PDA

View Full Version : Help please with these logs FRST Additions and aswMBR



suzilu
2020-06-18, 17:56
Sony Vaio 1 terabyte laptop (810 free) Windows 10 home (originally windows 8) bought second hand. Intel (R) Core i5 4200 CPU 1.60GHZ 64bit

I've had the laptop for years and this is the first time I ran a quick rootkit check. I have found 145 rootkits but don't know if they are good or bad. Goodness knows how many it would have found if I'd done a deep check.

I have a problem with the laptop with 100% Disc 100% CPU and 100% memory at times (not at the same time) when the laptop slows down and becomes unresponsive. Start up takes a while even though I've disabled everything except anti virus and firewall.

I followed the instructions for Farbar (with additions) and aswMBR Log however the additions (65.2kb) and the FRST log (116kb) were too big, screenshots below.

I enclose the aswMBR log and please advise me what to do about the FRST and additions logs.

Many thanks

Juliet
2020-06-19, 14:21
I think what the error message is saying is the files are to big.
Can you try to copy and paste them into a reply?, if you need to you can do so making it in multiple post.

suzilu
2020-06-19, 15:45
Sorry it's so long, the file wouldn't paste.


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-06-2020
Ran by linda (administrator) on USER-VAIO (Sony Corporation SVF1532C5E) (18-06-2020 15:14:19)
Running from C:\Users\linda\Desktop
Loaded Profiles: linda
Platform: Windows 10 Home Version 1909 18363.900 (X64) Language: English (United Kingdom)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe <2>
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Check Point Software Technologies Ltd. -> ) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportHelper.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe <2>
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12827.20400.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12827.20400.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <9>
(Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe <2>
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe <2>
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1353432 2013-10-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [156776 2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954368 2015-10-17] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2346008 2013-10-01] (Sony Corporation -> Sony Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4127488 2015-06-16] (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed]
HKLM-x32\...\Run: [WorksFUD] => C:\Program Files (x86)\Microsoft Works\wkfud.exe [24576 2001-10-05] (Microsoft® Corporation) [File not signed]
HKLM-x32\...\Run: [Microsoft Works Portfolio] => C:\Program Files (x86)\Microsoft Works\WksSb.exe [331830 2001-08-22] (Microsoft® Corporation) [File not signed]
HKLM-x32\...\Run: [Microsoft Works Update Detection] => C:\Program Files (x86)\Common Files\Microsoft Shared\Works Shared\WkUFind.exe [28738 2001-08-16] (Microsoft® Corporation) [File not signed]
HKLM-x32\...\Run: [MoneyStartUp10.0] => C:\Program Files (x86)\Microsoft Money\System\Activation.exe [245810 2001-07-25] (Microsoft Corporation) [File not signed]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7916032 2020-06-09] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [326448 2019-07-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [ZaAntiRansomware] => C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe [4230368 2019-11-27] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) [File not signed]
HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\Run: [MoneyAgent] => C:\Program Files (x86)\Microsoft Money\System\Money Express.exe [188472 2001-07-25] (Microsoft Corporation) [File not signed]
HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\Run: [VoipConnect] => C:\Program Files (x86)\VoipConnect.com\VoipConnect\VoipConnect.exe [36547168 2016-02-17] (Finarea SA -> VoipConnect)
HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\Run: [Amazon Music] => C:\Users\linda\AppData\Local\Amazon Music\Amazon Music Helper.exe [5908968 2016-06-16] (Amazon Services LLC -> )
HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\Run: [CAHeadless] => c:\Program Files (x86)\Adobe\Elements 12 Organizer\CAHeadless\ElementsAutoAnalyzer.exe [1401040 2015-12-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [29072568 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [48214752 2020-04-06] (Google LLC -> )
HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5417008 2020-05-04] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [495704 2013-09-24] (Sony Corporation -> Sony Corporation)
HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [38400 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2015-10-09] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor MX420 series: C:\WINDOWS\system32\CNCALAM.DLL [302080 2010-10-21] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\Canon BJ Language Monitor MX420 series: C:\WINDOWS\system32\CNMLMAM.DLL [374784 2010-09-20] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\PCL hpz3lw71: C:\WINDOWS\system32\hpz3lw71.dll [46080 2015-10-09] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Installer\chrmstp.exe [2020-06-17] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{9459C573-B17A-45AE-9F64-1857B5D58CEE}] -> C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.50\Installer\setup.exe [2020-06-18] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> c:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2013-09-25] (Broadcom Corporation -> Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Event Planner Reminders Tray Icon.lnk.disabled [2018-02-26]
ShortcutTarget: Event Planner Reminders Tray Icon.lnk.disabled -> C:\SIERRA\CardStudio\PLNRnote.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2020-06-11]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2019-08-08]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk [2016-02-04]
ShortcutTarget: Microsoft Works Calendar Reminders.lnk -> C:\Program Files (x86)\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe (Microsoft® Corporation) [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {060285CD-EF85-4322-852F-8070E7E1D42A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [5753752 2016-03-21] (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed]
Task: {06C75584-6E6F-4FF5-9403-5E2579A15EA5} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [540760 2013-08-14] (Sony Corporation -> Sony Corporation)
Task: {0857D75F-C93C-4F81-A2E0-DE24252F8954} - System32\Tasks\HPCeeScheduleForlinda => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: {09C04C34-CF9B-4C2A-9C8B-ADD73ABC0039} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1505624 2020-05-20] (HP Inc. -> HP Inc.)
Task: {129BC438-C920-47E1-9BC2-E843B40F34A5} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [18272 2019-12-06] (Sony Corporation -> Sony Corporation)
Task: {15DD921F-F051-404C-943B-A81588ECDB5D} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804816 2019-12-06] (Sony Corporation -> Sony Corporation)
Task: {1787763B-529B-4C68-B3E8-BA1B623FE327} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1133400 2020-06-03] (HP Inc. -> HP Inc.)
Task: {1DD91C48-3319-4B88-B103-5E2E8BCA3F73} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-17] (Adobe Inc. -> Adobe)
Task: {1E3FCC8B-65F3-4B2F-915D-F52A36945A8D} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804816 2019-12-06] (Sony Corporation -> Sony Corporation)
Task: {1F3FB465-A97F-4483-A93B-F11BACD0CF40} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [124624 2020-06-04] (Mozilla Corporation -> Mozilla Foundation)
Task: {281A18D4-E2F5-4352-832D-AD295416E4A7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [320856 2020-04-23] (HP Inc. -> HP Inc.)
Task: {2D6E624D-F4ED-4FBC-8BE7-381CC47B4905} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {2DFF4AC9-EB63-4363-AE48-466AC78CCF18} - System32\Tasks\Sony Corporation\VAIO Care\DeployVAIOManual => C:\ProgramData\Sony Corporation\VAIO Care\VAIOUserGuideUpdate.exe
Task: {2FE0D287-5EF6-43B7-A46B-61D583203F98} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1505624 2020-05-20] (HP Inc. -> HP Inc.)
Task: {30C30284-3BB9-4B0F-954B-939928929C56} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIO Capture\VAIO Clip => C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe [184408 2013-08-14] (Sony Corporation -> Sony Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3B2E4EE6-EAC9-4451-A7B2-9EFB20082735} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [3152360 2019-11-08] (Sony Corporation -> Sony Corporation)
Task: {4019DFB8-82CB-4A6F-AA16-0DE90619E327} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [6193080 2016-03-21] (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed]
Task: {40B4DD8A-1A1A-4555-A31A-1465209A074A} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [3387520 2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {4146D0D5-F18D-4A7B-879D-6674E16AD3F1} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804816 2019-12-06] (Sony Corporation -> Sony Corporation)
Task: {497D3046-5ABF-4114-B725-36CDD520DFD4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24690360 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4D59A362-D25E-4786-82FB-E3F547A059AD} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804816 2019-12-06] (Sony Corporation -> Sony Corporation)
Task: {5554BD4C-3006-4E22-A344-A2DB5C65570F} - System32\Tasks\WpsUpdateTask_linda => C:\Users\linda\AppData\Local\Kingsoft\WPS Office\11.2.0.9431\office6\wpsupdate.exe [157952 2020-06-15] (Zhuhai Kingsoft Office Software Co., Ltd. -> )
Task: {5731A562-73AC-4E1F-9786-621484A1B0ED} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {5847F04C-9DAC-4A1A-9AC6-54CB1D928F7C} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1692296 2020-02-27] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {591AA78C-D749-45E3-BFAA-07703B82892E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-04-14] (Google Inc -> Google Inc.)
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [32256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {5AAF40B4-5E87-4275-B29F-BED649061505} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [540760 2013-08-14] (Sony Corporation -> Sony Corporation)
Task: {5F2CA4AE-70E1-4E9A-BCF3-6B4050B4382E} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804816 2019-12-06] (Sony Corporation -> Sony Corporation)
Task: {67F252AB-9FF9-4903-B2DE-A851082C4C6C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [4777336 2015-06-16] (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed]
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {711B20CA-FDEE-4BEF-AC41-DA641B92405A} - System32\Tasks\PDVDServ Task => c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.EXE [103384 2013-03-19] (CyberLink Corp. -> CyberLink Corp.)
Task: {721D9A36-B0EC-4F5F-BEFD-CE3457EA3D87} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-04-14] (Google Inc -> Google Inc.)
Task: {7B8CDB6C-8600-4A16-9969-C93F3627A175} - System32\Tasks\CLVDLauncher => c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [340440 2013-04-25] (CyberLink Corp. -> CyberLink Corp.)
Task: {7B9EEE90-8CC1-4497-BF3C-C5DCCD4AA4A3} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804816 2019-12-06] (Sony Corporation -> Sony Corporation)
Task: {85E7839C-37F7-49EC-B8F3-57DB50471B35} - \WPD\SqmUpload_S-1-5-21-2100492843-3013311965-3169298572-1001 -> No File <==== ATTENTION
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {87B25471-9DE5-49E5-A519-C07C64DD8ECB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {89F8658E-F9E9-438D-A869-209D82A8849E} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [495704 2013-09-24] (Sony Corporation -> Sony Corporation)
Task: {8EB40AF6-1500-44C4-BB8A-6FC3D60DB362} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [662872 2020-04-30] (HP Inc. -> HP Inc.)
Task: {9A8D9C0B-F8CD-4682-A6D6-85D3C44F0A00} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A0F40FD9-9E64-452F-A8F7-F4724B1DB97F} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe [1689176 2013-09-27] (Sony Corporation -> Sony Corporation)
Task: {A315CE96-D074-4038-990C-79AAA856A7CD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [134008 2020-03-25] (HP Inc. -> HP Inc.)
Task: {A4002FEC-DC76-4BE7-9421-7667FAC7C259} - System32\Tasks\WpsExternal_linda_20200615202436 => C:\Users\linda\AppData\Local\Kingsoft\WPS Office\11.2.0.9431\office6\wps.exe [1065216 2020-06-15] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {AA3B4532-104C-4455-BFA2-A5E39CAC8B2D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [662872 2020-04-30] (HP Inc. -> HP Inc.)
Task: {ADD3B0A1-97B4-4476-BB7F-D5D8E71B6629} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804816 2019-12-06] (Sony Corporation -> Sony Corporation)
Task: {C3FC07D2-1ED0-45A6-AC7F-C76F98AEE2EA} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe [1459256 2020-06-17] (Adobe Inc. -> Adobe)
Task: {C9255E70-9339-439E-8022-473B3B66EDF4} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954368 2015-10-17] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {C9FAEFD7-E9AB-4651-A5EC-6A88A866AC94} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D1A0045C-6E07-4078-B9B3-282D9ABF2EEE} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [39920 2018-10-24] (Garmin International, Inc. -> )
Task: {D5A76A69-D313-4DDF-9870-976ECA0B80E8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {D75A012D-0301-40EA-82C1-A04D101C7FBC} - System32\Tasks\WpsUpdateTask_avatek => C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe
Task: {DFE3DBB9-BA4E-4EBE-97E9-F91CBFC52EFA} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [495704 2013-09-24] (Sony Corporation -> Sony Corporation)
Task: {E6FF7CC4-6A64-404D-B299-F26376987BC0} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804816 2019-12-06] (Sony Corporation -> Sony Corporation)
Task: {EB9CE40A-4D41-4158-8F07-41FAE9BBC40B} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {EEFDB208-F0C9-4762-9BE2-362F16BB001E} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-lindaredfern@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {F32BA3A1-6774-41F4-8F57-3A89060A4D76} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {F37A72C0-FC7D-450C-B446-0F34C738727A} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [1210856 2019-11-08] (Sony Corporation -> Sony Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForlinda.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_avatek.job => C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c4d833af-e36a-4c07-96d1-96f92e8caa86}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e4b5b161-62e7-40d5-b339-3e67ad9f80ec}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/
HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com/?pc=SEJB
SearchScopes: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003 -> {329F56EA-F3C5-422C-BB45-C274CFDA2B16} URL = hxxp://rover.ebay.com/rover/1/710-42480-16445-33/4?mpre=hxxp://shop.ebay.co.uk/?oemInLn=ieSrch-&_nkw={searchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll [2020-02-02] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-02-02] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: No Name -> {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} -> C:\Program Files (x86)\Microsoft Money\System\mnyviewer.dll [2001-07-25] (Microsoft Corporation) [File not signed]
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2019-01-25] (Belarc, Inc. -> Belarc, Inc.)
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation) [File not signed]
Handler-x32: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]

