\WINDOWS\System32\drivers\cyck.sys [202752 2018-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Prim'X Technologies)
R0 CYF; C:\WINDOWS\System32\drivers\cyf.sys [26624 2018-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Prim'X Technologies)
R0 CYK; C:\WINDOWS\System32\drivers\cyk.sys [134144 2018-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Prim'X Technologies)
R1 CYKBD; C:\WINDOWS\System32\drivers\cykbd.sys [50176 2018-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Prim'X Technologies)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [515792 2019-01-23] (Symantec Corporation -> Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153296 2019-01-28] (Symantec Corporation -> Symantec Corporation)
S3 iaLPSS2_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [98976 2017-06-27] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [129008 2017-06-22] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R1 IDSVia64; C:\ProgramData\Symantec\Symantec Endpoint Protection\14.0.3876.1100.105\Data\Definitions\IPSDefs\20190313.061\IDSvia64.sys [1305072 2019-02-15] (Symantec Corporation -> Symantec Corporation)
R3 Netwtw06; C:\WINDOWS\System32\drivers\Netwtw06.sys [8742936 2018-04-03] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 nhi; C:\WINDOWS\System32\drivers\tbt100x.sys [136784 2017-09-06] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
R0 PMDRVS; C:\WINDOWS\System32\drivers\pmdrvs.sys [43208 2017-12-04] (Lenovo -> Lenovo.)
R3 prepdrvr; C:\WINDOWS\system32\DRIVERS\prepdrv.sys [26984 2018-07-14] (Microsoft Corporation -> Microsoft Corporation)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [420832 2017-09-06] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3238368 2017-10-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 SISIDSRegDrv; C:\WINDOWS\system32\Drivers\SISIDSRegDrv.sys [59280 2018-08-27] (Symantec Corporation -> Symantec Corporation)
S3 SISIPSDeviceFilter; C:\WINDOWS\system32\Drivers\SISIPSDeviceFilter.sys [61840 2018-08-27] (Symantec Corporation -> Symantec Corporation)
R1 SISIPSDriver; C:\WINDOWS\System32\Drivers\SISIPSDriver.sys [272784 2018-08-27] (Symantec Corporation -> Symantec Corporation)
S3 SISIPSFileFilter; C:\WINDOWS\system32\Drivers\SISIPSFileFilter.sys [94096 2018-08-27] (Symantec Corporation -> Symantec Corporation)
S1 SISIPSNetFilter; C:\WINDOWS\System32\Drivers\SISIPSNetFilter.sys [73616 2018-08-27] (Symantec Corporation -> Symantec Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [54800 2018-07-13] (Synaptics Incorporated -> Synaptics Incorporated)
S3 splknetdrv; C:\WINDOWS\system32\DRIVERS\splknetdrv.sys [40408 2018-09-27] (SPLUNK INC -> Windows (R) Win 7 DDK provider)
S3 splunkdrv; C:\WINDOWS\system32\DRIVERS\splunkdrv.sys [34776 2018-09-27] (SPLUNK INC -> Windows (R) Win 7 DDK provider)
S3 SplunkMonitorNoHandle; C:\WINDOWS\System32\DRIVERS\SplunkMonitorNoHandleDrv.sys [25048 2018-09-27] (SPLUNK INC -> Windows (R) Win 7 DDK provider)
R1 SRTSP; C:\WINDOWS\System32\Drivers\SEP\0E000F24\044C.105\x64\SRTSP64.SYS [830104 2017-12-21] (Symantec Corporation -> Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\System32\Drivers\SEP\0E000F24\044C.105\x64\SRTSPX64.SYS [49304 2017-12-21] (Symantec Corporation -> Symantec Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 SyDvCtrl; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.0.3876.1100.105\Bin64\SyDvCtrl64.sys [44568 2017-12-21] (Symantec Corporation -> Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\symefasi\0603010.014\symefasi64.sys [1790616 2018-08-27] (Symantec Corporation -> Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\Drivers\SEP\0E000F24\044C.105\x64\SymELAM.sys [24192 2017-12-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102552 2018-08-27] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\Drivers\SEP\0E000F24\044C.105\x64\Ironx64.SYS [308888 2017-12-21] (Symantec Corporation -> Symantec Corporation)
R1 SYMNETS; C:\WINDOWS\System32\Drivers\SEP\0E000F24\044C.105\x64\SYMNETS.SYS [567968 2017-12-21] (Symantec Corporation -> Symantec Corporation)
R1 SynaMetSMI; C:\WINDOWS\system32\DRIVERS\SynaSmi.sys [39184 2018-01-09] (Synaptics Inc. -> Windows (R) Win 7 DDK provider)
R1 SysPlant; C:\WINDOWS\System32\Drivers\SysPlant.sys [197960 2018-08-27] (Symantec Corporation -> Symantec Corporation)
R1 Teefer2; C:\WINDOWS\system32\DRIVERS\Teefer.sys [122352 2017-12-21] (Symantec Corporation -> Symantec Corporation)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [73616 2018-09-05] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
