Results 1 to 10 of 16

Thread: Help please with these logs FRST Additions and aswMBR

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Junior Member
    Join Date
    Jun 2020
    Posts
    9

    Default Help please with these logs FRST Additions and aswMBR

    Sony Vaio 1 terabyte laptop (810 free) Windows 10 home (originally windows 8) bought second hand. Intel (R) Core i5 4200 CPU 1.60GHZ 64bit

    I've had the laptop for years and this is the first time I ran a quick rootkit check. I have found 145 rootkits but don't know if they are good or bad. Goodness knows how many it would have found if I'd done a deep check.

    I have a problem with the laptop with 100% Disc 100% CPU and 100% memory at times (not at the same time) when the laptop slows down and becomes unresponsive. Start up takes a while even though I've disabled everything except anti virus and firewall.

    I followed the instructions for Farbar (with additions) and aswMBR Log however the additions (65.2kb) and the FRST log (116kb) were too big, screenshots below.

    I enclose the aswMBR log and please advise me what to do about the FRST and additions logs.

    Many thanks
    Attached Images Attached Images
    Attached Files Attached Files

  2. #2
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,931

    Default

    I think what the error message is saying is the files are to big.
    Can you try to copy and paste them into a reply?, if you need to you can do so making it in multiple post.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  3. #3
    Junior Member
    Join Date
    Jun 2020
    Posts
    9

    Default copy of FRST and Additions

    Sorry it's so long, the file wouldn't paste.


    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-06-2020
    Ran by linda (administrator) on USER-VAIO (Sony Corporation SVF1532C5E) (18-06-2020 15:14:19)
    Running from C:\Users\linda\Desktop
    Loaded Profiles: linda
    Platform: Windows 10 Home Version 1909 18363.900 (X64) Language: English (United Kingdom)
    Default browser: FF
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
    (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
    (Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
    (Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
    (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswEngSrv.exe
    (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
    (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe <2>
    (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe
    (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
    (Check Point Software Technologies Ltd. -> ) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe
    (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe
    (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe
    (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe
    (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe
    (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe
    (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe
    (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
    (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
    (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
    (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
    (IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportHelper.exe
    (IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
    (IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
    (IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe <2>
    (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
    (Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
    (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
    (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
    (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12827.20400.0_x64__8wekyb3d8bbwe\HxOutlook.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12827.20400.0_x64__8wekyb3d8bbwe\HxTsr.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
    (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2>
    (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <9>
    (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    (Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
    (Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
    (Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe
    (Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe
    (Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
    (Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe <2>
    (Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe <2>
    (Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
    (Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
    (Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
    (Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
    (Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
    (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
    (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

    ==================== Registry (Whitelisted) ===================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1353432 2013-10-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
    HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [156776 2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
    HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954368 2015-10-17] (Synaptics Incorporated -> Synaptics Incorporated)
    HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2346008 2013-10-01] (Sony Corporation -> Sony Corporation)
    HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4127488 2015-06-16] (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed]
    HKLM-x32\...\Run: [WorksFUD] => C:\Program Files (x86)\Microsoft Works\wkfud.exe [24576 2001-10-05] (Microsoft® Corporation) [File not signed]
    HKLM-x32\...\Run: [Microsoft Works Portfolio] => C:\Program Files (x86)\Microsoft Works\WksSb.exe [331830 2001-08-22] (Microsoft® Corporation) [File not signed]
    HKLM-x32\...\Run: [Microsoft Works Update Detection] => C:\Program Files (x86)\Common Files\Microsoft Shared\Works Shared\WkUFind.exe [28738 2001-08-16] (Microsoft® Corporation) [File not signed]
    HKLM-x32\...\Run: [MoneyStartUp10.0] => C:\Program Files (x86)\Microsoft Money\System\Activation.exe [245810 2001-07-25] (Microsoft Corporation) [File not signed]
    HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7916032 2020-06-09] (Dropbox, Inc -> Dropbox, Inc.)
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
    HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [326448 2019-07-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
    HKLM-x32\...\Run: [ZaAntiRansomware] => C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe [4230368 2019-11-27] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
    HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) [File not signed]
    HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\Run: [MoneyAgent] => C:\Program Files (x86)\Microsoft Money\System\Money Express.exe [188472 2001-07-25] (Microsoft Corporation) [File not signed]
    HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\Run: [VoipConnect] => C:\Program Files (x86)\VoipConnect.com\VoipConnect\VoipConnect.exe [36547168 2016-02-17] (Finarea SA -> VoipConnect)
    HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\Run: [Amazon Music] => C:\Users\linda\AppData\Local\Amazon Music\Amazon Music Helper.exe [5908968 2016-06-16] (Amazon Services LLC -> )
    HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\Run: [CAHeadless] => c:\Program Files (x86)\Adobe\Elements 12 Organizer\CAHeadless\ElementsAutoAnalyzer.exe [1401040 2015-12-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
    HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [29072568 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd)
    HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [48214752 2020-04-06] (Google LLC -> )
    HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5417008 2020-05-04] (Adobe Inc. -> Adobe Systems Incorporated)
    HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [495704 2013-09-24] (Sony Corporation -> Sony Corporation)
    HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [38400 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
    HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2015-10-09] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
    HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor MX420 series: C:\WINDOWS\system32\CNCALAM.DLL [302080 2010-10-21] (CANON INC.) [File not signed]
    HKLM\...\Print\Monitors\Canon BJ Language Monitor MX420 series: C:\WINDOWS\system32\CNMLMAM.DLL [374784 2010-09-20] (CANON INC.) [File not signed]
    HKLM\...\Print\Monitors\PCL hpz3lw71: C:\WINDOWS\system32\hpz3lw71.dll [46080 2015-10-09] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Installer\chrmstp.exe [2020-06-17] (Google LLC -> Google LLC)
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{9459C573-B17A-45AE-9F64-1857B5D58CEE}] -> C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.50\Installer\setup.exe [2020-06-18] (Microsoft Corporation -> Microsoft Corporation)
    HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> c:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2013-09-25] (Broadcom Corporation -> Broadcom Corporation.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Event Planner Reminders Tray Icon.lnk.disabled [2018-02-26]
    ShortcutTarget: Event Planner Reminders Tray Icon.lnk.disabled -> C:\SIERRA\CardStudio\PLNRnote.exe (No File)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2020-06-11]
    ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2019-08-08]
    ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation -> Microsoft Corporation)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk [2016-02-04]
    ShortcutTarget: Microsoft Works Calendar Reminders.lnk -> C:\Program Files (x86)\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe (Microsoft® Corporation) [File not signed]
    GroupPolicy: Restriction ? <==== ATTENTION
    FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

    ==================== Scheduled Tasks (Whitelisted) ============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {060285CD-EF85-4322-852F-8070E7E1D42A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [5753752 2016-03-21] (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed]
    Task: {06C75584-6E6F-4FF5-9403-5E2579A15EA5} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [540760 2013-08-14] (Sony Corporation -> Sony Corporation)
    Task: {0857D75F-C93C-4F81-A2E0-DE24252F8954} - System32\Tasks\HPCeeScheduleForlinda => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
    Task: {09C04C34-CF9B-4C2A-9C8B-ADD73ABC0039} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1505624 2020-05-20] (HP Inc. -> HP Inc.)
    Task: {129BC438-C920-47E1-9BC2-E843B40F34A5} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [18272 2019-12-06] (Sony Corporation -> Sony Corporation)
    Task: {15DD921F-F051-404C-943B-A81588ECDB5D} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804816 2019-12-06] (Sony Corporation -> Sony Corporation)
    Task: {1787763B-529B-4C68-B3E8-BA1B623FE327} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1133400 2020-06-03] (HP Inc. -> HP Inc.)
    Task: {1DD91C48-3319-4B88-B103-5E2E8BCA3F73} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-17] (Adobe Inc. -> Adobe)
    Task: {1E3FCC8B-65F3-4B2F-915D-F52A36945A8D} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804816 2019-12-06] (Sony Corporation -> Sony Corporation)
    Task: {1F3FB465-A97F-4483-A93B-F11BACD0CF40} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [124624 2020-06-04] (Mozilla Corporation -> Mozilla Foundation)
    Task: {281A18D4-E2F5-4352-832D-AD295416E4A7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [320856 2020-04-23] (HP Inc. -> HP Inc.)
    Task: {2D6E624D-F4ED-4FBC-8BE7-381CC47B4905} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
    Task: {2DFF4AC9-EB63-4363-AE48-466AC78CCF18} - System32\Tasks\Sony Corporation\VAIO Care\DeployVAIOManual => C:\ProgramData\Sony Corporation\VAIO Care\VAIOUserGuideUpdate.exe
    Task: {2FE0D287-5EF6-43B7-A46B-61D583203F98} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1505624 2020-05-20] (HP Inc. -> HP Inc.)
    Task: {30C30284-3BB9-4B0F-954B-939928929C56} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIO Capture\VAIO Clip => C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe [184408 2013-08-14] (Sony Corporation -> Sony Corporation)
    Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
    Task: {3B2E4EE6-EAC9-4451-A7B2-9EFB20082735} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [3152360 2019-11-08] (Sony Corporation -> Sony Corporation)
    Task: {4019DFB8-82CB-4A6F-AA16-0DE90619E327} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [6193080 2016-03-21] (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed]
    Task: {40B4DD8A-1A1A-4555-A31A-1465209A074A} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [3387520 2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
    Task: {4146D0D5-F18D-4A7B-879D-6674E16AD3F1} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804816 2019-12-06] (Sony Corporation -> Sony Corporation)
    Task: {497D3046-5ABF-4114-B725-36CDD520DFD4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24690360 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd)
    Task: {4D59A362-D25E-4786-82FB-E3F547A059AD} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804816 2019-12-06] (Sony Corporation -> Sony Corporation)
    Task: {5554BD4C-3006-4E22-A344-A2DB5C65570F} - System32\Tasks\WpsUpdateTask_linda => C:\Users\linda\AppData\Local\Kingsoft\WPS Office\11.2.0.9431\office6\wpsupdate.exe [157952 2020-06-15] (Zhuhai Kingsoft Office Software Co., Ltd. -> )
    Task: {5731A562-73AC-4E1F-9786-621484A1B0ED} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-18] (Microsoft Corporation -> Microsoft Corporation)
    Task: {5847F04C-9DAC-4A1A-9AC6-54CB1D928F7C} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1692296 2020-02-27] (AVG Technologies USA, LLC -> AVG Technologies)
    Task: {591AA78C-D749-45E3-BFAA-07703B82892E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-04-14] (Google Inc -> Google Inc.)
    Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [32256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
    Task: {5AAF40B4-5E87-4275-B29F-BED649061505} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [540760 2013-08-14] (Sony Corporation -> Sony Corporation)
    Task: {5F2CA4AE-70E1-4E9A-BCF3-6B4050B4382E} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804816 2019-12-06] (Sony Corporation -> Sony Corporation)
    Task: {67F252AB-9FF9-4903-B2DE-A851082C4C6C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [4777336 2015-06-16] (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed]
    Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
    Task: {711B20CA-FDEE-4BEF-AC41-DA641B92405A} - System32\Tasks\PDVDServ Task => c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.EXE [103384 2013-03-19] (CyberLink Corp. -> CyberLink Corp.)
    Task: {721D9A36-B0EC-4F5F-BEFD-CE3457EA3D87} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-04-14] (Google Inc -> Google Inc.)
    Task: {7B8CDB6C-8600-4A16-9969-C93F3627A175} - System32\Tasks\CLVDLauncher => c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [340440 2013-04-25] (CyberLink Corp. -> CyberLink Corp.)
    Task: {7B9EEE90-8CC1-4497-BF3C-C5DCCD4AA4A3} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804816 2019-12-06] (Sony Corporation -> Sony Corporation)
    Task: {85E7839C-37F7-49EC-B8F3-57DB50471B35} - \WPD\SqmUpload_S-1-5-21-2100492843-3013311965-3169298572-1001 -> No File <==== ATTENTION
    Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
    Task: {87B25471-9DE5-49E5-A519-C07C64DD8ECB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
    Task: {89F8658E-F9E9-438D-A869-209D82A8849E} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [495704 2013-09-24] (Sony Corporation -> Sony Corporation)
    Task: {8EB40AF6-1500-44C4-BB8A-6FC3D60DB362} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [662872 2020-04-30] (HP Inc. -> HP Inc.)
    Task: {9A8D9C0B-F8CD-4682-A6D6-85D3C44F0A00} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd)
    Task: {A0F40FD9-9E64-452F-A8F7-F4724B1DB97F} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe [1689176 2013-09-27] (Sony Corporation -> Sony Corporation)
    Task: {A315CE96-D074-4038-990C-79AAA856A7CD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [134008 2020-03-25] (HP Inc. -> HP Inc.)
    Task: {A4002FEC-DC76-4BE7-9421-7667FAC7C259} - System32\Tasks\WpsExternal_linda_20200615202436 => C:\Users\linda\AppData\Local\Kingsoft\WPS Office\11.2.0.9431\office6\wps.exe [1065216 2020-06-15] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
    Task: {AA3B4532-104C-4455-BFA2-A5E39CAC8B2D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [662872 2020-04-30] (HP Inc. -> HP Inc.)
    Task: {ADD3B0A1-97B4-4476-BB7F-D5D8E71B6629} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804816 2019-12-06] (Sony Corporation -> Sony Corporation)
    Task: {C3FC07D2-1ED0-45A6-AC7F-C76F98AEE2EA} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe [1459256 2020-06-17] (Adobe Inc. -> Adobe)
    Task: {C9255E70-9339-439E-8022-473B3B66EDF4} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954368 2015-10-17] (Synaptics Incorporated -> Synaptics Incorporated)
    Task: {C9FAEFD7-E9AB-4651-A5EC-6A88A866AC94} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-03] (Dropbox, Inc -> Dropbox, Inc.)
    Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
    Task: {D1A0045C-6E07-4078-B9B3-282D9ABF2EEE} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [39920 2018-10-24] (Garmin International, Inc. -> )
    Task: {D5A76A69-D313-4DDF-9870-976ECA0B80E8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-03] (Dropbox, Inc -> Dropbox, Inc.)
    Task: {D75A012D-0301-40EA-82C1-A04D101C7FBC} - System32\Tasks\WpsUpdateTask_avatek => C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe
    Task: {DFE3DBB9-BA4E-4EBE-97E9-F91CBFC52EFA} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [495704 2013-09-24] (Sony Corporation -> Sony Corporation)
    Task: {E6FF7CC4-6A64-404D-B299-F26376987BC0} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804816 2019-12-06] (Sony Corporation -> Sony Corporation)
    Task: {EB9CE40A-4D41-4158-8F07-41FAE9BBC40B} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
    Task: {EEFDB208-F0C9-4762-9BE2-362F16BB001E} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-lindaredfern@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
    Task: {F32BA3A1-6774-41F4-8F57-3A89060A4D76} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-18] (Microsoft Corporation -> Microsoft Corporation)
    Task: {F37A72C0-FC7D-450C-B446-0F34C738727A} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [1210856 2019-11-08] (Sony Corporation -> Sony Corporation)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\WINDOWS\Tasks\HPCeeScheduleForlinda.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
    Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    Task: C:\WINDOWS\Tasks\WpsUpdateTask_avatek.job => C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{c4d833af-e36a-4c07-96d1-96f92e8caa86}: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{e4b5b161-62e7-40d5-b339-3e67ad9f80ec}: [DhcpNameServer] 192.168.1.1