Edge:
======
DownloadDir: C:\Users\linda\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003 -> hxxps://start.duckduckgo.com/
Edge Notifications: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003 -> hxxps://www.facebook.com
Edge Extension: (IBM Security Rapport) -> EdgeExtension_IBMTrusteerIBMTrusteerRapport_756wk15nt3n8e => C:\Program Files\WindowsApps\IBMTrusteer.IBMTrusteerRapport_1.1.34.0_x64__756wk15nt3n8e [2019-01-01]
Edge Profile: C:\Users\linda\AppData\Local\Microsoft\Edge\User Data\Default [2020-06-18]
Edge DownloadDir: C:\Users\linda\Downloads
Edge Notifications: Default -> hxxps://www.facebook.com
Edge HomePage: Default -> hxxps://start.duckduckgo.com/
Edge StartupUrls: Default -> "hxxps://start.duckduckgo.com/"

FireFox:
========
FF DefaultProfile: oiz3lkk9.default-1545507165458
FF ProfilePath: C:\Users\linda\AppData\Roaming\Mozilla\Firefox\Profiles\oiz3lkk9.default-1545507165458 [2020-06-18]
FF Notifications: Mozilla\Firefox\Profiles\oiz3lkk9.default-1545507165458 -> hxxps://duo.google.com
FF Extension: (IBM Security Rapport) - C:\Users\linda\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com (1).xpi [2018-04-09] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Extension: (IBM Security Rapport) - C:\Users\linda\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi [2020-06-09] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\linda\AppData\Roaming\Mozilla\Firefox\Profiles\oiz3lkk9.default-1545507165458\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2020-06-03]
FF Extension: (Stay secure with CyberGhost VPN Free Proxy) - C:\Users\linda\AppData\Roaming\Mozilla\Firefox\Profiles\oiz3lkk9.default-1545507165458\Extensions\{585280b0-ee78-428a-92c5-3fb3c0b85460}.xpi [2020-02-20] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Extension: (Ecosia - The search engine that plants trees) - C:\Users\linda\AppData\Roaming\Mozilla\Firefox\Profiles\oiz3lkk9.default-1545507165458\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2018-12-22]
FF Extension: (No Name) - C:\Users\linda\AppData\Roaming\Mozilla\Firefox\Profiles\oiz3lkk9.default-1545507165458\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-04-03]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_387.dll [2020-06-17] (Adobe Inc. -> )
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_387.dll [2020-06-17] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-18] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-18] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-02-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-02-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-2100492843-3013311965-3169298572-1003: @zoom.us/ZoomVideoPlugin -> C:\Users\linda\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-05-21] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome:
=======
CHR Profile: C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default [2020-06-08]
CHR Notifications: Default -> hxxps://social.davidicke.com; hxxps://www.mirror.co.uk
CHR StartupUrls: Default -> "hxxps://duckduckgo.com/?natb=v190-7__&cp=atbhc"
CHR NewTab: Default -> Not-active:"chrome-extension://eedlgdlajadkbbjoobobefphmfkcchfk/newtab.html"
CHR Extension: (Slides) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16]
CHR Extension: (Docs) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Google Drive) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-07]
CHR Extension: (IBM Security Rapport) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2020-02-07]
CHR Extension: (DuckDuckGo) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2020-05-25]
CHR Extension: (YouTube) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-07]
CHR Extension: (Ecosia Search) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\eedlgdlajadkbbjoobobefphmfkcchfk [2019-10-15]
CHR Extension: (Sheets) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-16]
CHR Extension: (Notepad) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp [2020-05-25]
CHR Extension: (Google Docs Offline) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-02-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-15]
CHR Extension: (Browsec VPN - Free and Unlimited VPN) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2020-05-23]
CHR Extension: (Gmail) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-10-15]
CHR Extension: (Chrome Media Router) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-25]
CHR HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof]
CHR HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <not found>