R0 ZCCK; C:\WINDOWS\System32\drivers\zcck.sys [202960 2018-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Prim'X Technologies)
R0 ZCK; C:\WINDOWS\System32\drivers\zck.sys [370408 2018-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Prim'X Technologies)
R1 ZCKBD; C:\WINDOWS\System32\drivers\zckbd.sys [50896 2018-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Prim'X Technologies)
S0 ZCKF; C:\WINDOWS\System32\drivers\zckf.sys [14032 2018-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Prim'X Technologies)
R0 ZPK; C:\WINDOWS\System32\drivers\zpk.sys [145640 2018-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Prim'X Technologies)
U4 JavaQuickStarterService; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-14 10:43 - 2019-03-14 10:43 - 000037531 _____ C:\Users\gladieu1\Desktop\FRST.txt
2019-03-14 10:42 - 2019-03-14 10:43 - 000000000 ____D C:\FRST
2019-03-14 10:41 - 2019-03-14 10:42 - 002433536 _____ (Farbar) C:\Users\gladieu1\Desktop\FRST64.exe
2019-03-14 10:15 - 2019-03-14 10:15 - 007316688 _____ (Malwarebytes) C:\Users\gladieu1\Downloads\adwcleaner_7.2.7.0 (1).exe
2019-03-14 10:13 - 2019-03-14 10:13 - 000000000 ___HD C:\WINDOWS\AxInstSV
2019-03-14 10:10 - 2019-03-14 10:10 - 007316688 _____ (Malwarebytes) C:\Users\gladieu1\Downloads\adwcleaner_7.2.7.0.exe
2019-03-12 14:19 - 2019-03-12 14:20 - 000000000 ____D C:\AdwCleaner
2019-03-12 14:14 - 2019-03-12 14:17 - 000000000 ____D C:\Users\gladieu1\AppData\Roaming\ZHP
2019-03-12 14:14 - 2019-03-12 14:14 - 000000000 ____D C:\Users\gladieu1\AppData\Local\ZHP
2019-03-12 12:14 - 2019-03-12 12:14 - 000000000 ___HD C:\OneDriveTemp
2019-03-11 16:10 - 2019-03-11 16:10 - 000003588 _____ C:\WINDOWS\System32\Tasks\Skype
2019-03-11 09:17 - 2019-03-11 09:17 - 000004764 _____ C:\WINDOWS\system32\CcmFramework.ini
2019-03-11 09:17 - 2019-03-11 09:17 - 000001799 _____ C:\WINDOWS\SMSAdvancedClient.configmgr1806-client-kb4462978-x64.mif
2019-03-11 09:17 - 2019-03-11 09:17 - 000000621 _____ C:\WINDOWS\system32\CcmFramework.h
2019-03-11 09:16 - 2019-03-11 09:16 - 000000000 ____D C:\WINDOWS\system32\{3DA228BE-34DA-49f4-A081-66465B077429}
2019-03-11 09:16 - 2019-03-11 09:16 - 000000000 ____D C:\WINDOWS\ms
2019-03-07 15:01 - 2019-03-07 15:01 - 000003392 _____ C:\WINDOWS\System32\Tasks\Microsoft_AzureInformationProtectionClient_1.41.51.0_v1.0
2019-03-07 15:01 - 2019-03-07 15:01 - 000002175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Azure Information Protection Viewer.lnk
2019-03-07 15:01 - 2019-03-07 15:01 - 000000000 ____D C:\Program Files (x86)\Microsoft Azure Information Protection
2019-03-05 11:57 - 2019-03-05 11:57 - 000054967 _____ C:\Users\gladieu1\Downloads\certificate.pdf
2019-03-04 15:31 - 2019-03-04 15:31 - 000129372 _____ C:\Users\gladieu1\Downloads\VFT030444009 (1).pdf
2019-03-04 15:06 - 2019-03-04 15:06 - 000129372 _____ C:\Users\gladieu1\Downloads\VFT030444009.pdf
2019-03-04 09:51 - 2019-03-04 09:51 - 000025820 _____ C:\Users\gladieu1\Downloads\Etiquettes-FV36898195.pdf
2019-03-01 10:17 - 2019-02-06 03:31 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-03-01 10:17 - 2019-02-06 03:31 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-03-01 10:17 - 2019-02-06 03:31 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2019-03-01 10:17 - 2019-02-06 03:30 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-03-01 10:17 - 2019-02-06 03:30 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-03-01 10:17 - 2019-02-06 03:30 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-03-01 10:16 - 2019-02-06 05:04 - 000035128 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-03-01 10:16 - 2019-02-06 04:56 - 000687672 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2019-03-01 10:16 - 2019-02-06 04:13 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-03-01 10:16 - 2019-02-06 03:31 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-03-01 10:16 - 2019-02-06 03:31 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-03-01 10:16 - 2019-02-06 03:31 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2019-03-01 10:16 - 2019-02-06 03:31 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2019-03-01 10:16 - 2019-02-06 03:27 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-03-01 10:16 - 2019-02-06 03:27 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2019-03-01 10:16 - 2019-02-06 03:26 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-03-01 10:16 - 2019-02-06 03:25 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-03-01 10:16 - 2019-02-06 03:24 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2019-03-01 