PDA

View Full Version : Thanks, in advance



UncaHo
2020-07-22, 06:10
My computer has been running increasingly slow over the last several months. Here are the Farbar logs. Thanks in advance.

Joe

_________________________
FRST.txt:

_________________________

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8712960 2015-10-06] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407744 2015-10-06] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [OSDApp] => C:\Windows\SysWoW64\OSDSrv\OSDApp.exe [2091520 2015-04-14] (Wistron Corporation) [File not signed]
HKLM\...\Run: [StartCN] => c:\Program Files\AMD\CNext\CNext\cnext.exe [4998856 2016-02-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [156808 2020-07-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [714160 2015-09-21] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [83441808 2019-09-04] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3826748822-2543032886-3249942663-1000\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\...\Run: [EA Core] => C:\Program Files (x86)\Electronic Arts\EADM\Core.exe [3325952 2009-03-28] (Electronic Arts) [File not signed]
HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\...\Run: [HP ENVY 7640 series (NET)] => C:\Program Files\HP\HP ENVY 7640 series\Bin\ScanToPCActivationApp.exe [3769992 2017-05-23] (Hewlett Packard -> HP Inc.)
HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\...\Run: [AVGBrowserAutoLaunch_57DA1AC6DF62A9206DA623E482BF0B31] => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [1949488 2020-07-02] (AVG Technologies USA, LLC -> AVG Technologies)
HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\JoeJe\AppData\Local\Microsoft\Teams\Update.exe [2452112 2020-07-15] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\...\Print\Monitors\EPSON WF-2540 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMIUE.DLL [120320 2015-01-06] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\...\Print\Monitors\HP DC11 Status Monitor: C:\WINDOWS\system32\hpinkstsDC11LM.dll [393400 2016-07-21] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Installer\chrmstp.exe [2020-07-21] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{48F69C39-1356-4A7B-A899-70E3539D4982}] -> C:\Program Files (x86)\AVG\Browser\Application\83.1.4957.118\Installer\chrmstp.exe [2020-07-14] (AVG Technologies USA, LLC -> AVG Technologies)
HKLM\Software\...\Authentication\Credential Providers: [{75A22DF0-B81D-46ed-B119-CD30507BD615}] -> C:\WINDOWS\system32\OSDEventCredProv.dll [2013-12-24] (Wistron Corporation) [File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02D53FDC-FAD4-4543-8737-57A09342E9F7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1505624 2020-05-20] (HP Inc. -> HP Inc.)
Task: {0B355368-BAA5-4CDF-A8D4-6B7E3C99FCFB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4371352 2020-05-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {0F0A801F-CDB4-4CF7-A3B1-59DC095253C4} - System32\Tasks\Dell Cleanup => c:\windows\system32\oem\startmenufix.vbs [1595 2016-09-14] () [File not signed]
Task: {2938D43A-2E83-4DD4-BBCB-C0F49A34C48D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-16] (Google Inc -> Google Inc.)
Task: {38599219-57F3-46E9-8E56-A0AE0F24E19A} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe [110008 2016-04-27] (CyberLink Corp. -> CyberLink)
Task: {3AFE1F5B-CFCB-4A72-86D1-E80D67617881} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1692296 2020-02-27] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {3DA3F8A8-9F8B-45D8-9B4D-2BFCE8A09090} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [662872 2020-04-30] (HP Inc. -> HP Inc.)
Task: {40602796-3DE3-493C-BFD4-D1CAF2309EEB} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [165520 2019-05-09] (AVG Netherlands B.V. -> AVG Technologies)
Task: {43022227-7D51-45CE-AB5D-5261DD128749} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407744 2015-10-06] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {492E2B8C-822D-42C8-B815-D090361FA986} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MpCmdRun.exe [473544 2020-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {50F46827-535D-4D3F-82BE-2EBF2A9A8E86} - System32\Tasks\AVG Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [1949488 2020-07-02] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {54D18FD1-6AB3-4BE3-B2C7-D2E65EA6F82D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115048 2020-07-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {5F6A3136-FB1B-4908-9278-421E543906FA} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [32448 2018-12-04] (Rivet Networks LLC -> DELL)
Task: {6EDA4BC7-2831-42FD-83E6-153F9EC25960} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [3387528 2020-07-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {7B895D73-7B60-4217-8331-22FB6794A3BF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MpCmdRun.exe [473544 2020-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {846D5239-3787-4855-8073-EEA016BD9A11} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-20] (HP Inc. -> )
Task: {898955D4-427F-466F-ABAA-5962419FB6FC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MpCmdRun.exe [473544 2020-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {92F6E50E-2631-4ECC-B2C9-647E152BF402} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24611720 2020-07-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {99C50818-D739-4DC9-BD08-618FBDCB138D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MpCmdRun.exe [473544 2020-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9CE9C8BF-CE42-46D3-967C-F9C014F40B83} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_403_pepper.exe [1471032 2020-07-14] (Adobe Inc. -> Adobe)
Task: {A00A62A6-9E72-4828-800C-2FED600AC440} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1553880 2020-05-03] (Dell Inc. -> Dell Inc.)
Task: {A0278027-A83E-435B-A721-172CCC08425F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1505624 2020-05-20] (HP Inc. -> HP Inc.)
Task: {AFC40D51-860E-4E8C-81A6-72C15CF11DFD} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24611720 2020-07-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {B680B5DA-91DA-4F7C-B5AE-BA09CD7676AE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [135000 2020-06-22] (HP Inc. -> HP Inc.)
Task: {B772F512-0B64-4003-B985-C7C6E1DF3E90} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-16] (Google Inc -> Google Inc.)
Task: {BA13A643-CEFC-40A0-BD70-D2C75800E71D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_TH6994X0NM => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1133912 2020-06-19] (HP Inc. -> HP Inc.)
Task: {BA6866DC-8C4E-460F-857D-92AFE1DF9563} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [320856 2020-04-23] (HP Inc. -> HP Inc.)
Task: {BB54D870-BD8A-43BA-A4FD-762644146A0F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115048 2020-07-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {BFF9BF84-CD7C-43EF-8C2F-3CCF19697A3B} - System32\Tasks\WpsUpdateTask_JoeJe => C:\Users\JoeJe\AppData\Local\Kingsoft\WPS Office\11.2.0.9453\office6\wpsupdate.exe [157952 2020-07-05] (Zhuhai Kingsoft Office Software Co., Ltd. -> )
Task: {CC016969-83FD-4A51-ABDD-89E6584B2DBE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [662872 2020-04-30] (HP Inc. -> HP Inc.)
Task: {CF9EA1CD-C731-4790-9E57-94623723C1B6} - System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [1949488 2020-07-02] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {D0DA002C-3AD1-4D45-A9A6-2D649A4D49FC} - System32\Tasks\WpsExternal_JoeJe_20200705220823 => C:\Users\JoeJe\AppData\Local\Kingsoft\WPS Office\11.2.0.9453\office6\wps.exe [1065216 2020-07-05] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {D0E0CD66-25E7-4079-8C73-BCE9C86AB7D4} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [165520 2019-05-09] (AVG Netherlands B.V. -> AVG Technologies)
Task: {DC779E37-A8BF-4DCE-8F48-8205DDFDD1C3} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: {E71719E6-280D-4F07-845F-293804546AD3} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1443736 2020-07-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {E818356C-4F88-49A5-B4F4-B530570C44C3} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: {E9C81E8A-61CF-4F64-986C-2CC3ADB7995C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1133912 2020-06-19] (HP Inc. -> HP Inc.)
Task: {EC876515-5E10-47C6-B5D3-1760D7474C2B} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLVDLauncher.exe [340440 2015-01-28] (CyberLink Corp. -> CyberLink Corp.)
Task: {EDD6BFAF-2328-462B-A8D2-AF565C4019D5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4371352 2020-05-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {F9250966-C062-49EC-BA61-DFDB542756DB} - System32\Tasks\HPCustParticipation HP ENVY 7640 series => C:\Program Files\HP\HP ENVY 7640 series\Bin\HPCustPartic.exe [6438536 2017-05-23] (Hewlett Packard -> HP Inc.)
Task: {FB10D1CE-3B36-42C0-A6D2-59D68812856E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-07-14] (Adobe Inc. -> Adobe)
Task: {FF08A73E-8E53-44A4-B8DD-73CB64BF3008} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\RunDLC.job => cmd c sc start Dell Help SupportWORKGROUP DESKTOP 9EH2K1M

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{890b3c6e-9e5b-43b4-a89d-dba16ed4ab7d}: [DhcpNameServer] 192.0.0.3
Tcpip\..\Interfaces\{f9ea5b57-4c63-4410-8d13-9faf2564bfdd}: [DhcpNameServer] 75.75.75.75 75.75.76.76

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_nptdwxol_20_15_ssg01&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzyyEyDtAtAtD0CtBtDtBzy0C0ByEyD0DtN0D0Tzu0StAtDtCzytN1L2XzuyEtFyCtCtFtDtFtCzyzztN1L1Czu1ByE1VtCtDtN1L1G1B1V1N2Y1L1Qzu2SyDyDyB0DzztDtDtCtGtBtA0C0CtG0BzytD0CtGtCtCzyyBtGyE0CzzyCyByB0AtBtC0A0AtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1QyCzzyBzyyByCtDtGyEtDtBtAtGyEyC1TtAtG1T1TtDyDtGtDyCzzyDyDzy1PyEyCyE1RtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutByCtAzzyDtN1Q2Z1B1P1RzutCyDzzyCtAtCyCzzyDtD%26cr%3D329067806%26a%3Dwsg_nptdwxol_20_15_ssg01%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
HKU\S-1-5-21-3826748822-2543032886-3249942663-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=87nptdwxol011520&param1=y6bdVFVIsvuYsgEClQfz8B3zzGW%2BMXjYap41VPqwQlIJ3YDjnguuXVlYJYULQxbOZJozpBgJjrH4uF9Rb2jlwxf4hd2eX94uKQwi3DRJebKwIHWQ%2BlKumUpGRFPg3XTTqu0xB4d%2FbiOR63SERZj3YE2XuclPxTWGupJLUn%2FyYzUDLAmoXEwf1CQXEMrAnfXT3XpEkiLpVoZYNAqhAFi893UC3fhPMLwUlenhl1dPuW3AIcSNprSRejRkXPqXlZ7nSupcNJ2xCfk9OmczrFZOigwTUxmQB6lxFFQMGCzSPD7Tf%2FQ6D6Ul3UEbwaJ%2F1dAwlDmF68yyVF18LGVIO76eES3Ii4KewNfqaVkIlQla4PlkxM7DaXcfJIpoRDYTtHbBIHVayfp6peSWe4T72f%2FyLg%3D%3D
HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=87nptdwxol011520&param1=y6bdVFVIsvuYsgEClQfz8B3zzGW%2BMXjYap41VPqwQlIJ3YDjnguuXVlYJYULQxbOZJozpBgJjrH4uF9Rb2jlwxf4hd2eX94uKQwi3DRJebKwIHWQ%2BlKumUpGRFPg3XTTqu0xB4d%2FbiOR63SERZj3YE2XuclPxTWGupJLUn%2FyYzUDLAmoXEwf1CQXEMrAnfXT3XpEkiLpVoZYNAqhAFi893UC3fhPMLwUlenhl1dPuW3AIcSNprSRejRkXPqXlZ7nSupcNJ2xCfk9OmczrFZOigwTUxmQB6lxFFQMGCzSPD7Tf%2FQ6D6Ul3UEbwaJ%2F1dAwlDmF68yyVF18LGVIO76eES3Ii4KewNfqaVkIlQla4PlkxM7DaXcfJIpoRDYTtHbBIHVayfp6peSWe4T72f%2FyLg%3D%3D
HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-3826748822-2543032886-3249942663-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=omr&hsimp=yhs-001&type=87nptdwxol011520&param1=y6bdVFVIsvuYsgEClQfz8B3zzGW%2BMXjYap41VPqwQlIJ3YDjnguuXVlYJYULQxbOtrbh%2Bqp9BfukwljO3nnhtNSBc9eyyHv2nUXQOR9x6HEVnLeVSCKd2mzgD5CKe3NmZYiBigULJ8DC3SFrEOdllpVz8EXpR2E6p8tndzZ0G7MZvi57dSNWTkGxkxtqiupA5cH1camSMA8ge3cpDdZWDGv6e6%2FYLWjP6j3pWALIJ3yhhqWxeb0dJ4eZ4dW%2Fx7ikZEqUQKztpAKTnvbuowOSuP9HaUsGTuX8cqiymWFRq0m7ViWnWQgjXPv90D02qhpgp1keOq0USnmyTedw%2B9u5Q8Ym80oFxfktWZJw0RqyXL4WQlEXQBktKCfEfy934W5g&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3826748822-2543032886-3249942663-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=omr&hsimp=yhs-001&type=87nptdwxol011520&param1=y6bdVFVIsvuYsgEClQfz8B3zzGW%2BMXjYap41VPqwQlIJ3YDjnguuXVlYJYULQxbOtrbh%2Bqp9BfukwljO3nnhtNSBc9eyyHv2nUXQOR9x6HEVnLeVSCKd2mzgD5CKe3NmZYiBigULJ8DC3SFrEOdllpVz8EXpR2E6p8tndzZ0G7MZvi57dSNWTkGxkxtqiupA5cH1camSMA8ge3cpDdZWDGv6e6%2FYLWjP6j3pWALIJ3yhhqWxeb0dJ4eZ4dW%2Fx7ikZEqUQKztpAKTnvbuowOSuP9HaUsGTuX8cqiymWFRq0m7ViWnWQgjXPv90D02qhpgp1keOq0USnmyTedw%2B9u5Q8Ym80oFxfktWZJw0RqyXL4WQlEXQBktKCfEfy934W5g&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3826748822-2543032886-3249942663-1001 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=omr&hsimp=yhs-001&type=87nptdwxol011520&param1=y6bdVFVIsvuYsgEClQfz8B3zzGW%2BMXjYap41VPqwQlIJ3YDjnguuXVlYJYULQxbOtrbh%2Bqp9BfukwljO3nnhtNSBc9eyyHv2nUXQOR9x6HEVnLeVSCKd2mzgD5CKe3NmZYiBigULJ8DC3SFrEOdllpVz8EXpR2E6p8tndzZ0G7MZvi57dSNWTkGxkxtqiupA5cH1camSMA8ge3cpDdZWDGv6e6%2FYLWjP6j3pWALIJ3yhhqWxeb0dJ4eZ4dW%2Fx7ikZEqUQKztpAKTnvbuowOSuP9HaUsGTuX8cqiymWFRq0m7ViWnWQgjXPv90D02qhpgp1keOq0USnmyTedw%2B9u5Q8Ym80oFxfktWZJw0RqyXL4WQlEXQBktKCfEfy934W5g&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3826748822-2543032886-3249942663-1001 -> {2A23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKU\S-1-5-21-3826748822-2543032886-3249942663-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=omr&hsimp=yhs-001&type=87nptdwxol011520&param1=y6bdVFVIsvuYsgEClQfz8B3zzGW%2BMXjYap41VPqwQlIJ3YDjnguuXVlYJYULQxbOtrbh%2Bqp9BfukwljO3nnhtNSBc9eyyHv2nUXQOR9x6HEVnLeVSCKd2mzgD5CKe3NmZYiBigULJ8DC3SFrEOdllpVz8EXpR2E6p8tndzZ0G7MZvi57dSNWTkGxkxtqiupA5cH1camSMA8ge3cpDdZWDGv6e6%2FYLWjP6j3pWALIJ3yhhqWxeb0dJ4eZ4dW%2Fx7ikZEqUQKztpAKTnvbuowOSuP9HaUsGTuX8cqiymWFRq0m7ViWnWQgjXPv90D02qhpgp1keOq0USnmyTedw%2B9u5Q8Ym80oFxfktWZJw0RqyXL4WQlEXQBktKCfEfy934W5g&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3826748822-2543032886-3249942663-1001 -> {B5920500-0990-414F-A241-BBBF1453084B} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-03-14] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2020-03-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-14] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-3826748822-2543032886-3249942663-1001 -> hxxps://us.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=87nptdwxol011520&param1=y6bdVFVIsvuYsgEClQfz8B3zzGW%2BMXjYap41VPqwQlIJ3YDjnguuXVlYJYULQxbOS%2BD5Acj%2FGg0E30dUwuZICQkF%2BThxmHgQVLk2mimghMdoM6yiXUh5VX9osFS0ZBo2T1KivP4GLIg%2BE%2FZS2OiPjHGd6FbYQgdAT5QqprXpvtQ8yI5X4gF3rBx6CncggoyBeisPBfY6CwbmZde5tKqcAC%2FaGGa9h6IqYm00bNAfPVDRSIkRcWaq1G6HKfdUGHr5Bu9tWKwJ2hjL6J2%2FZYwRM0L5QuUMZk5aHLXdZ6p0hax%2B6SbPGa%2FdQjStNbXTYvuc3SsswegCd7Ry5IAPRS2kkbfHYDyEFUd4xi9lxu9AyKnpNf%2FknSttFM2MSaBCZnpw
Edge DefaultProfile: Default
Edge Profile: C:\Users\JoeJe\AppData\Local\Microsoft\Edge\User Data\Default [2020-06-12]