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor12.0; c:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-25] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [349552 2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe [6397888 2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe [110608 2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 CPEFR; C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe [2825976 2019-11-27] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 CpSbaCipolla; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33016 2019-10-29] (Check Point Software Technologies Ltd. -> )
R2 CpSbaUpdater; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33016 2019-10-29] (Check Point Software Technologies Ltd. -> )
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-03] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-03] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44552 2020-06-09] (Dropbox, Inc -> Dropbox, Inc.)
S2 edgeupdate; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-18] (Microsoft Corporation -> Microsoft Corporation)
S3 edgeupdatem; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-18] (Microsoft Corporation -> Microsoft Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379224 2020-05-20] (HP Inc. -> HP Inc.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel(R) pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-18] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-18] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe [270336 2001-02-23] (Microsoft Corporation) [File not signed]
S3 MicrosoftEdgeElevationService; C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.50\elevation_service.exe [1507216 2020-06-12] (Microsoft Corporation -> Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [629336 2013-09-27] (Sony Corporation -> Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481304 2013-10-01] (Sony Corporation -> Sony Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [3002752 2020-02-25] (IBM -> IBM Corp.)
R2 RemediationService; C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe [18168 2019-11-04] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed]
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed]
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255168 2015-10-17] (Synaptics Incorporated -> Synaptics Incorporated)
R2 TESvc; C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe [301304 2019-11-04] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 VCFw; c:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-06] (Sony Corporation -> Sony Corporation)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [4501544 2019-07-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1744872 2019-11-08] (Sony Corporation -> Sony Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wpscloudsvr; C:\Users\linda\AppData\Local\Kingsoft\WPS Office\wpscloudsvr.exe [791296 2020-06-15] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
R2 ZA NET ICM Service; C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe [40304 2019-02-07] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 ZAARUpdateService; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe [51936 2019-11-27] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2019-07-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies, Ltd.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [37208 2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [205952 2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [234632 2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [178832 2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [61072 2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [16520 2020-02-27] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [42856 2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [175776 2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [109336 2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [84928 2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [851664 2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [461064 2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [235552 2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [319200 2020-05-28] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 cpbak; C:\WINDOWS\System32\DRIVERS\cpbak.sys [66848 2019-11-05] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 CPEPMon; C:\WINDOWS\System32\DRIVERS\CPEPMon.sys [110880 2019-11-05] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2015-10-09] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2015-10-09] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 dot4usb; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [49056 2015-10-09] (Hewlett-Packard Company -> Microsoft Corporation)
R1 epnetflt; C:\WINDOWS\system32\drivers\epnetflt.sys [130336 2019-10-06] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 epregflt; C:\WINDOWS\system32\drivers\epregflt.sys [132176 2019-05-01] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R2 ISWKL; C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Common\bin\ISWKL.sys [65264 2019-08-12] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation -> Corel Corporation)
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [431376 2020-02-25] (IBM -> IBM Corp.)
R1 RapportCerberus_1955065; c:\programdata\trusteer\rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1955065.sys [1469776 2020-06-09] (IBM -> IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [544592 2020-02-25] (IBM -> IBM Corp.)
R0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [397248 2020-02-25] (IBM -> IBM Corp.)
S0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [610648 2019-04-15] (IBM -> IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [562560 2020-02-25] (IBM -> IBM Corp.)
R3 SFEP; C:\WINDOWS\System32\drivers\SFEP.sys [15360 2013-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Sony Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51392 2015-10-17] (Synaptics Incorporated -> Synaptics Incorporated)
R1 Vsdatant; C:\WINDOWS\System32\drivers\vsdatant.sys [461240 2019-07-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
U3 iswSvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-06-18 15:14 - 2020-06-18 15:19 - 000052738 _____ C:\Users\linda\Desktop\FRST.txt
2020-06-18 15:13 - 2020-06-18 15:16 - 000000000 ____D C:\FRST
2020-06-18 15:10 - 2020-06-18 15:10 - 002289152 _____ (Farbar) C:\Users\linda\Desktop\FRST64.exe
2020-06-18 15:04 - 2020-06-18 15:04 - 000000207 _____ C:\WINDOWS\tweaking.com-regbackup-USER-VAIO-Windows-10-Home-(64-bit).dat
2020-06-18 15:03 - 2020-06-18 15:03 - 000002312 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2020-06-18 15:03 - 2020-06-18 15:03 - 000002312 _____ C:\ProgramData\Desktop\Tweaking.com - Registry Backup.lnk
2020-06-18 15:03 - 2020-06-18 15:03 - 000000000 ____D C:\RegBackup
2020-06-18 15:03 - 2020-06-18 15:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2020-06-18 15:03 - 2020-06-18 15:03 - 000000000 ____D C:\Program Files (x86)\Tweaking.com
2020-06-18 15:00 - 2020-06-18 15:03 - 000018124 _____ C:\WINDOWS\Tweaking.com - Registry Backup Setup Log.txt
2020-06-18 14:58 - 2020-06-18 14:59 - 005766144 _____ (Tweaking.com) C:\Users\linda\Desktop\tweaking.com_registry_backup_setup.exe
2020-06-18 01:28 - 2020-06-18 12:04 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-06-18 01:28 - 2020-06-18 12:04 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-06-18 01:28 - 2020-06-18 12:04 - 000002276 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-06-18 01:26 - 2020-06-18 11:42 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-06-18 01:26 - 2020-06-18 11:42 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-06-16 08:11 - 2020-06-16 08:14 - 000000000 ____D C:\Users\linda\Documents\items ordered
2020-06-15 20:24 - 2020-06-16 14:21 - 000003038 _____ C:\WINDOWS\system32\Tasks\WpsExternal_linda_20200615202436
2020-06-15 20:24 - 2020-06-15 20:24 - 000000000 ____D C:\Users\linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WPS Office
2020-06-11 23:40 - 2020-06-11 23:40 - 000001078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
2020-06-11 23:39 - 2020-06-11 23:39 - 000001234 _____ C:\Users\Public\Desktop\Shop for HP Supplies.lnk
2020-06-11 23:39 - 2020-06-11 23:39 - 000001234 _____ C:\ProgramData\Desktop\Shop for HP Supplies.lnk
2020-06-11 23:38 - 2020-06-11 23:38 - 000001398 _____ C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
2020-06-11 23:38 - 2020-06-11 23:38 - 000001392 _____ C:\Users\Public\Desktop\HP Solution Center.lnk
2020-06-11 23:38 - 2020-06-11 23:38 - 000001392 _____ C:\ProgramData\Desktop\HP Solution Center.lnk
2020-06-11 23:38 - 2020-06-11 23:38 - 000000000 ____D C:\ProgramData\HP Product Assistant
2020-06-11 23:29 - 2020-06-11 22:17 - 000188166 ____N C:\WINDOWS\hpoins28.dat.temp
2020-06-11 23:24 - 2020-06-11 23:24 - 000005872 _____ C:\Users\linda\Documents\cc_20200611_232451.reg
2020-06-11 23:06 - 2020-06-11 23:08 - 188204936 _____ C:\Users\linda\Downloads\DJ_AIO_03_F4200_NonNet_Full_WW_140_404-4(2).exe
2020-06-11 22:47 - 2020-06-05 22:03 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-06-11 22:47 - 2020-06-05 22:03 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-11 22:34 - 2020-06-11 22:34 - 000061035 _____ C:\Users\linda\Desktop\HP Installation Error - Windows 8.hta
2020-06-11 22:03 - 2020-06-11 23:02 - 001238214 _____ C:\Users\linda\AppData\Local[j0002]-[p02].bmp
2020-06-11 22:02 - 2020-06-11 23:02 - 001238214 _____ C:\Users\linda\AppData\Local[j0002]-[p01].bmp
2020-06-11 21:33 - 2020-06-11 21:56 - 022792645 _____ C:\Users\linda\Documents\curtis birthday card.ccf
2020-06-11 12:58 - 2020-06-11 12:58 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-06-11 12:58 - 2020-06-11 12:58 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-06-11 12:58 - 2020-06-11 12:58 - 011608064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-06-11 12:58 - 2020-06-11 12:58 - 009712640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-06-11 12:58 - 2020-06-11 12:58 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-06-11 12:58 - 2020-06-11 12:58 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-06-11 12:58 - 2020-06-11 12:58 - 003525608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-06-11 12:58 - 2020-06-11 12:58 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-06-11 12:58 - 2020-06-11 12:58 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-06-11 12:58 - 2020-06-11 12:58 - 002230240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-06-11 12:58 - 2020-06-11 12:58 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-06-11 12:58 - 2020-06-11 12:58 - 001539072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2020-06-11 12:58 - 2020-06-11 12:58 - 001344512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMNetMgr.dll
2020-06-11 12:58 - 2020-06-11 12:58 - 001272160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-06-11 12:58 - 2020-06-11 12:58 - 001151824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-06-11 12:58 - 2020-06-11 12:58 - 001112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMNetMgr.dll
2020-06-11 12:58 - 2020-06-11 12:58 - 001099608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2020-06-11 12:58 - 2020-06-11 12:58 - 001012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-06-11 12:58 - 2020-06-11 12:58 - 000940544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-06-11 12:58 - 2020-06-11 12:58 - 000920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2020-06-11 12:58 - 2020-06-11 12:58 - 000747832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2020-06-11 12:58 - 2020-06-11 12:58 - 000723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-06-11 12:58 - 2020-06-11 12:58 - 000688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2020-06-11 12:58 - 2020-06-11 12:58 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2020-06-11 12:58 - 2020-06-11 12:58 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2020-06-11 12:58 - 2020-06-11 12:58 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2020-06-11 12:58 - 2020-06-11 12:58 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2020-06-11 12:58 - 2020-06-11 12:58 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-06-11 12:58 - 2020-06-11 12:58 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2020-06-11 12:58 - 2020-06-11 12:58 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2020-06-11 12:58 - 2020-06-11 12:58 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2020-06-11 12:58 - 2020-06-11 12:58 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2020-06-11 12:58 - 2020-06-11 12:58 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswmdm.dll
2020-06-11 12:58 - 2020-06-11 12:58 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswmdm.dll
2020-06-11 12:58 - 2020-06-11 12:58 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2020-06-11 12:58 - 2020-06-11 12:58 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2020-06-11 12:58 - 2020-06-11 12:58 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2020-06-11 12:58 - 2020-06-11 12:58 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmidx.dll
2020-06-11 12:58 - 2020-06-11 12:58 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2020-06-11 12:58 - 2020-06-11 12:58 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmidx.dll
2020-06-11 12:58 - 2020-06-11 12:58 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2020-06-11 12:58 - 2020-06-11 12:58 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2020-06-11 12:58 - 2020-06-11 12:58 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2020-06-11 12:57 - 2020-06-11 12:57 - 025902080 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 019851776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 018029056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 008015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 007760384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 007268864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 007012864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 006292480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 005909504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 005765144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 004858880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 004610560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 003515392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 003398656 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-06-11 12:57 - 2020-06-11 12:57 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-06-11 12:57 - 2020-06-11 12:57 - 002281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 002204160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 002184504 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 001803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2020-06-11 12:57 - 2020-06-11 12:57 - 001704448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 001467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 001410048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2020-06-11 12:57 - 2020-06-11 12:57 - 001397560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-06-11 12:57 - 2020-06-11 12:57 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 001314304 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagperf.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 001284608 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-06-11 12:57 - 2020-06-11 12:57 - 001193984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 001138688 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-06-11 12:57 - 2020-06-11 12:57 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdosys.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000994304 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000992256 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi3.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2020-06-11 12:57 - 2020-06-11 12:57 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi3.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdosys.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000783496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-06-11 12:57 - 2020-06-11 12:57 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000619008 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroles.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\psisdecd.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000575488 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\system32\wvc.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000571904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-06-11 12:57 - 2020-06-11 12:57 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroles.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000484864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psisdecd.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000478208 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\SysWOW64\wvc.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassdo.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\termmgr.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000423424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000407864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwizeng.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000384512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\termmgr.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassdo.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpviewerax.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wavemsp.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2020-06-11 12:57 - 2020-06-11 12:57 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\FileHistory.exe