    Internet Explorer:
    ==================
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
    HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/
    HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com/?pc=SEJB
    SearchScopes: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003 -> {329F56EA-F3C5-422C-BB45-C274CFDA2B16} URL = hxxp://rover.ebay.com/rover/1/710-42480-16445-33/4?mpre=hxxp://shop.ebay.co.uk/?oemInLn=ieSrch-&_nkw={searchTerms}
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll [2020-02-02] (Oracle America, Inc. -> Oracle Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-02-02] (Oracle America, Inc. -> Oracle Corporation)
    BHO-x32: No Name -> {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} -> C:\Program Files (x86)\Microsoft Money\System\mnyviewer.dll [2001-07-25] (Microsoft Corporation) [File not signed]
    Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2019-01-25] (Belarc, Inc. -> Belarc, Inc.)
    Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation) [File not signed]
    Handler-x32: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
    Handler-x32: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
    Handler-x32: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
    Handler-x32: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
    Handler-x32: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]
    Handler-x32: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2001-02-12] (Microsoft Corporation) [File not signed]

    Edge:
    ======
    DownloadDir: C:\Users\linda\Downloads
    Edge HomeButtonPage: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003 -> hxxps://start.duckduckgo.com/
    Edge Notifications: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003 -> hxxps://www.facebook.com
    Edge Extension: (IBM Security Rapport) -> EdgeExtension_IBMTrusteerIBMTrusteerRapport_756wk15nt3n8e => C:\Program Files\WindowsApps\IBMTrusteer.IBMTrusteerRapport_1.1.34.0_x64__756wk15nt3n8e [2019-01-01]
    Edge Profile: C:\Users\linda\AppData\Local\Microsoft\Edge\User Data\Default [2020-06-18]
    Edge DownloadDir: C:\Users\linda\Downloads
    Edge Notifications: Default -> hxxps://www.facebook.com
    Edge HomePage: Default -> hxxps://start.duckduckgo.com/
    Edge StartupUrls: Default -> "hxxps://start.duckduckgo.com/"

    FireFox:
    ========
    FF DefaultProfile: oiz3lkk9.default-1545507165458
    FF ProfilePath: C:\Users\linda\AppData\Roaming\Mozilla\Firefox\Profiles\oiz3lkk9.default-1545507165458 [2020-06-18]
    FF Notifications: Mozilla\Firefox\Profiles\oiz3lkk9.default-1545507165458 -> hxxps://duo.google.com
    FF Extension: (IBM Security Rapport) - C:\Users\linda\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com (1).xpi [2018-04-09] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
    FF Extension: (IBM Security Rapport) - C:\Users\linda\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi [2020-06-09] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
    FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\linda\AppData\Roaming\Mozilla\Firefox\Profiles\oiz3lkk9.default-1545507165458\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2020-06-03]
    FF Extension: (Stay secure with CyberGhost VPN Free Proxy) - C:\Users\linda\AppData\Roaming\Mozilla\Firefox\Profiles\oiz3lkk9.default-1545507165458\Extensions\{585280b0-ee78-428a-92c5-3fb3c0b85460}.xpi [2020-02-20] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
    FF Extension: (Ecosia - The search engine that plants trees) - C:\Users\linda\AppData\Roaming\Mozilla\Firefox\Profiles\oiz3lkk9.default-1545507165458\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2018-12-22]
    FF Extension: (No Name) - C:\Users\linda\AppData\Roaming\Mozilla\Firefox\Profiles\oiz3lkk9.default-1545507165458\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-04-03]
    FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_387.dll [2020-06-17] (Adobe Inc. -> )
    FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File]
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems Incorporated -> Adobe Systems)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_387.dll [2020-06-17] (Adobe Inc. -> )
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-18] (Intel® Identity Protection Technology Software -> Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-18] (Intel® Identity Protection Technology Software -> Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-02-02] (Oracle America, Inc. -> Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-02-02] (Oracle America, Inc. -> Oracle Corporation)
    FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File]
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
    FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems Incorporated -> Adobe Systems)
    FF Plugin HKU\S-1-5-21-2100492843-3013311965-3169298572-1003: @zoom.us/ZoomVideoPlugin -> C:\Users\linda\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-05-21] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

    Chrome:
    =======
    CHR Profile: C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default [2020-06-08]
    CHR Notifications: Default -> hxxps://social.davidicke.com; hxxps://www.mirror.co.uk
    CHR StartupUrls: Default -> "hxxps://duckduckgo.com/?natb=v190-7__&cp=atbhc"
    CHR NewTab: Default -> Not-active:"chrome-extension://eedlgdlajadkbbjoobobefphmfkcchfk/newtab.html"
    CHR Extension: (Slides) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16]
    CHR Extension: (Docs) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
    CHR Extension: (Google Drive) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-07]
    CHR Extension: (IBM Security Rapport) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2020-02-07]
    CHR Extension: (DuckDuckGo) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2020-05-25]
    CHR Extension: (YouTube) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-07]
    CHR Extension: (Ecosia Search) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\eedlgdlajadkbbjoobobefphmfkcchfk [2019-10-15]
    CHR Extension: (Sheets) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-16]
    CHR Extension: (Notepad) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp [2020-05-25]
    CHR Extension: (Google Docs Offline) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-02-07]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-15]
    CHR Extension: (Browsec VPN - Free and Unlimited VPN) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2020-05-23]
    CHR Extension: (Gmail) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-10-15]
    CHR Extension: (Chrome Media Router) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-25]
    CHR HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof]
    CHR HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
    CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <not found>

    ==================== Services (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AdobeActiveFileMonitor12.0; c:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-25] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
    R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
    R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
    R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [349552 2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
    S3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe [6397888 2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
    R2 AvgWscReporter; C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe [110608 2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
    R2 CPEFR; C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe [2825976 2019-11-27] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
    R2 CpSbaCipolla; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33016 2019-10-29] (Check Point Software Technologies Ltd. -> )
    R2 CpSbaUpdater; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33016 2019-10-29] (Check Point Software Technologies Ltd. -> )
    S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-03] (Dropbox, Inc -> Dropbox, Inc.)
    S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-03] (Dropbox, Inc -> Dropbox, Inc.)
    R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44552 2020-06-09] (Dropbox, Inc -> Dropbox, Inc.)
    S2 edgeupdate; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-18] (Microsoft Corporation -> Microsoft Corporation)
    S3 edgeupdatem; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-18] (Microsoft Corporation -> Microsoft Corporation)
    R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379224 2020-05-20] (HP Inc. -> HP Inc.)
    R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel(R) pGFX -> Intel Corporation)
    R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
    R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-18] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-18] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
    R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe [270336 2001-02-23] (Microsoft Corporation) [File not signed]
    S3 MicrosoftEdgeElevationService; C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.50\elevation_service.exe [1507216 2020-06-12] (Microsoft Corporation -> Microsoft Corporation)
    R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
    S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [629336 2013-09-27] (Sony Corporation -> Sony Corporation)
    R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481304 2013-10-01] (Sony Corporation -> Sony Corporation)
    R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
    R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [3002752 2020-02-25] (IBM -> IBM Corp.)
    R2 RemediationService; C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe [18168 2019-11-04] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
    R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed]
    R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed]
    S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed]
    R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255168 2015-10-17] (Synaptics Incorporated -> Synaptics Incorporated)
    R2 TESvc; C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe [301304 2019-11-04] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
    S3 VCFw; c:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-06] (Sony Corporation -> Sony Corporation)
    R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [4501544 2019-07-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
    R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1744872 2019-11-08] (Sony Corporation -> Sony Corporation)
    S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
    S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
    S3 wpscloudsvr; C:\Users\linda\AppData\Local\Kingsoft\WPS Office\wpscloudsvr.exe [791296 2020-06-15] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
    R2 ZA NET ICM Service; C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe [40304 2019-02-07] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
    R2 ZAARUpdateService; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe [51936 2019-11-27] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
    S3 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2019-07-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies, Ltd.)