FireFox:
========
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-03-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-03-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3826748822-2543032886-3249942663-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\JoeJe\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-05-01] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default [2020-07-17]
CHR Notifications: Default -> hxxps://click.admessage.support; hxxps://meet.google.com; hxxps://www.completeroms.com; hxxps://www.lightingdirect.com; hxxps://www.wayfair.com; hxxps://www.weareteachers.com
CHR HomePage: Default -> hxxps://us.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=87nptdwxol011520&param1=y6bdVFVIsvuYsgEClQfz8B3zzGW%2BMXjYap41VPqwQlIJ3YDjnguuXVlYJYULQxbOsjP6cJzMRi3Bm%2FGmsOoiQTNIlEHzCKixOmO0QPObebelNOWUpye6b5jErl%2BvxVfQjHgMuE1mbfeTEehkmGfF25h8YS0PwATPWhkEPSVTKDT7RrmeSErMeimx14PKBTWwD9rM42V4QJAsmh726nfateKCtK0QENMhHA9v5K9rJBpECC49j1CtgJZ56SZeBho2vAxj92AVDRVYIfs9OfEFFH3KEFXkKArWrt7w9CnhtYqqnsX4FlYeDbWnsFHesxFeCTM6z9KRvB93BePX9smWXi0vhSYpgfRe4jRxcTXmdqJIw2p3wZr%2B0NW9jmGJE4Qg6lDT1u3jR9t%2FL%2BIYHnekiQ%3D%3D
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR NewTab: Default -> Not-active:"chrome-extension://hkkcoamcnjklfmpkbmcijdnkgjpkoiia/newtab.html"
CHR DefaultSearchURL: Default -> hxxps://srchbar.com/?q={searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Extension: (Slides) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Docs) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-16]
CHR Extension: (YouTube) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-16]
CHR Extension: (Search Manager) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod [2020-04-07]
CHR Extension: (Search Manager) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh [2020-04-07]
CHR Extension: (Block Site - Website Blocker for Chrome™) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2020-05-28]
CHR Extension: (Sheets) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Google Docs Offline) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-28]
CHR Extension: (PDFTotal) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkkcoamcnjklfmpkbmcijdnkgjpkoiia [2019-04-27]
CHR Extension: (Prodigy Math Game) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\hndgjbjghbnahgfhcmhkkoibbgdemlia [2016-12-17]
CHR Extension: (New Tab Redirect) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2019-07-06]
CHR Extension: (Cisco Webex Extension) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2020-06-19]
CHR Extension: (Loom for Chrome) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\liecbddmkiiihnedobmlmillhodjkdmb [2020-06-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Gmail) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-25]
CHR Extension: (Chrome Media Router) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-20]
CHR Profile: C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-07-21]
CHR DefaultSearchURL: Profile 1 -> hxxps://srchbar.com/?q={searchTerms}
CHR DefaultSuggestURL: Profile 1 -> hxxp://srch.bar/?s={searchTerms}
CHR Extension: (Slides) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-06-12]
CHR Extension: (Docs) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2020-06-12]
CHR Extension: (Google Drive) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-06-12]
CHR Extension: (YouTube) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-06-12]
CHR Extension: (Search Manager) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod [2020-06-12]
CHR Extension: (Search Manager) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coikafgfajmocjfjomdmagifpeehhohh [2020-06-12]
CHR Extension: (Sheets) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-06-12]
CHR Extension: (Google Docs Offline) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-06-12]
CHR Extension: (Pinterest Save Button) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2020-07-01]
CHR Extension: (AVG SafePrice | Comparison, deals, coupons) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2020-06-22]
CHR Extension: (Print My Recipes) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mmiogdihiogabnedkmfhmpfmcmabefpk [2020-06-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-06-12]
CHR Extension: (Nod - Reactions for Google Meet) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oikgofeboedgfkaacpfepbfmgdalabej [2020-06-12]
CHR Extension: (Gmail) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-06-12]
CHR Extension: (Chrome Media Router) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-07-21]
CHR Profile: C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\System Profile [2020-06-13]
CHR HKLM\...\Chrome\Extension:
CHR HKLM\...\Chrome\Extension: [coikafgfajmocjfjomdmagifpeehhohh]
CHR HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bnlfgalbnliphjafcnhjnnnfijekbnod]
CHR HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [coikafgfajmocjfjomdmagifpeehhohh]
CHR HKLM-x32\...\Chrome\Extension: [bnlfgalbnliphjafcnhjnnnfijekbnod]
CHR HKLM-x32\...\Chrome\Extension: [coikafgfajmocjfjomdmagifpeehhohh]
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-07-14] (Adobe Inc. -> Adobe)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0323964.inf_amd64_96f9136c8468c00d\atiesrxx.exe [489832 2018-02-06] (Advanced Micro Devices, Inc. -> AMD)
S2 avg; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [165520 2019-05-09] (AVG Netherlands B.V. -> AVG Technologies)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [357408 2020-07-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [6561216 2020-07-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 avgm; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [165520 2019-05-09] (AVG Netherlands B.V. -> AVG Technologies)
S3 AVGSecureBrowserElevationService; C:\Program Files (x86)\AVG\Browser\Application\83.1.4957.118\elevation_service.exe [1063128 2020-07-02] (AVG Technologies USA, LLC -> AVG Technologies)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [110608 2020-07-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11118984 2020-07-06] (Microsoft Corporation -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [248376 2020-01-22] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3359288 2020-01-22] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [271416 2020-01-22] (Dell Technologies Inc. -> Dell Technologies Inc.)
S4 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2016-12-21] (Dell Inc -> Dell Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7106.1428\DSAPI.exe [965104 2020-06-05] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
S4 Dell Help & Support; C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe [40976 2017-09-18] (Dell Inc -> Dell Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [36544 2020-04-17] (Dell Inc -> )
S4 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [123392 2018-10-31] (Dassault Systèmes) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379224 2020-05-20] (HP Inc. -> HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc. -> HP Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2425136 2019-11-12] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3303736 2019-11-12] (Electronic Arts, Inc. -> Electronic Arts)
R2 OSDSrv; C:\Windows\SysWoW64\OSDSrv\OSDSrv.EXE [192512 2013-12-27] () [File not signed]
R2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [47144 2017-04-06] (Dell Inc -> Dell)
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2015-09-02] (CyberLink Corp. -> CyberLink)
R2 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64184 2018-12-04] (Rivet Networks LLC -> CloudBees, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [307456 2015-10-06] (Realtek Semiconductor Corp -> Realtek Semiconductor)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2114248 2018-12-04] (Rivet Networks LLC -> Rivet Networks)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [38360 2020-05-03] (Dell Inc. -> Dell Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\NisSrv.exe [3285864 2020-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MsMpEng.exe [103168 2020-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0323964.inf_amd64_96f9136c8468c00d\atikmdag.sys [41585504 2018-02-06] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0323964.inf_amd64_96f9136c8468c00d\atikmpag.sys [554344 2018-02-06] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [73976 2015-06-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [243056 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 athr; C:\WINDOWS\System32\drivers\athw10x.sys [4320176 2017-05-02] (Qualcomm Atheros -> Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [111120 2016-02-11] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [37208 2020-07-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [205952 2020-07-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [235656 2020-07-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [195720 2020-07-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [61064 2020-07-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [16320 2020-07-21] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [42840 2020-07-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [175264 2020-07-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [514520 2020-07-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [109336 2020-07-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [84912 2020-07-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [851664 2020-07-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [466304 2020-07-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [216880 2020-07-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [323344 2020-07-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-11] (Microsoft Corporation) [File not signed]
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [35704 2020-01-03] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7116288 2016-07-16] (Intel Corporation) [File not signed]
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [120008 2018-12-04] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-02-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [376544 2020-02-28] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2020-02-28] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-07-21 20:55 - 2020-07-21 20:55 - 005198336 _____ (AVAST Software) C:\Users\JoeJe\Desktop\aswMBR.exe
2020-07-21 20:53 - 2020-07-21 20:56 - 000038981 _____ C:\Users\JoeJe\Desktop\FRST.txt
2020-07-21 20:49 - 2020-07-21 20:49 - 002293760 _____ (Farbar) C:\Users\JoeJe\Desktop\FRST64.exe
2020-07-21 09:22 - 2020-07-16 09:19 - 000336520 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2020-07-20 23:20 - 2020-07-20 23:26 - 000228218 _____ C:\Users\JoeJe\Downloads\pictures_of_jesus_smiling.jpeg
2020-07-19 23:06 - 2020-07-19 23:06 - 001087443 _____ C:\Users\JoeJe\Downloads\Outline_Succulent.pdf
2020-07-19 10:00 - 2020-07-19 10:00 - 011061877 _____ C:\Users\JoeJe\Downloads\COCONUT_CREAM_BOOK_1.pdf
2020-07-18 20:52 - 2020-07-18 20:52 - 000000153 _____ C:\Users\JoeJe\AppData\Local\{733C9420-196D-4EB5-A85B-353F8E75732B}
2020-07-16 09:20 - 2020-07-16 09:19 - 000216880 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2020-07-16 09:20 - 2020-07-16 09:19 - 000175264 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2020-07-15 21:02 - 2020-07-15 21:02 - 000000153 _____ C:\Users\JoeJe\AppData\Local\{DD47A102-5316-4078-A45B-D2135FA5DF90}
2020-07-15 16:29 - 2020-07-15 16:29 - 000000252 _____ C:\Users\JoeJe\Downloads\Video (1).mov
2020-07-15 16:24 - 2020-07-15 16:24 - 000000252 _____ C:\Users\JoeJe\Downloads\Video.mov
2020-07-14 18:02 - 2020-07-14 18:02 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-07-14 18:02 - 2020-07-14 18:02 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-07-14 18:02 - 2020-07-14 18:02 - 007823912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2020-07-14 18:02 - 2020-07-14 18:02 - 005099384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2020-07-14 18:02 - 2020-07-14 18:02 - 004129424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-07-14 18:02 - 2020-07-14 18:02 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-07-14 18:02 - 2020-07-14 18:02 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-07-14 18:02 - 2020-07-14 18:02 - 001346048 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2020-07-14 18:02 - 2020-07-14 18:02 - 001344512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2020-07-14 18:02 - 2020-07-14 18:02 - 001307136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2020-07-14 18:02 - 2020-07-14 18:02 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-07-14 18:02 - 2020-07-14 18:02 - 000967680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2020-07-14 18:02 - 2020-07-14 18:02 - 000891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2020-07-14 18:02 - 2020-07-14 18:02 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2020-07-14 18:02 - 2020-07-14 18:02 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2020-07-14 18:02 - 2020-07-14 18:02 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedReality.Broker.dll
2020-07-14 18:02 - 2020-07-14 18:02 - 000467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2020-07-14 18:02 - 2020-07-14 18:02 - 000432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2020-07-14 18:02 - 2020-07-14 18:02 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2020-07-14 18:02 - 2020-07-14 18:02 - 000352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2020-07-14 18:02 - 2020-07-14 18:02 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2020-07-14 18:02 - 2020-07-14 18:02 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConsoleLogon.dll
2020-07-14 18:02 - 2020-07-14 18:02 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2020-07-14 18:02 - 2020-07-14 18:02 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 025902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 022641664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 019851776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 018031104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 008015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 007269376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 007012864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 006523856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 006292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 005765648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 003743048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 002799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-07-14 18:01 - 2020-07-14 18:01 - 001991592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 001952880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 001665728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 001581568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 001477632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 001420328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 001397568 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-07-14 18:01 - 2020-07-14 18:01 - 001357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 001284608 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 001265152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 001195008 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 001125376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CBDHSvc.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-07-14 18:01 - 2020-07-14 18:01 - 001014784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 001009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000995840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000945176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000783488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-07-14 18:01 - 2020-07-14 18:01 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000779080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000685384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000673448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-07-14 18:01 - 2020-07-14 18:01 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000653824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000542288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000538664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-07-14 18:01 - 2020-07-14 18:01 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000442096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000411136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000406992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000406992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000405944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000380224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000345560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-07-14 18:01 - 2020-07-14 18:01 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnclient.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PickerPlatform.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000268552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2020-07-14 18:01 - 2020-07-14 18:01 - 000217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2020-07-14 18:01 - 2020-07-14 18:01 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagSvc.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000199496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-07-14 18:01 - 2020-07-14 18:01 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000193600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000190056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2020-07-14 18:01 - 2020-07-14 18:01 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Clipboard.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000176952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Management.Workplace.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000150336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2020-07-14 18:01 - 2020-07-14 18:01 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintWorkflowService.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintWSDAHost.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EaseOfAccessDialog.exe
2020-07-14 18:01 - 2020-07-14 18:01 - 000089328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sethc.exe
2020-07-14 18:01 - 2020-07-14 18:01 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DiagnosticInvoker.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiverExt.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\keyiso.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Print.Workflow.Source.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiverExt.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-07-14 18:01 - 2020-07-14 18:01 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-07-14 18:01 - 2020-07-14 18:01 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintWorkflowProxy.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.Native.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-07-14 18:01 - 2020-07-14 18:01 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-07-14 18:01 - 2020-07-14 18:01 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-07-14 18:01 - 2020-07-14 18:01 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-07-14 18:01 - 2020-07-14 18:01 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-07-14 18:01 - 2020-07-14 18:01 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-07-14 18:01 - 2020-07-14 18:01 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-07-14 18:01 - 2020-07-14 18:01 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-07-14 18:01 - 2020-07-14 18:01 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-07-14 18:01 - 2020-07-14 18:01 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-07-14 18:01 - 2020-07-14 18:01 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-07-14 18:01 - 2020-07-14 18:01 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-07-14 18:01 - 2020-07-14 18:01 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-07-14 18:00 - 2020-07-14 18:00 - 014820352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 009931576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-07-14 18:00 - 2020-07-14 18:00 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 007268640 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 006437376 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 006169088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 006089512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 005946368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 005111808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 004565264 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-07-14 18:00 - 2020-07-14 18:00 - 003974368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-07-14 18:00 - 2020-07-14 18:00 - 003800576 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 003748352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 002768984 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 002737664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 002576896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 002087168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 001946144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 001827328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 001821696 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 001737728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 001658368 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 001655472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 001654304 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 001550336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 001512960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 001486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-07-14 18:00 - 2020-07-14 18:00 - 001484384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 001463808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 001374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 001306944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 001290192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 001284608 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 001247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 001223168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 001100800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 001068544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 001048992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000950272 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000931840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000913408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000895600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000889416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000882184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000882176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000867840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000848384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000844096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000822200 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-07-14 18:00 - 2020-07-14 18:00 - 000797448 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000793320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputHost.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000778872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000742712 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000717824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000695208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000639488 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000628416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000628024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000605896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000600064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000594992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000582056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.applicationmodel.datatransfer.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000549048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000518464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-07-14 18:00 - 2020-07-14 18:00 - 000513024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000513024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000501760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000478296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000467960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000442368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000410112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.Phone.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000392504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Cortana.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000311608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000311440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000287744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Preview.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.ESim.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000266552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SystemSettings.DataModel.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2020-07-14 18:00 - 2020-07-14 18:00 - 000260288 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\PasswordEnrollmentManager.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000247864 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.CapturePicker.Desktop.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000220992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-07-14 18:00 - 2020-07-14 18:00 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MtcModel.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeopleBand.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-07-14 18:00 - 2020-07-14 18:00 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWorkflowService.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.CapturePicker.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000165840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2020-07-14 18:00 - 2020-07-14 18:00 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\useractivitybroker.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Graphics.Display.DisplayEnhancementManagement.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppExtension.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000132408 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingExperienceMEM.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredDialogBroker.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CaptureService.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\EaseOfAccessDialog.exe
2020-07-14 18:00 - 2020-07-14 18:00 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\sethc.exe
2020-07-14 18:00 - 2020-07-14 18:00 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2020-07-14 18:00 - 2020-07-14 18:00 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\keyiso.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000086272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Credentials.UI.CredentialPicker.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SystemUWPLauncher.exe
2020-07-14 18:00 - 2020-07-14 18:00 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe
2020-07-14 18:00 - 2020-07-14 18:00 - 000052152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ResourcePolicyClient.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIMgrBroker.exe
2020-07-14 18:00 - 2020-07-14 18:00 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWorkflowProxy.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SystemEventsBrokerClient.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.Native.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIManagerBrokerps.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-07-14 18:00 - 2020-07-14 18:00 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-07-14 17:59 - 2020-07-14 18:00 - 000684864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 017792512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 007917408 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 007850288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 007297536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 006233080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 004625192 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-07-14 17:59 - 2020-07-14 17:59 - 004014592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 003727360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-07-14 17:59 - 2020-07-14 17:59 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-07-14 17:59 - 2020-07-14 17:59 - 002552120 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 002505496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 002448712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 002357248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 002285056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 002264064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 002237096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 002161664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 002074112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 002060288 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 001918464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 001877504 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 001787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 001745728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 001723392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 001656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 001640448 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 001604608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 001540608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 001500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 001392128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 001385696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 001337856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 001335296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 001271296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrSvc.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 001183744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 001159168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 001151304 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputHost.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-07-14 17:59 - 2020-07-14 17:59 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 001086776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 001081344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 001059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 001055232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 001028336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 001008960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 001007616 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000958608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000919880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000904192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000821232 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.applicationmodel.datatransfer.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000750592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000737792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000656696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2020-07-14 17:59 - 2020-07-14 17:59 - 000638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000608256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-07-14 17:59 - 2020-07-14 17:59 - 000526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000524784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000475136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000458240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.ESim.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000411640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000399672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DataModel.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000397824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000381152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialEnrollmentManager.exe
2020-07-14 17:59 - 2020-07-14 17:59 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PickerPlatform.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnclient.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000340328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.internal.shellcommon.shareexperience.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000295936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000290304 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000239928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Workplace.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\useractivitybroker.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000204608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2020-07-14 17:59 - 2020-07-14 17:59 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Internal.Input.ExpressiveInput.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppExtension.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Graphics.Display.DisplayEnhancementManagement.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2020-07-14 17:59 - 2020-07-14 17:59 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000146232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourcePolicyServer.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000110040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticInvoker.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-07-14 17:59 - 2020-07-14 17:59 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemUWPLauncher.exe
2020-07-14 17:59 - 2020-07-14 17:59 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000076952 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialEnrollmentManagerForUser.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000070248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourcePolicyClient.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000040248 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkPS.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerClient.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2020-07-14 17:59 - 2020-07-14 17:59 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2020-07-14 17:27 - 2020-06-29 22:32 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-07-14 17:27 - 2020-06-29 22:26 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-07-14 15:33 - 2020-07-14 15:33 - 008774200 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2020-07-05 22:08 - 2020-07-19 16:00 - 000003038 _____ C:\WINDOWS\system32\Tasks\WpsExternal_JoeJe_20200705220823
2020-07-05 22:08 - 2020-07-05 22:08 - 000000000 ____D C:\Users\JoeJe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WPS Office
2020-07-01 23:06 - 2020-07-01 23:06 - 000992485 _____ C:\Users\JoeJe\Downloads\HeartHandsoutline.pdf
2020-06-25 21:08 - 2020-06-25 21:08 - 000066586 _____ C:\Users\JoeJe\Downloads\11641-272726-0-2019-2020-06-25-10-08-39-710.pdf
2020-06-25 21:08 - 2020-06-25 21:08 - 000066586 _____ C:\Users\JoeJe\Downloads\11641-272726-0-2019-2020-06-25-10-08-28-648.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-07-21 20:57 - 2019-03-18 22:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-07-21 20:55 - 2019-10-10 16:03 - 000000000 ____D C:\FRST
2020-07-21 20:44 - 2019-08-16 02:37 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-07-21 20:33 - 2019-03-18 22:50 - 000000000 ____D C:\WINDOWS\INF
2020-07-21 20:27 - 2019-08-16 03:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-07-21 20:26 - 2019-03-18 22:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-07-21 20:26 - 2017-05-23 19:55 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2020-07-21 20:13 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-07-21 20:13 - 2017-12-28 04:21 - 000000000 ____D C:\Users\JoeJe\AppData\Local\Packages
2020-07-21 20:12 - 2018-07-10 16:26 - 000000000 ____D C:\Users\JoeJe\AppData\Roaming\American Well
2020-07-21 20:09 - 2019-03-18 22:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-07-21 19:17 - 2018-07-22 12:47 - 000002001 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk
2020-07-21 19:17 - 2018-07-22 12:47 - 000001989 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
2020-07-21 19:17 - 2018-07-22 12:47 - 000001989 _____ C:\ProgramData\Desktop\AVG AntiVirus FREE.lnk
2020-07-21 18:36 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-07-21 16:27 - 2019-08-16 03:21 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3826748822-2543032886-3249942663-1001
2020-07-21 16:27 - 2019-08-16 02:50 - 000002369 _____ C:\Users\JoeJe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-07-21 16:27 - 2016-12-16 17:13 - 000000000 ___RD C:\Users\JoeJe\OneDrive
2020-07-21 09:22 - 2019-08-16 03:21 - 000003992 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2020-07-21 09:22 - 2019-03-18 22:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-07-21 05:24 - 2018-07-22 12:45 - 000016320 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgElam.sys
2020-07-21 04:25 - 2016-12-16 17:16 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-07-21 04:25 - 2016-12-16 17:16 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-07-21 04:25 - 2016-12-16 17:16 - 000002262 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-07-20 23:24 - 2018-08-07 16:37 - 000000000 ____D C:\Users\JoeJe\AppData\Local\CrashDumps
2020-07-20 09:48 - 2019-08-08 18:49 - 000000000 ____D C:\Users\JoeJe\AppData\Roaming\.minecraft
2020-07-19 16:00 - 2020-03-13 18:53 - 000003406 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-07-19 16:00 - 2020-03-13 18:53 - 000003182 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-07-19 16:00 - 2019-08-16 03:21 - 000003764 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-07-19 16:00 - 2019-08-16 03:21 - 000003446 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2020-07-19 16:00 - 2019-08-16 03:21 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-07-19 16:00 - 2019-08-16 03:21 - 000003274 _____ C:\WINDOWS\system32\Tasks\Dell SupportAssistAgent AutoUpdate
2020-07-19 16:00 - 2019-08-16 03:21 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-07-19 16:00 - 2019-08-16 03:21 - 000002626 _____ C:\WINDOWS\system32\Tasks\WpsUpdateTask_JoeJe
2020-07-19 16:00 - 2019-08-16 03:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-07-17 16:45 - 2020-03-13 18:54 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-07-17 16:23 - 2016-10-25 13:06 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-07-16 09:19 - 2020-06-11 11:27 - 000514520 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetHub.sys
2020-07-16 09:19 - 2019-01-10 15:56 - 000235656 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2020-07-16 09:19 - 2019-01-10 15:56 - 000195720 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2020-07-16 09:19 - 2019-01-10 15:56 - 000061064 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2020-07-16 09:19 - 2019-01-10 15:56 - 000037208 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2020-07-16 09:19 - 2018-10-09 19:47 - 000042840 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2020-07-16 09:19 - 2018-07-22 12:45 - 000851664 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2020-07-16 09:19 - 2018-07-22 12:45 - 000466304 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2020-07-16 09:19 - 2018-07-22 12:45 - 000323344 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2020-07-16 09:19 - 2018-07-22 12:45 - 000205952 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2020-07-16 09:19 - 2018-07-22 12:45 - 000109336 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2020-07-16 09:19 - 2018-07-22 12:45 - 000084912 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2020-07-15 21:01 - 2019-08-08 18:45 - 000000000 ____D C:\Program Files (x86)\Minecraft Launcher
2020-07-15 18:21 - 2020-02-13 08:44 - 000002370 _____ C:\Users\JoeJe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2020-07-14 18:50 - 2019-08-16 02:59 - 000840852 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-07-14 18:48 - 2017-12-28 09:59 - 000000000 ___RD C:\Users\JoeJe\3D Objects
2020-07-14 18:48 - 2016-10-14 18:15 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-07-14 18:44 - 2019-08-16 02:37 - 000616608 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-07-14 18:39 - 2019-03-18 22:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-07-14 18:39 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-07-14 18:39 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-07-14 18:39 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-07-14 18:39 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-07-14 18:39 - 2019-03-18 22:52 - 000000000 ____D C:\Program Files\Common Files\System
2020-07-14 18:37 - 2019-08-16 02:50 - 000000000 ____D C:\Users\JoeJe
2020-07-14 18:14 - 2019-03-18 22:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-07-14 15:42 - 2019-05-09 20:48 - 000002377 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Secure Browser.lnk
2020-07-14 15:42 - 2019-05-09 20:48 - 000002342 _____ C:\Users\Public\Desktop\AVG Secure Browser.lnk
2020-07-14 15:42 - 2019-05-09 20:48 - 000002342 _____ C:\ProgramData\Desktop\AVG Secure Browser.lnk
2020-07-14 15:33 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-07-14 15:33 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-07-06 10:17 - 2016-12-16 16:50 - 000000000 ____D C:\Users\JoeJe\AppData\Local\ConnectedDevicesPlatform
2020-06-28 20:22 - 2018-07-22 12:43 - 000000000 ____D C:\ProgramData\AVG
2020-06-28 20:15 - 2019-11-09 23:15 - 000000000 ____D C:\Users\defaultuser100001.STANLEY.000