2020-06-11 12:57 - 2020-06-11 12:57 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wavemsp.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\cic.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2020-06-11 12:57 - 2020-06-11 12:57 - 000204008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBroker.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasrecst.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cic.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasrecst.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkspbrokerAx.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaatext.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-06-11 12:57 - 2020-06-11 12:57 - 000099712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2020-06-11 12:57 - 2020-06-11 12:57 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkspbrokerAx.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000093448 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwanRadioManager.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2020-06-11 12:57 - 2020-06-11 12:57 - 000083600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasads.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2020-06-11 12:57 - 2020-06-11 12:57 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasads.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000041864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBrokerPS.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000028368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SecurityCenterBrokerPS.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-06-11 12:57 - 2020-06-11 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-06-11 12:57 - 2020-06-11 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-06-11 12:57 - 2020-06-11 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-06-11 12:57 - 2020-06-11 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-06-11 12:57 - 2020-06-11 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-06-11 12:57 - 2020-06-11 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-06-11 12:57 - 2020-06-11 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-06-11 12:57 - 2020-06-11 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-06-11 12:57 - 2020-06-11 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-06-11 12:57 - 2020-06-11 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-06-11 12:57 - 2020-06-11 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-06-11 12:57 - 2020-06-11 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-06-11 12:56 - 2020-06-11 12:56 - 009931576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-06-11 12:56 - 2020-06-11 12:56 - 007604592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 006435840 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 006091048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 005195432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 005111808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 005004344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 003368104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 002831872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 002798592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-06-11 12:56 - 2020-06-11 12:56 - 002583496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 001654960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 001649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 001416224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 001393952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 001261568 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 001250816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 001100288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 001055184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 001003832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000932256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-06-11 12:56 - 2020-06-11 12:56 - 000929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000894024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000892048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000797464 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkObjCore.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000684856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000651776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000628408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000614400 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000593424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000564496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-06-11 12:56 - 2020-06-11 12:56 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-06-11 12:56 - 2020-06-11 12:56 - 000508720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000508216 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-06-11 12:56 - 2020-06-11 12:56 - 000451864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2020-06-11 12:56 - 2020-06-11 12:56 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000405936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000357176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-06-11 12:56 - 2020-06-11 12:56 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpviewerax.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-06-11 12:56 - 2020-06-11 12:56 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-06-11 12:56 - 2020-06-11 12:56 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Preview.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000280376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2020-06-11 12:56 - 2020-06-11 12:56 - 000259776 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000223544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2020-06-11 12:56 - 2020-06-11 12:56 - 000221496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-06-11 12:56 - 2020-06-11 12:56 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-06-11 12:56 - 2020-06-11 12:56 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psr.exe
2020-06-11 12:56 - 2020-06-11 12:56 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-06-11 12:56 - 2020-06-11 12:56 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaatext.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2020-06-11 12:56 - 2020-06-11 12:56 - 000165296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000165192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000150328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2020-06-11 12:56 - 2020-06-11 12:56 - 000132424 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000129600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000090952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcEpMap.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-06-11 12:56 - 2020-06-11 12:56 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2020-06-11 12:56 - 2020-06-11 12:56 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-06-11 12:56 - 2020-06-11 12:56 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-06-11 12:56 - 2020-06-11 12:56 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-06-11 12:56 - 2020-06-11 12:56 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 007911176 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 007266080 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 006066808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 005283264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-06-11 12:55 - 2020-06-11 12:55 - 004012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 003726848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-06-11 12:55 - 2020-06-11 12:55 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-06-11 12:55 - 2020-06-11 12:55 - 003187200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-06-11 12:55 - 2020-06-11 12:55 - 002656256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 002289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 002235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 001919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 001683968 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 001583104 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 001486336 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-06-11 12:55 - 2020-06-11 12:55 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 001447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2020-06-11 12:55 - 2020-06-11 12:55 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 001260744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 001158144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 001155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-06-11 12:55 - 2020-06-11 12:55 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 001007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000931840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkObjCore.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-06-11 12:55 - 2020-06-11 12:55 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2020-06-11 12:55 - 2020-06-11 12:55 - 000760296 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000716320 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-06-11 12:55 - 2020-06-11 12:55 - 000548984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000531768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2020-06-11 12:55 - 2020-06-11 12:55 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-06-11 12:55 - 2020-06-11 12:55 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000425056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\psr.exe
2020-06-11 12:55 - 2020-06-11 12:55 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpdMtp.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpdMtpUS.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2020-06-11 12:55 - 2020-06-11 12:55 - 000128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-06-11 12:55 - 2020-06-11 12:55 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\atl.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanRadioManager.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxGipRadioManager.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2020-06-11 12:55 - 2020-06-11 12:55 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnosticsTool.exe
2020-06-11 12:55 - 2020-06-11 12:55 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2020-06-11 12:55 - 2020-06-11 12:55 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-06-11 12:18 - 2020-05-15 05:29 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-06-11 12:18 - 2020-05-15 05:10 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-06-10 10:28 - 2020-06-10 10:28 - 000095569 _____ C:\Users\linda\Downloads\COVID-19-daily-announced-deaths-9-June-2020.xlsx
2020-06-10 10:27 - 2020-06-10 10:27 - 000214454 _____ C:\Users\linda\Downloads\COVID-19-total-announced-deaths-9-June-2020.xlsx
2020-06-10 08:51 - 2020-06-10 08:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-06-09 19:58 - 2020-06-09 19:58 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2020-06-09 19:58 - 2020-06-09 19:58 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2020-06-09 19:58 - 2020-06-09 19:58 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2020-06-09 19:58 - 2020-06-09 19:58 - 000044552 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2020-06-08 09:52 - 2019-10-06 23:39 - 000454872 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20200608-095224.backup
2020-06-08 09:47 - 2019-10-06 23:39 - 000454872 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20200608-094723.backup
2020-06-08 09:41 - 2020-06-08 09:41 - 000014324 _____ C:\Users\linda\Documents\cc_20200608_094108.reg
2020-06-08 09:34 - 2020-06-08 09:34 - 025859024 _____ (Piriform Software Ltd) C:\Users\linda\Downloads\ccsetup567.exe
2020-06-07 09:29 - 2020-06-07 09:29 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-06-04 13:14 - 2020-06-09 10:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-05-25 10:41 - 2020-05-29 18:48 - 000000000 ____D C:\Users\linda\Documents\Bills
2020-05-23 19:19 - 2020-05-23 19:19 - 001798440 _____ C:\Users\linda\Desktop\bookmarks 22.5.20.20.html
2020-05-23 12:02 - 2020-05-23 12:02 - 001295576 _____ (Google LLC) C:\Users\linda\Downloads\ChromeSetup.exe
2020-05-22 18:35 - 2020-05-22 18:35 - 000000773 _____ C:\Users\Public\Desktop\Hallmark Card Studio.lnk
2020-05-22 18:35 - 2020-05-22 18:35 - 000000773 _____ C:\ProgramData\Desktop\Hallmark Card Studio.lnk
2020-05-22 18:34 - 2020-05-22 18:34 - 000000000 ____D C:\SIERRA
2020-05-22 18:28 - 2020-05-22 18:28 - 000460419 _____ C:\Users\linda\Documents\auntie dot.ccf
2020-05-21 19:00 - 2020-05-18 18:58 - 000338104 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2020-05-21 15:35 - 2020-05-21 15:35 - 000000000 ____D C:\Users\linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-06-18 15:21 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-06-18 14:59 - 2020-04-07 18:42 - 000000000 ____D C:\Users\linda\Desktop\OpenOffice 4.1.7 (fr) Installation Files
2020-06-18 14:46 - 2016-11-23 16:52 - 000000000 ____D C:\Users\linda\AppData\LocalLow\Mozilla
2020-06-18 14:43 - 2019-08-14 21:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-06-18 14:02 - 2017-09-23 11:49 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-06-18 14:02 - 2015-10-09 13:52 - 000000000 __SHD C:\Users\linda\IntelGraphicsProfiles
2020-06-18 13:59 - 2019-08-14 21:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-06-18 13:59 - 2019-03-19 05:37 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2020-06-18 11:57 - 2019-06-16 12:27 - 000000000 ____D C:\Users\linda\Documents\receipts statements etc
2020-06-18 11:41 - 2019-10-03 12:54 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-06-18 11:41 - 2019-10-03 12:54 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-06-18 01:54 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-06-18 01:54 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-06-18 01:28 - 2019-08-14 21:56 - 000004278 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2020-06-18 01:25 - 2020-04-19 15:49 - 000000352 _____ C:\WINDOWS\Tasks\HPCeeScheduleForlinda.job
2020-06-18 01:25 - 2015-10-09 11:27 - 000000396 _____ C:\WINDOWS\Tasks\WpsUpdateTask_avatek.job
2020-06-18 01:23 - 2017-09-02 23:26 - 000000000 ____D C:\ProgramData\Avg
2020-06-17 23:11 - 2019-01-01 19:29 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-17 23:11 - 2019-01-01 19:29 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-06-17 23:11 - 2017-10-07 19:07 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-17 20:49 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-06-17 20:05 - 2019-08-14 21:56 - 000004578 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-06-17 20:05 - 2019-08-14 21:56 - 000004388 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2020-06-17 20:05 - 2015-10-09 13:56 - 000000000 ____D C:\Users\linda\AppData\Local\Adobe
2020-06-17 20:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-06-17 20:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-06-17 19:39 - 2019-09-15 12:57 - 000000000 ___RD C:\Users\linda\Documents\Aaprivate
2020-06-17 08:59 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-06-16 14:21 - 2020-04-19 15:49 - 000002790 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForlinda
2020-06-16 14:21 - 2020-04-07 18:52 - 000002626 _____ C:\WINDOWS\system32\Tasks\WpsUpdateTask_linda
2020-06-16 14:21 - 2019-10-03 12:54 - 000002612 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2020-06-16 14:21 - 2019-08-14 21:56 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-06-16 14:21 - 2019-08-14 21:56 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-06-16 14:21 - 2019-08-14 21:56 - 000003300 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{A35F9575-5328-43CB-9850-7A656A3FA6D0}
2020-06-16 14:21 - 2019-08-14 21:56 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-06-16 14:21 - 2019-08-14 21:56 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-06-16 14:21 - 2019-08-14 21:56 - 000002966 _____ C:\WINDOWS\system32\Tasks\WpsUpdateTask_avatek
2020-06-16 14:21 - 2019-08-14 21:56 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2100492843-3013311965-3169298572-1003
2020-06-16 14:21 - 2019-08-14 21:56 - 000002860 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2100492843-3013311965-3169298572-1010
2020-06-16 14:21 - 2019-08-14 21:56 - 000002534 _____ C:\WINDOWS\system32\Tasks\CLVDLauncher
2020-06-16 14:21 - 2019-08-14 21:56 - 000002254 _____ C:\WINDOWS\system32\Tasks\Synaptics TouchPad Enhancements
2020-06-16 14:21 - 2019-08-14 21:56 - 000002220 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-06-16 14:21 - 2019-08-14 21:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-06-13 12:56 - 2019-08-14 21:06 - 003701272 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-06-11 23:49 - 2017-11-22 17:04 - 000188205 _____ C:\WINDOWS\hpoins28.dat
2020-06-11 23:42 - 2013-08-22 14:25 - 000000184 _____ C:\WINDOWS\win.ini
2020-06-11 23:39 - 2017-11-22 17:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2020-06-11 23:39 - 2017-11-22 17:05 - 000000000 ____D C:\Program Files (x86)\HP
2020-06-11 23:38 - 2017-11-22 16:58 - 000000000 ____D C:\ProgramData\HP
2020-06-11 23:11 - 2018-08-18 18:21 - 000000000 ____D C:\Users\linda\AppData\Local\CrashDumps
2020-06-11 22:51 - 2017-11-17 22:30 - 000000000 ___RD C:\Users\linda\3D Objects
2020-06-11 22:51 - 2015-09-10 06:42 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-06-11 22:50 - 2019-08-14 21:30 - 001773366 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-06-11 22:50 - 2019-08-14 21:07 - 000792116 _____ C:\WINDOWS\system32\perfh00A.dat
2020-06-11 22:50 - 2019-08-14 21:07 - 000159770 _____ C:\WINDOWS\system32\perfc00A.dat
2020-06-11 22:38 - 2019-03-19 12:37 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-06-11 22:38 - 2019-03-19 12:37 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-06-11 22:38 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-06-11 22:38 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-06-11 22:38 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-06-11 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-06-11 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2020-06-11 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2020-06-11 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-06-11 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-06-11 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-06-11 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Com
2020-06-11 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2020-06-11 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-06-11 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-06-11 22:10 - 2015-12-30 15:27 - 000000000 ____D C:\Users\linda\AppData\Local\ElevatedDiagnostics
2020-06-11 18:57 - 2017-08-19 10:54 - 000000000 ____D C:\Users\linda\AppData\Roaming\WhatsApp
2020-06-11 12:55 - 2019-08-14 21:11 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-06-10 08:53 - 2017-04-03 09:59 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-06-09 10:19 - 2015-10-10 08:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
2020-06-09 10:10 - 2019-08-14 21:18 - 000000000 ____D C:\Users\linda
2020-06-09 10:08 - 2015-10-09 11:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-06-08 11:50 - 2017-12-01 08:51 - 000000000 ____D C:\Users\linda\AppData\Local\PlaceholderTileLogoFolder
2020-06-08 11:50 - 2017-11-17 21:24 - 000000000 ____D C:\Users\linda\AppData\Local\Packages
2020-06-08 11:50 - 2015-10-09 13:55 - 000000000 ____D C:\Users\linda\AppData\Local\Publishers
2020-06-08 09:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-06-08 09:35 - 2019-08-14 21:18 - 000000000 ____D C:\Users\eliza
2020-06-08 09:35 - 2019-08-14 21:18 - 000000000 ____D C:\Users\avatek.user-VAIO
2020-06-08 09:35 - 2017-11-22 08:15 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-06-08 09:35 - 2017-11-22 08:15 - 000000863 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-06-07 09:29 - 2015-10-09 11:10 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-06-05 14:52 - 2020-04-07 10:12 - 000000000 ____D C:\Users\linda\Documents\acorona
2020-06-05 14:50 - 2019-01-01 21:22 - 000000000 ____D C:\Users\linda\Documents\ancestry
2020-06-05 14:49 - 2019-10-25 15:14 - 000000000 ___RD C:\Users\linda\Documents\AA My health
2020-06-05 14:45 - 2017-09-09 10:24 - 000000000 ____D C:\Users\linda\Documents\books manuals
2020-06-05 14:44 - 2020-02-09 11:42 - 000000000 ____D C:\Users\linda\Documents\receipts
2020-06-04 19:31 - 2019-08-14 21:18 - 000002406 _____ C:\Users\linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-06-04 19:31 - 2015-10-09 14:01 - 000000000 ___RD C:\Users\linda\OneDrive
2020-06-04 15:46 - 2015-10-09 11:23 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-05-29 12:20 - 2017-07-07 09:04 - 000000000 ____D C:\Program Files\UNP
2020-05-28 19:01 - 2017-09-02 23:32 - 000319200 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2020-05-28 17:16 - 2020-03-21 12:22 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2020-05-28 12:15 - 2020-02-27 12:38 - 004130160 ____R C:\Users\linda\Documents\My Money2 Backup.mbf
2020-05-28 12:15 - 2020-02-27 10:50 - 003137536 _____ C:\Users\linda\Desktop\january 2020.mny
2020-05-25 10:36 - 2015-10-09 20:47 - 000000000 ____D C:\Users\linda\AppData\Roaming\Kingsoft
2020-05-22 18:54 - 2017-11-15 09:47 - 000002053 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk
2020-05-22 18:54 - 2017-11-15 09:47 - 000002041 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
2020-05-22 18:54 - 2017-11-15 09:47 - 000002041 _____ C:\ProgramData\Desktop\AVG AntiVirus FREE.lnk
2020-05-22 18:35 - 2018-02-26 13:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
2020-05-22 18:35 - 2016-06-24 11:18 - 000000564 _____ C:\WINDOWS\SIERRA.INI
2020-05-21 19:00 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-05-21 15:35 - 2020-04-07 20:40 - 000000000 ____D C:\Users\linda\AppData\Roaming\Zoom