    ===================== Drivers (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [37208 2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
    R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [205952 2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
    R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [234632 2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
    R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [178832 2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
    R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [61072 2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
    R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [16520 2020-02-27] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
    R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [42856 2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
    R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [175776 2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
    R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [109336 2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
    R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [84928 2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
    R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [851664 2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
    R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [461064 2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
    R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [235552 2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
    R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [319200 2020-05-28] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
    R2 cpbak; C:\WINDOWS\System32\DRIVERS\cpbak.sys [66848 2019-11-05] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
    R1 CPEPMon; C:\WINDOWS\System32\DRIVERS\CPEPMon.sys [110880 2019-11-05] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
    S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2015-10-09] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
    S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2015-10-09] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
    S3 dot4usb; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [49056 2015-10-09] (Hewlett-Packard Company -> Microsoft Corporation)
    R1 epnetflt; C:\WINDOWS\system32\drivers\epnetflt.sys [130336 2019-10-06] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
    R1 epregflt; C:\WINDOWS\system32\drivers\epregflt.sys [132176 2019-05-01] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
    R2 ISWKL; C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Common\bin\ISWKL.sys [65264 2019-08-12] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
    R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
    R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation -> Corel Corporation)
    R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [431376 2020-02-25] (IBM -> IBM Corp.)
    R1 RapportCerberus_1955065; c:\programdata\trusteer\rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1955065.sys [1469776 2020-06-09] (IBM -> IBM Corp.)
    R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [544592 2020-02-25] (IBM -> IBM Corp.)
    R0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [397248 2020-02-25] (IBM -> IBM Corp.)
    S0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [610648 2019-04-15] (IBM -> IBM Corp.)
    R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [562560 2020-02-25] (IBM -> IBM Corp.)
    R3 SFEP; C:\WINDOWS\System32\drivers\SFEP.sys [15360 2013-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Sony Corporation)
    R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51392 2015-10-17] (Synaptics Incorporated -> Synaptics Incorporated)
    R1 Vsdatant; C:\WINDOWS\System32\drivers\vsdatant.sys [461240 2019-07-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
    S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
    S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
    S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
    U3 iswSvc; no ImagePath

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One month (created) ===================

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2020-06-18 15:14 - 2020-06-18 15:19 - 000052738 _____ C:\Users\linda\Desktop\FRST.txt
    2020-06-18 15:13 - 2020-06-18 15:16 - 000000000 ____D C:\FRST
    2020-06-18 15:10 - 2020-06-18 15:10 - 002289152 _____ (Farbar) C:\Users\linda\Desktop\FRST64.exe
    2020-06-18 15:04 - 2020-06-18 15:04 - 000000207 _____ C:\WINDOWS\tweaking.com-regbackup-USER-VAIO-Windows-10-Home-(64-bit).dat
    2020-06-18 15:03 - 2020-06-18 15:03 - 000002312 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
    2020-06-18 15:03 - 2020-06-18 15:03 - 000002312 _____ C:\ProgramData\Desktop\Tweaking.com - Registry Backup.lnk
    2020-06-18 15:03 - 2020-06-18 15:03 - 000000000 ____D C:\RegBackup
    2020-06-18 15:03 - 2020-06-18 15:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
    2020-06-18 15:03 - 2020-06-18 15:03 - 000000000 ____D C:\Program Files (x86)\Tweaking.com
    2020-06-18 15:00 - 2020-06-18 15:03 - 000018124 _____ C:\WINDOWS\Tweaking.com - Registry Backup Setup Log.txt
    2020-06-18 14:58 - 2020-06-18 14:59 - 005766144 _____ (Tweaking.com) C:\Users\linda\Desktop\tweaking.com_registry_backup_setup.exe
    2020-06-18 01:28 - 2020-06-18 12:04 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
    2020-06-18 01:28 - 2020-06-18 12:04 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
    2020-06-18 01:28 - 2020-06-18 12:04 - 000002276 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
    2020-06-18 01:26 - 2020-06-18 11:42 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
    2020-06-18 01:26 - 2020-06-18 11:42 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
    2020-06-16 08:11 - 2020-06-16 08:14 - 000000000 ____D C:\Users\linda\Documents\items ordered
    2020-06-15 20:24 - 2020-06-16 14:21 - 000003038 _____ C:\WINDOWS\system32\Tasks\WpsExternal_linda_20200615202436
    2020-06-15 20:24 - 2020-06-15 20:24 - 000000000 ____D C:\Users\linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WPS Office
    2020-06-11 23:40 - 2020-06-11 23:40 - 000001078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
    2020-06-11 23:39 - 2020-06-11 23:39 - 000001234 _____ C:\Users\Public\Desktop\Shop for HP Supplies.lnk
    2020-06-11 23:39 - 2020-06-11 23:39 - 000001234 _____ C:\ProgramData\Desktop\Shop for HP Supplies.lnk
    2020-06-11 23:38 - 2020-06-11 23:38 - 000001398 _____ C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
    2020-06-11 23:38 - 2020-06-11 23:38 - 000001392 _____ C:\Users\Public\Desktop\HP Solution Center.lnk
    2020-06-11 23:38 - 2020-06-11 23:38 - 000001392 _____ C:\ProgramData\Desktop\HP Solution Center.lnk
    2020-06-11 23:38 - 2020-06-11 23:38 - 000000000 ____D C:\ProgramData\HP Product Assistant
    2020-06-11 23:29 - 2020-06-11 22:17 - 000188166 ____N C:\WINDOWS\hpoins28.dat.temp
    2020-06-11 23:24 - 2020-06-11 23:24 - 000005872 _____ C:\Users\linda\Documents\cc_20200611_232451.reg
    2020-06-11 23:06 - 2020-06-11 23:08 - 188204936 _____ C:\Users\linda\Downloads\DJ_AIO_03_F4200_NonNet_Full_WW_140_404-4(2).exe
    2020-06-11 22:47 - 2020-06-05 22:03 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2020-06-11 22:47 - 2020-06-05 22:03 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2020-06-11 22:34 - 2020-06-11 22:34 - 000061035 _____ C:\Users\linda\Desktop\HP Installation Error - Windows 8.hta
    2020-06-11 22:03 - 2020-06-11 23:02 - 001238214 _____ C:\Users\linda\AppData\Local[j0002]-[p02].bmp
    2020-06-11 22:02 - 2020-06-11 23:02 - 001238214 _____ C:\Users\linda\AppData\Local[j0002]-[p01].bmp
    2020-06-11 21:33 - 2020-06-11 21:56 - 022792645 _____ C:\Users\linda\Documents\curtis birthday card.ccf
    2020-06-11 12:58 - 2020-06-11 12:58 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
    2020-06-11 12:58 - 2020-06-11 12:58 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
    2020-06-11 12:58 - 2020-06-11 12:58 - 011608064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
    2020-06-11 12:58 - 2020-06-11 12:58 - 009712640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
    2020-06-11 12:58 - 2020-06-11 12:58 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
    2020-06-11 12:58 - 2020-06-11 12:58 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2020-06-11 12:58 - 2020-06-11 12:58 - 003525608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
    2020-06-11 12:58 - 2020-06-11 12:58 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
    2020-06-11 12:58 - 2020-06-11 12:58 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
    2020-06-11 12:58 - 2020-06-11 12:58 - 002230240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
    2020-06-11 12:58 - 2020-06-11 12:58 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
    2020-06-11 12:58 - 2020-06-11 12:58 - 001539072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
    2020-06-11 12:58 - 2020-06-11 12:58 - 001344512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMNetMgr.dll
    2020-06-11 12:58 - 2020-06-11 12:58 - 001272160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
    2020-06-11 12:58 - 2020-06-11 12:58 - 001151824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
    2020-06-11 12:58 - 2020-06-11 12:58 - 001112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMNetMgr.dll
    2020-06-11 12:58 - 2020-06-11 12:58 - 001099608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
    2020-06-11 12:58 - 2020-06-11 12:58 - 001012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
    2020-06-11 12:58 - 2020-06-11 12:58 - 000940544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
    2020-06-11 12:58 - 2020-06-11 12:58 - 000920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
    2020-06-11 12:58 - 2020-06-11 12:58 - 000747832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
    2020-06-11 12:58 - 2020-06-11 12:58 - 000723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
    2020-06-11 12:58 - 2020-06-11 12:58 - 000688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
    2020-06-11 12:58 - 2020-06-11 12:58 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
    2020-06-11 12:58 - 2020-06-11 12:58 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
    2020-06-11 12:58 - 2020-06-11 12:58 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
    2020-06-11 12:58 - 2020-06-11 12:58 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
    2020-06-11 12:58 - 2020-06-11 12:58 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
    2020-06-11 12:58 - 2020-06-11 12:58 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
    2020-06-11 12:58 - 2020-06-11 12:58 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
    2020-06-11 12:58 - 2020-06-11 12:58 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
    2020-06-11 12:58 - 2020-06-11 12:58 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
    2020-06-11 12:58 - 2020-06-11 12:58 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswmdm.dll
    2020-06-11 12:58 - 2020-06-11 12:58 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswmdm.dll
    2020-06-11 12:58 - 2020-06-11 12:58 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
    2020-06-11 12:58 - 2020-06-11 12:58 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
    2020-06-11 12:58 - 2020-06-11 12:58 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
    2020-06-11 12:58 - 2020-06-11 12:58 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmidx.dll
    2020-06-11 12:58 - 2020-06-11 12:58 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
    2020-06-11 12:58 - 2020-06-11 12:58 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmidx.dll
    2020-06-11 12:58 - 2020-06-11 12:58 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
    2020-06-11 12:58 - 2020-06-11 12:58 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
    2020-06-11 12:58 - 2020-06-11 12:58 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
    2020-06-11 12:57 - 2020-06-11 12:57 - 025902080 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 019851776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 018029056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 008015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 007760384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 007268864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 007012864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 006292480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 005909504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 005765144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 004858880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 004610560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 003515392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 003398656 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
    2020-06-11 12:57 - 2020-06-11 12:57 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
    2020-06-11 12:57 - 2020-06-11 12:57 - 002281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 002204160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 002184504 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 001803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
    2020-06-11 12:57 - 2020-06-11 12:57 - 001704448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 001467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 001410048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
    2020-06-11 12:57 - 2020-06-11 12:57 - 001397560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
    2020-06-11 12:57 - 2020-06-11 12:57 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 001314304 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagperf.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 001284608 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
    2020-06-11 12:57 - 2020-06-11 12:57 - 001193984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 001138688 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
    2020-06-11 12:57 - 2020-06-11 12:57 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdosys.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000994304 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000992256 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi3.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
    2020-06-11 12:57 - 2020-06-11 12:57 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi3.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdosys.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000783496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
    2020-06-11 12:57 - 2020-06-11 12:57 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000619008 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroles.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\psisdecd.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000575488 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\system32\wvc.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000571904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
    2020-06-11 12:57 - 2020-06-11 12:57 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroles.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000484864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psisdecd.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000478208 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\SysWOW64\wvc.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassdo.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\termmgr.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000423424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000407864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwizeng.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000384512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\termmgr.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassdo.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpviewerax.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wavemsp.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
    2020-06-11 12:57 - 2020-06-11 12:57 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\FileHistory.exe
    2020-06-11 12:57 - 2020-06-11 12:57 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wavemsp.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\cic.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
    2020-06-11 12:57 - 2020-06-11 12:57 - 000204008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBroker.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasrecst.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cic.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasrecst.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkspbrokerAx.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaatext.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
    2020-06-11 12:57 - 2020-06-11 12:57 - 000099712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
    2020-06-11 12:57 - 2020-06-11 12:57 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkspbrokerAx.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000093448 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwanRadioManager.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
    2020-06-11 12:57 - 2020-06-11 12:57 - 000083600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasads.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
    2020-06-11 12:57 - 2020-06-11 12:57 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasads.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000041864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBrokerPS.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000028368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SecurityCenterBrokerPS.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
    2020-06-11 12:57 - 2020-06-11 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
    2020-06-11 12:57 - 2020-06-11 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
    2020-06-11 12:57 - 2020-06-11 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
    2020-06-11 12:57 - 2020-06-11 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
    2020-06-11 12:57 - 2020-06-11 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
    2020-06-11 12:57 - 2020-06-11 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
    2020-06-11 12:57 - 2020-06-11 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
    2020-06-11 12:57 - 2020-06-11 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
    2020-06-11 12:57 - 2020-06-11 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
    2020-06-11 12:57 - 2020-06-11 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
    2020-06-11 12:57 - 2020-06-11 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
    2020-06-11 12:57 - 2020-06-11 12:57 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
    2020-06-11 12:56 - 2020-06-11 12:56 - 009931576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2020-06-11 12:56 - 2020-06-11 12:56 - 007604592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 006435840 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 006091048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 005195432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 005111808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 005004344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 003368104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 002831872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 002798592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
    2020-06-11 12:56 - 2020-06-11 12:56 - 002583496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 001654960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 001649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 001416224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 001393952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 001261568 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 001250816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 001100288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 001055184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 001003832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000932256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
    2020-06-11 12:56 - 2020-06-11 12:56 - 000929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000894024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000892048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000797464 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkObjCore.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000684856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000651776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000628408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000614400 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000593424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000564496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
    2020-06-11 12:56 - 2020-06-11 12:56 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
    2020-06-11 12:56 - 2020-06-11 12:56 - 000508720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000508216 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
    2020-06-11 12:56 - 2020-06-11 12:56 - 000451864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
    2020-06-11 12:56 - 2020-06-11 12:56 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000405936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000357176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
    2020-06-11 12:56 - 2020-06-11 12:56 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpviewerax.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
    2020-06-11 12:56 - 2020-06-11 12:56 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
    2020-06-11 12:56 - 2020-06-11 12:56 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Preview.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000280376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
    2020-06-11 12:56 - 2020-06-11 12:56 - 000259776 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000223544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
    2020-06-11 12:56 - 2020-06-11 12:56 - 000221496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
    2020-06-11 12:56 - 2020-06-11 12:56 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
    2020-06-11 12:56 - 2020-06-11 12:56 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psr.exe
    2020-06-11 12:56 - 2020-06-11 12:56 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
    2020-06-11 12:56 - 2020-06-11 12:56 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaatext.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
    2020-06-11 12:56 - 2020-06-11 12:56 - 000165296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000165192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000150328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
    2020-06-11 12:56 - 2020-06-11 12:56 - 000132424 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000129600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000090952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcEpMap.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
    2020-06-11 12:56 - 2020-06-11 12:56 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
    2020-06-11 12:56 - 2020-06-11 12:56 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
    2020-06-11 12:56 - 2020-06-11 12:56 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
    2020-06-11 12:56 - 2020-06-11 12:56 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
    2020-06-11 12:56 - 2020-06-11 12:56 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 007911176 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 007266080 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 006066808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 005283264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
    2020-06-11 12:55 - 2020-06-11 12:55 - 004012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 003726848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2020-06-11 12:55 - 2020-06-11 12:55 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2020-06-11 12:55 - 2020-06-11 12:55 - 003187200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2020-06-11 12:55 - 2020-06-11 12:55 - 002656256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 002289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 002235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 001919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 001683968 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 001583104 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 001486336 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
    2020-06-11 12:55 - 2020-06-11 12:55 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 001447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
    2020-06-11 12:55 - 2020-06-11 12:55 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 001260744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 001158144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 001155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
    2020-06-11 12:55 - 2020-06-11 12:55 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 001007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000931840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkObjCore.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
    2020-06-11 12:55 - 2020-06-11 12:55 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
    2020-06-11 12:55 - 2020-06-11 12:55 - 000760296 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000716320 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
    2020-06-11 12:55 - 2020-06-11 12:55 - 000548984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000531768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
    2020-06-11 12:55 - 2020-06-11 12:55 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
    2020-06-11 12:55 - 2020-06-11 12:55 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000425056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\psr.exe
    2020-06-11 12:55 - 2020-06-11 12:55 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpdMtp.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpdMtpUS.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
    2020-06-11 12:55 - 2020-06-11 12:55 - 000128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
    2020-06-11 12:55 - 2020-06-11 12:55 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\atl.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanRadioManager.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxGipRadioManager.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
    2020-06-11 12:55 - 2020-06-11 12:55 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnosticsTool.exe
    2020-06-11 12:55 - 2020-06-11 12:55 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
    2020-06-11 12:55 - 2020-06-11 12:55 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
    2020-06-11 12:18 - 2020-05-15 05:29 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
    2020-06-11 12:18 - 2020-05-15 05:10 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
    2020-06-10 10:28 - 2020-06-10 10:28 - 000095569 _____ C:\Users\linda\Downloads\COVID-19-daily-announced-deaths-9-June-2020.xlsx
    2020-06-10 10:27 - 2020-06-10 10:27 - 000214454 _____ C:\Users\linda\Downloads\COVID-19-total-announced-deaths-9-June-2020.xlsx
    2020-06-10 08:51 - 2020-06-10 08:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
    2020-06-09 19:58 - 2020-06-09 19:58 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
    2020-06-09 19:58 - 2020-06-09 19:58 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
    2020-06-09 19:58 - 2020-06-09 19:58 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
    2020-06-09 19:58 - 2020-06-09 19:58 - 000044552 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
    2020-06-08 09:52 - 2019-10-06 23:39 - 000454872 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20200608-095224.backup
    2020-06-08 09:47 - 2019-10-06 23:39 - 000454872 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20200608-094723.backup
    2020-06-08 09:41 - 2020-06-08 09:41 - 000014324 _____ C:\Users\linda\Documents\cc_20200608_094108.reg
    2020-06-08 09:34 - 2020-06-08 09:34 - 025859024 _____ (Piriform Software Ltd) C:\Users\linda\Downloads\ccsetup567.exe
    2020-06-07 09:29 - 2020-06-07 09:29 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
    2020-06-04 13:14 - 2020-06-09 10:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2020-05-25 10:41 - 2020-05-29 18:48 - 000000000 ____D C:\Users\linda\Documents\Bills
    2020-05-23 19:19 - 2020-05-23 19:19 - 001798440 _____ C:\Users\linda\Desktop\bookmarks 22.5.20.20.html
    2020-05-23 12:02 - 2020-05-23 12:02 - 001295576 _____ (Google LLC) C:\Users\linda\Downloads\ChromeSetup.exe
    2020-05-22 18:35 - 2020-05-22 18:35 - 000000773 _____ C:\Users\Public\Desktop\Hallmark Card Studio.lnk
    2020-05-22 18:35 - 2020-05-22 18:35 - 000000773 _____ C:\ProgramData\Desktop\Hallmark Card Studio.lnk
    2020-05-22 18:34 - 2020-05-22 18:34 - 000000000 ____D C:\SIERRA
    2020-05-22 18:28 - 2020-05-22 18:28 - 000460419 _____ C:\Users\linda\Documents\auntie dot.ccf
    2020-05-21 19:00 - 2020-05-18 18:58 - 000338104 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
    2020-05-21 15:35 - 2020-05-21 15:35 - 000000000 ____D C:\Users\linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom

    ==================== One month (modified) ==================

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2020-06-18 15:21 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2020-06-18 14:59 - 2020-04-07 18:42 - 000000000 ____D C:\Users\linda\Desktop\OpenOffice 4.1.7 (fr) Installation Files
    2020-06-18 14:46 - 2016-11-23 16:52 - 000000000 ____D C:\Users\linda\AppData\LocalLow\Mozilla
    2020-06-18 14:43 - 2019-08-14 21:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
    2020-06-18 14:02 - 2017-09-23 11:49 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
    2020-06-18 14:02 - 2015-10-09 13:52 - 000000000 __SHD C:\Users\linda\IntelGraphicsProfiles
    2020-06-18 13:59 - 2019-08-14 21:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2020-06-18 13:59 - 2019-03-19 05:37 - 001310720 _____ C:\WINDOWS\system32\config\BBI
    2020-06-18 11:57 - 2019-06-16 12:27 - 000000000 ____D C:\Users\linda\Documents\receipts statements etc
    2020-06-18 11:41 - 2019-10-03 12:54 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
    2020-06-18 11:41 - 2019-10-03 12:54 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
    2020-06-18 01:54 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
    2020-06-18 01:54 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
    2020-06-18 01:28 - 2019-08-14 21:56 - 000004278 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
    2020-06-18 01:25 - 2020-04-19 15:49 - 000000352 _____ C:\WINDOWS\Tasks\HPCeeScheduleForlinda.job
    2020-06-18 01:25 - 2015-10-09 11:27 - 000000396 _____ C:\WINDOWS\Tasks\WpsUpdateTask_avatek.job
    2020-06-18 01:23 - 2017-09-02 23:26 - 000000000 ____D C:\ProgramData\Avg
    2020-06-17 23:11 - 2019-01-01 19:29 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2020-06-17 23:11 - 2019-01-01 19:29 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
    2020-06-17 23:11 - 2017-10-07 19:07 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2020-06-17 20:49 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
    2020-06-17 20:05 - 2019-08-14 21:56 - 000004578 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
    2020-06-17 20:05 - 2019-08-14 21:56 - 000004388 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
    2020-06-17 20:05 - 2015-10-09 13:56 - 000000000 ____D C:\Users\linda\AppData\Local\Adobe
    2020-06-17 20:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
    2020-06-17 20:04 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
    2020-06-17 19:39 - 2019-09-15 12:57 - 000000000 ___RD C:\Users\linda\Documents\Aaprivate
    2020-06-17 08:59 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
    2020-06-16 14:21 - 2020-04-19 15:49 - 000002790 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForlinda
    2020-06-16 14:21 - 2020-04-07 18:52 - 000002626 _____ C:\WINDOWS\system32\Tasks\WpsUpdateTask_linda
    2020-06-16 14:21 - 2019-10-03 12:54 - 000002612 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
    2020-06-16 14:21 - 2019-08-14 21:56 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
    2020-06-16 14:21 - 2019-08-14 21:56 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
    2020-06-16 14:21 - 2019-08-14 21:56 - 000003300 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{A35F9575-5328-43CB-9850-7A656A3FA6D0}
    2020-06-16 14:21 - 2019-08-14 21:56 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
    2020-06-16 14:21 - 2019-08-14 21:56 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
    2020-06-16 14:21 - 2019-08-14 21:56 - 000002966 _____ C:\WINDOWS\system32\Tasks\WpsUpdateTask_avatek
    2020-06-16 14:21 - 2019-08-14 21:56 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2100492843-3013311965-3169298572-1003
    2020-06-16 14:21 - 2019-08-14 21:56 - 000002860 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2100492843-3013311965-3169298572-1010
    2020-06-16 14:21 - 2019-08-14 21:56 - 000002534 _____ C:\WINDOWS\system32\Tasks\CLVDLauncher
    2020-06-16 14:21 - 2019-08-14 21:56 - 000002254 _____ C:\WINDOWS\system32\Tasks\Synaptics TouchPad Enhancements
    2020-06-16 14:21 - 2019-08-14 21:56 - 000002220 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
    2020-06-16 14:21 - 2019-08-14 21:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
    2020-06-13 12:56 - 2019-08-14 21:06 - 003701272 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2020-06-11 23:49 - 2017-11-22 17:04 - 000188205 _____ C:\WINDOWS\hpoins28.dat
    2020-06-11 23:42 - 2013-08-22 14:25 - 000000184 _____ C:\WINDOWS\win.ini
    2020-06-11 23:39 - 2017-11-22 17:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
    2020-06-11 23:39 - 2017-11-22 17:05 - 000000000 ____D C:\Program Files (x86)\HP
    2020-06-11 23:38 - 2017-11-22 16:58 - 000000000 ____D C:\ProgramData\HP
    2020-06-11 23:11 - 2018-08-18 18:21 - 000000000 ____D C:\Users\linda\AppData\Local\CrashDumps
    2020-06-11 22:51 - 2017-11-17 22:30 - 000000000 ___RD C:\Users\linda\3D Objects
    2020-06-11 22:51 - 2015-09-10 06:42 - 000000000 __RHD C:\Users\Public\AccountPictures
    2020-06-11 22:50 - 2019-08-14 21:30 - 001773366 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2020-06-11 22:50 - 2019-08-14 21:07 - 000792116 _____ C:\WINDOWS\system32\perfh00A.dat
    2020-06-11 22:50 - 2019-08-14 21:07 - 000159770 _____ C:\WINDOWS\system32\perfc00A.dat
    2020-06-11 22:38 - 2019-03-19 12:37 - 000000000 ____D C:\Program Files\Windows Photo Viewer
    2020-06-11 22:38 - 2019-03-19 12:37 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
    2020-06-11 22:38 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
    2020-06-11 22:38 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\F12
    2020-06-11 22:38 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
    2020-06-11 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
    2020-06-11 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
    2020-06-11 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
    2020-06-11 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
    2020-06-11 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
    2020-06-11 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
    2020-06-11 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Com
    2020-06-11 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
    2020-06-11 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
    2020-06-11 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
    2020-06-11 22:10 - 2015-12-30 15:27 - 000000000 ____D C:\Users\linda\AppData\Local\ElevatedDiagnostics
    2020-06-11 18:57 - 2017-08-19 10:54 - 000000000 ____D C:\Users\linda\AppData\Roaming\WhatsApp
    2020-06-11 12:55 - 2019-08-14 21:11 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
    2020-06-10 08:53 - 2017-04-03 09:59 - 000000000 ____D C:\Program Files (x86)\Dropbox
    2020-06-09 10:19 - 2015-10-10 08:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
    2020-06-09 10:10 - 2019-08-14 21:18 - 000000000 ____D C:\Users\linda
    2020-06-09 10:08 - 2015-10-09 11:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2020-06-08 11:50 - 2017-12-01 08:51 - 000000000 ____D C:\Users\linda\AppData\Local\PlaceholderTileLogoFolder
    2020-06-08 11:50 - 2017-11-17 21:24 - 000000000 ____D C:\Users\linda\AppData\Local\Packages
    2020-06-08 11:50 - 2015-10-09 13:55 - 000000000 ____D C:\Users\linda\AppData\Local\Publishers
    2020-06-08 09:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
    2020-06-08 09:35 - 2019-08-14 21:18 - 000000000 ____D C:\Users\eliza
    2020-06-08 09:35 - 2019-08-14 21:18 - 000000000 ____D C:\Users\avatek.user-VAIO
    2020-06-08 09:35 - 2017-11-22 08:15 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
    2020-06-08 09:35 - 2017-11-22 08:15 - 000000863 _____ C:\ProgramData\Desktop\CCleaner.lnk
    2020-06-07 09:29 - 2015-10-09 11:10 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
    2020-06-05 14:52 - 2020-04-07 10:12 - 000000000 ____D C:\Users\linda\Documents\acorona
    2020-06-05 14:50 - 2019-01-01 21:22 - 000000000 ____D C:\Users\linda\Documents\ancestry
    2020-06-05 14:49 - 2019-10-25 15:14 - 000000000 ___RD C:\Users\linda\Documents\AA My health
    2020-06-05 14:45 - 2017-09-09 10:24 - 000000000 ____D C:\Users\linda\Documents\books manuals
    2020-06-05 14:44 - 2020-02-09 11:42 - 000000000 ____D C:\Users\linda\Documents\receipts
    2020-06-04 19:31 - 2019-08-14 21:18 - 000002406 _____ C:\Users\linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2020-06-04 19:31 - 2015-10-09 14:01 - 000000000 ___RD C:\Users\linda\OneDrive
    2020-06-04 15:46 - 2015-10-09 11:23 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2020-05-29 12:20 - 2017-07-07 09:04 - 000000000 ____D C:\Program Files\UNP
    2020-05-28 19:01 - 2017-09-02 23:32 - 000319200 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
    2020-05-28 17:16 - 2020-03-21 12:22 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
    2020-05-28 12:15 - 2020-02-27 12:38 - 004130160 ____R C:\Users\linda\Documents\My Money2 Backup.mbf
    2020-05-28 12:15 - 2020-02-27 10:50 - 003137536 _____ C:\Users\linda\Desktop\january 2020.mny
    2020-05-25 10:36 - 2015-10-09 20:47 - 000000000 ____D C:\Users\linda\AppData\Roaming\Kingsoft
    2020-05-22 18:54 - 2017-11-15 09:47 - 000002053 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk
    2020-05-22 18:54 - 2017-11-15 09:47 - 000002041 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
    2020-05-22 18:54 - 2017-11-15 09:47 - 000002041 _____ C:\ProgramData\Desktop\AVG AntiVirus FREE.lnk
    2020-05-22 18:35 - 2018-02-26 13:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
    2020-05-22 18:35 - 2016-06-24 11:18 - 000000564 _____ C:\WINDOWS\SIERRA.INI
    2020-05-21 19:00 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
    2020-05-21 15:35 - 2020-04-07 20:40 - 000000000 ____D C:\Users\linda\AppData\Roaming\Zoom