10:16 - 2019-02-06 03:23 - 000220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2019-03-01 10:16 - 2019-02-06 03:18 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2019-03-01 10:16 - 2019-01-08 04:04 - 000000072 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2019-03-01 10:16 - 2019-01-05 09:19 - 000230200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-03-01 10:16 - 2019-01-05 09:18 - 000428048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-03-01 10:16 - 2019-01-05 09:18 - 000091088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-03-01 10:16 - 2019-01-05 09:15 - 000144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2019-03-01 10:16 - 2019-01-05 07:54 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2019-03-01 10:16 - 2019-01-05 07:54 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-03-01 10:16 - 2019-01-05 07:53 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-03-01 10:16 - 2019-01-05 07:11 - 000078184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-03-01 10:16 - 2019-01-05 06:45 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2019-03-01 10:16 - 2019-01-05 06:44 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2019-03-01 10:15 - 2019-02-06 05:05 - 001252664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-03-01 10:15 - 2019-02-06 05:05 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-03-01 10:15 - 2019-02-06 05:05 - 000075576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-03-01 10:15 - 2019-02-06 05:04 - 000078648 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-03-01 10:15 - 2019-02-06 05:04 - 000069944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-03-01 10:15 - 2019-02-06 04:56 - 002415888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-03-01 10:15 - 2019-02-06 04:56 - 000248848 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-03-01 10:15 - 2019-02-06 04:56 - 000027448 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-03-01 10:15 - 2019-02-06 04:54 - 001054392 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-03-01 10:15 - 2019-02-06 04:54 - 000903856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-03-01 10:15 - 2019-02-06 04:53 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-03-01 10:15 - 2019-02-06 03:55 - 001991600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-03-01 10:15 - 2019-02-06 03:55 - 000704496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-03-01 10:15 - 2019-02-06 03:55 - 000353752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-03-01 10:15 - 2019-02-06 03:53 - 001057944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-03-01 10:15 - 2019-02-06 03:53 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-03-01 10:15 - 2019-02-06 03:33 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-03-01 10:15 - 2019-02-06 03:33 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-03-01 10:15 - 2019-02-06 03:31 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadauthhelper.dll
2019-03-01 10:15 - 2019-02-06 03:31 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmproxy.dll
2019-03-01 10:15 - 2019-02-06 03:30 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadauthhelper.dll
2019-03-01 10:15 - 2019-02-06 03:28 - 000623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-03-01 10:15 - 2019-02-06 03:26 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2019-03-01 10:15 - 2019-02-06 03:25 - 000541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-03-01 10:15 - 2019-02-06 03:22 - 000926720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-03-01 10:15 - 2019-02-06 03:20 - 004056576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-03-01 10:15 - 2019-02-06 03:20 - 000964096 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-03-01 10:15 - 2019-02-06 03:20 - 000725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-03-01 10:15 - 2019-02-06 03:20 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-03-01 10:15 - 2019-02-06 03:18 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2019-03-01 10:15 - 2019-02-06 03:17 - 004057600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-03-01 10:15 - 2019-01-12 03:28 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-03-01 10:15 - 2019-01-06 04:14 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-03-01 10:15 - 2019-01-06 04:14 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-03-01 10:15 - 2019-01-05 09:23 - 003075240 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2019-03-01 10:15 - 2019-01-05 09:22 - 000898328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2019-03-01 10:15 - 2019-01-05 09:19 - 000825016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-03-01 10:15 - 2019-01-05 09:17 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-03-01 10:15 - 2019-01-05 09:15 - 000388040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2019-03-01 10:15 - 2019-01-05 07:58 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-03-01 10:15 - 2019-01-05 07:57 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-03-01 10:15 - 2019-01-05 07:57 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedic.exe
2019-03-01 10:15 - 2019-01-05 07:52 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-03-01 10:15 - 2019-01-05 07:28 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2019-03-01 10:15 - 2019-01-05 07:15 - 002314920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2019-03-01 10:15 - 2019-01-05 07:07 - 000154392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpps.dll
2019-03-01 10:15 - 2019-01-05 06:48 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-03-01 10:15 - 2019-01-05 06:44 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-03-01 10:15 - 2019-01-05 06:06 - 000804120 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-03-01 10:15 - 2019-01-05 06:06 - 000804120 _____ C:\WINDOWS\system32\locale.nls
2019-03-01 10:14 - 2019-02-06 05:04 - 002868536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-03-01 10:14 - 2019-02-06 05:04 - 001638840 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-03-01 10:14 - 2019-02-06 05:04 - 001610552 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-03-01 10:14 - 2019-02-06 05:04 - 000792376 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-03-01 10:14 - 2019-02-06 05:04 - 000689464 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-03-01 10:14 - 2019-02-06 05:04 - 000612152 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-03-01 10:14 - 2019-02-06 05:04 - 000480568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-03-01 10:14 - 2019-02-06 05:04 - 000462648 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-03-01 10:14 - 2019-02-06 05:04 - 000451896 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-03-01 10:14 - 2019-02-06 05:04 - 000309560 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-03-01 10:14 - 2019-02-06 05:04 - 000144696 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-03-01 10:14 - 2019-02-06 05:01 - 001849656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-03-01 10:14 - 2019-02-06 05:00 - 000937784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-03-01 10:14 - 2019-02-06 04:59 - 008616760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-03-01 10:14 - 2019-02-06 04:59 - 002394936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-03-01 10:14 - 2019-02-06 04:58 - 000542520 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-03-01 10:14 - 2019-02-06 04:58 - 000038792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-03-01 10:14 - 2019-02-06 04:55 - 000677184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-03-01 10:14 - 2019-02-06 04:55 - 000465336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-03-01 10:14 - 2019-02-06 04:54 - 007384992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-03-01 10:14 - 2019-02-06 04:54 - 004507000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-03-01 10:14 - 2019-02-06 04:54 - 000371512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-03-01 10:14 - 2019-02-06 04:53 - 000710680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-03-01 10:14 - 2019-02-06 04:52 - 002774840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-03-01 10:14 - 2019-02-06 04:13 - 001433264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-03-01 10:14 - 2019-02-06 03:59 - 000033240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-03-01 10:14 - 2019-02-06 03:54 - 025269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-03-01 10:14 - 2019-02-06 03:54 - 004668584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-03-01 10:14 - 2019-02-06 03:53 - 006480008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-03-01 10:14 - 2019-02-06 03:34 - 003660800 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-03-01 10:14 - 2019-02-06 03:34 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-03-01 10:14 - 2019-02-06 03:33 - 001665536 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-03-01 10:14 - 2019-02-06 03:33 - 001472512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-03-01 10:14 - 2019-02-06 03:33 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2019-03-01 