==================== Files in the root of some directories ========

2015-12-09 14:01 - 2015-12-09 14:02 - 000000132 _____ () C:\Users\linda\AppData\Roaming\Adobe PNG Format CS5 Prefs
2018-09-30 09:21 - 2018-09-30 09:21 - 000000000 _____ () C:\Users\linda\AppData\Local\oobelibMkey.log
2020-04-30 08:55 - 2020-04-30 08:55 - 000004412 _____ () C:\Users\linda\AppData\Local\recently-used.xbel
2015-10-09 21:08 - 2015-10-09 21:08 - 000000017 _____ () C:\Users\linda\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additions

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2020
Ran by linda (18-06-2020 15:23:10)
Running from C:\Users\linda\Desktop
Windows 10 Home Version 1909 18363.900 (X64) (2019-08-14 20:58:18)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2100492843-3013311965-3169298572-500 - Administrator - Disabled)
avatek (S-1-5-21-2100492843-3013311965-3169298572-1002 - Administrator - Enabled) => C:\Users\avatek.user-VAIO
DefaultAccount (S-1-5-21-2100492843-3013311965-3169298572-503 - Limited - Disabled)
eliza (S-1-5-21-2100492843-3013311965-3169298572-1010 - Limited - Enabled) => C:\Users\eliza
Guest (S-1-5-21-2100492843-3013311965-3169298572-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2100492843-3013311965-3169298572-1009 - Limited - Enabled)
linda (S-1-5-21-2100492843-3013311965-3169298572-1003 - Administrator - Enabled) => C:\Users\linda
WDAGUtilityAccount (S-1-5-21-2100492843-3013311965-3169298572-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AS: Spybot - Search and Destroy (Disabled - Out of date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {8D637332-9C08-995E-98D7-8237936B0E9F}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.10 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.387 - Adobe)
Adobe Photoshop Elements 12 (HKLM-x32\...\Adobe Photoshop Elements 12) (Version: 12.1.0.0 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\Amazon Kindle) (Version: 1.26.0.55076 - Amazon)
Amazon Music (HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\Amazon Amazon Music) (Version: 4.3.2.1367 - Amazon Services LLC)
ANT Drivers Installer x64 (HKLM\...\{D559687A-60C5-4786-9429-C21EC195789D}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 20.3.3120 - AVG Technologies)
Backup and Sync from Google (HKLM\...\{FE296942-D2D3-4149-8895-60655FE4CFDE}) (Version: 3.49.9800.0000 - Google, Inc.)
Bonjour (HKLM\...\{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}) (Version: 2.0.4.0 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.181 - Broadcom Corporation)
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.67 - Piriform)
Check Point SBA (HKLM\...\{C8325D51-E514-475B-AFF2-550C3527E563}) (Version: 86.5.9511 - Check Point Software Technologies Ltd.) Hidden
Copy (HKLM-x32\...\{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.3202 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5804.52 - CyberLink Corp.)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software_Min (HKLM-x32\...\{CFA33E6D-2D7D-4785-8025-974398E940D1}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 140.0.185.000 - Hewlett-Packard) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 99.4.501 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.295.1 - Dropbox, Inc.) Hidden
Elements 12 Organizer (HKLM-x32\...\{9D80A7B7-DC01-485D-AE93-710D559B5C56}) (Version: 12.0 - Adobe Systems Incorporated) Hidden
Elevated Installer (HKLM-x32\...\{0BF90608-2F95-4C7C-9A85-E90E0CAF4FE9}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
ESDL (HKLM-x32\...\{9A2CA016-1C4C-4D44-BF70-C2C8639C34A4}) (Version: 1.0.0 - Sony Corporation) Hidden
Express Burn Disc Burning Software (HKLM-x32\...\ExpressBurn) (Version: 5.06 - NCH Software)
F4200 (HKLM-x32\...\{C86E1E36-6D30-4834-9C85-5501F31F7BB4}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
Family Tree Maker 2006 (HKLM-x32\...\{F2F4C144-7D1A-47C4-9D53-395A57B0CD64}) (Version: - )
FDUx86 (HKLM-x32\...\{3490653F-2789-46A1-B1BF-6BD4CF4131AB}) (Version: 1.0.0 - Sony Corporation) Hidden
Find Junk Files (HKLM-x32\...\{F5ED1A78-A95D-4D98-BB38-E544EBFC2748}) (Version: 4.00.0000 - Find Junk Files)
Garmin BaseCamp (HKLM-x32\...\{23A4DBD1-D847-4957-995D-8B1CC527E2E2}) (Version: 4.6.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{95D0EADA-5123-41C0-931A-F37946BC0E8E}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{eab4691c-4022-41cd-8d39-c3097ba62d4b}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries)
Garmin POI Loader (HKLM-x32\...\{3213ED5E-7BBE-4613-BE69-8B1E4FE520DD}) (Version: 2.7.3 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
GIMP 2.10.18 (HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\GIMP-2_is1) (Version: 2.10.18 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.106 - Google LLC)
Google Earth Pro (HKLM\...\{B6EAFE41-5723-40EB-869B-4AF44CA17B35}) (Version: 7.3.3.7699 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Hallmark Card Studio (HKLM-x32\...\Hallmark Card Studio) (Version: - )
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F4200 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{8C925017-72A8-4C4A-AF21-84901E26638F}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{33A0B67A-CF04-4F31-B3D0-EEEEDEF7078E}) (Version: 8.8.26.13 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{ED0D1C52-9ED3-49F5-955C-6E9EAB0BD46E}) (Version: 12.16.22.11 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Java 8 Update 241 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
Kodi (HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\Kodi) (Version: - XBMC Foundation)
MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Media Go (HKLM-x32\...\{1CBCA994-0290-49AD-98D3-9013A0F102E6}) (Version: 2.9.406 - Sony)
Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
Media Go Video Playback Engine 2.16.108.12020 (HKLM-x32\...\{D4E76014-8D95-87D9-991F-287823C60736}) (Version: 2.16.108.12020 - Sony)
MergeModule_x64 (HKLM\...\{20E0665F-E4EE-4E2A-8E86-EFC65129FE41}) (Version: 8.0.00 - Sony Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.50 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.31 - )
Microsoft Money (HKLM-x32\...\{E7298FD5-1386-11D5-8D6C-0050DAD32D95}) (Version: 10.0.50 - Microsoft)
Microsoft Money System Pack (HKLM-x32\...\{CF5193F7-6B37-11D5-B7D2-00AA00A204F1}) (Version: 10.0.80 - Microsoft)
Microsoft Office SharePoint Designer 2007 (HKLM-x32\...\SharePointDesigner) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{4B4DF6E2-5E40-422B-82DD-205FD7E79226}) (Version: - Microsoft)
Microsoft OneDrive (HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\OneDriveSetup.exe) (Version: 20.064.0329.0008 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
Microsoft Word 2002 (HKLM-x32\...\{911B0409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.01 - Microsoft Corporation)
Microsoft Works 2000 (HKLM-x32\...\{C5A2C7E2-71C9-11D3-AF54-00C04F443448}) (Version: 1.0.0.0000 - Microsoft Corporation)
Microsoft Works 2002 Setup Launcher (HKLM-x32\...\Works2002Setup) (Version: - )
Microsoft Works 6.0 (HKLM-x32\...\{A1B7B9B3-E1D2-41CA-9B4A-F18DC2710704}) (Version: 06.00.0000 - Microsoft Corporation)
Microsoft Works Suite Add-in for Microsoft Word (HKLM-x32\...\{C3A439E4-7303-491F-A678-CEA36A87D517}) (Version: 2.0.0.0000 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 77.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 77.0.1 (x64 en-US)) (Version: 77.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 77.0.1.7458 - Mozilla)
NXPProximityInstaller (HKLM-x32\...\NXPProximityInstaller) (Version: 6.5.5.0 - NXP Semiconductors)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
PlayMemories Home (HKLM-x32\...\{5FC13A4C-BC27-4414-A2E4-9E2277AA88AE}) (Version: 8.0.02.10010 - Sony Corporation)
PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.16.2.15545 - Sony Computer Entertainment Inc.)
Prism Video File Converter (HKLM-x32\...\Prism) (Version: 3.04 - NCH Software)
PSE12 STI Installer (HKLM-x32\...\{11F9A376-342F-4297-82DA-1F6EA8ED4B6B}) (Version: 12.0 - Adobe Systems Incorporated) Hidden
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1955.62 - Trusteer) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21239 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7054 - Realtek Semiconductor Corp.)
Restore (HKLM-x32\...\{ECCEB4D0-7080-4F8A-B498-E40A32A4FBED}) (Version: 1.0.0 - Sony Corporation) Hidden
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Sky Go 1.5.17.0 (HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\com.bskyb.skygoplayer_is1) (Version: 1.5.17.0 - Sky)
SOHLib for PlayMemories Home (HKLM\...\{DE8DF526-74E8-4ED3-880B-B6049D2E00AC}) (Version: 1.0.0.09130 - Sony Corporation) Hidden
SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.5.43 - Safer-Networking Ltd.)
SSLx64 (HKLM\...\{312395BC-7CC2-434C-A660-30250276A926}) (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (HKLM-x32\...\{63C43435-F428-42BA-8E7B-5848749D9262}) (Version: 1.0.0 - Sony Corporation ) Hidden
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.15.2 - Synaptics Incorporated)
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1955.62 - Trusteer)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 3.5.3 - Tweaking.com)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
VAIO BIOS Data Transfer Utility (HKLM-x32\...\{5D772F4A-53DE-4E1F-83F5-B08DFF106C60}) (Version: 1.1.0.09260 - Sony Corporation) Hidden
VAIO Care (HKLM\...\{39338EBE-2686-46AE-ABF4-2C582FE6AA50}) (Version: 8.4.7.12066 - Sony Corporation)
VAIO Care Hardware Diagnostics Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.11.0.09260 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{31A52292-831E-45E0-8333-7D35BCD130B8}) (Version: 1.0.3.09050 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.4.0.10210 - Sony Corporation)
VAIO CPU Fan Diagnostic (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.2.0.03050 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.12.0.07300 - Sony Corporation)
VAIO Easy Connect (HKLM-x32\...\{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 8.4.4.07220 - Sony Corporation) Hidden
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.5.0.09250 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{C301232A-53A2-4844-A5B0-13181B54D770}) (Version: 2.5.0.09250 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.3.00.10220 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.3.00.10220 - Sony Corporation)
VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.2.0.10110 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.3.00.10240 - Sony Corporation) Hidden
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.3.00.10240 - Sony Corporation)
VAIO Sample Music (HKLM-x32\...\{E54A5A2B-E06C-41A6-A0DE-04C5AA4B415C}) (Version: 1.0.1.10240 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.4.1.09270 - Sony Corporation)
VCCMMX64 (HKLM\...\{606DF716-F28D-4449-B0B1-3AB6081F51AF}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCMMX86 (HKLM-x32\...\{BC3FFCF0-3DB7-47D2-BF15-1979AB59D12B}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCx64 (HKLM\...\{AB447E3B-7A95-4CA6-8ECD-B25C96314B67}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (HKLM-x32\...\{B31938C7-7E97-49EE-8F88-951E156268A3}) (Version: 1.0.0 - Sony Corporation) Hidden
VHD (HKLM-x32\...\{9D8112DB-3490-4BF1-AAFA-1D224FFB5D3C}) (Version: 1.0.0 - Sony Corporation) Hidden
VoipConnect (HKLM-x32\...\VoipConnect_is1) (Version: 4.14 build 770 - Finarea S.A. Switzerland)
VPMx64 (HKLM\...\{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}) (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (HKLM-x32\...\{B24BB74E-8359-43AA-985A-8E80C9219C70}) (Version: 1.0.0 - Sony Corporation) Hidden
VUx64 (HKLM\...\{A0A2BE14-D3FF-41C8-9545-4B130E3FE9A4}) (Version: 1.2.0 - Sony Corporation) Hidden
VUx86 (HKLM-x32\...\{D04F1D22-4A47-42C6-A2B9-094A7B844D9B}) (Version: 1.2.0 - Sony Corporation) Hidden
VWSTx86 (HKLM-x32\...\{B8991D99-88FD-41F2-8C32-DB70278D5C30}) (Version: 1.0.0 - Sony Corporation) Hidden
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
WhatsApp (HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\WhatsApp) (Version: 2.2017.6 - WhatsApp)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.8030 - Broadcom Corporation)
WinDirStat 1.1.2 (HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\WinDirStat) (Version: - )
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Works Suite OS Pack (HKLM-x32\...\{DC19E750-988B-4005-A355-85EF66055EFE}) (Version: 1.0.0.0000 - Microsoft Corporation) Hidden
Works Synchronization (HKLM-x32\...\{BD3DCAB0-3FE5-44FB-90DA-EFB0A2CD1387}) (Version: 1.0.0.0000 - Your Company Name) Hidden
WPS Office (11.2.0.9431) (HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\Kingsoft Office) (Version: 11.2.0.9431 - Kingsoft Corp.)
ZoneAlarm Anti-Ransomware (HKLM-x32\...\{0B8C3231-9818-4CB9-8213-4AB839836791}) (Version: 1.002.1006 - Check Point Software) Hidden
ZoneAlarm Firewall (HKLM-x32\...\{18FE6943-D33D-42F5-99D5-0ED22F633E32}) (Version: 15.6.121.18102 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 15.6.121.18102 - Check Point)
ZoneAlarm Security (HKLM-x32\...\{881E7A8C-9C4B-4D14-B390-EAFBA278CF45}) (Version: 15.6.121.18102 - Check Point Software Technologies Ltd.) Hidden
Zoom (HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.)