    ==================== Files in the root of some directories ========

    2015-12-09 14:01 - 2015-12-09 14:02 - 000000132 _____ () C:\Users\linda\AppData\Roaming\Adobe PNG Format CS5 Prefs
    2018-09-30 09:21 - 2018-09-30 09:21 - 000000000 _____ () C:\Users\linda\AppData\Local\oobelibMkey.log
    2020-04-30 08:55 - 2020-04-30 08:55 - 000004412 _____ () C:\Users\linda\AppData\Local\recently-used.xbel
    2015-10-09 21:08 - 2015-10-09 21:08 - 000000017 _____ () C:\Users\linda\AppData\Local\resmon.resmoncfg

    ==================== SigCheck ============================

    (There is no automatic fix for files that do not pass verification.)

    ==================== End of FRST.txt ========================


    Additions

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2020
    Ran by linda (18-06-2020 15:23:10)
    Running from C:\Users\linda\Desktop
    Windows 10 Home Version 1909 18363.900 (X64) (2019-08-14 20:58:18)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-2100492843-3013311965-3169298572-500 - Administrator - Disabled)
    avatek (S-1-5-21-2100492843-3013311965-3169298572-1002 - Administrator - Enabled) => C:\Users\avatek.user-VAIO
    DefaultAccount (S-1-5-21-2100492843-3013311965-3169298572-503 - Limited - Disabled)
    eliza (S-1-5-21-2100492843-3013311965-3169298572-1010 - Limited - Enabled) => C:\Users\eliza
    Guest (S-1-5-21-2100492843-3013311965-3169298572-501 - Limited - Enabled)
    HomeGroupUser$ (S-1-5-21-2100492843-3013311965-3169298572-1009 - Limited - Enabled)
    linda (S-1-5-21-2100492843-3013311965-3169298572-1003 - Administrator - Enabled) => C:\Users\linda
    WDAGUtilityAccount (S-1-5-21-2100492843-3013311965-3169298572-504 - Limited - Disabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
    AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
    AS: Spybot - Search and Destroy (Disabled - Out of date) {A16C3F68-9280-E053-1818-342707FECF4D}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: AVG Antivirus (Enabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}
    FW: ZoneAlarm Free Firewall Firewall (Enabled) {8D637332-9C08-995E-98D7-8237936B0E9F}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
    Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.10 - Adobe Systems Incorporated)
    Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.387 - Adobe)
    Adobe Photoshop Elements 12 (HKLM-x32\...\Adobe Photoshop Elements 12) (Version: 12.1.0.0 - Adobe Systems Incorporated)
    Amazon Kindle (HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\Amazon Kindle) (Version: 1.26.0.55076 - Amazon)
    Amazon Music (HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\Amazon Amazon Music) (Version: 4.3.2.1367 - Amazon Services LLC)
    ANT Drivers Installer x64 (HKLM\...\{D559687A-60C5-4786-9429-C21EC195789D}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
    AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 20.3.3120 - AVG Technologies)
    Backup and Sync from Google (HKLM\...\{FE296942-D2D3-4149-8895-60655FE4CFDE}) (Version: 3.49.9800.0000 - Google, Inc.)
    Bonjour (HKLM\...\{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}) (Version: 2.0.4.0 - Apple Inc.)
    Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.181 - Broadcom Corporation)
    BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
    CCleaner (HKLM\...\CCleaner) (Version: 5.67 - Piriform)
    Check Point SBA (HKLM\...\{C8325D51-E514-475B-AFF2-550C3527E563}) (Version: 86.5.9511 - Check Point Software Technologies Ltd.) Hidden
    Copy (HKLM-x32\...\{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
    CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.3202 - CyberLink Corp.)
    CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5804.52 - CyberLink Corp.)
    Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
    DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
    DJ_AIO_03_F4200_Software_Min (HKLM-x32\...\{CFA33E6D-2D7D-4785-8025-974398E940D1}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
    DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 140.0.185.000 - Hewlett-Packard) Hidden
    Dropbox (HKLM-x32\...\Dropbox) (Version: 99.4.501 - Dropbox, Inc.)
    Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.295.1 - Dropbox, Inc.) Hidden
    Elements 12 Organizer (HKLM-x32\...\{9D80A7B7-DC01-485D-AE93-710D559B5C56}) (Version: 12.0 - Adobe Systems Incorporated) Hidden
    Elevated Installer (HKLM-x32\...\{0BF90608-2F95-4C7C-9A85-E90E0CAF4FE9}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
    ESDL (HKLM-x32\...\{9A2CA016-1C4C-4D44-BF70-C2C8639C34A4}) (Version: 1.0.0 - Sony Corporation) Hidden
    Express Burn Disc Burning Software (HKLM-x32\...\ExpressBurn) (Version: 5.06 - NCH Software)
    F4200 (HKLM-x32\...\{C86E1E36-6D30-4834-9C85-5501F31F7BB4}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
    Family Tree Maker 2006 (HKLM-x32\...\{F2F4C144-7D1A-47C4-9D53-395A57B0CD64}) (Version: - )
    FDUx86 (HKLM-x32\...\{3490653F-2789-46A1-B1BF-6BD4CF4131AB}) (Version: 1.0.0 - Sony Corporation) Hidden
    Find Junk Files (HKLM-x32\...\{F5ED1A78-A95D-4D98-BB38-E544EBFC2748}) (Version: 4.00.0000 - Find Junk Files)
    Garmin BaseCamp (HKLM-x32\...\{23A4DBD1-D847-4957-995D-8B1CC527E2E2}) (Version: 4.6.2.0 - Garmin Ltd or its subsidiaries)
    Garmin Express (HKLM-x32\...\{95D0EADA-5123-41C0-931A-F37946BC0E8E}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
    Garmin Express (HKLM-x32\...\{eab4691c-4022-41cd-8d39-c3097ba62d4b}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries)
    Garmin POI Loader (HKLM-x32\...\{3213ED5E-7BBE-4613-BE69-8B1E4FE520DD}) (Version: 2.7.3 - Garmin Ltd or its subsidiaries)
    Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
    GIMP 2.10.18 (HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\GIMP-2_is1) (Version: 2.10.18 - The GIMP Team)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.106 - Google LLC)
    Google Earth Pro (HKLM\...\{B6EAFE41-5723-40EB-869B-4AF44CA17B35}) (Version: 7.3.3.7699 - Google)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
    GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
    Hallmark Card Studio (HKLM-x32\...\Hallmark Card Studio) (Version: - )
    HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
    HP Deskjet F4200 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{8C925017-72A8-4C4A-AF21-84901E26638F}) (Version: 14.0 - HP)
    HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
    HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
    HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
    HP Support Assistant (HKLM-x32\...\{33A0B67A-CF04-4F31-B3D0-EEEEDEF7078E}) (Version: 8.8.26.13 - HP Inc.)
    HP Support Solutions Framework (HKLM-x32\...\{ED0D1C52-9ED3-49F5-955C-6E9EAB0BD46E}) (Version: 12.16.22.11 - HP Inc.)
    HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
    HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
    HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
    HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
    Java 8 Update 241 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
    Kodi (HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\Kodi) (Version: - XBMC Foundation)
    MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
    Media Go (HKLM-x32\...\{1CBCA994-0290-49AD-98D3-9013A0F102E6}) (Version: 2.9.406 - Sony)
    Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
    Media Go Video Playback Engine 2.16.108.12020 (HKLM-x32\...\{D4E76014-8D95-87D9-991F-287823C60736}) (Version: 2.16.108.12020 - Sony)
    MergeModule_x64 (HKLM\...\{20E0665F-E4EE-4E2A-8E86-EFC65129FE41}) (Version: 8.0.00 - Sony Corporation) Hidden
    Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.50 - Microsoft Corporation)
    Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.31 - )
    Microsoft Money (HKLM-x32\...\{E7298FD5-1386-11D5-8D6C-0050DAD32D95}) (Version: 10.0.50 - Microsoft)
    Microsoft Money System Pack (HKLM-x32\...\{CF5193F7-6B37-11D5-B7D2-00AA00A204F1}) (Version: 10.0.80 - Microsoft)
    Microsoft Office SharePoint Designer 2007 (HKLM-x32\...\SharePointDesigner) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{4B4DF6E2-5E40-422B-82DD-205FD7E79226}) (Version: - Microsoft)
    Microsoft OneDrive (HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\OneDriveSetup.exe) (Version: 20.064.0329.0008 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
    Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
    Microsoft Word 2002 (HKLM-x32\...\{911B0409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.01 - Microsoft Corporation)
    Microsoft Works 2000 (HKLM-x32\...\{C5A2C7E2-71C9-11D3-AF54-00C04F443448}) (Version: 1.0.0.0000 - Microsoft Corporation)
    Microsoft Works 2002 Setup Launcher (HKLM-x32\...\Works2002Setup) (Version: - )
    Microsoft Works 6.0 (HKLM-x32\...\{A1B7B9B3-E1D2-41CA-9B4A-F18DC2710704}) (Version: 06.00.0000 - Microsoft Corporation)
    Microsoft Works Suite Add-in for Microsoft Word (HKLM-x32\...\{C3A439E4-7303-491F-A678-CEA36A87D517}) (Version: 2.0.0.0000 - Microsoft Corporation)
    Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
    Mozilla Firefox 77.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 77.0.1 (x64 en-US)) (Version: 77.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 77.0.1.7458 - Mozilla)
    NXPProximityInstaller (HKLM-x32\...\NXPProximityInstaller) (Version: 6.5.5.0 - NXP Semiconductors)
    OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
    PlayMemories Home (HKLM-x32\...\{5FC13A4C-BC27-4414-A2E4-9E2277AA88AE}) (Version: 8.0.02.10010 - Sony Corporation)
    PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.16.2.15545 - Sony Computer Entertainment Inc.)
    Prism Video File Converter (HKLM-x32\...\Prism) (Version: 3.04 - NCH Software)
    PSE12 STI Installer (HKLM-x32\...\{11F9A376-342F-4297-82DA-1F6EA8ED4B6B}) (Version: 12.0 - Adobe Systems Incorporated) Hidden
    Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1955.62 - Trusteer) Hidden
    Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21239 - Realtek Semiconductor Corp.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7054 - Realtek Semiconductor Corp.)