10:14 - 2019-02-06 03:33 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2019-03-01 10:14 - 2019-02-06 03:32 - 023677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-03-01 10:14 - 2019-02-06 03:29 - 001925120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2019-03-01 10:14 - 2019-02-06 03:29 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-03-01 10:14 - 2019-02-06 03:28 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-03-01 10:14 - 2019-02-06 03:25 - 008108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-03-01 10:14 - 2019-02-06 03:25 - 002117632 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-03-01 10:14 - 2019-02-06 03:25 - 001277440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2019-03-01 10:14 - 2019-02-06 03:24 - 004831744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-03-01 10:14 - 2019-02-06 03:24 - 004723712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-03-01 10:14 - 2019-02-06 03:23 - 006039552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-03-01 10:14 - 2019-02-06 03:23 - 003662336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-03-01 10:14 - 2019-02-06 03:23 - 001238016 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-03-01 10:14 - 2019-02-06 03:21 - 004369408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-03-01 10:14 - 2019-02-06 03:20 - 000955392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-03-01 10:14 - 2019-02-06 03:20 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-03-01 10:14 - 2019-02-06 03:20 - 000323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-03-01 10:14 - 2019-02-06 03:19 - 001717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2019-03-01 10:14 - 2019-02-06 03:18 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2019-03-01 10:14 - 2019-02-06 03:17 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-03-01 10:14 - 2019-01-05 09:24 - 001210688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-03-01 10:14 - 2019-01-05 09:24 - 001092664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-03-01 10:14 - 2019-01-05 09:24 - 000924552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-03-01 10:14 - 2019-01-05 09:23 - 001953960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-03-01 10:14 - 2019-01-05 09:23 - 001416776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-03-01 10:14 - 2019-01-05 09:21 - 001044792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-03-01 10:14 - 2019-01-05 09:21 - 000571704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-03-01 10:14 - 2019-01-05 09:20 - 006282184 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2019-03-01 10:14 - 2019-01-05 09:20 - 000893240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2019-03-01 10:14 - 2019-01-05 09:19 - 000359968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-03-01 10:14 - 2019-01-05 09:17 - 001619720 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-03-01 10:14 - 2019-01-05 09:15 - 000172560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-03-01 10:14 - 2019-01-05 07:58 - 001329664 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-03-01 10:14 - 2019-01-05 07:57 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-03-01 10:14 - 2019-01-05 07:56 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2019-03-01 10:14 - 2019-01-05 07:47 - 002085888 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-03-01 10:14 - 2019-01-05 07:45 - 002035712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-03-01 10:14 - 2019-01-05 07:29 - 001614560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-03-01 10:14 - 2019-01-05 07:13 - 000793400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2019-03-01 10:14 - 2019-01-05 07:11 - 000287848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-03-01 10:14 - 2019-01-05 06:47 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-03-01 10:14 - 2019-01-05 06:34 - 001353216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2019-03-01 10:13 - 2019-03-14 10:15 - 000005522 _____ C:\WINDOWS\System32\Tasks\HPE Cryptex
2019-03-01 10:13 - 2019-03-14 10:15 - 000004346 _____ C:\WINDOWS\System32\Tasks\HPE OnConnect