Packages:
=========
- Games App - -> C:\Program Files\WindowsApps\WildTangentGames.-GamesApp-_1.0.3.28_x86__qt5r5pa5dyg8m [2017-04-29] (WildTangent Games)
Album by Sony -> C:\Program Files\WindowsApps\BD9B8345.AlbumbySony_2.2.2.8170_x86__05bme2bjq6sag [2015-10-09] (ms-resource:SZ_DeveloperName)
Bubble Birds for VAIO -> C:\Program Files\WindowsApps\XIMADINC.BubbleBirdsforVAIO_1.2.0.31_x64__np8fj6akx2czy [2015-10-09] (XIMAD INC)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1790.3.0_x86__kgqvnymyfvs32 [2020-06-18] (king.com)
Demand 5 -> C:\Program Files\WindowsApps\Channel5.Demand5_1.3.16078.0_x64__715msrf0vzb96 [2016-09-17] (CHANNEL 5 BROADCASTING LIMITED)
eBay -> C:\Program Files\WindowsApps\eBayInc.eBay_1.6.0.34_neutral__1618n3s9xq8tw [2015-10-09] (eBay, Inc)
Heart FM Radio App -> C:\Program Files\WindowsApps\GlobalRadio.HeartFMRadioApp_1.1.0.0_neutral__74929bdwdxqkg [2015-10-10] (Global Radio)
IBM Trusteer Rapport -> C:\Program Files\WindowsApps\IBMTrusteer.IBMTrusteerRapport_1.1.34.0_x64__756wk15nt3n8e [2019-01-01] (IBM Trusteer)
McAfee® Central for Sony -> C:\Program Files\WindowsApps\McAfeeInc.03.McAfeeSecurityAdvisorforSony_5.0.186.1_x64__zzbg6bv35ndpr [2018-06-09] (McAfee - Incorporated)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2019-08-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_3.11.6020.0_x64__8wekyb3d8bbwe [2020-06-09] (Microsoft Studios) [MS Ad]
Microsoft Midi gm.dls -> C:\Program Files\WindowsApps\Microsoft.Midi.GmDls_1.0.1.0_neutral__8wekyb3d8bbwe [2020-04-07] (Microsoft Platform Extensions)
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.41.21603.0_x64__8wekyb3d8bbwe [2020-06-13] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-03] (Microsoft Studios) [MS Ad]
Microsoft Sudoku -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSudoku_1.7.10190.0_x86__8wekyb3d8bbwe [2018-12-04] (Microsoft Studios) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.19.31501.0_x64__8wekyb3d8bbwe [2020-06-11] (Microsoft Corporation)
Microsoft Ultimate Word Games -> C:\Program Files\WindowsApps\Microsoft.Studios.Wordament_3.6.10070.0_x64__8wekyb3d8bbwe [2019-10-16] (Microsoft Studios) [MS Ad]
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-10-17] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-10-17] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
Music by Sony -> C:\Program Files\WindowsApps\BD9B8345.MusicbySony_1.2.0.14240_x86__05bme2bjq6sag [2015-10-09] (Sony Corporation)
MUZU.TV recommended by VAIO -> C:\Program Files\WindowsApps\MUZU.TV.MUZU.TVrecommendedbyVAIO_2.2.0.5_x64__0rrnvzkk8qy2w [2018-06-09] (MUZU.TV) [MS Ad]
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-09-13] (Microsoft Corporation)
Pyramid Solitaire Saga -> C:\Program Files\WindowsApps\king.com.PyramidSolitaireSaga_1.103.0.0_x86__kgqvnymyfvs32 [2020-06-16] (king.com)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-11-06] (Adobe Systems Incorporated)
Socialife News -> C:\Program Files\WindowsApps\BD9B8345.Socialife_2.4.3.10090_x64__05bme2bjq6sag [2018-06-09] (Sony Corporation)
Sony Select -> C:\Program Files\WindowsApps\BD9B8345.VAIOMessageCenter_2.1.1.2210_x64__05bme2bjq6sag [2018-06-09] (Sony Corporation)
TV SideView -> C:\Program Files\WindowsApps\BD9B8345.TVSideView_2.3.3.8210_x64__05bme2bjq6sag [2015-10-09] (Sony Corporation)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)
VAIO Care -> C:\Program Files\WindowsApps\BD9B8345.VAIOCare_1.4.1.14090_x64__05bme2bjq6sag [2015-10-09] (Sony Corporation)
Wordplay: Exercise your brain -> C:\Program Files\WindowsApps\828B5831.WordplayExerciseyourbrain_1.4.601.0_x86__ytsefhwckbdv6 [2020-06-08] (G5 Entertainment AB)
Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2017-02-15] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003_Classes\CLSID\{28A80003-18FD-411D-B0A3-3C81F618E22B}\InprocServer32 -> C:\Users\linda\AppData\Local\Kingsoft\WPS Office\11.2.0.9431\office6\kwpsmenushellext64.dll (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\linda\Dropbox [2017-04-03 10:05]
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-04-06] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-04-06] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-04-06] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [CLVDShellExt] -> [CC]{3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-04-06] (Google LLC -> Google)
ContextMenuHandlers1: [SDECon32] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers1: [SDECon64] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-04-06] (Google LLC -> Google)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1_S-1-5-21-2100492843-3013311965-3169298572-1003: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\linda\AppData\Local\Kingsoft\WPS Office\11.2.0.9431\office6\kwpsmenushellext64.dll [2020-06-15] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers4_S-1-5-21-2100492843-3013311965-3169298572-1003: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\linda\AppData\Local\Kingsoft\WPS Office\11.2.0.9431\office6\kwpsmenushellext64.dll [2020-06-15] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\linda\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.htm
Shortcut: C:\Users\linda\AppData\Roaming\Microsoft\Windows\Network Shortcuts\My Web Sites on MSN\target.lnk -> hxxp://www.msnusers.co
ShortcutWithArgument: C:\Users\linda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2019-09-23 15:52 - 2019-09-23 15:52 - 000059392 _____ () [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\SA\dict-vectorizer.dll
2018-07-18 14:27 - 2018-07-18 14:27 - 000747520 _____ () [File not signed] C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2018-09-29 09:19 - 2010-10-21 05:00 - 000302080 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNCALAM.DLL
2018-09-29 09:17 - 2010-09-20 05:00 - 000374784 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMLMAM.DLL
2019-11-27 12:15 - 2019-11-27 12:15 - 000398336 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider32.dll
2019-11-27 12:18 - 2019-11-27 12:18 - 000513536 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider64.dll
2019-11-27 12:18 - 2019-11-27 12:18 - 000067072 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\cphnt64.dll
2019-11-27 12:18 - 2019-11-27 12:18 - 000019968 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\cphusr64.dll
2010-08-06 12:15 - 2010-08-06 12:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 12:15 - 2010-08-06 12:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2019-07-25 10:52 - 2019-07-25 10:52 - 000986112 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\CheckPoint\ZoneAlarm\dbghelp.dll
2019-11-27 11:27 - 2019-11-27 11:27 - 001189888 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\x86\SQLite.Interop.dll
2014-09-18 19:15 - 2014-09-18 19:15 - 001124352 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\SQLite\System.Data.SQLite.dll
2016-01-07 18:19 - 2015-06-16 18:18 - 001083792 _____ (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDAdvancedCheckLibrary.dll
2016-01-07 18:19 - 2015-06-16 18:18 - 000735128 _____ (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFileScanLibrary.dll
2016-01-07 18:19 - 2015-06-16 18:18 - 000623848 _____ (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLicense.dll
2016-01-07 18:19 - 2015-06-16 18:18 - 000344264 _____ (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLists.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:F0D7EE30 [138]
AlternateDataStreams: C:\Users\avatek.user-VAIO\Downloads\ccsetup510.exe:BDU [0]
AlternateDataStreams: C:\Users\linda\Downloads\advisorinstaller.belarc.exe:BDU [0]
AlternateDataStreams: C:\Users\linda\Downloads\Silverlight_x64.exe:BDU [0]
AlternateDataStreams: C:\Users\linda\Downloads\windirstat1_1_2_setup.exe:BDU [0]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7943 more sites.