    Restore (HKLM-x32\...\{ECCEB4D0-7080-4F8A-B498-E40A32A4FBED}) (Version: 1.0.0 - Sony Corporation) Hidden
    Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
    Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
    Sky Go 1.5.17.0 (HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\com.bskyb.skygoplayer_is1) (Version: 1.5.17.0 - Sky)
    SOHLib for PlayMemories Home (HKLM\...\{DE8DF526-74E8-4ED3-880B-B6049D2E00AC}) (Version: 1.0.0.09130 - Sony Corporation) Hidden
    SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
    Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.5.43 - Safer-Networking Ltd.)
    SSLx64 (HKLM\...\{312395BC-7CC2-434C-A660-30250276A926}) (Version: 1.0.0 - Sony Corporation ) Hidden
    SSLx86 (HKLM-x32\...\{63C43435-F428-42BA-8E7B-5848749D9262}) (Version: 1.0.0 - Sony Corporation ) Hidden
    Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.15.2 - Synaptics Incorporated)
    Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
    TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
    Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1955.62 - Trusteer)
    Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 3.5.3 - Tweaking.com)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0017-0000-0000-0000000FF1CE}_SharePointDesigner_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
    VAIO BIOS Data Transfer Utility (HKLM-x32\...\{5D772F4A-53DE-4E1F-83F5-B08DFF106C60}) (Version: 1.1.0.09260 - Sony Corporation) Hidden
    VAIO Care (HKLM\...\{39338EBE-2686-46AE-ABF4-2C582FE6AA50}) (Version: 8.4.7.12066 - Sony Corporation)
    VAIO Care Hardware Diagnostics Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.11.0.09260 - Sony Corporation)
    VAIO Care Recovery (HKLM\...\{31A52292-831E-45E0-8333-7D35BCD130B8}) (Version: 1.0.3.09050 - Sony Corporation)
    VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.4.0.10210 - Sony Corporation)
    VAIO CPU Fan Diagnostic (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.2.0.03050 - Sony Corporation)
    VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.12.0.07300 - Sony Corporation)
    VAIO Easy Connect (HKLM-x32\...\{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 8.4.4.07220 - Sony Corporation) Hidden
    VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.5.0.09250 - Sony Corporation)
    VAIO Gesture Control (HKLM-x32\...\{C301232A-53A2-4844-A5B0-13181B54D770}) (Version: 2.5.0.09250 - Sony Corporation) Hidden
    VAIO Image Optimizer (HKLM-x32\...\{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.3.00.10220 - Sony Corporation) Hidden
    VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.3.00.10220 - Sony Corporation)
    VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.2.0.10110 - Sony Corporation)
    VAIO Movie Creator (HKLM-x32\...\{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.3.00.10240 - Sony Corporation) Hidden
    VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.3.00.10240 - Sony Corporation)
    VAIO Sample Music (HKLM-x32\...\{E54A5A2B-E06C-41A6-A0DE-04C5AA4B415C}) (Version: 1.0.1.10240 - Sony Corporation)
    VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.4.1.09270 - Sony Corporation)
    VCCMMX64 (HKLM\...\{606DF716-F28D-4449-B0B1-3AB6081F51AF}) (Version: 1.0.0 - Sony Corporation) Hidden
    VCCMMX86 (HKLM-x32\...\{BC3FFCF0-3DB7-47D2-BF15-1979AB59D12B}) (Version: 1.0.0 - Sony Corporation) Hidden
    VCCx64 (HKLM\...\{AB447E3B-7A95-4CA6-8ECD-B25C96314B67}) (Version: 1.0.0 - Sony Corporation) Hidden
    VCCx86 (HKLM-x32\...\{B31938C7-7E97-49EE-8F88-951E156268A3}) (Version: 1.0.0 - Sony Corporation) Hidden
    VHD (HKLM-x32\...\{9D8112DB-3490-4BF1-AAFA-1D224FFB5D3C}) (Version: 1.0.0 - Sony Corporation) Hidden
    VoipConnect (HKLM-x32\...\VoipConnect_is1) (Version: 4.14 build 770 - Finarea S.A. Switzerland)
    VPMx64 (HKLM\...\{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}) (Version: 1.0.0 - Sony Corporation ) Hidden
    VSSTx86 (HKLM-x32\...\{B24BB74E-8359-43AA-985A-8E80C9219C70}) (Version: 1.0.0 - Sony Corporation) Hidden
    VUx64 (HKLM\...\{A0A2BE14-D3FF-41C8-9545-4B130E3FE9A4}) (Version: 1.2.0 - Sony Corporation) Hidden
    VUx86 (HKLM-x32\...\{D04F1D22-4A47-42C6-A2B9-094A7B844D9B}) (Version: 1.2.0 - Sony Corporation) Hidden
    VWSTx86 (HKLM-x32\...\{B8991D99-88FD-41F2-8C32-DB70278D5C30}) (Version: 1.0.0 - Sony Corporation) Hidden
    WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
    WhatsApp (HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\WhatsApp) (Version: 2.2017.6 - WhatsApp)
    WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.8030 - Broadcom Corporation)
    WinDirStat 1.1.2 (HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\WinDirStat) (Version: - )
    Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
    Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
    Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
    Works Suite OS Pack (HKLM-x32\...\{DC19E750-988B-4005-A355-85EF66055EFE}) (Version: 1.0.0.0000 - Microsoft Corporation) Hidden
    Works Synchronization (HKLM-x32\...\{BD3DCAB0-3FE5-44FB-90DA-EFB0A2CD1387}) (Version: 1.0.0.0000 - Your Company Name) Hidden
    WPS Office (11.2.0.9431) (HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\Kingsoft Office) (Version: 11.2.0.9431 - Kingsoft Corp.)
    ZoneAlarm Anti-Ransomware (HKLM-x32\...\{0B8C3231-9818-4CB9-8213-4AB839836791}) (Version: 1.002.1006 - Check Point Software) Hidden
    ZoneAlarm Firewall (HKLM-x32\...\{18FE6943-D33D-42F5-99D5-0ED22F633E32}) (Version: 15.6.121.18102 - Check Point Software Technologies Ltd.) Hidden
    ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 15.6.121.18102 - Check Point)
    ZoneAlarm Security (HKLM-x32\...\{881E7A8C-9C4B-4D14-B390-EAFBA278CF45}) (Version: 15.6.121.18102 - Check Point Software Technologies Ltd.) Hidden
    Zoom (HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.)

    Packages:
    =========
    - Games App - -> C:\Program Files\WindowsApps\WildTangentGames.-GamesApp-_1.0.3.28_x86__qt5r5pa5dyg8m [2017-04-29] (WildTangent Games)
    Album by Sony -> C:\Program Files\WindowsApps\BD9B8345.AlbumbySony_2.2.2.8170_x86__05bme2bjq6sag [2015-10-09] (ms-resource:SZ_DeveloperName)
    Bubble Birds for VAIO -> C:\Program Files\WindowsApps\XIMADINC.BubbleBirdsforVAIO_1.2.0.31_x64__np8fj6akx2czy [2015-10-09] (XIMAD INC)
    Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1790.3.0_x86__kgqvnymyfvs32 [2020-06-18] (king.com)
    Demand 5 -> C:\Program Files\WindowsApps\Channel5.Demand5_1.3.16078.0_x64__715msrf0vzb96 [2016-09-17] (CHANNEL 5 BROADCASTING LIMITED)
    eBay -> C:\Program Files\WindowsApps\eBayInc.eBay_1.6.0.34_neutral__1618n3s9xq8tw [2015-10-09] (eBay, Inc)
    Heart FM Radio App -> C:\Program Files\WindowsApps\GlobalRadio.HeartFMRadioApp_1.1.0.0_neutral__74929bdwdxqkg [2015-10-10] (Global Radio)
    IBM Trusteer Rapport -> C:\Program Files\WindowsApps\IBMTrusteer.IBMTrusteerRapport_1.1.34.0_x64__756wk15nt3n8e [2019-01-01] (IBM Trusteer)
    McAfee® Central for Sony -> C:\Program Files\WindowsApps\McAfeeInc.03.McAfeeSecurityAdvisorforSony_5.0.186.1_x64__zzbg6bv35ndpr [2018-06-09] (McAfee - Incorporated)
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2019-08-14] (Microsoft Corporation) [MS Ad]
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
    Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_3.11.6020.0_x64__8wekyb3d8bbwe [2020-06-09] (Microsoft Studios) [MS Ad]
    Microsoft Midi gm.dls -> C:\Program Files\WindowsApps\Microsoft.Midi.GmDls_1.0.1.0_neutral__8wekyb3d8bbwe [2020-04-07] (Microsoft Platform Extensions)
    Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.41.21603.0_x64__8wekyb3d8bbwe [2020-06-13] (Microsoft Corporation)
    Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-03] (Microsoft Studios) [MS Ad]
    Microsoft Sudoku -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSudoku_1.7.10190.0_x86__8wekyb3d8bbwe [2018-12-04] (Microsoft Studios) [MS Ad]
    Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.19.31501.0_x64__8wekyb3d8bbwe [2020-06-11] (Microsoft Corporation)
    Microsoft Ultimate Word Games -> C:\Program Files\WindowsApps\Microsoft.Studios.Wordament_3.6.10070.0_x64__8wekyb3d8bbwe [2019-10-16] (Microsoft Studios) [MS Ad]
    MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-10-17] (Microsoft Corporation) [MS Ad]
    MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
    MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
    MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-10-17] (Microsoft Corporation) [MS Ad]
    MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
    Music by Sony -> C:\Program Files\WindowsApps\BD9B8345.MusicbySony_1.2.0.14240_x86__05bme2bjq6sag [2015-10-09] (Sony Corporation)
    MUZU.TV recommended by VAIO -> C:\Program Files\WindowsApps\MUZU.TV.MUZU.TVrecommendedbyVAIO_2.2.0.5_x64__0rrnvzkk8qy2w [2018-06-09] (MUZU.TV) [MS Ad]
    Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-09-13] (Microsoft Corporation)
    Pyramid Solitaire Saga -> C:\Program Files\WindowsApps\king.com.PyramidSolitaireSaga_1.103.0.0_x86__kgqvnymyfvs32 [2020-06-16] (king.com)
    Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-11-06] (Adobe Systems Incorporated)
    Socialife News -> C:\Program Files\WindowsApps\BD9B8345.Socialife_2.4.3.10090_x64__05bme2bjq6sag [2018-06-09] (Sony Corporation)
    Sony Select -> C:\Program Files\WindowsApps\BD9B8345.VAIOMessageCenter_2.1.1.2210_x64__05bme2bjq6sag [2018-06-09] (Sony Corporation)
    TV SideView -> C:\Program Files\WindowsApps\BD9B8345.TVSideView_2.3.3.8210_x64__05bme2bjq6sag [2015-10-09] (Sony Corporation)
    Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)
    VAIO Care -> C:\Program Files\WindowsApps\BD9B8345.VAIOCare_1.4.1.14090_x64__05bme2bjq6sag [2015-10-09] (Sony Corporation)
    Wordplay: Exercise your brain -> C:\Program Files\WindowsApps\828B5831.WordplayExerciseyourbrain_1.4.601.0_x86__ytsefhwckbdv6 [2020-06-08] (G5 Entertainment AB)
    Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2017-02-15] (Microsoft Corporation)