2019-03-01 10:13 - 2019-02-06 04:56 - 021357232 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-03-01 10:13 - 2019-02-06 03:53 - 020290152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-03-01 10:13 - 2019-02-06 03:32 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-03-01 10:13 - 2019-02-06 03:28 - 018946560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-03-01 10:13 - 2019-02-06 03:27 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-03-01 10:13 - 2019-02-06 03:26 - 019360256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-03-01 10:13 - 2019-01-05 07:58 - 017168896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-03-01 10:13 - 2019-01-05 07:52 - 008040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-03-01 10:13 - 2019-01-05 07:49 - 012834304 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-03-01 10:13 - 2019-01-05 06:47 - 013710848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-03-01 10:13 - 2019-01-05 06:42 - 006587392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-03-01 10:13 - 2019-01-05 06:40 - 011926016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-02-27 15:46 - 2019-02-27 15:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Splunk Enterprise
2019-02-27 15:44 - 2019-02-27 15:44 - 000000000 ____D C:\Users\gladieu1\.splunk
2019-02-27 15:44 - 2018-09-27 12:04 - 000040408 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\splknetdrv.sys
2019-02-27 15:44 - 2018-09-27 12:04 - 000034776 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\splunkdrv.sys
2019-02-27 15:44 - 2018-09-27 12:04 - 000025048 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\SplunkMonitorNoHandleDrv.sys
2019-02-27 15:43 - 2019-02-27 15:44 - 000000000 ____D C:\Program Files\Splunk
2019-02-27 15:34 - 2019-02-27 15:34 - 238006272 _____ C:\Users\gladieu1\Downloads\splunk-7.2.4-8a94541dcfac-x64-release.msi
2019-02-27 14:44 - 2019-02-27 14:44 - 000000000 ____D C:\Users\gladieu1\AppData\Local\Cryhod
2019-02-27 14:38 - 2019-03-14 10:14 - 000000000 __RSD C:\Users\gladieu1\AppData\Roaming\Cryhod
2019-02-27 14:34 - 2019-02-27 16:49 - 000000000 ____D C:\ProgramData\Cryhod
2019-02-27 14:34 - 2019-02-27 14:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cryhod
2019-02-27 14:32 - 2019-02-27 14:32 - 000002507 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-02-27 14:32 - 2019-02-27 14:32 - 000002506 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-02-27 14:32 - 2019-02-27 14:32 - 000002470 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-02-27 14:32 - 2019-02-27 14:32 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-02-27 14:32 - 2019-02-27 14:32 - 000002463 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-02-27 14:32 - 2019-02-27 14:32 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-02-27 14:32 - 2019-02-27 14:32 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-02-27 14:32 - 2019-02-27 14:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-02-27 14:31 - 2019-02-27 14:44 - 000000000 ____D C:\Users\gladieu1\AppData\Local\ZoneCentral
2019-02-27 14:31 - 2019-02-27 14:31 - 000000000 ____D C:\Users\gladieu1\AppData\Roaming\Prim'X
2019-02-27 14:31 - 2019-02-27 14:31 - 000000000 ____D C:\Users\gladieu1\AppData\Local\Prim'X
2019-02-27 14:08 - 2019-02-27 14:35 - 000000000 ____D C:\ProgramData\ZoneCentral
2019-02-27 14:08 - 2019-02-27 14:08 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZoneCentral
2019-02-27 14:07 - 2019-02-27 14:34 - 000000000 ____D C:\RDIP
2019-02-26 12:30 - 2019-02-26 12:30 - 000025275 _____ C:\Users\gladieu1\Downloads\sfr-facture-09-B519-003099546.pdf
2019-02-25 12:23 - 2019-02-25 12:23 - 000046545 _____ C:\Users\gladieu1\Downloads\schema_pour_petitesseries.pdf
2019-02-24 12:17 - 2019-02-24 12:17 - 003375244 _____ C:\Users\gladieu1\Downloads\MOBILITAET_Brusa-Elektromotor_2019.01.25_BFE_Vogel_E.pdf
2019-02-20 15:43 - 2019-02-27 14:49 - 000000000 ____D C:\Matthieu
2019-02-15 09:56 - 2019-02-15 09:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2019-02-15 09:56 - 2018-09-05 20:30 - 000263640 ____R (Cisco Systems, Inc.) C:\WINDOWS\system32\Drivers\acsock64.sys
2019-02-14 14:26 - 2019-02-14 14:26 - 000692650 _____ C:\Users\gladieu1\Documents\14022019 SCAN 142545.pdf

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-14 10:43 - 2018-08-27 16:12 - 000000000 ____D C:\ProgramData\Kontiki
2019-03-14 10:42 - 2018-08-27 16:27 - 000000000 ____D C:\ProgramData\Symantec
2019-03-14 10:29 - 2018-08-27 16:43 - 000000000 ___HD C:\AdaptivaCache
2019-03-14 10:28 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-03-14 10:21 - 2018-09-18 13:13 - 000004168 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0ED94338-D2F6-42B8-BE18-A3097CD61D09}
2019-03-14 10:18 - 2018-09-18 13:13 - 000000000 ____D C:\WINDOWS\System32\Tasks\Symantec Endpoint Protection
2019-03-14 10:17 - 2018-09-18 13:19 - 001178166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-03-14 10:15 - 2019-01-21 15:59 - 000002105 _____ C:\Users\Public\Desktop\Connect network drives.lnk
2019-03-14 10:15 - 2019-01-21 15:59 - 000000180 _____ C:\Users\Public\Desktop\EthicsPoint.url
2019-03-14 10:15 - 2019-01-21 15:59 - 000000176 _____ C:\Users\Public\Desktop\Welcome to your new PC.url
2019-03-14 10:15 - 2019-01-21 15:59 - 000000150 _____ C:\Users\Public\Desktop\My IT Service Portal.url
2019-03-14 10:15 - 2018-10-05 09:29 - 000000000 ____D C:\Users\gladieu1\AppData\LocalLow\WebEx
2019-03-14 10:15 - 2018-09-27 08:18 - 000000572 _____ C:\WINDOWS\SMSCFG.ini
2019-03-14 10:15 - 2018-09-18 13:13 - 000004404 _____ C:\WINDOWS\System32\Tasks\WebExCallMeDefault7Digit
2019-03-14 10:15 - 2018-09-18 13:13 - 000004202 _____ C:\WINDOWS\System32\Tasks\HPE Cleanup temporary content (User)
2019-03-14 10:15 - 2018-09-18 13:13 - 000003874 _____ C:\WINDOWS\System32\Tasks\HPE PowerWidget (gladieu1)
2019-03-14 10:14 - 2018-08-28 08:56 - 000000000 ___RD C:\Users\gladieu1\OneDrive - Nokia
2019-03-14 10:13 - 2018-09-18 13:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-03-14 10:13 - 2018-08-28 08:49 - 000000000 __SHD C:\Users\gladieu1\IntelGraphicsProfiles
2019-03-14 10:13 - 2018-08-27 16:15 - 000001216 _____ C:\WINDOWS\system32\config\netlogon.ftl
2019-03-14 10:12 - 2017-09-29 09:45 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2019-03-14 10:07 - 2018-09-18 13:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-03-13 15:43 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2019-03-13 15:43 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2019-03-13 15:43 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-03-13 09:26 - 2018-08-27 16:44 - 000504688 __RSH C:\ProgramData\ntuser.pol
2019-03-12 13:53 - 2018-10-03 10:39 - 000000000 ____D C:\Users\gladieu1\AppData\Local\CrashDumps
2019-03-12 12:23 - 2018-08-27 15:18 - 000000000 ____D C:\WINDOWS\ccmsetup
2019-03-12 11:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-03-12 10:49 - 2018-09-18 15:29 - 000099814 __RSH C:\Users\gladieu1\ntuser.pol
2019-03-12 10:49 - 2018-09-18 13:09 - 000000000 ____D C:\Users\gladieu1
2019-03-12 09:07 - 2017-09-29 09:45 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2019-03-11 09:17 - 2018-09-27 08:18 - 000000000 ____D C:\WINDOWS\CCM
2019-03-11 09:17 - 2018-08-27 15:20 - 000008354 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2019-03-11 09:17 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2019-03-11 09:16 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-03-09 11:30 - 2018-09-27 08:18 - 000000000 ____D C:\WINDOWS\ccmcache
2019-03-08 09:03 - 2018-09-18 13:09 - 000000000 ____D C:\Users\gladieu1\AppData\Local\Packages
2019-03-07 12:36 - 2018-09-18 13:13 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1593251271-2640304127-1825641215-2135140
2019-03-07 12:36 - 2018-08-28 08:52 - 000002386 _____ C:\Users\gladieu1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-03-07 11:06 - 2018-10-30 12:03 - 000004572 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-03-07 11:06 - 2018-09-25 10:12 - 000004412 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-03-07 11:06 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-03-07 11:06 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-03-06 12:35 - 2018-08-28 09:03 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-04 12:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2019-03-01 15:37 - 2018-09-18 15:30 - 000000000 ___RD C:\Users\gladieu1\3D Objects
2019-03-01 15:37 - 2017-12-07 05:19 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-03-01 14:56 - 2018-09-18 13:06 - 000404032 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-03-01 14:30 - 2017-09-29 14:46 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-03-01 14:30 - 2017-09-29 14:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-03-01 14:30 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-03-01 10:21 - 2018-08-27 17:26 - 000001914 _____ C:\WINDOWS\AdaptivaClient.mif
2019-02-27 15:32 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Registration
2019-02-27 14:39 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-02-27 14:30 - 2017-12-07 05:40 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-02-22 11:59 - 2018-08-28 08:49 - 000000000 ____D C:\Users\gladieu1\AppData\Roaming\Webex
2019-02-15 09:56 - 2018-08-27 16:00 - 000000000 ____D C:\Program Files (x86)\Cisco
2019-02-15 09:55 - 2018-08-27 16:00 - 000000000 ____D C:\ProgramData\Cisco

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-03-07 11:01

==================== End of FRST.txt ============================