IE trusted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\sharepoint.com -> hxxps://wabtec-files.sharepoint.com
IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\123simsen.com -> www.123simsen.com

There are 7946 more sites.


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2019-10-06 23:39 - 000454872 ____N C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com

There are 15612 more lines.


==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Sony\VAIO BIOS Data Transfer Utility\;C:\Program Files (x86)\Sony\VAIO Startup Setting Tool;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\linda\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\my beautiful girl.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "Microsoft Office.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Microsoft Works Calendar Reminders.lnk"
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Event Planner Reminders Tray Icon.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Event Planner Reminders Tray Icon.lnk.disabled"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKLM\...\StartupApproved\Run: => "RtHDVBg"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "PMBVolumeWatcher"
HKLM\...\StartupApproved\Run32: => "Microsoft Works Portfolio"
HKLM\...\StartupApproved\Run32: => "MoneyStartUp10.0"
HKLM\...\StartupApproved\Run32: => "WorksFUD"
HKLM\...\StartupApproved\Run32: => "Microsoft Works Update Detection"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "SynTPEnh"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\StartupApproved\Run: => "MoneyAgent"
HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"
HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\StartupApproved\Run: => "Uninstall C:\Users\linda\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_2\amd64"
HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\StartupApproved\Run: => "VoipConnect"
HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\StartupApproved\Run: => "*LABAL*"
HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\StartupApproved\Run: => "CAHeadless"
HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\StartupApproved\Run: => "Application Restart #2"
HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\StartupApproved\Run: => "Application Restart #5"
HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\StartupApproved\Run: => "Application Restart #3"
HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\StartupApproved\Run: => "Application Restart #0"
HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\StartupApproved\Run: => "Adobe Reader Synchronizer"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{894DFE02-EA35-4019-99E3-191C3D0EBAB5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{2BA329C9-D3FE-4135-B165-2E9D99E51CD3}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [UDP Query User{9F3B5498-235F-4A96-84D2-D26D5D1DBFDA}C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe] => (Allow) C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe (Finarea SA -> VoipConnect)
FirewallRules: [TCP Query User{4C4C8A69-78E1-47C5-B642-76C5D1BCE8E3}C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe] => (Allow) C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe (Finarea SA -> VoipConnect)
FirewallRules: [{B2A29DA8-AB6A-49EF-9E61-EE7CE38710CC}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{BB85095F-E0FB-4CF4-B698-3722BB9CE4D9}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{43BAA391-2291-4526-8F61-27111A89C7DA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9AE3A323-DC8C-4CDA-8A3C-16A35F5AFA68}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{ABF68FB8-FA66-4034-BD3A-9936D2A3B7FA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AAE4CE5D-6943-4FAC-B86F-D1EBCEC322FA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{87467137-EFAC-42C3-80F6-FEDA92B90848}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7B19F6DF-3336-44A7-9CDD-1B95B2091D86}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{62A52ECE-5183-48ED-9E5D-EEE48D62A873}] => (Allow) LPort=5354
FirewallRules: [{D889A56D-9116-45C4-AD5B-E814F093C2FB}] => (Allow) LPort=5354
FirewallRules: [{D6DAB006-3CE7-4DFA-BAF8-1906BF06802F}] => (Allow) LPort=5354
FirewallRules: [{3D621504-CEAA-4E1D-80DF-B6A4ED72FE53}] => (Allow) LPort=5354
FirewallRules: [{2BF0EBF5-5D56-4354-939D-73C36D93CA2B}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{6CA379E0-100B-443A-9FB7-CE8D91487609}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{BE67CCA4-DEDD-4369-8920-035238E47893}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{F64E9436-0052-4806-B2D9-918D0DB28882}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{9A8B2461-6D47-4056-934F-3182D17AC74D}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{0EC6F576-D132-4E6B-80E6-E8BB09863026}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{5430C634-C087-4696-BE3E-38B24F83DE53}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{8AF94982-19F4-40B6-B308-0B4C3B3718C9}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{9389272C-304D-4F47-BA26-99F0D583B1D8}] => (Allow) C:\Users\linda\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{AA3E88D0-EAA8-46CA-B271-2D0958ABC599}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{AD4B9BE8-476D-4321-A10D-E744D9BB8086}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{6037C7EA-461A-4889-9E32-794EAEC13A33}] => (Allow) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation -> Microsoft Corporation)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

11-06-2020 10:21:32 Scheduled Checkpoint
12-06-2020 11:19:29 Windows Backup
17-06-2020 08:42:05 Windows Update
17-06-2020 19:45:31 Windows Backup
17-06-2020 22:12:05 Windows Backup

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (06/18/2020 03:15:35 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3156,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (06/18/2020 03:10:12 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10200,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (06/18/2020 02:18:34 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7004,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (06/18/2020 12:48:11 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10000,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (06/18/2020 11:51:36 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1728,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (06/18/2020 11:39:43 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: UDPEndRecv: WSARecvMsg control information error.

Error: (06/18/2020 11:39:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: DNS Message from «ZERO ADDRESS»:0 to «ZERO ADDRESS»:0 length 0 too short

Error: (06/18/2020 04:24:53 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1556,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.


System errors:
=============
Error: (06/18/2020 02:18:08 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the CPEFR service.

Error: (06/18/2020 02:08:32 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The File History Service service did not respond on starting.

Error: (06/18/2020 02:07:08 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.

Error: (06/18/2020 02:05:07 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.

Error: (06/18/2020 02:02:20 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the CPEFR service.

Error: (06/18/2020 02:02:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (06/18/2020 02:02:05 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.

Error: (06/18/2020 02:00:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SDWSCService service failed to start due to the following error:
A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


Windows Defender:
===================================
Date: 2020-02-23 17:32:12.442
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {03098E35-7F72-48BF-BFA7-D6CDCECACC62}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-02-23 13:07:45.563
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {1D07ACD0-B56E-44F6-BEC2-06E0DFF6A424}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-02-23 12:36:13.782
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {94B1682C-F9C7-4EDD-B883-6416D5A8008E}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-01-28 12:44:46.416
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {4E5336E8-CAC6-4323-9117-D50139626BF7}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-12-19 21:59:40.147
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {F4EDB6CA-9A11-4BBE-A63F-D58673C12318}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-01-28 14:20:37.505
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.307.3169.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80240438
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2020-01-26 10:05:16.727
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.307.2635.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2020-01-26 10:02:55.676
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.307.2635.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2020-01-26 10:02:55.675
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.307.2635.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2020-01-26 10:02:55.674
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.307.2635.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

CodeIntegrity:
===================================

Date: 2020-06-18 15:18:29.908
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-06-18 15:18:29.904
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-06-18 15:18:29.813
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-06-18 15:18:29.809
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-06-18 14:08:33.523
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-18 14:08:33.401
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-18 14:08:33.370
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-18 14:08:33.246
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: Insyde Corp. R1100DB 01/26/2016
Motherboard: Sony Corporation VAIO
Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 82%
Total physical RAM: 6039.8 MB
Available physical RAM: 1081.42 MB
Total Virtual: 10007.8 MB
Available Virtual: 4060.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:904.94 GB) (Free:802.06 GB) NTFS

\\?\Volume{20590362-fd48-4726-929d-55b64c18819a}\ (Windows RE tools) (Fixed) (Total:0.82 GB) (Free:0.48 GB) NTFS
\\?\Volume{200ac8d2-677f-4ca4-a853-c2f47df66937}\ (Recovery) (Fixed) (Total:24.43 GB) (Free:4.24 GB) NTFS
\\?\Volume{88dc8132-698b-45d6-83f1-8f86926cd622}\ () (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: D3C97A91)

Partition: GPT.