    ==================== Custom CLSID (Whitelisted): ==============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003_Classes\CLSID\{28A80003-18FD-411D-B0A3-3C81F618E22B}\InprocServer32 -> C:\Users\linda\AppData\Local\Kingsoft\WPS Office\11.2.0.9431\office6\kwpsmenushellext64.dll (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
    CustomCLSID: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\linda\Dropbox [2017-04-03 10:05]
    ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-04-06] (Google LLC -> Google)
    ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-04-06] (Google LLC -> Google)
    ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-04-06] (Google LLC -> Google)
    ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
    ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
    ContextMenuHandlers1: [CLVDShellExt] -> [CC]{3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File
    ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
    ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-04-06] (Google LLC -> Google)
    ContextMenuHandlers1: [SDECon32] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
    ContextMenuHandlers1: [SDECon64] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
    ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
    ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-04-06] (Google LLC -> Google)
    ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.37.0.dll [2020-04-01] (Dropbox, Inc -> Dropbox, Inc.)
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
    ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
    ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2020-05-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
    ContextMenuHandlers1_S-1-5-21-2100492843-3013311965-3169298572-1003: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\linda\AppData\Local\Kingsoft\WPS Office\11.2.0.9431\office6\kwpsmenushellext64.dll [2020-06-15] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
    ContextMenuHandlers4_S-1-5-21-2100492843-3013311965-3169298572-1003: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\linda\AppData\Local\Kingsoft\WPS Office\11.2.0.9431\office6\kwpsmenushellext64.dll [2020-06-15] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)

    ==================== Codecs (Whitelisted) ====================

    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)

    Shortcut: C:\Users\linda\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.htm
    Shortcut: C:\Users\linda\AppData\Roaming\Microsoft\Windows\Network Shortcuts\My Web Sites on MSN\target.lnk -> hxxp://www.msnusers.co
    ShortcutWithArgument: C:\Users\linda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default

    ==================== Loaded Modules (Whitelisted) =============

    2019-09-23 15:52 - 2019-09-23 15:52 - 000059392 _____ () [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\SA\dict-vectorizer.dll
    2018-07-18 14:27 - 2018-07-18 14:27 - 000747520 _____ () [File not signed] C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
    2018-09-29 09:19 - 2010-10-21 05:00 - 000302080 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNCALAM.DLL
    2018-09-29 09:17 - 2010-09-20 05:00 - 000374784 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMLMAM.DLL
    2019-11-27 12:15 - 2019-11-27 12:15 - 000398336 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider32.dll
    2019-11-27 12:18 - 2019-11-27 12:18 - 000513536 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider64.dll
    2019-11-27 12:18 - 2019-11-27 12:18 - 000067072 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\cphnt64.dll
    2019-11-27 12:18 - 2019-11-27 12:18 - 000019968 _____ (Check Point Software Technologies Ltd.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\cphusr64.dll
    2010-08-06 12:15 - 2010-08-06 12:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
    2010-08-06 12:15 - 2010-08-06 12:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
    2019-07-25 10:52 - 2019-07-25 10:52 - 000986112 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\CheckPoint\ZoneAlarm\dbghelp.dll
    2019-11-27 11:27 - 2019-11-27 11:27 - 001189888 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\x86\SQLite.Interop.dll
    2014-09-18 19:15 - 2014-09-18 19:15 - 001124352 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\SQLite\System.Data.SQLite.dll
    2016-01-07 18:19 - 2015-06-16 18:18 - 001083792 _____ (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDAdvancedCheckLibrary.dll
    2016-01-07 18:19 - 2015-06-16 18:18 - 000735128 _____ (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFileScanLibrary.dll
    2016-01-07 18:19 - 2015-06-16 18:18 - 000623848 _____ (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLicense.dll
    2016-01-07 18:19 - 2015-06-16 18:18 - 000344264 _____ (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLists.dll

    ==================== Alternate Data Streams (Whitelisted) ========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\ProgramData\Temp:F0D7EE30 [138]
    AlternateDataStreams: C:\Users\avatek.user-VAIO\Downloads\ccsetup510.exe:BDU [0]
    AlternateDataStreams: C:\Users\linda\Downloads\advisorinstaller.belarc.exe:BDU [0]
    AlternateDataStreams: C:\Users\linda\Downloads\Silverlight_x64.exe:BDU [0]
    AlternateDataStreams: C:\Users\linda\Downloads\windirstat1_1_2_setup.exe:BDU [0]

    ==================== Safe Mode (Whitelisted) ==================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

    ==================== Association (Whitelisted) =================

    ==================== Internet Explorer trusted/restricted ==========

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
    IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
    IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
    IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

    There are 7943 more sites.

    IE trusted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\sharepoint.com -> hxxps://wabtec-files.sharepoint.com
    IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\123simsen.com -> www.123simsen.com

    There are 7946 more sites.


    ==================== Hosts content: =========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2013-08-22 14:25 - 2019-10-06 23:39 - 000454872 ____N C:\WINDOWS\system32\drivers\etc\hosts
    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com
    127.0.0.1 www.0scan.com
    127.0.0.1 0scan.com
    127.0.0.1 1000gratisproben.com
    127.0.0.1 www.1000gratisproben.com
    127.0.0.1 1001namen.com
    127.0.0.1 www.1001namen.com
    127.0.0.1 100888290cs.com
    127.0.0.1 www.100888290cs.com
    127.0.0.1 www.100sexlinks.com
    127.0.0.1 100sexlinks.com
    127.0.0.1 10sek.com
    127.0.0.1 www.10sek.com
    127.0.0.1 www.1-2005-search.com
    127.0.0.1 1-2005-search.com
    127.0.0.1 123fporn.info
    127.0.0.1 www.123fporn.info
    127.0.0.1 123haustiereundmehr.com
    127.0.0.1 www.123haustiereundmehr.com
    127.0.0.1 123moviedownload.com
    127.0.0.1 www.123moviedownload.com

    There are 15612 more lines.


    ==================== Other Areas ===========================

    (Currently there is no automatic fix for this section.)

    HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;c:\Program Files\WIDCOMM\Bluetooth Software\;c:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Sony\VAIO BIOS Data Transfer Utility\;C:\Program Files (x86)\Sony\VAIO Startup Setting Tool;%SYSTEMROOT%\System32\OpenSSH\
    HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\linda\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\my beautiful girl.jpg
    DNS Servers: 192.168.1.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
    Windows Firewall is disabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (If an entry is included in the fixlist, it will be removed.)

    HKLM\...\StartupApproved\StartupFolder: => "Microsoft Office.lnk"
    HKLM\...\StartupApproved\StartupFolder: => "Microsoft Works Calendar Reminders.lnk"
    HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
    HKLM\...\StartupApproved\StartupFolder: => "Event Planner Reminders Tray Icon.lnk"
    HKLM\...\StartupApproved\StartupFolder: => "Event Planner Reminders Tray Icon.lnk.disabled"
    HKLM\...\StartupApproved\Run: => "SecurityHealth"
    HKLM\...\StartupApproved\Run: => "SynTPEnh"
    HKLM\...\StartupApproved\Run: => "RtHDVBg"
    HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
    HKLM\...\StartupApproved\Run: => "IgfxTray"
    HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
    HKLM\...\StartupApproved\Run32: => "PMBVolumeWatcher"
    HKLM\...\StartupApproved\Run32: => "Microsoft Works Portfolio"
    HKLM\...\StartupApproved\Run32: => "MoneyStartUp10.0"
    HKLM\...\StartupApproved\Run32: => "WorksFUD"
    HKLM\...\StartupApproved\Run32: => "Microsoft Works Update Detection"
    HKLM\...\StartupApproved\Run32: => "SDTray"
    HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
    HKLM\...\StartupApproved\Run32: => "SynTPEnh"
    HKLM\...\StartupApproved\Run32: => "Dropbox"
    HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0"
    HKLM\...\StartupApproved\Run32: => "HP Software Update"
    HKLM\...\StartupApproved\Run32: => "SecurityHealth"
    HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
    HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\StartupApproved\Run: => "OneDrive"
    HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\StartupApproved\Run: => "CCleaner Monitoring"
    HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\StartupApproved\Run: => "MoneyAgent"
    HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"
    HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\StartupApproved\Run: => "Uninstall C:\Users\linda\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_2\amd64"
    HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\StartupApproved\Run: => "VoipConnect"
    HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\StartupApproved\Run: => "Skype"
    HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\StartupApproved\Run: => "*LABAL*"
    HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\StartupApproved\Run: => "Amazon Music"
    HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\StartupApproved\Run: => "GarminExpressTrayApp"
    HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\StartupApproved\Run: => "GoogleDriveSync"
    HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\StartupApproved\Run: => "CAHeadless"
    HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\StartupApproved\Run: => "Application Restart #2"
    HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\StartupApproved\Run: => "Application Restart #5"
    HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
    HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\StartupApproved\Run: => "Application Restart #3"
    HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\StartupApproved\Run: => "Application Restart #0"
    HKU\S-1-5-21-2100492843-3013311965-3169298572-1003\...\StartupApproved\Run: => "Adobe Reader Synchronizer"

    ==================== FirewallRules (Whitelisted) ================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{894DFE02-EA35-4019-99E3-191C3D0EBAB5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
    FirewallRules: [{2BA329C9-D3FE-4135-B165-2E9D99E51CD3}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
    FirewallRules: [UDP Query User{9F3B5498-235F-4A96-84D2-D26D5D1DBFDA}C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe] => (Allow) C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe (Finarea SA -> VoipConnect)
    FirewallRules: [TCP Query User{4C4C8A69-78E1-47C5-B642-76C5D1BCE8E3}C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe] => (Allow) C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe (Finarea SA -> VoipConnect)
    FirewallRules: [{B2A29DA8-AB6A-49EF-9E61-EE7CE38710CC}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE (CyberLink Corp. -> CyberLink Corp.)
    FirewallRules: [{BB85095F-E0FB-4CF4-B698-3722BB9CE4D9}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink Corp. -> CyberLink Corp.)
    FirewallRules: [{43BAA391-2291-4526-8F61-27111A89C7DA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{9AE3A323-DC8C-4CDA-8A3C-16A35F5AFA68}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{ABF68FB8-FA66-4034-BD3A-9936D2A3B7FA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{AAE4CE5D-6943-4FAC-B86F-D1EBCEC322FA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{87467137-EFAC-42C3-80F6-FEDA92B90848}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{7B19F6DF-3336-44A7-9CDD-1B95B2091D86}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{62A52ECE-5183-48ED-9E5D-EEE48D62A873}] => (Allow) LPort=5354
    FirewallRules: [{D889A56D-9116-45C4-AD5B-E814F093C2FB}] => (Allow) LPort=5354
    FirewallRules: [{D6DAB006-3CE7-4DFA-BAF8-1906BF06802F}] => (Allow) LPort=5354
    FirewallRules: [{3D621504-CEAA-4E1D-80DF-B6A4ED72FE53}] => (Allow) LPort=5354
    FirewallRules: [{2BF0EBF5-5D56-4354-939D-73C36D93CA2B}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
    FirewallRules: [{6CA379E0-100B-443A-9FB7-CE8D91487609}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
    FirewallRules: [{BE67CCA4-DEDD-4369-8920-035238E47893}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
    FirewallRules: [{F64E9436-0052-4806-B2D9-918D0DB28882}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
    FirewallRules: [{9A8B2461-6D47-4056-934F-3182D17AC74D}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe (Sony Corporation -> Sony Corporation)
    FirewallRules: [{0EC6F576-D132-4E6B-80E6-E8BB09863026}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe (Sony Corporation -> Sony Corporation)
    FirewallRules: [{5430C634-C087-4696-BE3E-38B24F83DE53}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe (Sony Corporation -> Sony Corporation)
    FirewallRules: [{8AF94982-19F4-40B6-B308-0B4C3B3718C9}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe (Sony Corporation -> Sony Corporation)
    FirewallRules: [{9389272C-304D-4F47-BA26-99F0D583B1D8}] => (Allow) C:\Users\linda\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
    FirewallRules: [{AA3E88D0-EAA8-46CA-B271-2D0958ABC599}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
    FirewallRules: [{AD4B9BE8-476D-4321-A10D-E744D9BB8086}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
    FirewallRules: [{6037C7EA-461A-4889-9E32-794EAEC13A33}] => (Allow) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation -> Microsoft Corporation)
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