==================== Files in the root of some directories ========

2017-01-02 22:37 - 2017-01-02 22:37 - 000000008 _____ () C:\Users\JoeJe\AppData\Roaming\com.silhouettesoftware.id
2020-05-07 01:40 - 2020-05-07 01:40 - 000000153 _____ () C:\Users\JoeJe\AppData\Local\{06D15B1F-CA65-4AC6-AA2B-25346C4539E1}
2020-04-21 22:27 - 2020-04-21 22:27 - 000000153 _____ () C:\Users\JoeJe\AppData\Local\{1791F4E8-D022-4C57-88BA-9F7078B2F88C}
2020-05-11 23:00 - 2020-05-11 23:00 - 000000153 _____ () C:\Users\JoeJe\AppData\Local\{4D45830D-1341-49FC-A5B7-B75E89CADD99}
2020-07-18 20:52 - 2020-07-18 20:52 - 000000153 _____ () C:\Users\JoeJe\AppData\Local\{733C9420-196D-4EB5-A85B-353F8E75732B}
2020-06-09 10:30 - 2020-06-09 10:30 - 000000153 _____ () C:\Users\JoeJe\AppData\Local\{B84C971B-B301-4E2C-BE02-37C2031F2EC9}
2020-04-27 20:52 - 2020-04-27 20:52 - 000000153 _____ () C:\Users\JoeJe\AppData\Local\{BEF9EEDA-CD65-47A1-9421-EA77C39704D7}
2020-07-15 21:02 - 2020-07-15 21:02 - 000000153 _____ () C:\Users\JoeJe\AppData\Local\{DD47A102-5316-4078-A45B-D2135FA5DF90}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


[B]Addition.txt

_____________________
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-07-2020
Ran by JoeJe (21-07-2020 21:00:02)
Running from C:\Users\JoeJe\Desktop
Windows 10 Home Version 1903 18362.959 (X64) (2019-08-16 09:23:39)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3826748822-2543032886-3249942663-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3826748822-2543032886-3249942663-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3826748822-2543032886-3249942663-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-3826748822-2543032886-3249942663-501 - Limited - Disabled)
JoeJe (S-1-5-21-3826748822-2543032886-3249942663-1001 - Administrator - Enabled) => C:\Users\JoeJe
joeje_70kka (S-1-5-21-3826748822-2543032886-3249942663-1007 - Limited - Disabled)
Kids (S-1-5-21-3826748822-2543032886-3249942663-1008 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-3826748822-2543032886-3249942663-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Connect (HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\...\Adobe Connect App) (Version: 2019.3.3.32 - Adobe Systems Inc.)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.403 - Adobe)
Adobe Reader XI MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 20.5.3130 - AVG Technologies)
AVG Secure Browser (HKLM-x32\...\AVG Secure Browser) (Version: 83.1.4957.118 - AVG Technologies)
AVG Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.155.333 - AVG Technologies) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{4B01D0E7-031D-6FDD-124A-F849A990B186}) (Version: 2016.0223.2256.41207 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{7DBED9C6-CE38-EA99-F049-F72238102323}) (Version: 2016.0223.2256.41207 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{62059437-B4B9-C408-38C8-A62195AEBB80}) (Version: 2016.0223.2256.41207 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{3B7A7D5D-3220-B822-7320-AFA3C8EB4C11}) (Version: 2016.0223.2256.41207 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{9344BF36-62F5-98D9-E6D9-1BB31382BA3D}) (Version: 2016.0223.2256.41207 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{3B66EB95-5D93-777A-9B9F-EC20C66135B2}) (Version: 2016.0223.2256.41207 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{8E9DED56-7160-A38F-BF30-BF3F73F39C30}) (Version: 2016.0223.2256.41207 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{DF44F973-BC16-4421-3162-79E8C817E256}) (Version: 2016.0223.2256.41207 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{AF85818F-B551-7344-6D31-A289AEE04F2E}) (Version: 2016.0223.2256.41207 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{EB6D440A-D421-8DF6-C991-9B2C44BB481D}) (Version: 2016.0223.2256.41207 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{DD157D58-487C-A16D-E03F-C28BECF3DF38}) (Version: 2016.0223.2256.41207 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{722E332E-18B4-3E96-2392-02EB152342A3}) (Version: 2016.0223.2256.41207 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{B2BF687C-7F26-46BD-A789-E0E5C0DCD965}) (Version: 2016.0223.2256.41207 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{5221EF35-C877-0472-C18E-A2EA83341D6E}) (Version: 2016.0223.2256.41207 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{7098702E-BBAA-B38B-956B-2EAD3CA57CE5}) (Version: 2016.0223.2256.41207 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{81756772-A979-D1DC-9A63-F09F58E3B1FB}) (Version: 2016.0223.2256.41207 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{C2D8A396-728B-28A4-1418-C3A6F3B93E40}) (Version: 2016.0223.2256.41207 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{BD167850-F417-59F3-4FE7-E37212D4AE60}) (Version: 2016.0223.2256.41207 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{E7FBA730-D462-05D1-F5A8-AB7B89F77F82}) (Version: 2016.0223.2256.41207 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{2B1918A2-5217-8057-4649-852B4ABD3DD9}) (Version: 2016.0223.2256.41207 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{D5F01D83-DC98-4116-F1EF-F2CCD51C805B}) (Version: 2016.0223.2256.41207 - Advanced Micro Devices, Inc.) Hidden
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 12 - CyberLink Corp.)
Dell Customer Connect (HKLM-x32\...\{4FA72FF9-DD64-43A8-8704-6380A11F11D5}) (Version: 1.4.15.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{4B38FF9D-7308-411D-93BF-CCF259B476ED}) (Version: 3.5.2013.0 - Dell Products, LP)
Dell Help & Support (HKLM\...\{457EFE69-8F49-43E0-80F9-1DEF4F7690C2}) (Version: 2.5.23.0 - Dell Inc.) Hidden
Dell Help & Support (HKLM-x32\...\InstallShield_{457EFE69-8F49-43E0-80F9-1DEF4F7690C2}) (Version: 2.5.23.0 - Dell Inc.)
Dell OSD (HKLM-x32\...\Dell OSD_is1) (Version: 1.3.0 - Dell Inc.)
Dell Product Registration (HKLM-x32\...\InstallShield_{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\{6D2933E3-DC42-44E5-B80E-DACDD64ADFF5}) (Version: 3.5.0.448 - Dell Inc.)
Dell Update - SupportAssist Update Plugin (HKLM\...\{6DE68941-66DE-48DE-9C80-FE60C9DE0AD4}) (Version: 4.0.1.5857 - Dell Inc.) Hidden
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{1dbe752f-b00e-4567-9276-141812b20d28}) (Version: 4.0.1.5857 - Dell Inc.)
Dell Update (HKLM-x32\...\{5EBBC1DA-975F-44A0-B438-F325BCD45577}) (Version: 3.0.1 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
DraftSight 2018 SP3 x64 (HKLM\...\{EBF04C29-4524-4A5E-AC86-2D534AC3C3B9}) (Version: 18.3.0105 - Dassault Systemes)
EA Download Manager (HKLM-x32\...\EADM) (Version: 5.0.0.255 - Electronic Arts, Inc.)
Goodgame Big Farm (HKLM-x32\...\Goodgame Big Farm) (Version: - )
Goodgame Empire (HKLM-x32\...\Goodgame Empire) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 84.0.4147.89 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
H&R Block Deluxe + Efile + State 2016 (HKLM-x32\...\{E7065AD9-D2DB-423B-B853-8310038D7D42}) (Version: 16.05.6401 - HRB Technology, LLC.)
H&R Block Deluxe + Efile + State 2017 (HKLM-x32\...\{191D85BA-E6EA-4F97-8D2A-76A220043D87}) (Version: 17.05.7601 - HRB Technology, LLC.)
H&R Block Deluxe + Efile + State 2018 (HKLM-x32\...\{87F75E61-4B61-431D-875D-0ACB48DD3285}) (Version: 18.05.8301 - HRB Technology, LLC.)
H&R Block Utah 2016 (HKLM-x32\...\{52C70E61-0482-4184-9B6E-DFA63BA2BE17}) (Version: 1.16.2101 - HRB Technology, LLC.)
H&R Block Utah 2017 (HKLM-x32\...\{1A20D827-6862-4868-B930-707FE9848E69}) (Version: 1.17.3201 - H&R Block, Inc.)
H&R Block Utah 2018 (HKLM-x32\...\{E7CF06BC-A9C0-4735-BACE-C9E59599570A}) (Version: 1.18.3001 - H&R Block, Inc.)
HP Dropbox Plugin (HKLM-x32\...\{D12BC084-97D6-438A-AA7C-5962608D17A0}) (Version: 36.0.41.58587 - HP)
HP ENVY 7640 series Basic Device Software (HKLM\...\{B81E425D-39FF-4846-B4BB-7AD61909A0EF}) (Version: 40.11.1135.17143 - HP Inc.)
HP ENVY 7640 series Help (HKLM-x32\...\{5845A5C9-AA03-4D91-9793-1A2563CE0129}) (Version: 34.0.0 - Hewlett Packard)
HP Google Drive Plugin (HKLM-x32\...\{BFA42100-DB54-467A-BB87-CF70732B4065}) (Version: 36.0.41.58587 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Support Assistant (HKLM-x32\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.8.26.13 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{00612F78-52C4-46C0-97F0-F50B6036B5E2}) (Version: 12.16.22.11 - HP Inc.)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.6568.0 - Waves Audio Ltd.) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 84.0.522.40 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.133.5 - )
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.12527.20880 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.12527.20880 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\...\OneDriveSetup.exe) (Version: 20.114.0607.0002 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\...\Teams) (Version: 1.3.00.19565 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{CFF44AE9-2908-4D7D-B48B-1CB5139015C7}) (Version: 1.0.0.0 - Mojang)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12527.20720 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20720 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20720 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12527.20720 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.55.33574 - Electronic Arts, Inc.)
proDAD Adorage 3.0 (HKLM-x32\...\proDAD-Adorage-3.0) (Version: 3.0.114.1 - proDAD GmbH)
Product Improvement Study for HP ENVY 7640 series (HKLM\...\{C15C2D78-89D2-4EC1-850D-4D9BFADA758A}) (Version: 40.11.1135.17143 - HP Inc.)
Product Registration (HKLM\...\{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.0 - Qualcomm Atheros)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7628 - Realtek Semiconductor Corp.)
Roblox Player for JoeJe (HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\...\roblox-player) (Version: - Roblox Corporation)
Silhouette Studio (HKLM-x32\...\{3B579498-DC7F-4C47-96B3-143F3A816B27}) (Version: 3.8.150 - Silhouette America)
SmartByte Drivers and Services (HKLM\...\{01F01829-4C5A-41B0-8198-0BDD02B34C47}) (Version: 2.0.643 - Rivet Networks)
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.24753 - Microsoft Corporation)
Telehealth Video 10.4.2.0 (HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\...\Telehealth Video 10.4.2.0) (Version: - American Well)
Telehealth Video 11.4.0.0 (HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\...\Telehealth Video 11.4.0.0) (Version: - American Well)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.56.52.1020 - Electronic Arts Inc.)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 3.5.3 - Tweaking.com)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
WPS Office (11.2.0.9453) (HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\...\Kingsoft Office) (Version: 11.2.0.9453 - Kingsoft Corp.)
Zoom (HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)

Packages:
=========
CyberLink Media Suite Essentials -> C:\Program Files\WindowsApps\DB6EA5DB.CyberLinkMediaSuiteEssentials_1.0.10.0_x86__mcezb6ze687jp [2018-03-13] (CYBERLINK CORPORATION.)
Dell Shop -> C:\Program Files\WindowsApps\DellInc.DellShop_2.2.1.0_neutral__htrsf667h5kn2 [2016-12-16] (Dell Inc)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.5.13.0_x64__htrsf667h5kn2 [2020-06-05] (Dell Inc)
Drawboard PDF -> C:\Program Files\WindowsApps\Drawboard.DrawboardPDF_5.29.0.0_x64__gqbn7fs4pywxm [2020-07-20] (Drawboard)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt [2019-10-22] (Facebook Inc)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-05-30] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-23] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-23] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.7162.0_x64__8wekyb3d8bbwe [2020-07-21] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.16.1002.0_x64__8wekyb3d8bbwe [2020-07-21] (Microsoft Studios)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3826748822-2543032886-3249942663-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\JoeJe\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20130.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3826748822-2543032886-3249942663-1001_Classes\CLSID\{28A80003-18FD-411D-B0A3-3C81F618E22B}\InprocServer32 -> C:\Users\JoeJe\AppData\Local\Kingsoft\WPS Office\11.2.0.9453\office6\kwpsmenushellext64.dll (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-3826748822-2543032886-3249942663-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\JoeJe\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20130.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-07-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-04-27] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-04-27] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-07-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1_S-1-5-21-3826748822-2543032886-3249942663-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\JoeJe\AppData\Local\Kingsoft\WPS Office\11.2.0.9453\office6\kwpsmenushellext64.dll [2020-07-05] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers4_S-1-5-21-3826748822-2543032886-3249942663-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\JoeJe\AppData\Local\Kingsoft\WPS Office\11.2.0.9453\office6\kwpsmenushellext64.dll [2020-07-05] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.pDAD] => C:\Windows\SysWOW64\prodad-codec.dll [506392 2016-04-27] (proDAD GmbH -> proDAD GmbH)
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\JoeJe\Desktop\Jen (Mom) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\JoeJe\Desktop\Person 1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"

==================== Loaded Modules (Whitelisted) =============

2015-06-25 17:53 - 2015-06-25 17:53 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 17:51 - 2015-06-25 17:51 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-06-25 18:34 - 2015-06-25 18:34 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 18:37 - 2015-06-25 18:37 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 18:38 - 2015-06-25 18:38 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 18:35 - 2015-06-25 18:35 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2018-12-04 13:10 - 2018-12-04 13:10 - 000100864 _____ (Rivet Networks) [File not signed] C:\Program Files\Rivet Networks\SmartByte\KillerNetworkServicePS.dll
2016-12-18 11:54 - 2015-01-06 09:19 - 000120320 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\E_YLMIUE.DLL
2020-05-03 05:13 - 2020-05-03 05:13 - 001899008 _____ (SQLite Development Team) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\sqlite3.dll
2015-06-25 18:20 - 2015-06-25 18:20 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2015-06-25 18:15 - 2015-06-25 18:15 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2015-06-25 18:20 - 2015-06-25 18:20 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2015-06-25 18:15 - 2015-06-25 18:15 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2015-06-25 18:20 - 2015-06-25 18:20 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2015-06-25 18:15 - 2015-06-25 18:15 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2015-06-25 18:20 - 2015-06-25 18:20 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2015-06-25 18:17 - 2015-06-25 18:17 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2015-06-25 18:20 - 2015-06-25 18:20 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2015-06-25 18:20 - 2015-06-25 18:20 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2015-06-25 18:20 - 2015-06-25 18:20 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2015-06-25 18:21 - 2015-06-25 18:21 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2015-06-25 18:14 - 2015-06-25 18:14 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2015-07-02 13:58 - 2015-07-02 13:58 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2015-06-25 18:03 - 2015-06-25 18:03 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2015-06-25 18:00 - 2015-06-25 18:00 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2015-06-25 18:23 - 2015-06-25 18:23 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2015-06-25 18:28 - 2015-06-25 18:28 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2015-06-25 18:16 - 2015-06-25 18:16 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2015-06-25 18:08 - 2015-06-25 18:08 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2015-06-25 18:58 - 2015-06-25 18:58 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2015-06-25 17:59 - 2015-06-25 17:59 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\...\sharepoint.com -> hxxps://alpinedistrictorg-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 05:47 - 2020-07-21 20:17 - 000000838 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3826748822-2543032886-3249942663-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\JoeJe\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\jul_2994.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: dbupdate => 2
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: DbxSvc => 2
MSCONFIG\Services: DDVCollectorSvcApi => 2
MSCONFIG\Services: DDVDataCollector => 2
MSCONFIG\Services: DDVRulesProcessor => 2
MSCONFIG\Services: Dell Customer Connect => 2
MSCONFIG\Services: Dell Hardware Support => 2
MSCONFIG\Services: Dell Help & Support => 2
MSCONFIG\Services: DellClientManagementService => 2
MSCONFIG\Services: DellDigitalDelivery => 2
MSCONFIG\Services: DraftSight API Service => 2
MSCONFIG\Services: p2pimsvc => 3
MSCONFIG\Services: p2psvc => 3
MSCONFIG\Services: RichVideo => 2
MSCONFIG\Services: vds => 3
MSCONFIG\Services: vmicguestinterface => 3
MSCONFIG\Services: vmicheartbeat => 3
MSCONFIG\Services: vmickvpexchange => 3
MSCONFIG\Services: vmicrdv => 3
MSCONFIG\Services: vmicshutdown => 3
MSCONFIG\Services: vmictimesync => 3
MSCONFIG\Services: vmicvmsession => 3
MSCONFIG\Services: vmicvss => 3
MSCONFIG\Services: XblAuthManager => 3
MSCONFIG\Services: XblGameSave => 3
MSCONFIG\Services: XboxGipSvc => 3
MSCONFIG\Services: XboxNetApiSvc => 3
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\...\StartupApproved\Run: => "EA Core"
HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{63E13DE5-22C6-4F3F-BD82-896AB5AE39C8}C:\program files (x86)\electronic arts\eadm\core.exe] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe (Electronic Arts) [File not signed]
FirewallRules: [UDP Query User{93B7B06F-F57E-449B-853C-1B0AD9FAEBEB}C:\program files (x86)\electronic arts\eadm\core.exe] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe (Electronic Arts) [File not signed]
FirewallRules: [{4A91A50B-49C5-49A1-8D55-236177E7709E}] => (Allow) C:\Users\JoeJe\AppData\Local\Temp\7zS5F74\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{AB14589A-2402-426B-BC02-962C2CE5B453}] => (Allow) C:\Users\JoeJe\AppData\Local\Temp\7zS5F74\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{7898CF9E-2D2D-4C52-A56D-1E9DE5B382CE}] => (Allow) C:\Users\JoeJe\AppData\Local\Temp\7zS6A9E\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{100D15E4-9820-40D1-AEE7-18D3B8ED8D68}] => (Allow) C:\Users\JoeJe\AppData\Local\Temp\7zS6A9E\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{55EBC109-D897-478C-A738-B662ACFC0636}] => (Allow) C:\Users\JoeJe\AppData\Local\Temp\7zS0755\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{8D2A070E-6A93-4CAB-A630-40D5BA29D8D4}] => (Allow) C:\Users\JoeJe\AppData\Local\Temp\7zS0755\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{D57C35F6-BB2C-48DB-8756-C812AE8C0316}] => (Allow) C:\Program Files\HP\HP ENVY 7640 series\bin\FaxApplications.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{0357A62F-386F-4D64-87AE-5658DD16B04E}] => (Allow) C:\Program Files\HP\HP ENVY 7640 series\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{ECEDE37D-B399-4785-BB74-A6D8BBC39AB5}] => (Allow) C:\Program Files\HP\HP ENVY 7640 series\bin\SendAFax.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{2AF8FBB1-8E6F-4A50-AB50-4AEF453C9E28}] => (Allow) C:\Program Files\HP\HP ENVY 7640 series\bin\FaxPrinterUtility.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{D5309E99-AF3A-4C38-A939-F7333A1A0565}] => (Allow) C:\Program Files\HP\HP ENVY 7640 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{A2D78496-B464-41F4-90D9-564A5CFC53C8}] => (Allow) LPort=5357
FirewallRules: [{BDB3DB44-9CA8-4ABC-B8D3-00F55419C08A}] => (Allow) C:\Program Files\HP\HP ENVY 7640 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [TCP Query User{10A69328-5D47-4562-86B9-3B5E0F0D5263}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{C92A31A6-680B-4708-8E85-F9C2EAECFB6F}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [TCP Query User{B6F61C2A-C5D1-4635-84EB-DE55F2E71BD3}C:\program files (x86)\avg\browser\application\avgbrowser.exe] => (Block) C:\program files (x86)\avg\browser\application\avgbrowser.exe (AVG Technologies USA, LLC -> AVG Technologies)
FirewallRules: [UDP Query User{CE1A51A9-7B11-4342-8C92-E86595EF3EC0}C:\program files (x86)\avg\browser\application\avgbrowser.exe] => (Block) C:\program files (x86)\avg\browser\application\avgbrowser.exe (AVG Technologies USA, LLC -> AVG Technologies)
FirewallRules: [{C3FEE0EB-2674-4A95-93A1-31B9D1409859}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{E8D18B9F-1125-4285-9143-D3B81705467B}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{3E8243AA-94C7-409C-8013-27B152DC8595}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{C65FB5F3-7843-4BDF-82E8-A4FC9ABD1F2E}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{C562E535-B0ED-4458-BC96-C10AE50C0B43}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1E6B554C-778C-43B6-AEEF-296C3F0E819B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{029C9974-A07F-41DB-A312-356D10046B28}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EDBA8DBF-EDDD-4002-9F9D-5C55AB1E73E5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{4FBE24BC-25C5-40B4-A5FC-833D14883E98}C:\users\joeje\appdata\roaming\american well\files\11.4.0.0\telehealthvideo.exe] => (Allow) C:\users\joeje\appdata\roaming\american well\files\11.4.0.0\telehealthvideo.exe => No File
FirewallRules: [UDP Query User{E364F29A-9E29-4B10-A572-DFA5B2E4FC51}C:\users\joeje\appdata\roaming\american well\files\11.4.0.0\telehealthvideo.exe] => (Allow) C:\users\joeje\appdata\roaming\american well\files\11.4.0.0\telehealthvideo.exe => No File
FirewallRules: [{AF10ED43-AEE3-426B-B0F1-AAA86B5A9966}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AF373C13-2BC9-4CE2-8243-79A337FEEFB6}] => (Allow) C:\Users\JoeJe\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{218E1E8D-B272-4802-BC33-971C0F89A7AD}] => (Allow) C:\Users\JoeJe\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{C4DD6F00-B916-4DFF-AC91-9E48C92BFA03}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DC4961E7-5BBD-4E13-910E-2BAD40CB3B26}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9879AFBA-0364-4A4E-A8A8-EBA955180698}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B24D2293-52C3-4162-BE16-E1A75D02B5D3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F42AC294-27C2-464D-B08F-138A92B8ED8A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9DAE88CA-F48D-43EF-B755-4D79E3F3D19A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{44CE14DB-DD8F-4C6B-B8A3-A11F2E83CF1F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8B12E9D0-2A9E-42BE-96C6-19D9DC083199}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.134.694.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{72BEECAD-6E8F-4C21-B773-5D6244023CFD}] => (Allow) C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe (AVG Technologies USA, LLC -> AVG Technologies)
FirewallRules: [{4E5AF15F-476A-4E21-8C9B-5220E10C65E8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

06-07-2020 00:20:04 Scheduled Checkpoint
14-07-2020 17:11:59 Scheduled Checkpoint
21-07-2020 20:00:41 Removed GlobalProtect

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (07/21/2020 08:50:50 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13988,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (07/21/2020 08:42:20 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3716,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (07/21/2020 08:25:58 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.

Error: (07/21/2020 08:25:58 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (07/21/2020 08:23:53 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8924,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (07/21/2020 08:00:58 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary SAntivirus Kernel Driver.

System Error:
The system cannot find the file specified.
.

Error: (07/21/2020 07:32:45 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3780,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (07/21/2020 07:16:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SystemSettings.exe version 10.0.18362.628 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1d94

Start Time: 01d65fc55359f444

Termination Time: 4294967295

Application Path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe

Report Id: b26dd856-14de-4a21-9350-4dcac16fb320

Faulting package full name: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel

Hang type: Cross-thread


System errors:
=============
Error: (07/21/2020 08:28:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Origin Web Helper Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (07/21/2020 08:28:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (60000 milliseconds) while waiting for the Origin Web Helper Service service to connect.

Error: (07/21/2020 08:03:08 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT AUTHORITY)
Description: Miniport PANGP Virtual Ethernet Adapter #5, {9e55efe3-f312-453e-b28d-69f613e38c50}, had event 76

Error: (07/21/2020 07:20:12 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Delivery Optimization service hung on starting.

Error: (07/21/2020 07:17:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The SAntivirusSvc service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.

Error: (07/21/2020 07:12:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Origin Web Helper Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (07/21/2020 07:12:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (60000 milliseconds) while waiting for the Origin Web Helper Service service to connect.

Error: (07/21/2020 07:09:02 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The AVG Antivirus service did not shut down properly after receiving a preshutdown control.


Windows Defender:
===================================
Date: 2020-03-09 20:45:09.499
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {403460FE-1587-45C5-80E2-DA10B076EFD2}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-03-09 20:16:29.771
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {01FFC473-A9B0-4E8B-8B63-524447702407}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-02-29 17:12:22.729
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {C90EC4E4-4191-41C4-8659-DD91C2099BEF}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-02-22 22:10:38.366
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {35FAD3B0-859D-4773-BC27-4796167B3CFC}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-02-22 21:54:50.041
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {D876FFA0-A6A3-4E7E-9B10-D40FDD0AED1B}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-03-08 16:43:14.300
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.311.818.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16800.2
Error code: 0x80070102
Error description: The wait operation timed out.

CodeIntegrity:
===================================

Date: 2020-07-21 21:02:07.148
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-07-21 21:02:07.133
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-07-21 21:02:04.230
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-07-21 21:02:04.220
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-07-21 21:01:59.487
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-07-21 21:01:59.481
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-07-21 21:01:08.194
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-07-21 21:01:08.187
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: Dell Inc. 4.2.0 06/13/2016
Motherboard: Dell Inc. 03PYWR
Processor: AMD A8-7410 APU with AMD Radeon R5 Graphics
Percentage of memory in use: 65%
Total physical RAM: 7105.18 MB
Available physical RAM: 2441.76 MB
Total Virtual: 9537.18 MB
Available Virtual: 3406.93 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:918.63 GB) (Free:804.07 GB) NTFS

\\?\Volume{e250ea64-c160-4147-bce9-646a23c731e3}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{db117fc6-66b4-492e-bcd0-0d5b9a3a7032}\ (Image) (Fixed) (Total:11.77 GB) (Free:0.53 GB) NTFS
\\?\Volume{296dc678-2565-44d3-94be-9bf3b990b32f}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.46 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 57C16DA8)

Partition: GPT.

==================== End of Addition.txt =======================

I've tried scanning three times now. Each time it gets near the end of "scanning services" (after "Windows...") and crashes, sending Windows to a blue screen.

Juliet
2020-07-22, 15:06
Let's see if we can find out whats going on.

Part of the FRST log was cut off but we'll continue.

Start Farbar Recovery Scan Tool with Administrator privileges
(Right click on the FRST icon and select Run as administrator)

highlight on the text below and select Copy.
beginning with Start:: and finishing with End::
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Highlight the entire content of the quote box below and select Copy.




Start::
CloseProcesses:
SystemRestore: On
CreateRestorePoint:
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_nptdwxol_20_15_ssg01&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzyyEyDtAtAtD0CtBtDtBzy0C0ByEyD0DtN0D0Tzu0StAtDtCzytN1L2XzuyEtFyCtCtFtDtFtCzyzztN1L1Czu1ByE1VtCtDtN1L1G1B1V1N2Y1L1Qzu2SyDyDyB0DzztDtDtCtGtBtA0C0CtG0BzytD0CtGtCtCzyyBtGyE0CzzyCyByB0AtBtC0A0AtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1QyCzzyBzyyByCtDtGyEtDtBtAtGyEyC1TtAtG1T1TtDyDtGtDyCzzyDyDzy1PyEyCyE1RtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutByCtAzzyDtN1Q2Z1B1P1RzutCyDzzyCtAtCyCzzyDtD%26cr%3D329067806%26a%3Dwsg_nptdwxol_20_15_ssg01%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
HKU\S-1-5-21-3826748822-2543032886-3249942663-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=87nptdwxol011520&param1=y6bdVFVIsvuYsgEClQfz8B3zzGW%2BMXjYap41VPqwQlIJ3YDjnguuXVlYJYULQxbOZJozpBgJjrH4uF9Rb2jlwxf4hd2eX94uKQwi3DRJebKwIHWQ%2BlKumUpGRFPg3XTTqu0xB4d%2FbiOR63SERZj3YE2XuclPxTWGupJLUn%2FyYzUDLAmoXEwf1CQXEMrAnfXT3XpEkiLpVoZYNAqhAFi893UC3fhPMLwUlenhl1dPuW3AIcSNprSRejRkXPqXlZ7nSupcNJ2xCfk9OmczrFZOigwTUxmQB6lxFFQMGCzSPD7Tf%2FQ6D6Ul3UEbwaJ%2F1dAwlDmF68yyVF18LGVIO76eES3Ii4KewNfqaVkIlQla4PlkxM7DaXcfJIpoRDYTtHbBIHVayfp6peSWe4T72f%2FyLg%3D%3D
HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=87nptdwxol011520&param1=y6bdVFVIsvuYsgEClQfz8B3zzGW%2BMXjYap41VPqwQlIJ3YDjnguuXVlYJYULQxbOZJozpBgJjrH4uF9Rb2jlwxf4hd2eX94uKQwi3DRJebKwIHWQ%2BlKumUpGRFPg3XTTqu0xB4d%2FbiOR63SERZj3YE2XuclPxTWGupJLUn%2FyYzUDLAmoXEwf1CQXEMrAnfXT3XpEkiLpVoZYNAqhAFi893UC3fhPMLwUlenhl1dPuW3AIcSNprSRejRkXPqXlZ7nSupcNJ2xCfk9OmczrFZOigwTUxmQB6lxFFQMGCzSPD7Tf%2FQ6D6Ul3UEbwaJ%2F1dAwlDmF68yyVF18LGVIO76eES3Ii4KewNfqaVkIlQla4PlkxM7DaXcfJIpoRDYTtHbBIHVayfp6peSWe4T72f%2FyLg%3D%3D
HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-3826748822-2543032886-3249942663-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=omr&hsimp=yhs-001&type=87nptdwxol011520&param1=y6bdVFVIsvuYsgEClQfz8B3zzGW%2BMXjYap41VPqwQlIJ3YDjnguuXVlYJYULQxbOtrbh%2Bqp9BfukwljO3nnhtNSBc9eyyHv2nUXQOR9x6HEVnLeVSCKd2mzgD5CKe3NmZYiBigULJ8DC3SFrEOdllpVz8EXpR2E6p8tndzZ0G7MZvi57dSNWTkGxkxtqiupA5cH1camSMA8ge3cpDdZWDGv6e6%2FYLWjP6j3pWALIJ3yhhqWxeb0dJ4eZ4dW%2Fx7ikZEqUQKztpAKTnvbuowOSuP9HaUsGTuX8cqiymWFRq0m7ViWnWQgjXPv90D02qhpgp1keOq0USnmyTedw%2B9u5Q8Ym80oFxfktWZJw0RqyXL4WQlEXQBktKCfEfy934W5g&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3826748822-2543032886-3249942663-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=omr&hsimp=yhs-001&type=87nptdwxol011520&param1=y6bdVFVIsvuYsgEClQfz8B3zzGW%2BMXjYap41VPqwQlIJ3YDjnguuXVlYJYULQxbOtrbh%2Bqp9BfukwljO3nnhtNSBc9eyyHv2nUXQOR9x6HEVnLeVSCKd2mzgD5CKe3NmZYiBigULJ8DC3SFrEOdllpVz8EXpR2E6p8tndzZ0G7MZvi57dSNWTkGxkxtqiupA5cH1camSMA8ge3cpDdZWDGv6e6%2FYLWjP6j3pWALIJ3yhhqWxeb0dJ4eZ4dW%2Fx7ikZEqUQKztpAKTnvbuowOSuP9HaUsGTuX8cqiymWFRq0m7ViWnWQgjXPv90D02qhpgp1keOq0USnmyTedw%2B9u5Q8Ym80oFxfktWZJw0RqyXL4WQlEXQBktKCfEfy934W5g&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3826748822-2543032886-3249942663-1001 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=omr&hsimp=yhs-001&type=87nptdwxol011520&param1=y6bdVFVIsvuYsgEClQfz8B3zzGW%2BMXjYap41VPqwQlIJ3YDjnguuXVlYJYULQxbOtrbh%2Bqp9BfukwljO3nnhtNSBc9eyyHv2nUXQOR9x6HEVnLeVSCKd2mzgD5CKe3NmZYiBigULJ8DC3SFrEOdllpVz8EXpR2E6p8tndzZ0G7MZvi57dSNWTkGxkxtqiupA5cH1camSMA8ge3cpDdZWDGv6e6%2FYLWjP6j3pWALIJ3yhhqWxeb0dJ4eZ4dW%2Fx7ikZEqUQKztpAKTnvbuowOSuP9HaUsGTuX8cqiymWFRq0m7ViWnWQgjXPv90D02qhpgp1keOq0USnmyTedw%2B9u5Q8Ym80oFxfktWZJw0RqyXL4WQlEXQBktKCfEfy934W5g&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3826748822-2543032886-3249942663-1001 -> {2A23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKU\S-1-5-21-3826748822-2543032886-3249942663-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=omr&hsimp=yhs-001&type=87nptdwxol011520&param1=y6bdVFVIsvuYsgEClQfz8B3zzGW%2BMXjYap41VPqwQlIJ3YDjnguuXVlYJYULQxbOtrbh%2Bqp9BfukwljO3nnhtNSBc9eyyHv2nUXQOR9x6HEVnLeVSCKd2mzgD5CKe3NmZYiBigULJ8DC3SFrEOdllpVz8EXpR2E6p8tndzZ0G7MZvi57dSNWTkGxkxtqiupA5cH1camSMA8ge3cpDdZWDGv6e6%2FYLWjP6j3pWALIJ3yhhqWxeb0dJ4eZ4dW%2Fx7ikZEqUQKztpAKTnvbuowOSuP9HaUsGTuX8cqiymWFRq0m7ViWnWQgjXPv90D02qhpgp1keOq0USnmyTedw%2B9u5Q8Ym80oFxfktWZJw0RqyXL4WQlEXQBktKCfEfy934W5g&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3826748822-2543032886-3249942663-1001 -> {B5920500-0990-414F-A241-BBBF1453084B} URL =
Edge HomeButtonPage: HKU\S-1-5-21-3826748822-2543032886-3249942663-1001 -> hxxps://us.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=87nptdwxol011520&param1=y6bdVFVIsvuYsgEClQfz8B3zzGW%2BMXjYap41VPqwQlIJ3YDjnguuXVlYJYULQxbOS%2BD5Acj%2FGg0E30dUwuZICQkF%2BThxmHgQVLk2mimghMdoM6yiXUh5VX9osFS0ZBo2T1KivP4GLIg%2BE%2FZS2OiPjHGd6FbYQgdAT5QqprXpvtQ8yI5X4gF3rBx6CncggoyBeisPBfY6CwbmZde5tKqcAC%2FaGGa9h6IqYm00bNAfPVDRSIkRcWaq1G6HKfdUGHr5Bu9tWKwJ2hjL6J2%2FZYwRM0L5QuUMZk5aHLXdZ6p0hax%2B6SbPGa%2FdQjStNbXTYvuc3SsswegCd7Ry5IAPRS2kkbfHYDyEFUd4xi9lxu9AyKnpNf%2FknSttFM2MSaBCZnpw
CHR HomePage: Default -> hxxps://us.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=87nptdwxol011520&param1=y6bdVFVIsvuYsgEClQfz8B3zzGW%2BMXjYap41VPqwQlIJ3YDjnguuXVlYJYULQxbOsjP6cJzMRi3Bm%2FGmsOoiQTNIlEHzCKixOmO0QPObebelNOWUpye6b5jErl%2BvxVfQjHgMuE1mbfeTEehkmGfF25h8YS0PwATPWhkEPSVTKDT7RrmeSErMeimx14PKBTWwD9rM42V4QJAsmh726nfateKCtK0QENMhHA9v5K9rJBpECC49j1CtgJZ56SZeBho2vAxj92AVDRVYIfs9OfEFFH3KEFXkKArWrt7w9CnhtYqqnsX4FlYeDbWnsFHesxFeCTM6z9KRvB93BePX9smWXi0vhSYpgfRe4jRxcTXmdqJIw2p3wZr%2B0NW9jmGJE4Qg6lDT1u3jR9t%2FL%2BIYHnekiQ%3D%3D
CHR DefaultSearchURL: Default -> hxxps://srchbar.com/?q={searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Extension: (Search Manager) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod [2020-04-07]
CHR Extension: (Search Manager) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh [2020-04-07]
CHR DefaultSearchURL: Profile 1 -> hxxps://srchbar.com/?q={searchTerms}
CHR DefaultSuggestURL: Profile 1 -> hxxp://srch.bar/?s={searchTerms}
CHR Extension: (Search Manager) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod [2020-06-12]
CHR Extension: (Search Manager) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coikafgfajmocjfjomdmagifpeehhohh [2020-06-12]
CHR HKLM\...\Chrome\Extension:
CHR HKLM\...\Chrome\Extension: [coikafgfajmocjfjomdmagifpeehhohh]
CHR HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bnlfgalbnliphjafcnhjnnnfijekbnod]
CHR HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [coikafgfajmocjfjomdmagifpeehhohh]
CHR HKLM-x32\...\Chrome\Extension: [bnlfgalbnliphjafcnhjnnnfijekbnod]
CHR HKLM-x32\...\Chrome\Extension: [coikafgfajmocjfjomdmagifpeehhohh]
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]
S3 avgm; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [165520 2019-05-09] (AVG Netherlands B.V. -> AVG Technologies)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShortcutWithArgument: C:\Users\JoeJe\Desktop\Jen (Mom) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\JoeJe\Desktop\Person 1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
FirewallRules: [{4A91A50B-49C5-49A1-8D55-236177E7709E}] => (Allow) C:\Users\JoeJe\AppData\Local\Temp\7zS5F74\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{AB14589A-2402-426B-BC02-962C2CE5B453}] => (Allow) C:\Users\JoeJe\AppData\Local\Temp\7zS5F74\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{7898CF9E-2D2D-4C52-A56D-1E9DE5B382CE}] => (Allow) C:\Users\JoeJe\AppData\Local\Temp\7zS6A9E\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{100D15E4-9820-40D1-AEE7-18D3B8ED8D68}] => (Allow) C:\Users\JoeJe\AppData\Local\Temp\7zS6A9E\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{55EBC109-D897-478C-A738-B662ACFC0636}] => (Allow) C:\Users\JoeJe\AppData\Local\Temp\7zS0755\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{8D2A070E-6A93-4CAB-A630-40D5BA29D8D4}] => (Allow) C:\Users\JoeJe\AppData\Local\Temp\7zS0755\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{218E1E8D-B272-4802-BC33-971C0F89A7AD}] => (Allow) C:\Users\JoeJe\AppData\Roaming\Zoom\bin\airhost.exe => No File
EmptyTemp:
C:\Windows\Temp\*.*
End::

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Start FRST (FRST64) with Administrator privileges
Press the Fix button. FRST will process the lines copied above from the clipboard.
When finished, a log file Fixlog.txt will pop up and saved in the same location the tool was ran from.

Please copy and paste its contents in your next reply.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Download AdwCleaner from [b]here (https://downloads.malwarebytes.com/file/adwcleaner) and save it to your desktop.


run AdwCleaner by clicking on Scan Now
when it has finished, leave everything that was found checked, (ticked), then click on Clean and Repair
if it asks to reboot, allow the reboot
on reboot, click on View Log File; please copy and paste the content of the log to your next reply.

========================

Run Malwarebytes Anti-Malware

You may have Malwarebytes Anti-Malware installed but if not, you can download it from here (https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/):

run the program
click on the ‘Dashboard’ to make sure everything is up to date, (it is not necessary to upgrade to the premium version of MBAM)
click on the ‘Scan’ tab, (directly below the Dashboard tab)
select the Threat Scan option
slick the Scan Now button
Threat Scan will begin
when the scan has completed and if malware was found, click the Quarantine Selected button to allow MBAM to quarantine what was found
if prompted to restart the computer, close all other programs and click Yes to restart your computer
once you are back at your desktop, open MBAM once more
click on the ‘Reports’ tab
double-click on the most recent Scan Report
click on Export, then Copy to Clipboard

Logs to include with the next post:

Fixlog.txt
AdwCleaner log
Mbam.txt

UncaHo
2020-07-23, 05:07
Fix result of Farbar Recovery Scan Tool (x64) Version: 22-07-2020
Ran by JoeJe (22-07-2020 19:43:15) Run:2
Running from C:\Users\JoeJe\Desktop\Spybot
Loaded Profiles: JoeJe
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
SystemRestore: On
CreateRestorePoint:
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_nptdwxol_20_15_ssg01&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzyyEyDtAtAtD0CtBtDtBzy0C0ByEyD0DtN0D0Tzu0StAtDtCzytN1L2XzuyEtFyCtCtFtDtFtCzyzztN1L1Czu1ByE1VtCtDtN1L1G1B1V1N2Y1L1Qzu2SyDyDyB0DzztDtDtCtGtBtA0C0CtG0BzytD0CtGtCtCzyyBtGyE0CzzyCyByB0AtBtC0A0AtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1QyCzzyBzyyByCtDtGyEtDtBtAtGyEyC1TtAtG1T1TtDyDtGtDyCzzyDyDzy1PyEyCyE1RtC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutByCtAzzyDtN1Q2Z1B1P1RzutCyDzzyCtAtCyCzzyDtD%26cr%3D329067806%26a%3Dwsg_nptdwxol_20_15_ssg01%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
HKU\S-1-5-21-3826748822-2543032886-3249942663-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=87nptdwxol011520&param1=y6bdVFVIsvuYsgEClQfz8B3zzGW%2BMXjYap41VPqwQlIJ3YDjnguuXVlYJYULQxbOZJozpBgJjrH4uF9Rb2jlwxf4hd2eX94uKQwi3DRJebKwIHWQ%2BlKumUpGRFPg3XTTqu0xB4d%2FbiOR63SERZj3YE2XuclPxTWGupJLUn%2FyYzUDLAmoXEwf1CQXEMrAnfXT3XpEkiLpVoZYNAqhAFi893UC3fhPMLwUlenhl1dPuW3AIcSNprSRejRkXPqXlZ7nSupcNJ2xCfk9OmczrFZOigwTUxmQB6lxFFQMGCzSPD7Tf%2FQ6D6Ul3UEbwaJ%2F1dAwlDmF68yyVF18LGVIO76eES3Ii4KewNfqaVkIlQla4PlkxM7DaXcfJIpoRDYTtHbBIHVayfp6peSWe4T72f%2FyLg%3D%3D
HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=87nptdwxol011520&param1=y6bdVFVIsvuYsgEClQfz8B3zzGW%2BMXjYap41VPqwQlIJ3YDjnguuXVlYJYULQxbOZJozpBgJjrH4uF9Rb2jlwxf4hd2eX94uKQwi3DRJebKwIHWQ%2BlKumUpGRFPg3XTTqu0xB4d%2FbiOR63SERZj3YE2XuclPxTWGupJLUn%2FyYzUDLAmoXEwf1CQXEMrAnfXT3XpEkiLpVoZYNAqhAFi893UC3fhPMLwUlenhl1dPuW3AIcSNprSRejRkXPqXlZ7nSupcNJ2xCfk9OmczrFZOigwTUxmQB6lxFFQMGCzSPD7Tf%2FQ6D6Ul3UEbwaJ%2F1dAwlDmF68yyVF18LGVIO76eES3Ii4KewNfqaVkIlQla4PlkxM7DaXcfJIpoRDYTtHbBIHVayfp6peSWe4T72f%2FyLg%3D%3D
HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-3826748822-2543032886-3249942663-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=omr&hsimp=yhs-001&type=87nptdwxol011520&param1=y6bdVFVIsvuYsgEClQfz8B3zzGW%2BMXjYap41VPqwQlIJ3YDjnguuXVlYJYULQxbOtrbh%2Bqp9BfukwljO3nnhtNSBc9eyyHv2nUXQOR9x6HEVnLeVSCKd2mzgD5CKe3NmZYiBigULJ8DC3SFrEOdllpVz8EXpR2E6p8tndzZ0G7MZvi57dSNWTkGxkxtqiupA5cH1camSMA8ge3cpDdZWDGv6e6%2FYLWjP6j3pWALIJ3yhhqWxeb0dJ4eZ4dW%2Fx7ikZEqUQKztpAKTnvbuowOSuP9HaUsGTuX8cqiymWFRq0m7ViWnWQgjXPv90D02qhpgp1keOq0USnmyTedw%2B9u5Q8Ym80oFxfktWZJw0RqyXL4WQlEXQBktKCfEfy934W5g&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3826748822-2543032886-3249942663-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=omr&hsimp=yhs-001&type=87nptdwxol011520&param1=y6bdVFVIsvuYsgEClQfz8B3zzGW%2BMXjYap41VPqwQlIJ3YDjnguuXVlYJYULQxbOtrbh%2Bqp9BfukwljO3nnhtNSBc9eyyHv2nUXQOR9x6HEVnLeVSCKd2mzgD5CKe3NmZYiBigULJ8DC3SFrEOdllpVz8EXpR2E6p8tndzZ0G7MZvi57dSNWTkGxkxtqiupA5cH1camSMA8ge3cpDdZWDGv6e6%2FYLWjP6j3pWALIJ3yhhqWxeb0dJ4eZ4dW%2Fx7ikZEqUQKztpAKTnvbuowOSuP9HaUsGTuX8cqiymWFRq0m7ViWnWQgjXPv90D02qhpgp1keOq0USnmyTedw%2B9u5Q8Ym80oFxfktWZJw0RqyXL4WQlEXQBktKCfEfy934W5g&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3826748822-2543032886-3249942663-1001 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=omr&hsimp=yhs-001&type=87nptdwxol011520&param1=y6bdVFVIsvuYsgEClQfz8B3zzGW%2BMXjYap41VPqwQlIJ3YDjnguuXVlYJYULQxbOtrbh%2Bqp9BfukwljO3nnhtNSBc9eyyHv2nUXQOR9x6HEVnLeVSCKd2mzgD5CKe3NmZYiBigULJ8DC3SFrEOdllpVz8EXpR2E6p8tndzZ0G7MZvi57dSNWTkGxkxtqiupA5cH1camSMA8ge3cpDdZWDGv6e6%2FYLWjP6j3pWALIJ3yhhqWxeb0dJ4eZ4dW%2Fx7ikZEqUQKztpAKTnvbuowOSuP9HaUsGTuX8cqiymWFRq0m7ViWnWQgjXPv90D02qhpgp1keOq0USnmyTedw%2B9u5Q8Ym80oFxfktWZJw0RqyXL4WQlEXQBktKCfEfy934W5g&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3826748822-2543032886-3249942663-1001 -> {2A23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKU\S-1-5-21-3826748822-2543032886-3249942663-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=omr&hsimp=yhs-001&type=87nptdwxol011520&param1=y6bdVFVIsvuYsgEClQfz8B3zzGW%2BMXjYap41VPqwQlIJ3YDjnguuXVlYJYULQxbOtrbh%2Bqp9BfukwljO3nnhtNSBc9eyyHv2nUXQOR9x6HEVnLeVSCKd2mzgD5CKe3NmZYiBigULJ8DC3SFrEOdllpVz8EXpR2E6p8tndzZ0G7MZvi57dSNWTkGxkxtqiupA5cH1camSMA8ge3cpDdZWDGv6e6%2FYLWjP6j3pWALIJ3yhhqWxeb0dJ4eZ4dW%2Fx7ikZEqUQKztpAKTnvbuowOSuP9HaUsGTuX8cqiymWFRq0m7ViWnWQgjXPv90D02qhpgp1keOq0USnmyTedw%2B9u5Q8Ym80oFxfktWZJw0RqyXL4WQlEXQBktKCfEfy934W5g&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3826748822-2543032886-3249942663-1001 -> {B5920500-0990-414F-A241-BBBF1453084B} URL =
Edge HomeButtonPage: HKU\S-1-5-21-3826748822-2543032886-3249942663-1001 -> hxxps://us.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=87nptdwxol011520&param1=y6bdVFVIsvuYsgEClQfz8B3zzGW%2BMXjYap41VPqwQlIJ3YDjnguuXVlYJYULQxbOS%2BD5Acj%2FGg0E30dUwuZICQkF%2BThxmHgQVLk2mimghMdoM6yiXUh5VX9osFS0ZBo2T1KivP4GLIg%2BE%2FZS2OiPjHGd6FbYQgdAT5QqprXpvtQ8yI5X4gF3rBx6CncggoyBeisPBfY6CwbmZde5tKqcAC%2FaGGa9h6IqYm00bNAfPVDRSIkRcWaq1G6HKfdUGHr5Bu9tWKwJ2hjL6J2%2FZYwRM0L5QuUMZk5aHLXdZ6p0hax%2B6SbPGa%2FdQjStNbXTYvuc3SsswegCd7Ry5IAPRS2kkbfHYDyEFUd4xi9lxu9AyKnpNf%2FknSttFM2MSaBCZnpw
CHR HomePage: Default -> hxxps://us.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=87nptdwxol011520&param1=y6bdVFVIsvuYsgEClQfz8B3zzGW%2BMXjYap41VPqwQlIJ3YDjnguuXVlYJYULQxbOsjP6cJzMRi3Bm%2FGmsOoiQTNIlEHzCKixOmO0QPObebelNOWUpye6b5jErl%2BvxVfQjHgMuE1mbfeTEehkmGfF25h8YS0PwATPWhkEPSVTKDT7RrmeSErMeimx14PKBTWwD9rM42V4QJAsmh726nfateKCtK0QENMhHA9v5K9rJBpECC49j1CtgJZ56SZeBho2vAxj92AVDRVYIfs9OfEFFH3KEFXkKArWrt7w9CnhtYqqnsX4FlYeDbWnsFHesxFeCTM6z9KRvB93BePX9smWXi0vhSYpgfRe4jRxcTXmdqJIw2p3wZr%2B0NW9jmGJE4Qg6lDT1u3jR9t%2FL%2BIYHnekiQ%3D%3D
CHR DefaultSearchURL: Default -> hxxps://srchbar.com/?q={searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Extension: (Search Manager) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod [2020-04-07]
CHR Extension: (Search Manager) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh [2020-04-07]
CHR DefaultSearchURL: Profile 1 -> hxxps://srchbar.com/?q={searchTerms}
CHR DefaultSuggestURL: Profile 1 -> hxxp://srch.bar/?s={searchTerms}
CHR Extension: (Search Manager) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod [2020-06-12]
CHR Extension: (Search Manager) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coikafgfajmocjfjomdmagifpeehhohh [2020-06-12]
CHR HKLM\...\Chrome\Extension: [bnlfgalbnliphjafcnhjnnnfijekbnod]
CHR HKLM\...\Chrome\Extension: [coikafgfajmocjfjomdmagifpeehhohh]
CHR HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bnlfgalbnliphjafcnhjnnnfijekbnod]
CHR HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [coikafgfajmocjfjomdmagifpeehhohh]
CHR HKLM-x32\...\Chrome\Extension: [bnlfgalbnliphjafcnhjnnnfijekbnod]
CHR HKLM-x32\...\Chrome\Extension: [coikafgfajmocjfjomdmagifpeehhohh]
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]
S3 avgm; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [165520 2019-05-09] (AVG Netherlands B.V. -> AVG Technologies)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShortcutWithArgument: C:\Users\JoeJe\Desktop\Jen (Mom) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\JoeJe\Desktop\Person 1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
FirewallRules: [{4A91A50B-49C5-49A1-8D55-236177E7709E}] => (Allow) C:\Users\JoeJe\AppData\Local\Temp\7zS5F74\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{AB14589A-2402-426B-BC02-962C2CE5B453}] => (Allow) C:\Users\JoeJe\AppData\Local\Temp\7zS5F74\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{7898CF9E-2D2D-4C52-A56D-1E9DE5B382CE}] => (Allow) C:\Users\JoeJe\AppData\Local\Temp\7zS6A9E\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{100D15E4-9820-40D1-AEE7-18D3B8ED8D68}] => (Allow) C:\Users\JoeJe\AppData\Local\Temp\7zS6A9E\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{55EBC109-D897-478C-A738-B662ACFC0636}] => (Allow) C:\Users\JoeJe\AppData\Local\Temp\7zS0755\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{8D2A070E-6A93-4CAB-A630-40D5BA29D8D4}] => (Allow) C:\Users\JoeJe\AppData\Local\Temp\7zS0755\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{218E1E8D-B272-4802-BC33-971C0F89A7AD}] => (Allow) C:\Users\JoeJe\AppData\Roaming\Zoom\bin\airhost.exe => No File
EmptyTemp:
C:\Windows\Temp\*.*

*****************

Processes closed successfully.
SystemRestore: On => completed
Restore point was successfully created.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKU\S-1-5-21-3826748822-2543032886-3249942663-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Error setting value.
HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\Software\Microsoft\Internet Explorer\Main\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\Software\Microsoft\Internet Explorer\Main\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
"HKU\S-1-5-21-3826748822-2543032886-3249942663-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => not found
"HKU\S-1-5-21-3826748822-2543032886-3249942663-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => not found
"HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2A23ab71-4ac6-41f2-a955-ea576e553146} => removed successfully
HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} => removed successfully
HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B5920500-0990-414F-A241-BBBF1453084B} => removed successfully
"HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\\HomeButtonPage" => removed successfully
"Chrome HomePage" => removed successfully
"Chrome DefaultSearchURL" => removed successfully
"Chrome DefaultSuggestURL" => removed successfully
CHR Extension: (Search Manager) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod [2020-04-07] => Error: No automatic fix found for this entry.
CHR Extension: (Search Manager) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh [2020-04-07] => Error: No automatic fix found for this entry.
"Chrome DefaultSearchURL" => removed successfully
"Chrome DefaultSuggestURL" => removed successfully
CHR Extension: (Search Manager) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod [2020-06-12] => Error: No automatic fix found for this entry.
CHR Extension: (Search Manager) - C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coikafgfajmocjfjomdmagifpeehhohh [2020-06-12] => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Google\Chrome\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\coikafgfajmocjfjomdmagifpeehhohh => removed successfully
HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\SOFTWARE\Google\Chrome\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod => removed successfully
HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\SOFTWARE\Google\Chrome\Extensions\coikafgfajmocjfjomdmagifpeehhohh => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\coikafgfajmocjfjomdmagifpeehhohh => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn => removed successfully
HKLM\System\CurrentControlSet\Services\avgm => removed successfully
avgm => service removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avg => removed successfully
C:\Users\JoeJe\Desktop\Jen (Mom) - Chrome.lnk => Shortcut argument removed successfully
C:\Users\JoeJe\Desktop\Person 1 - Chrome.lnk => Shortcut argument removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4A91A50B-49C5-49A1-8D55-236177E7709E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AB14589A-2402-426B-BC02-962C2CE5B453}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7898CF9E-2D2D-4C52-A56D-1E9DE5B382CE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{100D15E4-9820-40D1-AEE7-18D3B8ED8D68}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{55EBC109-D897-478C-A738-B662ACFC0636}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8D2A070E-6A93-4CAB-A630-40D5BA29D8D4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{218E1E8D-B272-4802-BC33-971C0F89A7AD}" => removed successfully

=========== "C:\Windows\Temp\*.*" ==========

C:\Windows\Temp\af397ef28e484961ba48646a5d38cf54.db.ses => moved successfully
C:\Windows\Temp\asw73fae19d688c67b6.tmp => moved successfully
C:\Windows\Temp\BIT490E.tmp => moved successfully
C:\Windows\Temp\chrome_installer.log => moved successfully
C:\Windows\Temp\Dell Product Registration5_inspiron.xml => moved successfully
C:\Windows\Temp\FXSAPIDebugLogFile.txt => moved successfully
C:\Windows\Temp\FXSTIFFDebugLogFile.txt => moved successfully
C:\Windows\Temp\mat-debug-10732.log => moved successfully
C:\Windows\Temp\mat-debug-132.log => moved successfully
C:\Windows\Temp\mat-debug-13672.log => moved successfully
C:\Windows\Temp\mat-debug-13780.log => moved successfully
C:\Windows\Temp\mat-debug-14460.log => moved successfully
C:\Windows\Temp\mat-debug-19556.log => moved successfully
C:\Windows\Temp\mat-debug-22476.log => moved successfully
C:\Windows\Temp\MpCmdRun.log => moved successfully
C:\Windows\Temp\msedge_installer.log => moved successfully
C:\Windows\Temp\officeclicktorun.exe_streamserver(202007171623142AC8).log => moved successfully
C:\Windows\Temp\officeclicktorun.exe_streamserver(20200721202724117C).log => moved successfully
C:\Windows\Temp\officeclicktorun.exe_streamserver(2020072121160730C).log => moved successfully
C:\Windows\Temp\officeclicktorun.exe_streamserver(20200721213145102C).log => moved successfully
C:\Windows\Temp\officeclicktorun.exe_streamserver(20200721220553100C).log => moved successfully
C:\Windows\Temp\officeclicktorun.exe_streamserver(20200721221640FE4).log => moved successfully
Could not move "C:\Windows\Temp\officeclicktorun.exe_streamserver(2020072219431815D0).log" => Scheduled to move on reboot.
C:\Windows\Temp\STANLEY-20200714-1844.log => moved successfully
C:\Windows\Temp\STANLEY-20200715-1849.log => moved successfully
C:\Windows\Temp\STANLEY-20200715-1853.log => moved successfully
C:\Windows\Temp\STANLEY-20200715-1901.log => moved successfully
C:\Windows\Temp\STANLEY-20200715-1906.log => moved successfully
C:\Windows\Temp\STANLEY-20200715-2113.log => moved successfully
C:\Windows\Temp\STANLEY-20200715-2312.log => moved successfully
C:\Windows\Temp\STANLEY-20200715-2316.log => moved successfully
C:\Windows\Temp\STANLEY-20200716-0918.log => moved successfully
C:\Windows\Temp\STANLEY-20200716-0938.log => moved successfully
C:\Windows\Temp\STANLEY-20200716-0943.log => moved successfully
C:\Windows\Temp\STANLEY-20200716-1006.log => moved successfully
C:\Windows\Temp\STANLEY-20200716-1255.log => moved successfully
C:\Windows\Temp\STANLEY-20200716-1306.log => moved successfully
C:\Windows\Temp\STANLEY-20200716-1326.log => moved successfully
C:\Windows\Temp\STANLEY-20200716-1400.log => moved successfully
C:\Windows\Temp\STANLEY-20200716-1408.log => moved successfully
C:\Windows\Temp\STANLEY-20200716-1540.log => moved successfully
C:\Windows\Temp\STANLEY-20200716-1912.log => moved successfully
C:\Windows\Temp\STANLEY-20200716-1914.log => moved successfully
C:\Windows\Temp\STANLEY-20200717-1623.log => moved successfully
C:\Windows\Temp\STANLEY-20200717-1623a.log => moved successfully
C:\Windows\Temp\STANLEY-20200717-1626.log => moved successfully
C:\Windows\Temp\STANLEY-20200717-1626a.log => moved successfully
C:\Windows\Temp\STANLEY-20200717-1626b.log => moved successfully
C:\Windows\Temp\STANLEY-20200717-1627.log => moved successfully
C:\Windows\Temp\STANLEY-20200717-1749.log => moved successfully
C:\Windows\Temp\STANLEY-20200717-1754.log => moved successfully
C:\Windows\Temp\STANLEY-20200717-2313.log => moved successfully
C:\Windows\Temp\STANLEY-20200717-2317.log => moved successfully
C:\Windows\Temp\STANLEY-20200717-2318.log => moved successfully
C:\Windows\Temp\STANLEY-20200718-0833.log => moved successfully
C:\Windows\Temp\STANLEY-20200718-0835.log => moved successfully
C:\Windows\Temp\STANLEY-20200718-0835a.log => moved successfully
C:\Windows\Temp\STANLEY-20200718-0904.log => moved successfully
C:\Windows\Temp\STANLEY-20200718-1229.log => moved successfully
C:\Windows\Temp\STANLEY-20200718-1234.log => moved successfully
C:\Windows\Temp\STANLEY-20200718-1826.log => moved successfully
C:\Windows\Temp\STANLEY-20200718-1854.log => moved successfully
C:\Windows\Temp\STANLEY-20200718-2013.log => moved successfully
C:\Windows\Temp\STANLEY-20200718-2107.log => moved successfully
C:\Windows\Temp\STANLEY-20200719-0912.log => moved successfully
C:\Windows\Temp\STANLEY-20200719-0913.log => moved successfully
C:\Windows\Temp\STANLEY-20200719-0929.log => moved successfully
C:\Windows\Temp\STANLEY-20200719-0958.log => moved successfully
C:\Windows\Temp\STANLEY-20200719-1011.log => moved successfully
C:\Windows\Temp\STANLEY-20200719-1111.log => moved successfully
C:\Windows\Temp\STANLEY-20200719-1116.log => moved successfully
C:\Windows\Temp\STANLEY-20200719-1643.log => moved successfully
C:\Windows\Temp\STANLEY-20200719-1648.log => moved successfully
C:\Windows\Temp\STANLEY-20200719-1718.log => moved successfully
C:\Windows\Temp\STANLEY-20200719-1724.log => moved successfully
C:\Windows\Temp\STANLEY-20200719-1729.log => moved successfully
C:\Windows\Temp\STANLEY-20200719-1900.log => moved successfully
C:\Windows\Temp\STANLEY-20200719-2029.log => moved successfully
C:\Windows\Temp\STANLEY-20200719-2034.log => moved successfully
C:\Windows\Temp\STANLEY-20200719-2216.log => moved successfully
C:\Windows\Temp\STANLEY-20200720-0058.log => moved successfully
C:\Windows\Temp\STANLEY-20200720-0103.log => moved successfully
C:\Windows\Temp\STANLEY-20200720-0422.log => moved successfully
C:\Windows\Temp\STANLEY-20200720-0759.log => moved successfully
C:\Windows\Temp\STANLEY-20200720-0915.log => moved successfully
C:\Windows\Temp\STANLEY-20200720-0938.log => moved successfully
C:\Windows\Temp\STANLEY-20200720-0943.log => moved successfully
C:\Windows\Temp\STANLEY-20200720-0958.log => moved successfully
C:\Windows\Temp\STANLEY-20200720-1047.log => moved successfully
C:\Windows\Temp\STANLEY-20200720-1052.log => moved successfully
C:\Windows\Temp\STANLEY-20200720-1801.log => moved successfully
C:\Windows\Temp\STANLEY-20200720-1826.log => moved successfully
C:\Windows\Temp\STANLEY-20200720-1832.log => moved successfully
C:\Windows\Temp\STANLEY-20200720-2234.log => moved successfully
C:\Windows\Temp\STANLEY-20200720-2240.log => moved successfully
C:\Windows\Temp\STANLEY-20200720-2337.log => moved successfully
C:\Windows\Temp\STANLEY-20200721-0556.log => moved successfully
C:\Windows\Temp\STANLEY-20200721-0759.log => moved successfully
C:\Windows\Temp\STANLEY-20200721-1120.log => moved successfully
C:\Windows\Temp\STANLEY-20200721-1125.log => moved successfully
C:\Windows\Temp\STANLEY-20200721-1249.log => moved successfully
C:\Windows\Temp\STANLEY-20200721-1254.log => moved successfully
C:\Windows\Temp\STANLEY-20200721-1339.log => moved successfully
C:\Windows\Temp\STANLEY-20200721-1441.log => moved successfully
C:\Windows\Temp\STANLEY-20200721-1644.log => moved successfully
C:\Windows\Temp\STANLEY-20200721-1649.log => moved successfully
C:\Windows\Temp\STANLEY-20200721-1853.log => moved successfully
C:\Windows\Temp\STANLEY-20200721-1911.log => moved successfully
C:\Windows\Temp\STANLEY-20200721-1917.log => moved successfully
C:\Windows\Temp\STANLEY-20200721-1931.log => moved successfully
C:\Windows\Temp\STANLEY-20200721-2027.log => moved successfully
C:\Windows\Temp\STANLEY-20200721-2033.log => moved successfully
C:\Windows\Temp\STANLEY-20200721-2037.log => moved successfully
C:\Windows\Temp\STANLEY-20200721-2116.log => moved successfully
C:\Windows\Temp\STANLEY-20200721-2122.log => moved successfully
C:\Windows\Temp\STANLEY-20200721-2131.log => moved successfully
C:\Windows\Temp\STANLEY-20200721-2142.log => moved successfully
C:\Windows\Temp\STANLEY-20200721-2149.log => moved successfully
C:\Windows\Temp\STANLEY-20200721-2205.log => moved successfully
C:\Windows\Temp\STANLEY-20200721-2212.log => moved successfully
C:\Windows\Temp\STANLEY-20200721-2216.log => moved successfully
C:\Windows\Temp\STANLEY-20200721-2222.log => moved successfully
C:\Windows\Temp\STANLEY-20200721-2234.log => moved successfully
C:\Windows\Temp\STANLEY-20200722-1123.log => moved successfully
C:\Windows\Temp\STANLEY-20200722-1126.log => moved successfully
C:\Windows\Temp\STANLEY-20200722-1126a.log => moved successfully
C:\Windows\Temp\STANLEY-20200722-1146.log => moved successfully
C:\Windows\Temp\STANLEY-20200722-1731.log => moved successfully
C:\Windows\Temp\STANLEY-20200722-1736.log => moved successfully
Could not move "C:\Windows\Temp\STANLEY-20200722-1943.log" => Scheduled to move on reboot.
C:\Windows\Temp\Tmp1189.tmp => moved successfully
C:\Windows\Temp\Tmp12B4.tmp => moved successfully
C:\Windows\Temp\Tmp222B.tmp => moved successfully
C:\Windows\Temp\Tmp3B2.tmp => moved successfully
C:\Windows\Temp\Tmp43F.tmp => moved successfully
C:\Windows\Temp\Tmp460.tmp => moved successfully
C:\Windows\Temp\Tmp54C.tmp => moved successfully
C:\Windows\Temp\Tmp6A6.tmp => moved successfully
C:\Windows\Temp\Tmp80F8.tmp => moved successfully
C:\Windows\Temp\Tmp8176.tmp => moved successfully
C:\Windows\Temp\Tmp8223.tmp => moved successfully
C:\Windows\Temp\Tmp82B0.tmp => moved successfully
C:\Windows\Temp\Tmp833E.tmp => moved successfully
C:\Windows\Temp\Tmp83EB.tmp => moved successfully
C:\Windows\Temp\Tmp8498.tmp => moved successfully
C:\Windows\Temp\Tmp8525.tmp => moved successfully
C:\Windows\Temp\Tmp85D2.tmp => moved successfully
C:\Windows\Temp\Tmp86AE.tmp => moved successfully
C:\Windows\Temp\Tmp89AF.tmp => moved successfully
C:\Windows\Temp\Tmp8C9F.tmp => moved successfully
C:\Windows\Temp\Tmp8DE8.tmp => moved successfully
C:\Windows\Temp\Tmp8F12.tmp => moved successfully
C:\Windows\Temp\Tmp907A.tmp => moved successfully
C:\Windows\Temp\Tmp9211.tmp => moved successfully
C:\Windows\Temp\Tmp94F2.tmp => moved successfully
C:\Windows\Temp\Tmp9706.tmp => moved successfully
C:\Windows\Temp\Tmp98BC.tmp => moved successfully
C:\Windows\Temp\Tmp9C68.tmp => moved successfully
C:\Windows\Temp\Tmp9E8C.tmp => moved successfully
C:\Windows\Temp\TmpA0EE.tmp => moved successfully
C:\Windows\Temp\TmpA3BE.tmp => moved successfully
C:\Windows\Temp\TmpA788.tmp => moved successfully
C:\Windows\Temp\TmpAAD4.tmp => moved successfully
C:\Windows\Temp\TmpADC3.tmp => moved successfully
C:\Windows\Temp\TmpB7E8.tmp => moved successfully
C:\Windows\Temp\TmpBB45.tmp => moved successfully
C:\Windows\Temp\TmpBEC0.tmp => moved successfully
C:\Windows\Temp\TmpC24B.tmp => moved successfully
C:\Windows\Temp\TmpC5E6.tmp => moved successfully
C:\Windows\Temp\TmpC9DF.tmp => moved successfully
C:\Windows\Temp\TmpCE93.tmp => moved successfully
C:\Windows\Temp\TmpD395.tmp => moved successfully
C:\Windows\Temp\TmpD8A7.tmp => moved successfully
C:\Windows\Temp\{0D640ED1-D444-4F4D-BB33-AF64655BA644} - OProcSessId.dat => moved successfully
C:\Windows\Temp\{144EF378-F7C2-491C-B744-557B95A4FC89} - OProcSessId.dat => moved successfully
C:\Windows\Temp\{23FCC14C-569F-49DC-B209-DBFC3DA98D25} - OProcSessId.dat => moved successfully
C:\Windows\Temp\{2539F6CE-8A28-4429-BCC7-AB94F95FF55F} - OProcSessId.dat => moved successfully
C:\Windows\Temp\{54C2562B-F67F-42B8-BDB9-46039148AA4C} - OProcSessId.dat => moved successfully
C:\Windows\Temp\{8DB1AC86-136E-4828-A0BF-7B9569A3A5B1} - OProcSessId.dat => moved successfully
C:\Windows\Temp\{A47632B5-123E-40CB-B177-45B2FA54C2BF} - OProcSessId.dat => moved successfully
C:\Windows\Temp\{AA6A5266-C720-4F07-873E-18703F485743} - OProcSessId.dat => moved successfully
C:\Windows\Temp\{B5726FC6-F7C5-40E0-898A-7B403A35D289} - OProcSessId.dat => moved successfully
C:\Windows\Temp\{CF51F6FC-4FD5-4996-B46F-3EE13F4C000C} - OProcSessId.dat => moved successfully

========= End -> "C:\Windows\Temp\*.*" ========


=========== EmptyTemp: ==========

BITS transfer queue => 12345344 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 129185003 B
Java, Flash, Steam htmlcache => 14227 B
Windows/system/drivers => 29013341 B
Edge => 1018149 B
Chrome => 1822791274 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 6773637 B
systemprofile32 => 6773637 B
LocalService => 6985499 B
NetworkService => 7076625 B
defaultuser0 => 7076625 B
JoeJe => 277854394 B
defaultuser100001.STANLEY.000 => 277854394 B

RecycleBin => 4217827927 B
EmptyTemp: => 6.3 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 22-07-2020 19:57:12)

C:\Windows\Temp\officeclicktorun.exe_streamserver(2020072219431815D0).log => Is moved successfully
C:\Windows\Temp\STANLEY-20200722-1943.log => Is moved successfully

==== End of Fixlog 19:57:42 ====

UncaHo
2020-07-23, 05:27
# -------------------------------
# Malwarebytes AdwCleaner 8.0.6.0
# -------------------------------
# Build: 06-24-2020
# Database: 2020-07-20.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-22-2020
# Duration: 00:00:06
# OS: Windows 10 Home
# Cleaned: 22
# Failed: 1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Chromium
Deleted C:\Program Files (x86)\Digital Communications
Deleted C:\Users\JoeJe\AppData\Roaming\santivirusclient

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\thebrighttag.com
Deleted HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.exe
Deleted HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.vshost.exe
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.exe
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.vshost.exe
Deleted HKLM\SOFTWARE\Microsoft\Windows\SAntivirus
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.exe
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.vshost.exe
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\SAntivirus
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\SAntivirusSvc

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted AVG Secure Search
Deleted AVG Secure Search
Deleted AVG Secure Search
Deleted AVG Secure Search
Deleted AVG Secure Search
Deleted AVG Secure Search
Deleted Conduit
Deleted Speedial
Not Deleted AVG Secure Search

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [9481 octets] - [22/07/2020 20:13:19]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########







# -------------------------------
# Malwarebytes AdwCleaner 8.0.6.0
# -------------------------------
# Build: 06-24-2020
# Database: 2020-07-20.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 07-22-2020
# Duration: 00:02:22
# OS: Windows 10 Home
# Scanned: 31837
# Detected: 76


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.FakeChrome C:\Program Files (x86)\Chromium
PUP.Optional.Segurazo C:\Program Files (x86)\Digital Communications
PUP.Optional.Segurazo C:\Users\JoeJe\AppData\Roaming\santivirusclient

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.ProductSetup.A HKCU\Software\PRODUCTSETUP
PUP.Optional.SAntivirus HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.exe
PUP.Optional.SAntivirus HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.vshost.exe
PUP.Optional.SAntivirus HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.exe
PUP.Optional.SAntivirus HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.vshost.exe
PUP.Optional.SAntivirus HKLM\SOFTWARE\Microsoft\Windows\SAntivirus
PUP.Optional.SAntivirus HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.exe
PUP.Optional.SAntivirus HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.vshost.exe
PUP.Optional.SAntivirus HKLM\Software\Wow6432Node\\Microsoft\Windows\SAntivirus
PUP.Optional.Segurazo HKLM\System\CurrentControlSet\Services\EventLog\Application\SAntivirusSvc
PUP.Optional.TheBrightTag HKCU\Software\Microsoft\Internet Explorer\DOMStorage\thebrighttag.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

PUP.Optional.Conduit Conduit
PUP.Optional.Legacy AVG Secure Search
PUP.Optional.Legacy AVG Secure Search
PUP.Optional.Legacy AVG Secure Search
PUP.Optional.Legacy AVG Secure Search
PUP.Optional.Legacy AVG Secure Search
PUP.Optional.Legacy Speedial
PUP.Optional.MySearch AVG Secure Search
PUP.Optional.MySearch AVG Secure Search

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.CyberLinkService Folder C:\Program Files (x86)\CYBERLINK\SHARED FILES\PLUGIN\NEWBLUE
Preinstalled.CyberLinkShellExtension Registry HKLM\Software\Classes\CLSID\{3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2}
Preinstalled.DellCustomerConnect Folder C:\Program Files (x86)\DELL CUSTOMER CONNECT
Preinstalled.DellCustomerConnect Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4FA72FF9-DD64-43A8-8704-6380A11F11D5}
Preinstalled.DellDigitalDelivery Folder C:\Program Files (x86)\DELL DIGITAL DELIVERY
Preinstalled.DellHelp&Support Folder C:\Program Files\DELL\DELL HELP & SUPPORT
Preinstalled.DellHelp&Support Folder C:\ProgramData\DELL\DELL HELP & SUPPORT
Preinstalled.DellHelp&Support Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL\DELL HELP & SUPPORT
Preinstalled.DellHelp&Support Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{457EFE69-8F49-43E0-80F9-1DEF4F7690C2}
Preinstalled.DellHelp&Support Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{457EFE69-8F49-43E0-80F9-1DEF4F7690C2}
Preinstalled.DellSupportAssistAgent Folder C:\Program Files (x86)\DELL\SUPPORTASSISTAGENT
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\AUDIT
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\PLUGIN
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SUPPORTASSIST
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SUPPORTASSISTAGENT
Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\DELL\SAREMEDIATION\PLUGIN
Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL\SUPPORTASSIST
Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\SUPPORTASSIST\CLIENT\TECHNICIANTOOLKIT
Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A00A62A6-9E72-4828-800C-2FED600AC440}
Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A00A62A6-9E72-4828-800C-2FED600AC440}
Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dell SupportAssistAgent AutoUpdate
Preinstalled.DellSupportAssistAgent Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6DE68941-66DE-48DE-9C80-FE60C9DE0AD4}
Preinstalled.DellSupportAssistAgent Task C:\Windows\System32\Tasks\DELL SUPPORTASSISTAGENT AUTOUPDATE
Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATE
Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATESERVICE
Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATE
Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATESERVICE
Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL\UPDATE
Preinstalled.DellUpdateforWindows10 Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{5EBBC1DA-975F-44A0-B438-F325BCD45577}
Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP CUSTOMER FEEDBACK
Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS
Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Users\JoeJe\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Users\JoeJe\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{C0ABBA07-B636-47B8-B9E1-BB96D7CD4831}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{00612F78-52C4-46C0-97F0-F50B6036B5E2}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4780AF24-213D-4187-86F2-0014A6D6077B}
Preinstalled.HPTouchpointAnalyticsClient Folder C:\Program Files\HP\HP TOUCHPOINT ANALYTICS CLIENT
Preinstalled.HPTouchpointAnalyticsClient Folder C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT
Preinstalled.HPTouchpointAnalyticsClient Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}
Preinstalled.LenovoPower2Go Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC876515-5E10-47C6-B5D3-1760D7474C2B}
Preinstalled.LenovoPower2Go Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CLVDLauncher
Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
Preinstalled.LenovoPower2Go Task C:\Windows\System32\Tasks\CLVDLAUNCHER
Preinstalled.SmartByte Folder C:\Program Files\RIVET NETWORKS
Preinstalled.SmartByte Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RIVET NETWORKS
Preinstalled.SmartByte Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F6A3136-FB1B-4908-9278-421E543906FA}
Preinstalled.SmartByte Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartByte Telemetry
Preinstalled.SmartByte Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{01F01829-4C5A-41B0-8198-0BDD02B34C47}
Preinstalled.SmartByte Task C:\Windows\System32\Tasks\SMARTBYTE TELEMETRY



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

UncaHo
2020-07-23, 05:59
Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 7/22/20
Scan Time: 8:32 PM
Log File: c2fc2166-cc8c-11ea-a35f-484d7ea3e99d.json

-Software Information-
Version: 3.8.3.2965
Components Version: 1.0.613
Update Package Version: 1.0.17222
License: Trial

-System Information-
OS: Windows 10 (Build 18362.959)
CPU: x64
File System: NTFS
User: STANLEY\JoeJe

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 353848
Threats Detected: 415
Threats Quarantined: 415
Time Elapsed: 13 min, 25 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 2
PUP.Optional.GoodGame, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Goodgame Big Farm0, Quarantined, [3896], [597957],1.0.17222
PUP.Optional.GoodGame, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Goodgame Empire0, Quarantined, [3896], [597957],1.0.17222

Registry Value: 2
PUP.Optional.SearchManager.BITSRST, HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|bnlfgalbnliphjafcnhjnnnfijekbnod, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, HKU\S-1-5-21-3826748822-2543032886-3249942663-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|coikafgfajmocjfjomdmagifpeehhohh, Quarantined, [268], [626728],1.0.17222

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 61
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\sitesThumbnails, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\icons, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\_locales\pt_BR, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\fonts, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\_locales\en, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\_locales\fr, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\_locales\hi, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\_locales\vi, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\skin\icons, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\_metadata, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\_locales, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\addons, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\vendor, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\fonts, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\skin, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\css, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\js, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\USERS\JOEJE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\BNLFGALBNLIPHJAFCNHJNNNFIJEKBNOD, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\sitesThumbnails, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\email_providers, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\converter, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\weather, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\tiles, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\films, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\games, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\icons, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\maps, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\addons\bckgrndPckr, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\addons\pckgTrckr, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\addons\flCnvrsn, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\_locales\pt_BR, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\addons\cntdwn, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\addons\trndng, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\fonts, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\addons\clck, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\addons\wthr, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\_locales\en, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\_locales\fr, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\_locales\hi, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\_locales\vi, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\addons\mps, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\addons\sse, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\addons\vsn, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\skin\icons, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\_metadata, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\_locales, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\addons, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\vendor, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\fonts, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\skin, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\css, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\js, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\USERS\JOEJE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\COIKAFGFAJMOCJFJOMDMAGIFPEEHHOHH, Quarantined, [268], [626728],1.0.17222
PUP.Optional.WinYahoo.TskLnk, C:\Users\JoeJe\AppData\Local\{EAF7DCAB-CE5F-B013-A3C7-95FB87AF6963}\HowToRemove, Quarantined, [794], [542290],1.0.17222
PUP.Optional.WinYahoo.TskLnk, C:\USERS\JOEJE\APPDATA\LOCAL\{EAF7DCAB-CE5F-B013-A3C7-95FB87AF6963}, Quarantined, [794], [542290],1.0.17222

File: 350
PUP.Optional.SearchManager.BITSRST, C:\USERS\JOEJE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\USERS\JOEJE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\USERS\JOEJE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Preferences, Replaced, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\USERS\JOEJE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\BNLFGALBNLIPHJAFCNHJNNNFIJEKBNOD\10.1.4.64_0\MANIFEST.JSON, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\fonts\HelveticaNeue-Thin.otf, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\fonts\HelveticaNeueLT-Roman.woff, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\fonts\neue-bold.woff, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\fonts\neue.woff, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\icons\128.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\icons\16.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\icons\48.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\icons\close.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\icons\favicon.ico, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\icons\trends.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\sitesThumbnails\facebook_tile_v2.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\sitesThumbnails\aliexpress.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\sitesThumbnails\aliexpress_tile_v2.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\sitesThumbnails\amazon.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\sitesThumbnails\amazon_tile_v2.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\sitesThumbnails\booking.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\sitesThumbnails\booking_tile_v2.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\sitesThumbnails\ebay.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\sitesThumbnails\ebay_tile_v2.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\sitesThumbnails\expedia.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\sitesThumbnails\expedia_tile_v2.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\sitesThumbnails\facebook.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\sitesThumbnails\gmail.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\sitesThumbnails\gmail_new.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\sitesThumbnails\gmail_tile_v2.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\sitesThumbnails\google-translate-icon-FFFFFF.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\sitesThumbnails\gtranslte.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\sitesThumbnails\outlook-mail.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\sitesThumbnails\pinterest.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\sitesThumbnails\pinterest_tile_v2.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\sitesThumbnails\twitter.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\sitesThumbnails\twitter_tile_v2.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\sitesThumbnails\wix.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\sitesThumbnails\wix_tile_v2.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\sitesThumbnails\yahoo-mail.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\sitesThumbnails\yahoo.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\sitesThumbnails\yahoo_tile_v2.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\sitesThumbnails\youtube.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\sitesThumbnails\youtube_tile_v2.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\eyeglass.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\settings.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\angle-arrow-down.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\bing.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\bing_large.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\blue-triangle.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\bluesky-bg.jpg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\brush.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\bt.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\clock.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\cloud.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\cupcake-bg.jpg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\desk-bg.jpg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\doodle.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\down.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\eyeglass_transparent.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\gmail-circle.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\google.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\google_large.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\grid-world.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\group.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\hero-bg.jpg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\just-the-box-empty.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\just-the-box.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\magnifier.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\mail-black-envelope-symbol.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\mailru.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\mountain-bg.jpg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\outlook-circle.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\pointer2.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\radio-selected.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\radio-unselected.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\sea-bg.jpg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\search-D7D7D7.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\search-FFFFFF.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\smallMagnifier.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\star-unselected.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\star.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\toggle-off.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\toggle-on.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\translate.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\transparent_img.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\triangle.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\yahoo-circle.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\yahoo.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\yahoo.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\images\yahoo_large.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\content\bundle.v0.0.1.min.css, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\css\style.css, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\fonts\HelveticaNeue-Thin.otf, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\fonts\HelveticaNeueLT-Roman.woff, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\fonts\neue-bold.woff, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\fonts\neue.woff, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\js\background.min.js, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\js\common.min.js, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\js\common.min.js.LICENSE, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\js\index.min.js, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\skin\icons\16.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\vendor\react-with-addons.min.js, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\_locales\en\messages.json, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\_locales\fr\messages.json, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\_locales\hi\messages.json, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\_locales\pt_BR\messages.json, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\_locales\vi\messages.json, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\_metadata\verified_contents.json, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\background.html, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\e_.json, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\index.html, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlfgalbnliphjafcnhjnnnfijekbnod\10.1.4.64_0\responseConfig.json, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\USERS\JOEJE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\USERS\JOEJE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\USERS\JOEJE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Preferences, Replaced, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\USERS\JOEJE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\COIKAFGFAJMOCJFJOMDMAGIFPEEHHOHH\10.1.4.65_0\MANIFEST.JSON, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\addons\bckgrndPckr\comp.min.js, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\addons\bckgrndPckr\const.min.js, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\addons\bckgrndPckr\service.min.js, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\addons\clck\comp.min.js, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\addons\cntdwn\comp.min.js, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\addons\flCnvrsn\action.min.js, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\addons\flCnvrsn\const.min.js, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\addons\mps\comp.min.js, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\addons\pckgTrckr\comp.min.js, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\addons\pckgTrckr\const.min.js, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\addons\sse\action.min.js, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\addons\sse\const.min.js, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\addons\trndng\action.min.js, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\addons\trndng\const.min.js, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\addons\vsn\action.min.js, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\addons\vsn\const.min.js, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\addons\wthr\action.min.js, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\addons\wthr\comp.min.js, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\addons\wthr\const.min.js, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\addons\wthr\owcomp.min.js, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\fonts\HelveticaNeue-Thin.otf, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\fonts\HelveticaNeueLT-Roman.woff, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\fonts\neue-bold.woff, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\fonts\neue.woff, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\converter\close-FF8A5A.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\converter\collection-9B9B9B.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\converter\collection-FF691E.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\converter\doc-icon-FFFFFF.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\converter\error-FF691E.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\converter\loader-FF8A5A.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\converter\pdf-2-doc-9B9B9B.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\converter\pdf-2-doc-FFFFFF.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\converter\pdf-icon-FFFFFF.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\converter\success-FF8A5A.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\converter\tab-arrow-FF691E.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\converter\upload-FF691E.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\email_providers\gmail-icon.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\email_providers\outlook.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\email_providers\yahoo.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\films\amazon-FFFFFF.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\films\amazon.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\films\arrow-FFFFFF.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\films\arrows.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\films\close.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\films\enlarge-000000-FFFFFF.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\films\enlarge-FFCA00-000000.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\films\hulu-FFFFFF.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\films\hulu.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\films\minimize-000000-FFFFFF.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\films\netflix-FFFFFF.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\films\netflix.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\films\play.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\films\refresh-FFFFFF-000000.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\films\reload-FFFFFF.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\films\shrink-FFCA00-000000.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\films\shuffle-000000.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\films\shuffle-FFFFFF.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\films\vudu-FFFFFF.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\films\vudu.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\games\addicting.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\games\shockwave.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\games\y8.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\icons\128.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\icons\16.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\icons\48.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\icons\close.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\icons\favicon.ico, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\icons\trends.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\maps\bing-maps-FFFFFF.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\maps\from-to-icon-8881FF.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\maps\google-maps-FFFFFF.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\maps\location-icon-8881FF.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\maps\search-4A4A4A.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\maps\search-8881FF.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\maps\switch-8881FF.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\maps\tab-arrow-8881FF.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\maps\whereto-logo-8881FF.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\maps\whereto-logo-FFFFFF.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\sitesThumbnails\facebook_tile_v2.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\sitesThumbnails\aliexpress.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\sitesThumbnails\aliexpress_tile_v2.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\sitesThumbnails\amazon.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\sitesThumbnails\amazon_tile_v2.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\sitesThumbnails\booking.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\sitesThumbnails\booking_tile_v2.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\sitesThumbnails\ebay.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\sitesThumbnails\ebay_tile_v2.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\sitesThumbnails\expedia.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\sitesThumbnails\expedia_tile_v2.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\sitesThumbnails\facebook.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\sitesThumbnails\gmail.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\sitesThumbnails\gmail_new.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\sitesThumbnails\gmail_tile_v2.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\sitesThumbnails\google-translate-icon-FFFFFF.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\sitesThumbnails\gtranslte.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\sitesThumbnails\outlook-mail.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\sitesThumbnails\pinterest.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\sitesThumbnails\pinterest_tile_v2.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\sitesThumbnails\twitter.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\sitesThumbnails\twitter_tile_v2.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\sitesThumbnails\wix.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\sitesThumbnails\wix_tile_v2.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\sitesThumbnails\yahoo-mail.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\sitesThumbnails\yahoo.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\sitesThumbnails\yahoo_tile_v2.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\sitesThumbnails\youtube.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\sitesThumbnails\youtube_tile_v2.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\tiles\DOC-to-PDF.jpg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\tiles\PDF-to-DOC.jpg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\tiles\Translation.jpg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\tiles\View-PDF.jpg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\weather\01d.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\weather\01n.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\weather\02d.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\weather\02n.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\weather\03d.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\weather\03n.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\weather\04d.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\weather\04n.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\weather\09d.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\weather\09n.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\weather\10d.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\weather\10n.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\weather\11d.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\weather\11n.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\weather\13d.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\weather\13n.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\weather\50d.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\weather\50n.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\desk-bg.jpg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\google_large.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\outlook-circle.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\alot.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\angle-arrow-down.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\bg-joystick.jpg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\bing.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\bing_large.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\bluesky-bg.jpg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\brush.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\bt.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\clock.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\cloud.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\cupcake-bg.jpg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\doodle.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\down.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\enhanced_google.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\eyeglass.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\eyeglass_transparent.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\films-bg.jpg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\gmail-circle.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\gmx_large.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\google.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\grid-world.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\group.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\hero-bg.jpg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\inuvo-bg.jpg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\just-the-box-empty.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\just-the-box.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\mail-black-envelope-symbol.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\mailru.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\mountain-bg.jpg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\pointer2.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\radio-selected.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\radio-unselected.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\sea-bg.jpg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\search-D7D7D7.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\search-FFFFFF.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\settings.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\smallMagnifier.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\star-unselected.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\star.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\todoc.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\toggle-off.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\toggle-on.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\topdf.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\transparent_img.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\triangle.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\yahoo-circle.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\yahoo.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\yahoo.svg, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\yahoo_large.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\yandex.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\zapmeta.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\_enhanced_google.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\images\_gmx_large.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\content\bundle.v0.0.1.min.css, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\css\style.css, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\fonts\HelveticaNeue-Thin.otf, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\fonts\HelveticaNeueLT-Roman.woff, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\fonts\neue-bold.woff, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\fonts\neue.woff, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\js\background.min.js, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\js\common.min.js, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\js\common.min.js.LICENSE, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\js\index.min.js, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\skin\icons\16.png, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\vendor\react-with-addons.min.js, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\_locales\en\messages.json, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\_locales\fr\messages.json, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\_locales\hi\messages.json, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\_locales\pt_BR\messages.json, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\_locales\vi\messages.json, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\_metadata\verified_contents.json, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\background.html, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\e_.json, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\index.html, Quarantined, [268], [626728],1.0.17222
PUP.Optional.SearchManager.BITSRST, C:\Users\JoeJe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coikafgfajmocjfjomdmagifpeehhohh\10.1.4.65_0\responseConfig.json, Quarantined, [268], [626728],1.0.17222
PUP.Optional.WinYahoo.TskLnk, C:\USERS\JOEJE\APPDATA\LOCAL\{EAF7DCAB-CE5F-B013-A3C7-95FB87AF6963}\HOWTOREMOVE\HOWTOREMOVE.HTML, Quarantined, [794], [542290],1.0.17222
PUP.Optional.WinYahoo.TskLnk, C:\Users\JoeJe\AppData\Local\{EAF7DCAB-CE5F-B013-A3C7-95FB87AF6963}\HowToRemove\chromium-min.jpg, Quarantined, [794], [542290],1.0.17222
PUP.Optional.WinYahoo.TskLnk, C:\Users\JoeJe\AppData\Local\{EAF7DCAB-CE5F-B013-A3C7-95FB87AF6963}\HowToRemove\control panel-min-min.JPG, Quarantined, [794], [542290],1.0.17222
PUP.Optional.WinYahoo.TskLnk, C:\Users\JoeJe\AppData\Local\{EAF7DCAB-CE5F-B013-A3C7-95FB87AF6963}\HowToRemove\down.png, Quarantined, [794], [542290],1.0.17222
PUP.Optional.WinYahoo.TskLnk, C:\Users\JoeJe\AppData\Local\{EAF7DCAB-CE5F-B013-A3C7-95FB87AF6963}\HowToRemove\ff menu.JPG, Quarantined, [794], [542290],1.0.17222
PUP.Optional.WinYahoo.TskLnk, C:\Users\JoeJe\AppData\Local\{EAF7DCAB-CE5F-B013-A3C7-95FB87AF6963}\HowToRemove\ff search engine-min.png, Quarantined, [794], [542290],1.0.17222
PUP.Optional.WinYahoo.TskLnk, C:\Users\JoeJe\AppData\Local\{EAF7DCAB-CE5F-B013-A3C7-95FB87AF6963}\HowToRemove\hp-min ff.png, Quarantined, [794], [542290],1.0.17222
PUP.Optional.WinYahoo.TskLnk, C:\Users\JoeJe\AppData\Local\{EAF7DCAB-CE5F-B013-A3C7-95FB87AF6963}\HowToRemove\hp-min ie.png, Quarantined, [794], [542290],1.0.17222
PUP.Optional.WinYahoo.TskLnk, C:\Users\JoeJe\AppData\Local\{EAF7DCAB-CE5F-B013-A3C7-95FB87AF6963}\HowToRemove\search engine.gif, Quarantined, [794], [542290],1.0.17222
PUP.Optional.WinYahoo.TskLnk, C:\Users\JoeJe\AppData\Local\{EAF7DCAB-CE5F-B013-A3C7-95FB87AF6963}\HowToRemove\setup pages.gif, Quarantined, [794], [542290],1.0.17222
PUP.Optional.WinYahoo.TskLnk, C:\Users\JoeJe\AppData\Local\{EAF7DCAB-CE5F-B013-A3C7-95FB87AF6963}\HowToRemove\sp-min.png, Quarantined, [794], [542290],1.0.17222
PUP.Optional.WinYahoo.TskLnk, C:\Users\JoeJe\AppData\Local\{EAF7DCAB-CE5F-B013-A3C7-95FB87AF6963}\HowToRemove\start-min.jpg, Quarantined, [794], [542290],1.0.17222
PUP.Optional.WinYahoo.TskLnk, C:\Users\JoeJe\AppData\Local\{EAF7DCAB-CE5F-B013-A3C7-95FB87AF6963}\HowToRemove\up.png, Quarantined, [794], [542290],1.0.17222
PUP.Optional.WinYahoo.TskLnk, C:\Users\JoeJe\AppData\Local\{EAF7DCAB-CE5F-B013-A3C7-95FB87AF6963}\micalimot, Quarantined, [794], [542290],1.0.17222
PUP.Optional.WinYahoo.TskLnk, C:\Users\JoeJe\AppData\Local\{EAF7DCAB-CE5F-B013-A3C7-95FB87AF6963}\saledole, Quarantined, [794], [542290],1.0.17222
PUP.Optional.WinYahoo.TskLnk, C:\Users\JoeJe\AppData\Local\{EAF7DCAB-CE5F-B013-A3C7-95FB87AF6963}\uninst.exe, Quarantined, [794], [542290],1.0.17222
PUP.Optional.WinYahoo.TskLnk, C:\Users\JoeJe\AppData\Local\{EAF7DCAB-CE5F-B013-A3C7-95FB87AF6963}\uninstp.dat, Quarantined, [794], [542290],1.0.17222
Adware.InstallCore, C:\USERS\JOEJE\DOWNLOADS\SHINING FORCE (U) [!]_3410656410.EXE, Quarantined, [443], [695147],1.0.17222
Adware.InstallCore, C:\USERS\JOEJE\DOWNLOADS\SONIC THE HEDGEHOG 2 (JUE) [!]_3154028712.EXE, Quarantined, [443], [695147],1.0.17222
Adware.InstallCore, C:\USERS\JOEJE\DOWNLOADS\GHOSTBUSTERS (JUE) (REV 01) [!]_0688093253.EXE, Quarantined, [443], [695147],1.0.17222
Adware.InstallCore, C:\USERS\JOEJE\DOWNLOADS\SONIC THE HEDGEHOG 3 (E)_3310399535.EXE, Quarantined, [443], [695147],1.0.17222
PUP.Optional.BundleInstaller, C:\USERS\JOEJE\DOWNLOADS\MINECRAFT_DOWNLOAD.EXE, Quarantined, [455], [371227],1.0.17222
PUP.Optional.ASK, C:\USERS\JOEJE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Sync Data\SyncData.sqlite3, Replaced, [2], [454825],1.0.17222
PUP.Optional.ASK, C:\USERS\JOEJE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Web Data, Replaced, [2], [454825],1.0.17222
PUP.Optional.ASK, C:\USERS\JOEJE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Web Data, Replaced, [2], [454822],1.0.17222
PUP.Optional.ASK, C:\USERS\JOEJE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Sync Data\SyncData.sqlite3, Replaced, [2], [454822],1.0.17222
PUP.Optional.ASK, C:\USERS\JOEJE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Profile 1\Web Data, Replaced, [2], [454822],1.0.17222

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

Juliet
2020-07-23, 14:22
My goodness, did you see all that!

Since Google chrome was so effected for this user profile => JoeJe, I think it best to uninstall and reinstall. Since so much of the problem came from Chrome I doubt it can work as it once did, you can test it first of course but, if you find your having issues with it then follow the tutorial.
Read over the tutorial below, scroll down to uninstall, then go back up the page to install.
https://www.bleepingcomputer.com/tutorials/how-to-install-and-uninstall-google-chrome-in-windows/

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`
Let's do an online scan to see if there are any remnants that can be picked up.

ESET Online Scanner

Download ESET Online Scanner (https://download.eset.com/com/eset/tools/online_scanner/latest/esetonlinescanner_enu.exe) and save it to your desktop.

Right-click on esetonlinescanner_enu.exe and select Run as Administrator.
When the tool opens, click Get Started.
Read and accept the license agreement.
At the Welcome to ESET Online Scanner window, click Get Started.
Select whether you would like to send anonymous data to ESET.
Note: if you see the "Welcome Back to ESET Online Scanner" screen, click Computer Scan > Full Scan.
Click on the Full Scan option.
Select Enable ESET to detect and remove potentially unwanted applications, then click Start scan.
ESET will now begin scanning your computer. This may take some time.
When the scan is finished and if threats have been detected, select Save scan log. Save it to your desktop as eset.txt. Click on Continue.
ESET Online Scanner may ask if you'd like to turn on the Periodic Scan feature. Click on Continue.
On the next screen, you can leave feedback about the program if you wish. Check the box for Delete application data on closing. If you left feedback, click Submit and continue. If not, Close without feedback.
Open the scan log on your desktop (eset.txt) and copy and paste its contents into your next reply.

---------------------------------------------------

How is the computer now?

Juliet
2020-07-28, 14:27
Glad we could help. http://i.imgur.com/SakDYGv.gif
Since this issue appears resolved ... this Topic is closed.