==================== End of Addition.txt =======================

Juliet
2020-06-19, 20:32
As far as seeing something malicious, no. Of course items can be deeply hidden but, I do see some heavy duty security apps on the machine that could cause some delays or freezes on here.

Let's just do a couple of things to see if performance and issues get better.

****
Start Farbar Recovery Scan Tool with Administrator privileges
(Right click on the FRST icon and select Run as administrator)

highlight on the text below and select Copy.
beginning with Start:: and finishing with End::
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Highlight the entire content of the quote box below and select Copy.




Start::
CloseProcesses:
CreateRestorePoint:
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {85E7839C-37F7-49EC-B8F3-57DB50471B35} - \WPD\SqmUpload_S-1-5-21-2100492843-3013311965-3169298572-1001 -> No File <==== ATTENTION
Task: {EB9CE40A-4D41-4158-8F07-41FAE9BBC40B} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003 -> {329F56EA-F3C5-422C-BB45-C274CFDA2B16} URL = hxxp://rover.ebay.com/rover/1/710-42480-16445-33/4?mpre=hxxp://shop.ebay.co.uk/?oemInLn=ieSrch-&_nkw={searchTerms}
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File]
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File]
U3 iswSvc; no ImagePath
ContextMenuHandlers1: [CLVDShellExt] -> [CC]{3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File
ContextMenuHandlers1: [SDECon32] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers1: [SDECon64] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\ProgramData\Temp:F0D7EE30 [138]
AlternateDataStreams: C:\Users\avatek.user-VAIO\Downloads\ccsetup510.exe:BDU [0]
AlternateDataStreams: C:\Users\linda\Downloads\advisorinstaller.belarc.exe:BDU [0]
AlternateDataStreams: C:\Users\linda\Downloads\Silverlight_x64.exe:BDU [0]
AlternateDataStreams: C:\Users\linda\Downloads\windirstat1_1_2_setup.exe:BDU [0]
EmptyTemp:
C:\Windows\Temp\*.*
End::


Start FRST (FRST64) with Administrator privileges
Press the Fix button. FRST will process the lines copied above from the clipboard.
When finished, a log file Fixlog.txt will pop up and saved in the same location the tool was ran from.

Please copy and paste its contents in your next reply.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Download and run AdwCleaner

Download AdwCleaner from here (https://downloads.malwarebytes.com/file/adwcleaner) and save it to your desktop.


run AdwCleaner by clicking on Scan Now
when it has finished, leave everything that was found checked, (ticked), then click on Clean and Repair
if it asks to reboot, allow the reboot
on reboot, click on View Log File; please attach the content of the log to your next reply.

============================================

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Run Malwarebytes Anti-Malware

You may have Malwarebytes Anti-Malware installed but if not, you can download it from here (https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/):

run the program
click on the ‘Dashboard’ to make sure everything is up to date, (it is not necessary to upgrade to the premium version of MBAM)
click on the ‘Scan’ tab, (directly below the Dashboard tab)
select the Threat Scan option
slick the Scan Now button
Threat Scan will begin
when the scan has completed and if malware was found, click the Quarantine Selected button to allow MBAM to quarantine what was found
if prompted to restart the computer, close all other programs and click Yes to restart your computer
once you are back at your desktop, open MBAM once more
click on the ‘Reports’ tab
double-click on the most recent Scan Report
click on Export, then Copy to Clipboard

Logs to include with the next post:

Fixlog.txt
AdwCleaner log
Mbam.txt

suzilu
2020-06-19, 23:01
whew! Thank you for all the instructions. I have done all the scanning and enclose the files.
I really appreciate your time and effort helping me with this, thank you very much.

suzilu
2020-06-19, 23:07
[QUOTE=suzilu;484945]whew! Thank you for all the instructions. I have done all the scanning and enclose the files.
I really appreciate your time and effort helping me with this, thank you very much.[/QUOT


When selecting the PUPs from the list in Adwcleaner, I left the ones for Vaio maintenance and HP support assistant as I use these frequently.
Thankyou.

Juliet
2020-06-20, 00:28
Your welcome.

Whats been found is along the lines of adware, things that download along with apps (plus their updates) you have on your computer, cookies, adds, notifications and such.

Let's do an online scan.

ESET Online Scanner

Download ESET Online Scanner (https://download.eset.com/com/eset/tools/online_scanner/latest/esetonlinescanner_enu.exe) and save it to your desktop.

Right-click on esetonlinescanner_enu.exe and select Run as Administrator.
When the tool opens, click Get Started.
Read and accept the license agreement.
At the Welcome to ESET Online Scanner window, click Get Started.
Select whether you would like to send anonymous data to ESET.
Note: if you see the "Welcome Back to ESET Online Scanner" screen, click Computer Scan > Full Scan.
Click on the Full Scan option.
Select Enable ESET to detect and remove potentially unwanted applications, then click Start scan.
ESET will now begin scanning your computer. This may take some time.
When the scan is finished and if threats have been detected, select Save scan log. Save it to your desktop as eset.txt. Click on Continue.
ESET Online Scanner may ask if you'd like to turn on the Periodic Scan feature. Click on Continue.
On the next screen, you can leave feedback about the program if you wish. Check the box for Delete application data on closing. If you left feedback, click Submit and continue. If not, Close without feedback.
Open the scan log on your desktop (eset.txt) and copy and paste its contents into your next reply.

-----------------------


Hows the computer now?

suzilu
2020-06-21, 10:47
Well, I downloaded the free trial of eset instead of scanning online! It took 9 hours or more and found no malware but lots of other stuff (which the scanner could not open). Anyway, after realizing that I should have done the scan online, I did the online scan 5 hours and far less files scanned, but it found 9 problems!

I enclose the result of the scan, I'm well impressed that it found these 9 bits of malware.

I can't thank you enough for all your help and 'tuition' with this problem of mine. I'm 72 and love messing about with the technical side of PCs. It was a bit daunting at first but I really enjoyed it. Thanks.

Juliet
2020-06-21, 14:08
I enclose the result of the scan, I'm well impressed that it found these 9 bits of malware.

I can't thank you enough for all your help and 'tuition' with this problem of mine. I'm 72 and love messing about with the technical side of PCs. It was a bit daunting at first but I really enjoyed it. Thanks.
I enjoy the fact that age doesn't have boundaries, as daunting many think a computer can be, it can open a world of entertainment and knowledge.

Mostly what was found was bundled in the download for Kingsoft\office 6
Appears the online scan found it and removed it. Don't be surprised, this happens with most free downloads people find on the internet which also includes CCleanrer.

Since you have quite a bit of system security on your computer let's make sure to remove both of the Eset products. It's possible in the near future this will cause compatibility and performance issues and give the feeling of being infected.

Please go to your control panel, programs, and click on uninstall any of the tools and scanners I had you download.

How is the computer now?

suzilu
2020-06-22, 02:57
I've removed the Eset programmes. The laptop was still running at 100% but I disabled defrag schedule and windows search and it's normal now. I had a few programmes which didn't work, HP printer, Adobe reader, and word. There may be more, I'll just uninstall and reinstall as necessary.

I've enjoyed the experience, thanks to your knowledge, many thanks.

Juliet
2020-06-22, 13:40
Glad to help

Use this tool to remove quarantined items:

Please download KpRm (https://toolslib.net/downloads/viewdownload/951-kprm) by Kernel-panik and save to your Desktop.

Click on KpRm.exe to run the tool.


Vista/Windows 7/8/10 users right-click and select Run As Administrator (http://windows.microsoft.com/en-US/windows7/How-do-I-run-an-application-once-with-a-full-administrator-access-token).

Put a check mark next to these items:


- Delete tools

Click the "Run" button.

When the tool has finished, it will create and open a log report and delete itself.

suzilu
2020-06-22, 16:04
Thank you Juliet. I've run the programme and enclose the file if you'd take a look. I can't believe how much rubbish the laptop retains even though I thought that I'd deleted/uninstalled everything!

Thanks

Juliet
2020-06-23, 13:59
If you should find anything left on the computer just delete it.


Answers to common security questions - Best Practices (http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/) by quietman7, MVP
How Malware Spreads - How did I get infected? (http://www.bleepingcomputer.com/forums/t/287710/how-malware-spreads-how-did-i-get-infected/) by quietman7, MVP
Simple and easy ways to keep your computer safe and secure on the Internet (http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/) by Lawrence Abrams, MVP
How to Prevent Malware (http://users.telenet.be/bluepatchy/miekiemoes/prevention.html) by miekiemoes, MVP
How to backup and restore your data using Cobian Backup (http://www.bleepingcomputer.com/tutorials/backup-and-restore-data-with-cobian-backup/) by YourHighness
Slow Computer/browser? It May Not Be Malware (http://www.bleepingcomputer.com/forums/t/87058/slow-computerbrowser-check-here-first;-it-may-not-be-malware/) by quietman7, MVP


AdBlock (https://adblockplus.org/en/firefox) is a browser add-on that blocks annoying banners, pop-ups and video ads.


http://i.imgur.com/jv4nhMJ.png NoScript (http://noscript.net/) is a Firefox add-on that blocks the actions of malicious scripts by using whitelisting and other technology.

http://i.imgur.com/DgW1XL2.png Secunia PSI (http://secunia.com/vulnerability_scanning/personal/) will scan your computer for vulnerable software that is outdated, and automatically find the latest update for you.

http://i.imgur.com/sHjS79L.png Unchecky (http://unchecky.com/) automatically removes checkmarks for bunlded software in programme installers; helping you avoid adware and PUPs.

suzilu
2020-06-23, 15:54
Thanks Juliet,

I've had a quick look and will enjoy having a good read. Let's hope that I don't completely mess up the laptop!!!!

Thank you

Juliet
2020-06-23, 16:55
I think you'll do well.

Juliet
2020-06-29, 14:29
Glad we could help. http://i.imgur.com/SakDYGv.gif
Since this issue appears resolved ... this Topic is closed.