    ==================== Restore Points =========================

    11-06-2020 10:21:32 Scheduled Checkpoint
    12-06-2020 11:19:29 Windows Backup
    17-06-2020 08:42:05 Windows Update
    17-06-2020 19:45:31 Windows Backup
    17-06-2020 22:12:05 Windows Backup

    ==================== Faulty Device Manager Devices ============


    ==================== Event log errors: ========================

    Application errors:
    ==================
    Error: (06/18/2020 03:15:35 PM) (Source: ESENT) (EventID: 455) (User: )
    Description: svchost (3156,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

    Error: (06/18/2020 03:10:12 PM) (Source: ESENT) (EventID: 455) (User: )
    Description: svchost (10200,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

    Error: (06/18/2020 02:18:34 PM) (Source: ESENT) (EventID: 455) (User: )
    Description: svchost (7004,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

    Error: (06/18/2020 12:48:11 PM) (Source: ESENT) (EventID: 455) (User: )
    Description: svchost (10000,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

    Error: (06/18/2020 11:51:36 AM) (Source: ESENT) (EventID: 455) (User: )
    Description: svchost (1728,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

    Error: (06/18/2020 11:39:43 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: UDPEndRecv: WSARecvMsg control information error.

    Error: (06/18/2020 11:39:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: DNS Message from «ZERO ADDRESS»:0 to «ZERO ADDRESS»:0 length 0 too short

    Error: (06/18/2020 04:24:53 AM) (Source: ESENT) (EventID: 455) (User: )
    Description: svchost (1556,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.


    System errors:
    =============
    Error: (06/18/2020 02:18:08 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the CPEFR service.

    Error: (06/18/2020 02:08:32 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: The File History Service service did not respond on starting.

    Error: (06/18/2020 02:07:08 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.

    Error: (06/18/2020 02:05:07 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.

    Error: (06/18/2020 02:02:20 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the CPEFR service.

    Error: (06/18/2020 02:02:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:
    The service did not respond to the start or control request in a timely fashion.

    Error: (06/18/2020 02:02:05 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.

    Error: (06/18/2020 02:00:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The SDWSCService service failed to start due to the following error:
    A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


    Windows Defender:
    ===================================
    Date: 2020-02-23 17:32:12.442
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {03098E35-7F72-48BF-BFA7-D6CDCECACC62}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2020-02-23 13:07:45.563
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {1D07ACD0-B56E-44F6-BEC2-06E0DFF6A424}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2020-02-23 12:36:13.782
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {94B1682C-F9C7-4EDD-B883-6416D5A8008E}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2020-01-28 12:44:46.416
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {4E5336E8-CAC6-4323-9117-D50139626BF7}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2019-12-19 21:59:40.147
    Description:
    Windows Defender Antivirus scan has been stopped before completion.
    Scan ID: {F4EDB6CA-9A11-4BBE-A63F-D58673C12318}
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2020-01-28 14:20:37.505
    Description:
    Windows Defender Antivirus has encountered an error trying to update security intelligence.
    New security intelligence Version:
    Previous security intelligence Version: 1.307.3169.0
    Update Source: Microsoft Update Server
    Security intelligence Type: AntiVirus
    Update Type: Full
    Current Engine Version:
    Previous Engine Version: 1.1.16600.7
    Error code: 0x80240438
    Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

    Date: 2020-01-26 10:05:16.727
    Description:
    Windows Defender Antivirus has encountered an error trying to update security intelligence.
    New security intelligence Version:
    Previous security intelligence Version: 1.307.2635.0
    Update Source: Microsoft Update Server
    Security intelligence Type: AntiVirus
    Update Type: Full
    Current Engine Version:
    Previous Engine Version: 1.1.16600.7
    Error code: 0x8024402c
    Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

    Date: 2020-01-26 10:02:55.676
    Description:
    Windows Defender Antivirus has encountered an error trying to update security intelligence.
    New security intelligence Version:
    Previous security intelligence Version: 1.307.2635.0
    Update Source: Microsoft Malware Protection Center
    Security intelligence Type: AntiVirus
    Update Type: Full
    Current Engine Version:
    Previous Engine Version: 1.1.16600.7
    Error code: 0x80072ee7
    Error description: The server name or address could not be resolved

    Date: 2020-01-26 10:02:55.675
    Description:
    Windows Defender Antivirus has encountered an error trying to update security intelligence.
    New security intelligence Version:
    Previous security intelligence Version: 1.307.2635.0
    Update Source: Microsoft Malware Protection Center
    Security intelligence Type: AntiSpyware
    Update Type: Full
    Current Engine Version:
    Previous Engine Version: 1.1.16600.7
    Error code: 0x80072ee7
    Error description: The server name or address could not be resolved

    Date: 2020-01-26 10:02:55.674
    Description:
    Windows Defender Antivirus has encountered an error trying to update security intelligence.
    New security intelligence Version:
    Previous security intelligence Version: 1.307.2635.0
    Update Source: Microsoft Malware Protection Center
    Security intelligence Type: AntiVirus
    Update Type: Full
    Current Engine Version:
    Previous Engine Version: 1.1.16600.7
    Error code: 0x80072ee7
    Error description: The server name or address could not be resolved

    CodeIntegrity:
    ===================================

    Date: 2020-06-18 15:18:29.908
    Description:
    Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2020-06-18 15:18:29.904
    Description:
    Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2020-06-18 15:18:29.813
    Description:
    Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2020-06-18 15:18:29.809
    Description:
    Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2020-06-18 14:08:33.523
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-06-18 14:08:33.401
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider64.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-06-18 14:08:33.370
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-06-18 14:08:33.246
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider64.dll that did not meet the Microsoft signing level requirements.

    ==================== Memory info ===========================

    BIOS: Insyde Corp. R1100DB 01/26/2016
    Motherboard: Sony Corporation VAIO
    Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
    Percentage of memory in use: 82%
    Total physical RAM: 6039.8 MB
    Available physical RAM: 1081.42 MB
    Total Virtual: 10007.8 MB
    Available Virtual: 4060.81 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:904.94 GB) (Free:802.06 GB) NTFS

    \\?\Volume{20590362-fd48-4726-929d-55b64c18819a}\ (Windows RE tools) (Fixed) (Total:0.82 GB) (Free:0.48 GB) NTFS
    \\?\Volume{200ac8d2-677f-4ca4-a853-c2f47df66937}\ (Recovery) (Fixed) (Total:24.43 GB) (Free:4.24 GB) NTFS
    \\?\Volume{88dc8132-698b-45d6-83f1-8f86926cd622}\ () (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32

    ==================== MBR & Partition Table ====================

    ==========================================================
    Disk: 0 (Size: 931.5 GB) (Disk ID: D3C97A91)

    Partition: GPT.

    ==================== End of Addition.txt =======================

  4. #4
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,931

    Default

    As far as seeing something malicious, no. Of course items can be deeply hidden but, I do see some heavy duty security apps on the machine that could cause some delays or freezes on here.

    Let's just do a couple of things to see if performance and issues get better.

    ****
    Start Farbar Recovery Scan Tool with Administrator privileges
    (Right click on the FRST icon and select Run as administrator)

    highlight on the text below and select Copy.
    beginning with Start:: and finishing with End::
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Highlight the entire content of the quote box below and select Copy.


    Start::
    CloseProcesses:
    CreateRestorePoint:
    GroupPolicy: Restriction ? <==== ATTENTION
    FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
    Task: {85E7839C-37F7-49EC-B8F3-57DB50471B35} - \WPD\SqmUpload_S-1-5-21-2100492843-3013311965-3169298572-1001 -> No File <==== ATTENTION
    Task: {EB9CE40A-4D41-4158-8F07-41FAE9BBC40B} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
    SearchScopes: HKU\S-1-5-21-2100492843-3013311965-3169298572-1003 -> {329F56EA-F3C5-422C-BB45-C274CFDA2B16} URL = hxxp://rover.ebay.com/rover/1/710-42480-16445-33/4?mpre=hxxp://shop.ebay.co.uk/?oemInLn=ieSrch-&_nkw={searchTerms}
    FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File]
    FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File]
    U3 iswSvc; no ImagePath
    ContextMenuHandlers1: [CLVDShellExt] -> [CC]{3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File
    ContextMenuHandlers1: [SDECon32] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
    ContextMenuHandlers1: [SDECon64] -> [CC]{44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
    ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
    AlternateDataStreams: C:\ProgramData\Temp:F0D7EE30 [138]
    AlternateDataStreams: C:\Users\avatek.user-VAIO\Downloads\ccsetup510.exe:BDU [0]
    AlternateDataStreams: C:\Users\linda\Downloads\advisorinstaller.belarc.exe:BDU [0]
    AlternateDataStreams: C:\Users\linda\Downloads\Silverlight_x64.exe:BDU [0]
    AlternateDataStreams: C:\Users\linda\Downloads\windirstat1_1_2_setup.exe:BDU [0]
    EmptyTemp:
    C:\Windows\Temp\*.*
    End::
    Start FRST (FRST64) with Administrator privileges
    Press the Fix button. FRST will process the lines copied above from the clipboard.
    When finished, a log file Fixlog.txt will pop up and saved in the same location the tool was ran from.

    Please copy and paste its contents in your next reply.
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Download and run AdwCleaner

    Download AdwCleaner from here and save it to your desktop.

    • run AdwCleaner by clicking on Scan Now
    • when it has finished, leave everything that was found checked, (ticked), then click on Clean and Repair
    • if it asks to reboot, allow the reboot
    • on reboot, click on View Log File; please attach the content of the log to your next reply.

    ============================================

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Run Malwarebytes Anti-Malware

    You may have Malwarebytes Anti-Malware installed but if not, you can download it from here:
    • run the program
    • click on the ‘Dashboard’ to make sure everything is up to date, (it is not necessary to upgrade to the premium version of MBAM)
    • click on the ‘Scan’ tab, (directly below the Dashboard tab)
    • select the Threat Scan option
    • slick the Scan Now button
    • Threat Scan will begin
    • when the scan has completed and if malware was found, click the Quarantine Selected button to allow MBAM to quarantine what was found
    • if prompted to restart the computer, close all other programs and click Yes to restart your computer
    • once you are back at your desktop, open MBAM once more
    • click on the ‘Reports’ tab
    • double-click on the most recent Scan Report
    • click on Export, then Copy to Clipboard

    Logs to include with the next post:

    Fixlog.txt
    AdwCleaner log
    Mbam.txt
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  5. #5
    Junior Member
    Join Date
    Jun 2020
    Posts
    9

    Default Fix log, AdwCleaner(S00) scan, AdwCleaner(C00) and MBAM text

    whew! Thank you for all the instructions. I have done all the scanning and enclose the files.
    I really appreciate your time and effort helping me with this, thank you very much.
    Attached Files Attached Files

  6. #6
    Junior Member
    Join Date
    Jun 2020
    Posts
    9

    Default forgot to say.....

    [QUOTE=suzilu;484945]whew! Thank you for all the instructions. I have done all the scanning and enclose the files.
    I really appreciate your time and effort helping me with this, thank you very much.[/QUOT


    When selecting the PUPs from the list in Adwcleaner, I left the ones for Vaio maintenance and HP support assistant as I use these frequently.
    Thankyou.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •