WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93098 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Win7 laptop has slowed significantly - often CPU at 100%

Started by dpculbertson , Jul 05 2019 10:29 AM

Win7 slow cpu 100%

This topic is locked

25 replies to this topic

#1 dpculbertson

New Member

Authentic Member
16 posts

Posted 05 July 2019 - 10:29 AM

Hi - My Sony Vaio Z used to be so fast, but has slowed alot. CPU is often at 100%. Looking at program usage under Task Manager, doesn't add up to 100%.

FRST Log:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 3-07-2019

Ran by David (administrator) on DAVID-VAIO (Sony Corporation VPCZ119GX) (05-07-2019 11:42:56)

Running from C:\Users\David\Desktop

Loaded Profiles: David & (Available Profiles: David)

Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: IE)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe

() [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe

() [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe

(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe

(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

(Cambridge Silicon Radio Ltd. -> ) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe

(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe

(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe

(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe

(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe

(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe

(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe

(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe

(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe

(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe

(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe

(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe

(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\75.4.141\QtWebEngineProcess.exe

(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe

(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe

(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe

(Intel Corporation - Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(Intel Corporation - Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe

(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe

(Intel Corporation) [File not signed] C:\Windows\System32\IPROSetMonitor.exe

(Intel® Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe

(Logitech, Inc. -> ) C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe

(Logitech, Inc. -> Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

(Logitech, Inc. -> Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe

(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Users\David\AppData\Local\Microsoft\OneDrive\OneDrive.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\UI0Detect.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

(Microsoft Windows Hardware Compatibility Publisher -> Logitech) C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvservice.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Pro Softnet Corporation -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_service.exe

(Realtek Semiconductor Corp -> Realtek Semiconductor Crop.) C:\Program Files\Realtek\Audio\HDA\vncutil64.exe

(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe

(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe

(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe

(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Care\VAIOTM\VTSvc.exe

(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Care\VAIOTM\VTUsr.exe

(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe

(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe

(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe

(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe

(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe

(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe

(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe

(Sony Corporation of America -> ) C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe

(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe

(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe

(TunnelBear -> TunnelBear) C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe

(UPEK Inc. -> UPEK Inc.) C:\Program Files\Protector Suite\psqltray.exe

(UPEK Inc. -> UPEK Inc.) C:\Program Files\Protector Suite\upeksvr.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvCplDaemon] => C:\Windows\system32\NvCpl.dll [16414824 2010-01-19] (NVIDIA Corporation -> NVIDIA Corporation)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9962016 2016-07-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)

HKLM\...\Run: [vncutil] => C:\Program Files\Realtek\Audio\HDA\vncutil64.exe [475680 2016-07-14] (Realtek Semiconductor Corp -> Realtek Semiconductor Crop.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1886504 2010-01-29] (Synaptics Incorporated -> Synaptics Incorporated)

HKLM\...\Run: [PSQLLauncher] => c:\Program Files\Protector Suite\launcher.exe [84744 2009-10-29] (UPEK Inc. -> UPEK Inc.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)

HKLM\...\Run: [CsrHCRPServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe [1134288 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)

HKLM\...\Run: [CsrAudioguiCtrl] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe [511696 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)

HKLM\...\Run: [CsrSyncMLServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe [244944 2012-03-22] (Cambridge Silicon Radio Ltd. -> )

HKLM\...\Run: [vksts] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe [25792 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)

HKLM\...\Run: [HarmonyUserStartup] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [39128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)

HKLM\...\Run: [CSRHarmonySkypePlugin] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe [146656 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)

HKLM\...\Run: [TrayApplication] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [529616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)

HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation -> Intel Corporation)

HKLM-x32\...\Run: [SmartWiHelper] => C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe [80384 2009-10-05] (Sony Electronics Corporation) [File not signed]

HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [320880 2009-08-26] (Sony Corporation -> Sony Corporation)

HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [5580608 2019-06-24] (Dropbox, Inc -> Dropbox, Inc.)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech, Inc. -> Logitech Inc.)

HKU\S-1-5-21-1133073292-3603896812-4173062283-1001\...\Run: [updateMgr] => C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe [307200 2004-11-22] (Adobe Systems Incorporated) [File not signed]

HKU\S-1-5-21-1133073292-3603896812-4173062283-1001\...\Run: [GoogleChromeAutoLaunch_9A83AADA066CCEA6F8C613E0AB5C7E19] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1555952 2019-06-17] (Google LLC -> Google LLC)

HKU\S-1-5-21-1133073292-3603896812-4173062283-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07052019105414055\...\Run: [updateMgr] => C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe [307200 2004-11-22] (Adobe Systems Incorporated) [File not signed]

HKU\S-1-5-21-1133073292-3603896812-4173062283-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07052019105414055\...\Run: [GoogleChromeAutoLaunch_9A83AADA066CCEA6F8C613E0AB5C7E19] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1555952 2019-06-17] (Google LLC -> Google LLC)

HKLM\...\Providers\Internet Print Provider: inetpp.dll [166400 2017-08-11] (Microsoft Windows -> Microsoft Corporation)

HKLM\...\Providers\LanMan Print Services: win32spl.dll [757248 2017-08-11] (Microsoft Windows -> Microsoft Corporation)

HKLM\...\Drivers32: [vidc.i420] => lvcod64.dll [176416 2012-01-18] (Logitech, Inc. -> Logitech Inc.)

HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [307488 2012-01-18] (Logitech, Inc. -> Logitech Inc.)

HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-19] (Google LLC -> Google LLC)

HKLM\Software\...\Authentication\Credential Providers: [{18CBEEAA-6708-41A1-9379-D08915333CF2}] -> c:\Program Files\Protector Suite\provider.dll [2009-10-29] (UPEK Inc. -> UPEK Inc.)

HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2009-09-04] (Broadcom Corporation -> Broadcom Corporation.)

HKLM\Software\...\Authentication\Credential Providers: [{5355DA8C-FE32-49b4-A567-A67535C86592}] -> C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BLEtokenCredentialProvider.dll [2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)

HKLM\Software\...\Authentication\Credential Providers: [{8bf9a910-a8ff-457f-999f-a5ca10b4a885}] -> SmartcardCredentialProvider.dll [2013-10-03] (Microsoft Windows -> Microsoft Corporation)

HKLM\Software\...\Authentication\Credential Providers: [{94596c7e-3744-41ce-893e-bbf09122f76a}] -> SmartcardCredentialProvider.dll [2013-10-03] (Microsoft Windows -> Microsoft Corporation)

HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)

HKLM\Software\...\Authentication\Credential Provider Filters: [{AE583D93-8D1B-424F-9858-5623FB7824EE}] -> c:\Program Files\Protector Suite\provider.dll [2009-10-29] (UPEK Inc. -> UPEK Inc.)

HKLM\Software\...\Winlogon\GPExtensions: [{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}] -> wlgpclnt.dll [2009-07-13] (Microsoft Windows -> Microsoft Corporation)

HKLM\Software\...\Winlogon\GPExtensions: [{0E28E245-9368-4853-AD84-6DA3BA35BB75}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)

HKLM\Software\...\Winlogon\GPExtensions: [{17D89FEC-5C44-4972-B12D-241CAEF74509}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)

HKLM\Software\...\Winlogon\GPExtensions: [{1A6364EB-776B-4120-ADE1-B63A406A76B5}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)

HKLM\Software\...\Winlogon\GPExtensions: [{25537BA6-77A8-11D2-9B6C-0000F8080861}] -> fdeploy.dll [2010-11-20] (Microsoft Windows -> Microsoft Corporation)

HKLM\Software\...\Winlogon\GPExtensions: [{3A0DBA37-F8B2-4356-83DE-3E90BD5C261F}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)

HKLM\Software\...\Winlogon\GPExtensions: [{426031c0-0b47-4852-b0ca-ac3d37bfcb39}] -> gptext.dll [2009-07-13] (Microsoft Windows -> Microsoft Corporation)

HKLM\Software\...\Winlogon\GPExtensions: [{42B5FAAE-6536-11d2-AE5A-0000F87571E3}] -> gpscript.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)

HKLM\Software\...\Winlogon\GPExtensions: [{5794DAFD-BE60-433f-88A2-1A31939AC01F}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)

HKLM\Software\...\Winlogon\GPExtensions: [{6232C319-91AC-4931-9385-E70C2B099F0E}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)

HKLM\Software\...\Winlogon\GPExtensions: [{6A4C88C6-C502-4f74-8F60-2CB23EDC24E2}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)

HKLM\Software\...\Winlogon\GPExtensions: [{7150F9BF-48AD-4da4-A49C-29EF4A8369BA}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)

HKLM\Software\...\Winlogon\GPExtensions: [{728EE579-943C-4519-9EF7-AB56765798ED}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)

HKLM\Software\...\Winlogon\GPExtensions: [{74EE6C03-5363-4554-B161-627540339CAB}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)

HKLM\Software\...\Winlogon\GPExtensions: [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}] -> scecli.dll [2010-11-20] (Microsoft Windows -> Microsoft Corporation)

HKLM\Software\...\Winlogon\GPExtensions: [{91FBB303-0CD5-4055-BF42-E512A681B325}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)

HKLM\Software\...\Winlogon\GPExtensions: [{A3F3E39B-5D83-4940-B954-28315B82F0A8}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)

HKLM\Software\...\Winlogon\GPExtensions: [{AADCED64-746C-4633-A97C-D61349046527}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)

HKLM\Software\...\Winlogon\GPExtensions: [{B087BE9D-ED37-454f-AF9C-04291E351182}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)

HKLM\Software\...\Winlogon\GPExtensions: [{B587E2B1-4D59-4e7e-AED9-22B9DF11D053}] -> dot3gpclnt.dll [2009-07-13] (Microsoft Windows -> Microsoft Corporation)

HKLM\Software\...\Winlogon\GPExtensions: [{BC75B1ED-5833-4858-9BB8-CBF0B166DF9D}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)

HKLM\Software\...\Winlogon\GPExtensions: [{C418DD9D-0D14-4efb-8FBF-CFE535C8FAC7}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)

HKLM\Software\...\Winlogon\GPExtensions: [{c6dc5466-785a-11d2-84d0-00c04fb169f7}] -> appmgmts.dll [2009-07-13] (Microsoft Windows -> Microsoft Corporation)

HKLM\Software\...\Winlogon\GPExtensions: [{cdeafc3d-948d-49dd-ab12-e578ba4af7aa}] -> gptext.dll [2009-07-13] (Microsoft Windows -> Microsoft Corporation)

HKLM\Software\...\Winlogon\GPExtensions: [{E47248BA-94CC-49c4-BBB5-9EB7F05183D0}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)

HKLM\Software\...\Winlogon\GPExtensions: [{E4F48E54-F38D-4884-BFB9-D4D2E5729C18}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)

HKLM\Software\...\Winlogon\GPExtensions: [{E5094040-C46C-4115-B030-04FB2E545B00}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)

HKLM\Software\...\Winlogon\GPExtensions: [{E62688F0-25FD-4c90-BFF5-F508B9D2E31F}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)

HKLM\Software\...\Winlogon\GPExtensions: [{f3ccc681-b74c-4060-9f26-cd84525dca2a}] -> auditcse.dll [2009-07-13] (Microsoft Windows -> Microsoft Corporation)

HKLM\Software\...\Winlogon\GPExtensions: [{F9C77450-3A41-477E-9310-9ACD617BD9E3}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)

HKLM\Software\...\Winlogon\GPExtensions: [{FB2CA36D-0B40-4307-821B-A13B252DE56C}] -> gptext.dll [2009-07-13] (Microsoft Windows -> Microsoft Corporation)

HKLM\Software\...\Winlogon\GPExtensions: [{fbf687e6-f063-4d9f-9f4f-fd9a26acdd5f}] -> gptext.dll [2009-07-13] (Microsoft Windows -> Microsoft Corporation)

Lsa: [Notification Packages] scecli c:\Program Files\Protector Suite\psqlpwd.dll

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-02-06]

ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)

Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2019-06-22]

ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

BootExecute: autocheck autochk *

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00B32045-35FE-4D23-8EE3-5292A83324F6} - System32\Tasks\HP AR Program Upload - 96cc3e97fa5c4fa0be86992c2aa57b4fd914ad50335348f7a5215b41f71fde71 => C:\Program Files\HP\HP Officejet Pro 8620\bin\HPRewards.exe [3495944 2014-07-21] (Hewlett Packard -> TODO: <Company name>)

Task: {01DAD7A0-ACBE-4140-AED9-0A6EA7E99962} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2561392 2010-01-07] (Sony Corporation -> Sony Corporation)

Task: {06EE2B5F-D692-4B88-96B8-C4536F1DF999} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)

Task: {0B6DFADE-0686-44F3-B834-DC1816C92EFD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1073528 2019-04-02] (HP Inc. -> HP Inc.)

Task: {0F90F4FD-54B9-4A2D-AECB-5E14B30ACDD7} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1741576 2016-03-17] (Intel® Software -> Intel Corporation)

Task: {11541F89-0F9F-4A97-BCBC-ADF1BC0C2458} - System32\Tasks\{D9B14A08-5B87-4D00-B591-36461E63AC97} => C:\Windows\system32\pcalua.exe -a C:\Users\David\AppData\Local\Temp\jre-8u181-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION

Task: {11978F7C-80EB-4925-9C77-E9E7700247D3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)

Task: {1432E585-72C5-4C12-B3E3-54A4DD19B02A} - System32\Tasks\Sony Corporation\VAIO Care\VTSvc => C:\Program Files\Sony\VAIO Care\VAIOTM\VTSvc.exe [20872 2017-04-19] (Sony Corporation -> Sony Corporation)

Task: {16EE79EF-7F16-4600-9172-4A6E414B649D} - System32\Tasks\Sony\VAIO Survey => C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe

Task: {1BBA3A20-4CB7-4F75-9885-973CCA69CA7D} - System32\Tasks\Sony\Java Update => C:\Program Files\Java\jre6\bin\jusched.exe

Task: {1DE86BC7-00BA-4150-A929-55FE9AD510B7} - System32\Tasks\HPCustParticipation HP Officejet Pro 8620 => C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPCustPartic.exe [5745672 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)

Task: {1FDB348F-53EF-41DD-A20E-B4682102449F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)

Task: {25402AD4-FAE7-4C6A-88AE-2AD3F82170AC} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804704 2017-05-11] (Sony Corporation -> Sony Corporation)

Task: {277FB0BD-56A4-4FFF-BCC9-FB3C3541D816} - System32\Tasks\HP AR Program Upload - a440867c3eed43a19bcd2da66587ec2d1d3641cff65b4726b95722f31764adff => C:\Program Files\HP\HP Officejet Pro 8620\bin\HPRewards.exe [3495944 2014-07-21] (Hewlett Packard -> TODO: <Company name>)

Task: {2C08859F-E9DC-4058-922C-851BB1C60A3C} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804704 2017-05-11] (Sony Corporation -> Sony Corporation)

Task: {2D559535-C8C4-4042-943D-6CB663EC02D0} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_Plugin.exe [1457208 2019-06-11] (Adobe Inc. -> Adobe)

Task: {2E20D3A9-D159-4535-9CA0-346AC95B7DC4} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113200 2019-07-02] (Microsoft Corporation -> Microsoft Corporation)

Task: {2E3F33AC-4AE3-4939-9CBE-4495D7751CC9} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804704 2017-05-11] (Sony Corporation -> Sony Corporation)

Task: {395D58CD-3D5A-4F0E-AB3A-7A8EB3A3D5B8} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [18272 2017-05-11] (Sony Corporation -> Sony Corporation)

Task: {42649532-60CC-433F-B01D-92371C1F32D1} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs"

Task: {49470C9D-EEDD-40EF-B7AB-F7F6E37DA30A} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [481136 2010-06-19] (Sony Corporation -> Sony Corporation)

Task: {4B7BFB85-439D-43B6-AD4A-6F86CC5FFAF8} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804704 2017-05-11] (Sony Corporation -> Sony Corporation)

Task: {5573D6FA-4681-4641-AD07-2AF825B33F44} - System32\Tasks\HPCeeScheduleForDavid => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [97848 2016-01-22] (Hewlett-Packard Company -> Hewlett-Packard)

Task: {56A1A2D2-740C-47EA-90DD-E1575E2C403E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-01-10] (Piriform Software Ltd -> Piriform Software Ltd)

Task: {58F36B6E-8FC6-4CAD-A305-0B1309A1254F} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [481136 2010-06-19] (Sony Corporation -> Sony Corporation)

Task: {59C28BFF-7918-4CEC-9AFC-2B1C392DCB06} - System32\Tasks\Sony Corporation\VAIO Care\VTUsr => C:\Program Files\Sony\VAIO Care\VAIOTM\VTUsr.exe [20360 2017-04-19] (Sony Corporation -> Sony Corporation)

Task: {5A439110-CB81-47BA-8FCB-4300122E9A2F} - System32\Tasks\HP AR Program Upload - 2cd1f17b3c7343a8b70ad599cadb44924645674d7685469fa061b21b184ea4af => C:\Program Files\HP\HP Officejet Pro 8620\bin\HPRewards.exe [3495944 2014-07-21] (Hewlett Packard -> TODO: <Company name>)

Task: {5A60874B-922C-4F5B-B93E-A3567113B4EC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)

Task: {5BEFBF29-44D6-45E1-ACAB-8FC4B50C86F4} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804704 2017-05-11] (Sony Corporation -> Sony Corporation)

Task: {665DBC1A-0AE9-4BEB-972B-0AD2CB4B5C03} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [481136 2010-06-19] (Sony Corporation -> Sony Corporation)

Task: {68AE8F14-B8D3-4DF4-A616-E6B4F7EE307A} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804704 2017-05-11] (Sony Corporation -> Sony Corporation)

Task: {6A791D15-2EA1-4759-92CE-F55491B5E507} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-06-07] (Google Inc -> Google Inc.)

Task: {812879C1-CCF4-4021-8867-B4DE5D3F7502} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2561392 2010-01-07] (Sony Corporation -> Sony Corporation)

Task: {85E06526-ECD2-4E44-BB93-1869DF09F2CE} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804704 2017-05-11] (Sony Corporation -> Sony Corporation)

Task: {8AD7C70C-B387-453A-B6DF-F873C0CA0D21} - System32\Tasks\Clean System Memory => C:\Windows\syswow64\CleanMem.exe [61440 2014-08-20] (PcWinTech.com) [File not signed]

Task: {8B331A9F-C70B-42A7-9411-8BE808A0D358} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN51QEK0D0 => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1073528 2019-04-02] (HP Inc. -> HP Inc.)

Task: {8EEA24BC-4A71-4A0A-AF10-734157B2A6F4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)

Task: {91DFBE71-273A-4373-8CC7-36C5C7B60523} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804704 2017-05-11] (Sony Corporation -> Sony Corporation)

Task: {92003856-08D4-4F4B-8D01-7855767DD35C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448296 2019-07-02] (Microsoft Corporation -> Microsoft Corporation)

Task: {9229BF39-E91E-4077-B313-D20C26ECC544} - System32\Tasks\Sony\OOBESendInfo => C:\Program Files\Sony\First Experience\OOBESendInfo.exe [74032 2009-11-05] (Sony Corporation of America -> )

Task: {973983C5-C05E-4F25-9D4C-3A9DEAFB94CA} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [45400 2017-05-11] (Sony Corporation -> Sony Corporation)

Task: {97B8826C-F1B0-4AEE-90E6-A872C6F06163} - System32\Tasks\HP AR Program Upload - 81f1f0e7f66443c3afb95b735510381e655a928f175e490e8b484ef73019ada7 => C:\Program Files\HP\HP Officejet Pro 8620\bin\HPRewards.exe [3495944 2014-07-21] (Hewlett Packard -> TODO: <Company name>)

Task: {97C75ED7-931D-4785-BDF6-78775DB19616} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804704 2017-05-11] (Sony Corporation -> Sony Corporation)

Task: {98B570A5-33DC-4E84-8CC9-1BDF517332B4} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [3152360 2019-04-12] (Sony Corporation -> Sony Corporation)

Task: {A3C5B754-D0CD-460A-8DD6-D20EF1C61922} - System32\Tasks\Sony Corporation\VAIO Care\VKSvcWeekly => C:\Program Files\Sony\VAIO Care\VAIOTM\VKSvc.exe [23128 2017-04-19] (Sony Corporation -> Sony Corporation)

Task: {A58D693F-50B6-4447-9FC4-73B4C4959589} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [654712 2019-06-05] (HP Inc. -> HP Inc.)

Task: {AA798388-12E2-47C4-8280-26F20E60868A} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}

Task: {AB756854-D41A-4205-9FA8-0D2711061794} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)

Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe [122880 2010-11-20] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION

Task: {B3B71086-EE96-4F43-9D92-1CC1374E33BF} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-17] (HP Inc. -> )

Task: {B8FB595C-9BAA-46D4-919E-2D9DB901DD2B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136056 2019-01-02] (HP Inc. -> HP Inc.)

Task: {B96D8DB3-67DF-47FD-9B9D-33B897EA3166} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

Task: {B978D9B5-D109-4E50-B60E-BE9C1CFF5B8C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448296 2019-07-02] (Microsoft Corporation -> Microsoft Corporation)

Task: {C0220504-6798-4C10-BE1A-BB9BFEA2063B} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-07] (Dropbox, Inc -> Dropbox, Inc.)

Task: {CA5018E7-847F-4FA9-B9EB-5EA92BE35F66} - System32\Tasks\Sony Corporation\VAIO Care\VKSvcDaily => C:\Program Files\Sony\VAIO Care\VAIOTM\VKSvc.exe [23128 2017-04-19] (Sony Corporation -> Sony Corporation)

Task: {D1E8224A-98E0-46E6-82A2-DDD821F72B3F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-06-11] (Adobe Inc. -> Adobe)

Task: {D83D03B5-4F68-4A13-BC7F-A3AFBAA9CCC4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113200 2019-07-02] (Microsoft Corporation -> Microsoft Corporation)

Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe [36864 2009-07-13] (Microsoft Windows -> Microsoft Corporation)

Task: {E3E6E6D8-81BC-456A-B8C3-C0E9AB12550D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)

Task: {E5C98D85-4D66-409D-B3FB-848CA6BD5F4C} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)

Task: {E665D5CF-D46A-46CE-A24F-00A40560B994} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-07] (Dropbox, Inc -> Dropbox, Inc.)

Task: {EB653DBB-845F-4873-A652-55B5FDB4E19F} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [1213416 2019-04-12] (Sony Corporation -> Sony Corporation)

Task: {EBED9B68-2299-441F-AA51-453348440DF7} - System32\Tasks\Sony\OOBEReminder => C:\Program Files\Sony\First Experience\OOBEFcdRegistration.exe [274736 2009-11-05] (Sony Corporation of America -> Sony Electronics, Inc.)

Task: {ED43E16F-DDB5-408E-B467-D5FE21B7BF77} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [237432 2019-04-29] (HP Inc. -> HP Inc.)

Task: {FD3C6387-EB8E-4003-9876-CC337A166999} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-06-07] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Task: C:\Windows\Tasks\HPCeeScheduleForDavid.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

Tcpip\..\Interfaces\{1F263251-2FA4-4C80-AED7-F2A2B03E0301}: [DhcpNameServer] 75.75.75.75 75.75.76.76

Tcpip\..\Interfaces\{B1B190B9-CAD1-4741-A3A8-F8C85DA3703F}: [DhcpNameServer] 172.18.13.1

Internet Explorer:

==================

HKU\S-1-5-21-1133073292-3603896812-4173062283-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?gws_rd=ssl#spf=1

HKU\S-1-5-21-1133073292-3603896812-4173062283-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://esupport.sony.com/

HKU\S-1-5-21-1133073292-3603896812-4173062283-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07052019105414055\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?gws_rd=ssl#spf=1

HKU\S-1-5-21-1133073292-3603896812-4173062283-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07052019105414055\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://esupport.sony.com/

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-07-02] (Microsoft Corporation -> Microsoft Corporation)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)

BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-10-03] (Google Inc -> Google Inc.)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2019-07-02] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)

BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-10-03] (Google Inc -> Google Inc.)

BHO-x32: AcroIEToolbarHelper Class -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14] (Adobe Systems Incorporated) [File not signed]

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2019-07-02] (Microsoft Corporation -> Microsoft Corporation)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-10-03] (Google Inc -> Google Inc.)

Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14] (Adobe Systems Incorporated) [File not signed]

Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-10-03] (Google Inc -> Google Inc.)

Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-04] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-04] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-04] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-04] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Software Sarl -> Skype Technologies)

Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll [2010-11-04] (Microsoft Corporation -> Microsoft Corporation)

Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll [2010-11-04] (Microsoft Corporation -> Microsoft Corporation)

Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll [2010-11-04] (Microsoft Corporation -> Microsoft Corporation)

Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll [2010-11-04] (Microsoft Corporation -> Microsoft Corporation)

Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll [2010-11-04] (Microsoft Corporation -> Microsoft Corporation)

Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll [2010-11-04] (Microsoft Corporation -> Microsoft Corporation)

FireFox:

========

FF DefaultProfile: 97svsgyv.default

FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\97svsgyv.default [2019-06-22]

FF Homepage: Mozilla\Firefox\Profiles\97svsgyv.default -> hxxps://zoom.us/profile|hxxps://vcse1.openexc.com/login|hxxps://vcse2.openexc.com/overview|hxxps://63.251.135.14/conference.html?name=30348%20-%20Chubb%2fCS

FF NewTabOverride: Mozilla\Firefox\Profiles\97svsgyv.default -> Disabled: newtaboverride@agenedia.com

FF Extension: (ReloadMatic) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\97svsgyv.default\Extensions\0.id@reloadmatic.webex.xpi [2017-12-05]

FF Extension: (Cisco WebEx Extension) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\97svsgyv.default\Extensions\ciscowebexstart1@cisco.com.xpi [2017-11-08]

FF Extension: (Honey) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\97svsgyv.default\Extensions\jid1-93CWPmRbVPjRQA@jetpack.xpi [2019-02-13]

FF Extension: (New Tab Override) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\97svsgyv.default\Extensions\newtaboverride@agenedia.com.xpi [2019-01-16]

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_207.dll [2019-06-11] (Adobe Inc. -> )

FF Plugin: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_207.dll [2019-06-11] (Adobe Inc. -> )

FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-24] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-02] (Adobe Inc. -> Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-1133073292-3603896812-4173062283-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\David\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2019-01-03] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

FF Plugin HKU\S-1-5-21-1133073292-3603896812-4173062283-1001: vidyo.com/VidyoWeb_1.4.0.0006 -> C:\Users\David\AppData\Roaming\VidyoInc\VidyoWeb\1.4.0.0006\npVidyoWeb.dll [2016-02-12] (Vidyo Inc. -> Vidyo, Inc.)

FF Plugin HKU\S-1-5-21-1133073292-3603896812-4173062283-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07052019105414055: @zoom.us/ZoomVideoPlugin -> C:\Users\David\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2019-01-03] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

FF Plugin HKU\S-1-5-21-1133073292-3603896812-4173062283-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07052019105414055: vidyo.com/VidyoWeb_1.4.0.0006 -> C:\Users\David\AppData\Roaming\VidyoInc\VidyoWeb\1.4.0.0006\npVidyoWeb.dll [2016-02-12] (Vidyo Inc. -> Vidyo, Inc.)

StartMenuInternet: Firefox- - kernel32::GetLongPathNameW(w R8, w .R7, i 1024)i .R6

Chrome:

=======

CHR DefaultProfile: Default

CHR HomePage: Default -> file:///C:/users/Public/Documents/davehom16a.htm

CHR StartupUrls: Default -> "file:///C:/users/Public/Documents/davehom16a.htm"

CHR NewTab: Default -> Active:"chrome-extension://icpgjfneehieebagbmdbhnlpiopdcmna/main.html"

CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default [2019-07-05]

CHR Extension: (Easy Auto Refresh) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2019-07-04]

CHR Extension: (Consumer Reports) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\abmigknmjdpedgfbfjphohjdocmkapak [2019-05-30]

CHR Extension: (Google Drive) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-23]

CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-03]

CHR Extension: (Honey) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2019-06-19]

CHR Extension: (HelloFax) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\bocmleclimfnadgmcdgecijlblfcmfnm [2019-03-14]

CHR Extension: (Pushbullet) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2019-06-07]

CHR Extension: (OneNote Online) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciniambnphakdoflgeamacamhfllbkmo [2017-02-03]

CHR Extension: (Adobe Acrobat) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-06-22]

CHR Extension: (Vidyo Screen Share) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadjebjcpiiklefiadeicakcnkhgbaoo [2018-12-06]

CHR Extension: (Dashlane - Password Manager) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2019-07-04]

CHR Extension: (Chrome Remote Desktop) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-04-27]

CHR Extension: (Google Docs Offline) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-09]

CHR Extension: (Zoom) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmbjbjdpkobdjplfobhljndfdfdipjhg [2019-06-19]

CHR Extension: (New Tab Redirect) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2018-12-06]

CHR Extension: (Acano) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikalnbacgeabafoblilnnihbfgnbjfi [2018-12-06]

CHR Extension: (Cisco Jabber Guest) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbglbakaieakcdiaiabbihafndhapfki [2018-12-06]

CHR Extension: (Cisco Webex Extension) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2019-06-22]

CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-08-30]

CHR Extension: (Google Maps) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2017-02-03]

CHR Extension: (Chrome Web Store Payments) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-06]

CHR Extension: (FoxClocks) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\obcbigljfpgappaaofailjjoabiikckk [2019-03-29]

CHR Extension: (Gmail) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-30]

CHR Extension: (Chrome Media Router) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-11]

CHR HKU\S-1-5-21-1133073292-3603896812-4173062283-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

CHR HKU\S-1-5-21-1133073292-3603896812-4173062283-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07052019105414055\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [69632 2017-01-18] (Adobe Systems) [File not signed]

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-03-08] (Apple Inc. -> Apple Inc.)

R2 BtSwitcherService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [64216 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11413600 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)

R2 CSRBtAudioService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [465624 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)

R2 CsrBtOBEXService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [1041616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)

R2 CsrBtService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [825032 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)

S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-07] (Dropbox, Inc -> Dropbox, Inc.)

S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-07] (Dropbox, Inc -> Dropbox, Inc.)

R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2019-06-24] (Dropbox, Inc -> Dropbox, Inc.)

R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] (Intel® Software Development Products -> )

R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [356728 2019-06-12] (HP Inc. -> HP Inc.)

R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc. -> HP Inc.)

R2 IDriveService; C:\Program Files (x86)\IDriveWindows\id_service.exe [204520 2017-05-11] (Pro Softnet Corporation -> Prosoftnet)

R2 Intel® PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [505856 2017-02-10] (Intel Corporation) [File not signed]

R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)

R2 nebula; C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe [4485472 2018-07-09] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)

R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)

R2 nvservice; C:\Windows\system32\nvservice.exe [192800 2013-02-04] (NVIDIA Corporation -> NVIDIA Corporation)

S3 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2009-08-31] (Sonic Solutions -> Sonic Solutions)

S2 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2009-08-31] (Sonic Solutions -> Sonic Solutions)

R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [190496 2016-07-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)

S2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [156928 2016-11-17] (Intel® Software Development Products -> )

R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7757552 2018-02-26] (TeamViewer GmbH -> TeamViewer GmbH)

R2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe [138872 2018-10-29] (TunnelBear -> TunnelBear)

S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] (Intel® Software Development Products -> )

R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1738728 2019-04-12] (Sony Corporation -> Sony Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 CsrBtPort; C:\Windows\System32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)

S3 csrpan; C:\Windows\System32\DRIVERS\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)

S3 csrserial; C:\Windows\System32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)

S3 csrusb; C:\Windows\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)

S3 csrusbfilter; C:\Windows\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)

S3 dbx; C:\Windows\System32\DRIVERS\dbx.sys [47600 2019-06-04] (Microsoft Windows Hardware Compatibility Publisher -> Dropbox, Inc.)

R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)

S3 fwlanusb6_860; C:\Windows\System32\DRIVERS\fwlanusb6_860.sys [2274336 2015-07-20] (MEDIATEK INC. -> AVM GmbH)

R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [199768 2019-07-04] (Malwarebytes Corporation -> Malwarebytes)

R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [224408 2019-07-04] (Malwarebytes Corporation -> Malwarebytes)

R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73584 2019-07-04] (Malwarebytes Corporation -> Malwarebytes)

R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-07-04] (Malwarebytes Corporation -> Malwarebytes)

R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [106344 2019-07-04] (Malwarebytes Corporation -> Malwarebytes)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)

R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)

R2 rimspci; C:\Windows\system32\drivers\rimssne64.sys [93696 2009-11-06] (Microsoft Windows Hardware Compatibility Publisher -> REDC)

R2 risdsnpe; C:\Windows\system32\drivers\risdsne64.sys [76800 2009-11-06] (Microsoft Windows Hardware Compatibility Publisher -> REDC)

R3 SFEP; C:\Windows\system32\drivers\SFEP.sys [12032 2009-12-02] (Microsoft Windows Hardware Compatibility Publisher -> Sony Corporation)

S3 tap-tb-0901; C:\Windows\System32\DRIVERS\tap-tb-0901.sys [38656 2017-09-06] (TunnelBear, Inc. -> The OpenVPN Project)

S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2016-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)

U3 aswbdisk; no ImagePath

U2 MSSQL$DDNI; no ImagePath

U2 Oasis2Service; no ImagePath

S3 semav6msr64; \??\C:\Windows\system32\drivers\semav6msr64.sys [X]

U2 VCFw; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-05 11:42 - 2019-07-05 11:45 - 000062592 _____ C:\Users\David\Desktop\FRST.txt

2019-07-05 11:35 - 2019-07-05 11:42 - 000000000 ____D C:\FRST

2019-07-05 11:21 - 2019-07-05 11:21 - 002420224 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe

2019-07-05 11:08 - 2019-07-05 11:08 - 000006352 _____ C:\Users\Public\Documents\davehom16a.htm

2019-07-04 10:04 - 2019-07-04 10:04 - 000224408 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys

2019-07-04 10:04 - 2019-07-04 10:04 - 000106344 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys

2019-07-04 10:04 - 2019-07-04 10:04 - 000073584 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys

2019-07-04 10:04 - 2019-07-04 10:04 - 000000000 ___HD C:\OneDriveTemp

2019-07-04 09:37 - 2019-07-04 09:37 - 000000000 ____D C:\Users\David\AppData\Local\mbam

2019-07-04 09:36 - 2019-07-04 10:04 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys

2019-07-04 09:36 - 2019-07-04 09:36 - 000199768 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys

2019-07-04 09:36 - 2019-07-04 09:36 - 000000000 ____D C:\Users\David\AppData\Local\mbamtray

2019-07-04 09:35 - 2019-07-04 09:35 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk

2019-07-04 09:35 - 2019-07-04 09:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes

2019-07-04 09:35 - 2019-07-04 09:35 - 000000000 ____D C:\ProgramData\Malwarebytes

2019-07-04 09:35 - 2019-07-04 09:35 - 000000000 ____D C:\Program Files\Malwarebytes

2019-07-04 09:35 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys

2019-07-04 09:33 - 2019-07-04 09:34 - 064374120 _____ (Malwarebytes ) C:\Users\David\Downloads\mb3-setup-consumer-3.8.3.2965-1.0.613-1.0.11384.exe

2019-06-25 18:47 - 2019-06-25 18:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox

2019-06-24 08:12 - 2019-06-24 08:12 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe

2019-06-24 08:12 - 2019-06-24 08:12 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys

2019-06-24 08:12 - 2019-06-24 08:12 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys

2019-06-24 08:12 - 2019-06-24 08:12 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys

2019-06-22 13:16 - 2019-06-16 14:56 - 000397112 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2019-06-22 13:16 - 2019-06-16 13:54 - 000348976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2019-06-22 13:16 - 2019-06-14 12:44 - 025736704 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2019-06-22 13:16 - 2019-06-14 12:20 - 002903552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2019-06-22 13:16 - 2019-06-14 12:19 - 000579584 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2019-06-22 13:16 - 2019-06-14 12:19 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2019-06-22 13:16 - 2019-06-14 12:09 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2019-06-22 13:16 - 2019-06-14 12:08 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2019-06-22 13:16 - 2019-06-14 12:07 - 020276224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2019-06-22 13:16 - 2019-06-14 12:07 - 005776384 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2019-06-22 13:16 - 2019-06-14 11:46 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2019-06-22 13:16 - 2019-06-14 11:43 - 002297344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2019-06-22 13:16 - 2019-06-14 11:37 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2019-06-22 13:16 - 2019-06-14 11:36 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2019-06-22 13:16 - 2019-06-14 11:34 - 015311872 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2019-06-22 13:16 - 2019-06-14 11:34 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2019-06-22 13:16 - 2019-06-14 11:34 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2019-06-22 13:16 - 2019-06-14 11:28 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2019-06-22 13:16 - 2019-06-14 11:22 - 004492800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2019-06-22 13:16 - 2019-06-14 11:19 - 013706240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2019-06-22 13:16 - 2019-06-14 11:16 - 001557504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2019-06-22 13:16 - 2019-06-14 11:16 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2019-06-22 13:16 - 2019-06-14 11:15 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2019-06-22 13:16 - 2019-06-14 11:15 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2019-06-22 13:16 - 2019-06-14 11:05 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2019-06-22 13:16 - 2019-06-14 11:02 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2019-06-22 13:16 - 2019-06-14 10:59 - 001323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2019-06-22 13:16 - 2019-06-11 00:59 - 000160488 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe

2019-06-22 13:16 - 2019-06-11 00:54 - 000732160 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2019-06-22 13:16 - 2019-06-10 22:59 - 002863104 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe

2019-06-22 13:16 - 2019-06-10 22:59 - 001712640 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll

2019-06-22 13:16 - 2019-06-10 22:59 - 000801792 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll

2019-06-22 13:16 - 2019-06-10 22:59 - 000634368 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll

2019-06-22 13:16 - 2019-06-10 22:59 - 000501760 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll

2019-06-22 13:16 - 2019-06-10 22:59 - 000456192 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll

2019-06-22 13:16 - 2019-06-10 22:59 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll

2019-06-22 13:16 - 2019-06-10 22:59 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll

2019-06-22 13:15 - 2019-06-14 12:32 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2019-06-22 13:15 - 2019-06-14 12:32 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2019-06-22 13:15 - 2019-06-14 12:20 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2019-06-22 13:15 - 2019-06-14 12:19 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2019-06-22 13:15 - 2019-06-14 12:18 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2019-06-22 13:15 - 2019-06-14 12:13 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2019-06-22 13:15 - 2019-06-14 12:12 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2019-06-22 13:15 - 2019-06-14 12:09 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2019-06-22 13:15 - 2019-06-14 12:09 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2019-06-22 13:15 - 2019-06-14 12:08 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2019-06-22 13:15 - 2019-06-14 12:03 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2019-06-22 13:15 - 2019-06-14 12:00 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2019-06-22 13:15 - 2019-06-14 11:55 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2019-06-22 13:15 - 2019-06-14 11:54 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2019-06-22 13:15 - 2019-06-14 11:54 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2019-06-22 13:15 - 2019-06-14 11:53 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2019-06-22 13:15 - 2019-06-14 11:51 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2019-06-22 13:15 - 2019-06-14 11:50 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2019-06-22 13:15 - 2019-06-14 11:48 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2019-06-22 13:15 - 2019-06-14 11:47 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2019-06-22 13:15 - 2019-06-14 11:45 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2019-06-22 13:15 - 2019-06-14 11:45 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2019-06-22 13:15 - 2019-06-14 11:45 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2019-06-22 13:15 - 2019-06-14 11:44 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2019-06-22 13:15 - 2019-06-14 11:40 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2019-06-22 13:15 - 2019-06-14 11:40 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2019-06-22 13:15 - 2019-06-14 11:38 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2019-06-22 13:15 - 2019-06-14 11:38 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2019-06-22 13:15 - 2019-06-14 11:37 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2019-06-22 13:15 - 2019-06-14 11:37 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2019-06-22 13:15 - 2019-06-14 11:36 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2019-06-22 13:15 - 2019-06-14 11:31 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2019-06-22 13:15 - 2019-06-14 11:27 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2019-06-22 13:15 - 2019-06-14 11:27 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2019-06-22 13:15 - 2019-06-14 11:26 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2019-06-22 13:15 - 2019-06-14 11:25 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2019-06-22 13:15 - 2019-06-14 11:24 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2019-06-22 13:15 - 2019-06-14 11:23 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2019-06-22 13:15 - 2019-06-14 11:22 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2019-06-22 13:15 - 2019-06-14 11:17 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2019-06-22 13:15 - 2019-06-14 10:57 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2019-06-22 10:57 - 2019-06-22 10:57 - 000000000 ____D C:\Windows\pss

2019-06-11 22:10 - 2019-06-03 19:11 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll

2019-06-11 22:10 - 2019-06-03 19:11 - 000474112 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll

2019-06-11 22:10 - 2019-06-03 19:10 - 000304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll

2019-06-11 22:10 - 2019-05-24 20:04 - 014185984 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2019-06-11 22:10 - 2019-05-24 20:03 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll

2019-06-11 22:10 - 2019-05-24 19:59 - 012880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2019-06-11 22:10 - 2019-05-24 19:58 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll

2019-06-11 22:10 - 2019-05-22 22:06 - 000806400 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll

2019-06-11 22:10 - 2019-05-22 22:06 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2019-06-11 22:10 - 2019-05-22 22:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll

2019-06-11 22:10 - 2019-05-22 21:58 - 000628224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll

2019-06-11 22:10 - 2019-05-22 21:58 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2019-06-11 22:10 - 2019-05-22 21:58 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll

2019-06-11 22:10 - 2019-05-22 20:31 - 001251840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll

2019-06-11 22:10 - 2019-05-22 20:05 - 001650176 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll

2019-06-11 22:10 - 2019-05-22 20:05 - 001182208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll

2019-06-11 22:10 - 2019-05-17 14:21 - 000372456 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys

2019-06-11 22:10 - 2019-05-16 11:22 - 004057312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2019-06-11 22:10 - 2019-05-16 11:22 - 003963624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2019-06-11 22:10 - 2019-05-16 11:21 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll

2019-06-11 22:10 - 2019-05-16 11:19 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

2019-06-11 22:10 - 2019-05-16 11:19 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

2019-06-11 22:10 - 2019-05-16 11:19 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2019-06-11 22:10 - 2019-05-16 11:19 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2019-06-11 22:10 - 2019-05-16 11:18 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2019-06-11 22:10 - 2019-05-16 11:18 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll

2019-06-11 22:10 - 2019-05-16 11:18 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2019-06-11 22:10 - 2019-05-16 11:18 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2019-06-11 22:10 - 2019-05-16 11:18 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2019-06-11 22:10 - 2019-05-16 11:17 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll

2019-06-11 22:10 - 2019-05-16 11:17 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll

2019-06-11 22:10 - 2019-05-16 11:17 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll

2019-06-11 22:10 - 2019-05-16 11:17 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll

2019-06-11 22:10 - 2019-05-16 11:10 - 005552872 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2019-06-11 22:10 - 2019-05-16 11:10 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi

2019-06-11 22:10 - 2019-05-16 11:09 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi

2019-06-11 22:10 - 2019-05-16 11:09 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll

2019-06-11 22:10 - 2019-05-16 11:09 - 000153832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2019-06-11 22:10 - 2019-05-16 11:09 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2019-06-11 22:10 - 2019-05-16 11:08 - 001664352 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2019-06-11 22:10 - 2019-05-16 11:07 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2019-06-11 22:10 - 2019-05-16 11:07 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2019-06-11 22:10 - 2019-05-16 11:07 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2019-06-11 22:10 - 2019-05-16 11:07 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2019-06-11 22:10 - 2019-05-16 11:07 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll

2019-06-11 22:10 - 2019-05-16 11:07 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll

2019-06-11 22:10 - 2019-05-16 11:07 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2019-06-11 22:10 - 2019-05-16 11:07 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll

2019-06-11 22:10 - 2019-05-16 11:07 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2019-06-11 22:10 - 2019-05-16 11:07 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2019-06-11 22:10 - 2019-05-16 11:07 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2019-06-11 22:10 - 2019-05-16 11:07 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll

2019-06-11 22:10 - 2019-05-16 11:07 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll

2019-06-11 22:10 - 2019-05-16 11:07 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll

2019-06-11 22:10 - 2019-05-16 11:07 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2019-06-11 22:10 - 2019-05-16 11:07 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll

2019-06-11 22:10 - 2019-05-16 11:07 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2019-06-11 22:10 - 2019-05-16 11:07 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2019-06-11 22:10 - 2019-05-16 11:06 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll

2019-06-11 22:10 - 2019-05-16 11:06 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll

2019-06-11 22:10 - 2019-05-16 11:06 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll

2019-06-11 22:10 - 2019-05-16 11:06 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll

2019-06-11 22:10 - 2019-05-16 11:06 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll

2019-06-11 22:10 - 2019-05-16 11:06 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll

2019-06-11 22:10 - 2019-05-16 11:06 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll

2019-06-11 22:10 - 2019-05-16 11:06 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll

2019-06-11 22:10 - 2019-05-16 10:48 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe

2019-06-11 22:10 - 2019-05-16 10:39 - 003229696 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2019-06-11 22:10 - 2019-05-16 10:38 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe

2019-06-11 22:10 - 2019-05-16 10:38 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys

2019-06-11 22:10 - 2019-05-16 10:35 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys

2019-06-11 22:10 - 2019-05-16 10:35 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys

2019-06-11 22:10 - 2019-05-16 10:35 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys

2019-06-11 22:10 - 2019-05-16 10:35 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys

2019-06-11 22:10 - 2019-05-16 10:35 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys

2019-06-11 22:10 - 2019-05-16 10:35 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys

2019-06-11 22:10 - 2019-05-16 10:34 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe

2019-06-11 22:10 - 2019-05-16 10:34 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys

2019-06-11 22:10 - 2019-05-16 10:34 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys

2019-06-11 22:10 - 2019-05-16 10:34 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys

2019-06-11 22:10 - 2019-05-16 10:34 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys

2019-06-11 22:10 - 2019-05-13 10:44 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll

2019-06-11 22:10 - 2019-05-13 10:44 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll

2019-06-11 22:10 - 2019-05-13 10:44 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll

2019-06-11 22:10 - 2019-05-13 10:44 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll

2019-06-11 22:10 - 2019-05-09 11:18 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll

2019-06-11 22:10 - 2019-05-09 11:18 - 002368000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll

2019-06-11 22:10 - 2019-05-09 11:18 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll

2019-06-11 22:10 - 2019-05-09 11:18 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll

2019-06-11 22:10 - 2019-05-09 11:18 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll

2019-06-11 22:10 - 2019-05-09 11:18 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll

2019-06-11 22:10 - 2019-05-09 11:18 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll

2019-06-11 22:10 - 2019-05-09 11:17 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll

2019-06-11 22:10 - 2019-05-09 11:17 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll

2019-06-11 22:10 - 2019-05-09 11:17 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll

2019-06-11 22:10 - 2019-05-09 11:17 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll

2019-06-11 22:10 - 2019-05-09 11:17 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll

2019-06-11 22:10 - 2019-05-09 11:17 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll

2019-06-11 22:10 - 2019-05-09 11:10 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys

2019-06-11 22:10 - 2019-05-09 11:09 - 000114400 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe

2019-06-11 22:10 - 2019-05-09 11:07 - 014637568 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll

2019-06-11 22:10 - 2019-05-09 11:07 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll

2019-06-11 22:10 - 2019-05-09 11:07 - 003247616 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll

2019-06-11 22:10 - 2019-05-09 11:07 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll

2019-06-11 22:10 - 2019-05-09 11:07 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll

2019-06-11 22:10 - 2019-05-09 11:07 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll

2019-06-11 22:10 - 2019-05-09 11:07 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll

2019-06-11 22:10 - 2019-05-09 11:07 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll

2019-06-11 22:10 - 2019-05-09 11:07 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll

2019-06-11 22:10 - 2019-05-09 11:07 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll

2019-06-11 22:10 - 2019-05-09 11:07 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll

2019-06-11 22:10 - 2019-05-09 11:06 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll

2019-06-11 22:10 - 2019-05-09 11:06 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll

2019-06-11 22:10 - 2019-05-09 11:06 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll

2019-06-11 22:10 - 2019-05-09 11:06 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll

2019-06-11 22:10 - 2019-05-09 11:06 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll

2019-06-11 22:10 - 2019-05-09 11:06 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll

2019-06-11 22:10 - 2019-05-09 11:06 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll

2019-06-11 22:10 - 2019-05-09 11:06 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll

2019-06-11 22:10 - 2019-05-09 11:06 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll

2019-06-11 22:10 - 2019-05-09 11:01 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys

2019-06-11 22:10 - 2019-05-09 10:51 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe

2019-06-11 22:10 - 2019-05-09 10:40 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe

2019-06-11 22:10 - 2019-04-29 22:07 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2019-06-11 22:10 - 2019-04-29 21:56 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

2019-06-11 22:10 - 2019-04-25 11:18 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll

2019-06-11 22:10 - 2019-04-25 11:06 - 000110592 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll

2019-06-11 22:10 - 2019-04-24 11:11 - 001893096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2019-06-11 22:10 - 2019-04-24 11:09 - 000377064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys

2019-06-11 22:10 - 2019-04-24 11:09 - 000287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS

2019-06-11 22:10 - 2019-04-12 09:05 - 000994384 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll

2019-06-11 22:10 - 2019-04-12 09:05 - 000064248 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll

2019-06-11 22:10 - 2019-04-12 09:05 - 000020944 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll

2019-06-11 22:10 - 2019-04-12 09:05 - 000019408 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll

2019-06-11 22:10 - 2019-04-12 09:05 - 000017656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll

2019-06-11 22:10 - 2019-04-12 09:05 - 000017656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll

2019-06-11 22:10 - 2019-04-12 09:05 - 000016120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll

2019-06-11 22:10 - 2019-04-12 09:05 - 000015608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll

2019-06-11 22:10 - 2019-04-12 09:05 - 000014288 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll

2019-06-11 22:10 - 2019-04-12 09:05 - 000014072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll

2019-06-11 22:10 - 2019-04-12 09:05 - 000013560 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll

2019-06-11 22:10 - 2019-04-12 09:05 - 000012752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll

2019-06-11 22:10 - 2019-04-12 09:05 - 000012536 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll

2019-06-11 22:10 - 2019-04-12 09:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll

2019-06-11 22:10 - 2019-04-12 09:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll

2019-06-11 22:10 - 2019-04-12 09:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll

2019-06-11 22:10 - 2019-04-12 09:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll

2019-06-11 22:10 - 2019-04-12 09:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll

2019-06-11 22:10 - 2019-04-12 09:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll

2019-06-11 22:10 - 2019-04-12 09:05 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll

2019-06-11 22:10 - 2019-04-12 09:05 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll

2019-06-11 22:10 - 2019-04-12 09:05 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll

2019-06-11 22:10 - 2019-04-12 09:05 - 000011504 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll

2019-06-11 22:10 - 2019-04-12 09:04 - 000914584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll

2019-06-11 22:10 - 2019-04-12 09:04 - 000065784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll

2019-06-11 22:10 - 2019-04-12 09:04 - 000021752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll

2019-06-11 22:10 - 2019-04-12 09:04 - 000018680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll

2019-06-11 22:10 - 2019-04-12 09:04 - 000017352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll

2019-06-11 22:10 - 2019-04-12 09:04 - 000017144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll

2019-06-11 22:10 - 2019-04-12 09:04 - 000015608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll

2019-06-11 22:10 - 2019-04-12 09:04 - 000015096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll

2019-06-11 22:10 - 2019-04-12 09:04 - 000013560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll

2019-06-11 22:10 - 2019-04-12 09:04 - 000013560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll

2019-06-11 22:10 - 2019-04-12 09:04 - 000013048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll

2019-06-11 22:10 - 2019-04-12 09:04 - 000012024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll

2019-06-11 22:10 - 2019-04-12 09:04 - 000012024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll

2019-06-11 22:10 - 2019-04-12 09:04 - 000011728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll

2019-06-11 22:10 - 2019-04-12 09:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll

2019-06-11 22:10 - 2019-04-12 09:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll

2019-06-11 22:10 - 2019-04-12 09:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll

2019-06-11 22:10 - 2019-04-12 09:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll

2019-06-11 22:10 - 2019-04-12 09:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll

2019-06-11 22:10 - 2019-04-12 09:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll

2019-06-11 22:10 - 2019-04-12 09:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll

2019-06-11 22:10 - 2019-04-12 09:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll

2019-06-11 22:10 - 2019-04-12 09:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll

2019-06-11 22:10 - 2019-04-09 11:17 - 000174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

2019-06-11 22:10 - 2019-04-09 11:05 - 003165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2019-06-11 22:10 - 2019-04-09 11:05 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll

2019-06-11 22:10 - 2019-04-09 11:05 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2019-06-11 22:10 - 2019-04-09 11:05 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2019-06-11 22:10 - 2019-04-09 11:05 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

2019-06-11 22:10 - 2019-04-09 11:03 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll

2019-06-11 22:10 - 2019-04-09 10:53 - 002651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2019-06-11 22:10 - 2019-04-09 10:52 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2019-06-11 22:10 - 2019-04-09 10:52 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2019-06-11 22:10 - 2019-04-09 10:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2019-06-11 22:10 - 2019-04-09 10:52 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

2019-06-11 22:09 - 2019-05-22 22:06 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll

2019-06-11 22:09 - 2019-05-22 21:58 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll

2019-06-11 22:09 - 2019-05-16 11:19 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll

2019-06-11 22:09 - 2019-05-16 11:19 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll

2019-06-11 22:09 - 2019-05-16 11:19 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2019-06-11 22:09 - 2019-05-16 11:19 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll

2019-06-11 22:09 - 2019-05-16 11:19 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll

2019-06-11 22:09 - 2019-05-16 11:18 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll

2019-06-11 22:09 - 2019-05-16 11:18 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll

2019-06-11 22:09 - 2019-05-16 11:18 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll

2019-06-11 22:09 - 2019-05-16 11:18 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2019-06-11 22:09 - 2019-05-16 11:18 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2019-06-11 22:09 - 2019-05-16 11:17 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll

2019-06-11 22:09 - 2019-05-16 11:17 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll

2019-06-11 22:09 - 2019-05-16 11:17 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll

2019-06-11 22:09 - 2019-05-16 11:17 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:17 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:07 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll

2019-06-11 22:09 - 2019-05-16 11:07 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll

2019-06-11 22:09 - 2019-05-16 11:07 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll

2019-06-11 22:09 - 2019-05-16 11:07 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll

2019-06-11 22:09 - 2019-05-16 11:07 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2019-06-11 22:09 - 2019-05-16 11:07 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2019-06-11 22:09 - 2019-05-16 11:07 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll

2019-06-11 22:09 - 2019-05-16 11:07 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll

2019-06-11 22:09 - 2019-05-16 11:07 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll

2019-06-11 22:09 - 2019-05-16 11:06 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll

2019-06-11 22:09 - 2019-05-16 11:06 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll

2019-06-11 22:09 - 2019-05-16 11:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll

2019-06-11 22:09 - 2019-05-16 11:06 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll

2019-06-11 22:09 - 2019-05-16 11:06 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2019-06-11 22:09 - 2019-05-16 11:06 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll

2019-06-11 22:09 - 2019-05-16 11:06 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:06 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 11:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 10:53 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe

2019-06-11 22:09 - 2019-05-16 10:53 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll

2019-06-11 22:09 - 2019-05-16 10:47 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe

2019-06-11 22:09 - 2019-05-16 10:47 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll

2019-06-11 22:09 - 2019-05-16 10:47 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe

2019-06-11 22:09 - 2019-05-16 10:47 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe

2019-06-11 22:09 - 2019-05-16 10:45 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll

2019-06-11 22:09 - 2019-05-16 10:45 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 10:45 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 10:45 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 10:45 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll

2019-06-11 22:09 - 2019-05-16 10:41 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe

2019-06-11 22:09 - 2019-05-16 10:41 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe

2019-06-11 22:09 - 2019-05-16 10:41 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys

2019-06-11 22:09 - 2019-05-16 10:41 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe

2019-06-11 22:09 - 2019-05-16 10:38 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe

2019-06-11 22:09 - 2019-05-16 10:34 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys

2019-06-11 22:09 - 2019-05-16 10:34 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2019-06-11 22:09 - 2019-05-09 11:18 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL

2019-06-11 22:09 - 2019-05-09 11:18 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll

2019-06-11 22:09 - 2019-05-09 11:18 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll

2019-06-11 22:09 - 2019-05-09 11:18 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll

2019-06-11 22:09 - 2019-05-09 11:18 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll

2019-06-11 22:09 - 2019-05-09 11:17 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll

2019-06-11 22:09 - 2019-05-09 11:17 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll

2019-06-11 22:09 - 2019-05-09 11:17 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll

2019-06-11 22:09 - 2019-05-09 11:17 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll

2019-06-11 22:09 - 2019-05-09 11:17 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll

2019-06-11 22:09 - 2019-05-09 11:17 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll

2019-06-11 22:09 - 2019-05-09 11:17 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll

2019-06-11 22:09 - 2019-05-09 11:17 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll

2019-06-11 22:09 - 2019-05-09 11:17 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll

2019-06-11 22:09 - 2019-05-09 11:07 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL

2019-06-11 22:09 - 2019-05-09 11:07 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll

2019-06-11 22:09 - 2019-05-09 11:07 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll

2019-06-11 22:09 - 2019-05-09 11:07 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll

2019-06-11 22:09 - 2019-05-09 11:07 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll

2019-06-11 22:09 - 2019-05-09 11:07 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll

2019-06-11 22:09 - 2019-05-09 11:07 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll

2019-06-11 22:09 - 2019-05-09 11:07 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll

2019-06-11 22:09 - 2019-05-09 11:07 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll

2019-06-11 22:09 - 2019-05-09 11:07 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll

2019-06-11 22:09 - 2019-05-09 11:07 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx

2019-06-11 22:09 - 2019-05-09 11:07 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll

2019-06-11 22:09 - 2019-05-09 11:07 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll

2019-06-11 22:09 - 2019-05-09 11:06 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll

2019-06-11 22:09 - 2019-05-09 11:06 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll

2019-06-11 22:09 - 2019-05-09 11:03 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll

2019-06-11 22:09 - 2019-05-09 11:03 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx

2019-06-11 22:09 - 2019-05-09 11:03 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll

2019-06-11 22:09 - 2019-05-09 11:02 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe

2019-06-11 22:09 - 2019-05-09 11:02 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe

2019-06-11 22:09 - 2019-05-09 10:49 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe

2019-06-11 22:09 - 2019-05-09 10:49 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe

2019-06-11 22:09 - 2019-05-09 10:37 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe

2019-06-11 22:09 - 2019-05-09 10:37 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe

2019-06-11 22:09 - 2019-04-09 11:05 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

2019-06-11 22:09 - 2019-04-09 11:05 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll

2019-06-11 22:09 - 2019-04-09 10:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2019-06-11 22:09 - 2019-04-09 10:52 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-05 11:46 - 2016-06-07 17:53 - 000000906 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job

2019-07-05 11:10 - 2009-07-14 00:45 - 000014160 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2019-07-05 11:10 - 2009-07-14 00:45 - 000014160 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2019-07-04 10:07 - 2009-07-14 01:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI

2019-07-04 10:07 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\inf

2019-07-04 10:04 - 2017-02-03 07:50 - 000000000 ___RD C:\Users\David\OneDrive

2019-07-04 10:03 - 2017-11-08 17:19 - 000000000 ____D C:\Program Files (x86)\TunnelBear

2019-07-04 10:03 - 2017-01-04 08:39 - 000000000 ____D C:\Users\David\AppData\LocalLow\Mozilla

2019-07-04 10:02 - 2016-06-07 17:53 - 000000902 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job

2019-07-04 10:02 - 2009-07-14 01:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT

2019-07-04 09:29 - 2019-01-18 22:38 - 000000332 _____ C:\Windows\Tasks\HPCeeScheduleForDavid.job

2019-07-04 08:32 - 2017-07-25 16:52 - 000003178 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1133073292-3603896812-4173062283-1001

2019-07-04 08:32 - 2017-02-03 07:50 - 000002162 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk

2019-07-02 10:47 - 2019-01-18 22:38 - 000003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForDavid

2019-07-02 08:15 - 2017-01-18 16:41 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2019-07-02 08:13 - 2017-01-18 16:40 - 000000000 ____D C:\Program Files (x86)\Microsoft Office

2019-07-02 08:07 - 2017-10-02 07:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google

2019-07-02 08:07 - 2016-08-30 22:30 - 000002000 _____ C:\Users\Public\Desktop\Google Slides.lnk

2019-07-02 08:07 - 2016-08-30 22:30 - 000001988 _____ C:\Users\Public\Desktop\Google Docs.lnk

2019-06-25 18:47 - 2016-06-07 17:53 - 000000000 ____D C:\Program Files (x86)\Dropbox

2019-06-22 16:22 - 2019-04-26 09:04 - 000000000 ____D C:\Windows\rescache

2019-06-22 14:32 - 2015-12-03 20:05 - 000000000 ____D C:\Windows\system32\appraiser

2019-06-22 13:52 - 2015-12-08 05:26 - 000774404 _____ C:\Windows\SysWOW64\PerfStringBackup.INI

2019-06-22 10:41 - 2016-08-30 22:31 - 000000000 ___RD C:\Users\David\Google Drive

2019-06-22 10:40 - 2017-01-04 11:44 - 000000000 ____D C:\Users\David\AppData\Roaming\Ditto

2019-06-19 12:41 - 2017-03-16 14:54 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

2019-06-19 12:14 - 2016-06-07 04:52 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2019-06-19 12:14 - 2016-06-07 04:52 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2019-06-12 03:25 - 2009-07-14 00:45 - 000454024 _____ C:\Windows\system32\FNTCACHE.DAT

2019-06-12 03:22 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\SysWOW64\Dism

2019-06-12 03:22 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\system32\Dism

2019-06-12 03:02 - 2015-12-03 19:37 - 135349160 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

2019-06-12 03:02 - 2015-12-03 19:37 - 000000000 ____D C:\Windows\system32\MRT

2019-06-11 13:51 - 2018-11-14 04:53 - 000000000 ____D C:\Users\David\AppData\Local\Apple Inc

2019-06-11 13:51 - 2016-06-07 07:11 - 000000000 ____D C:\Users\David\AppData\Roaming\Apple Computer

2019-06-11 13:51 - 2015-12-03 18:34 - 000000000 ____D C:\Users\David

2019-06-11 12:43 - 2016-06-07 05:40 - 000000000 ____D C:\Program Files (x86)\TeamViewer

2019-06-11 03:23 - 2018-03-14 13:23 - 000004466 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier

2019-06-11 03:23 - 2016-06-16 13:00 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe

2019-06-11 03:23 - 2016-06-16 13:00 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2019-06-11 03:23 - 2016-06-16 13:00 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2019-06-11 03:23 - 2016-06-16 13:00 - 000000000 ____D C:\Windows\system32\Macromed

2019-06-11 03:23 - 2015-12-03 20:52 - 000000000 ____D C:\Windows\SysWOW64\Macromed

2019-06-07 10:07 - 2016-06-07 17:58 - 000000000 ___RD C:\Users\David\Dropbox (OpenExchange)

2019-06-07 09:52 - 2016-06-07 17:52 - 000000000 ____D C:\Users\David\AppData\Local\Dropbox

==================== FLock ================

2015-12-03 20:43 C:\Windows\CSC

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2019-07-02 10:20

==================== End of FRST.txt ============================

Thank you for any help/insight you can provide.

-David

Advertisements

Register to Remove

#2 Juliet

SuperHelper

Retired Classroom Teacher
7,686 posts

Interests:Boo!....

Posted 06 July 2019 - 05:16 AM

When Farbar Recovery Scan Tool (FRST) was first run it should had also created Addition.txt
Can you find this and copy and paste it in your next reply?

Sometimes the angels fly close enough to you that you can hear the flutter of their wings...

MS - MVP Consumer Security 2009 - 2016, WI-MVP 2016-17
Antivirus Scanners Online Scanners Firewalls Slow Computer??

#3 dpculbertson

New Member

Authentic Member
16 posts

Posted 06 July 2019 - 08:26 AM

Yes, here is the Addition.txt file contents:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 3-07-2019

Ran by David (05-07-2019 11:50:12)

Running from C:\Users\David\Desktop

Windows 7 Professional Service Pack 1 (X64) (2015-12-03 22:34:44)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1133073292-3603896812-4173062283-500 - Administrator - Disabled)

David (S-1-5-21-1133073292-3603896812-4173062283-1001 - Administrator - Enabled) => C:\Users\David

Guest (S-1-5-21-1133073292-3603896812-4173062283-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-1133073292-3603896812-4173062283-1004 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}

AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

. . . (HKLM\...\{9117392B-B850-4568-83DD-6C62416B020D}) (Version: 2.1.28.3 - Intel) Hidden

. . . (HKLM-x32\...\{3531E043-2D73-4E84-AC74-67F9D25A7FD8}) (Version: 2.7.0.11 - Intel) Hidden

Adobe Acrobat 7.0 Standard (HKLM-x32\...\Adobe Acrobat 7.0 Standard) (Version: 7.0.0 - Adobe Systems)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)

Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.207 - Adobe)

Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.207 - Adobe)

Apple Application Support (32-bit) (HKLM-x32\...\{9F7041CB-8398-4691-B8CB-0D52273BB3D9}) (Version: 7.4 - Apple Inc.)

Apple Application Support (64-bit) (HKLM\...\{6E7DF4EE-1976-4215-9D81-755AFC95687D}) (Version: 7.4 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{BA2A6DBB-B09A-43D8-84F3-21C1537B47D9}) (Version: 12.2.0.15 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)

Backup and Sync from Google (HKLM\...\{510D7DF1-732A-4E0D-9FE7-0BCBB9481A2F}) (Version: 3.44.5504.6203 - Google, Inc.)

Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)

CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden

CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)

Cisco Jabber Video for TelePresence (HKLM-x32\...\{5BF4E2A0-9C59-42AA-97E2-D45127CB9117}) (Version: 4.8.12.18951 - Cisco Systems, Inc.)

CleanMem (HKLM-x32\...\CleanMem) (Version: v2.5.0 - PcWinTech.com)

CSR Harmony Wireless Software Stack (HKLM\...\{17DEA095-8EE1-49A2-AC5A-9663DB098FA9}) (Version: 2.1.63.0 - Cambridge Silicon Radio Limited.)

D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden

Ditto (HKLM\...\Ditto_is1) (Version: - Scott Brogden)

Dropbox (HKLM-x32\...\Dropbox) (Version: 75.4.141 - Dropbox, Inc.)

Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden

erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)

Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden

Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)

Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden

HP Officejet Pro 8620 Basic Device Software (HKLM\...\{A977D10D-989A-40D4-B0B1-450954516543}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)

HP Officejet Pro 8620 Help (HKLM-x32\...\{9A4D71AB-9C68-4702-A4A2-A4DB7B0FE270}) (Version: 32.0.0 - Hewlett Packard)

HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.8.24.33 - HP)

HP Support Solutions Framework (HKLM-x32\...\{CE7447C2-EF12-4EF3-BE51-BFC3B049C0F6}) (Version: 12.11.24.11 - HP)

HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)

HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)

I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)

iCloud (HKLM\...\{03742818-3BC2-45BA-B6BB-4C2D453FD033}) (Version: 7.11.0.19 - Apple Inc.)

IDrive Version - 6.0 (HKLM-x32\...\IDrive_is1) (Version: 6.0 - Pro Softnet Corp)

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)

Intel® Network Connections 22.0.18.0 (HKLM\...\PROSetDX) (Version: 22.0.18.0 - Intel)

Intel® PROSet/Wireless WiFi Software (HKLM\...\{D16A2127-B927-4379-B153-3DEC091E4EEB}) (Version: 13.02.1000 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)

Intel® Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1002 - Intel Corporation)

Intel® Driver Update Utility (HKLM-x32\...\{7b9ce1f6-7029-4ca6-8bcd-38afc68a69df}) (Version: 2.7.0.11 - Intel)

iTunes (HKLM\...\{DF90B2B3-5832-4E85-934D-8048B33A1D67}) (Version: 12.9.4.102 - Apple Inc.)

Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Logi Firmware Update Tool for C930e (HKLM-x32\...\FWUpdateC930e) (Version: 8.0.916.0 - Logitech Europe S.A.)

Logitech Camera Settings (HKLM-x32\...\LogiUCDPP) (Version: 1.1.87.0 - Logitech Europe S.A.)

Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)

Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)

Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-1133073292-3603896812-4173062283-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-1133073292-3603896812-4173062283-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07052019105414055\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)

Microsoft OneNote Home and Student 2016 - en-us (HKLM\...\OneNoteFreeRetail - en-us) (Version: 16.0.11727.20230 - Microsoft Corporation)

Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)

Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Mozilla Firefox 54.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 en-US)) (Version: 54.0.1 - Mozilla)

Mozilla Firefox 55.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 en-US)) (Version: 55.0.3 - Mozilla)

Mozilla Firefox 65.0 (x64 en-US) (HKLM\...\Mozilla Firefox 65.0 (x64 en-US)) (Version: 65.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 65.0.0.6963 - Mozilla)

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)

Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden

Pidgin (HKLM-x32\...\Pidgin) (Version: 2.12.0 - )

PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)

PMB VAIO Edition plug-in (Click to Disc) (HKLM-x32\...\{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 3.0.01.11230 - Sony Corporation) Hidden

PMB VAIO Edition plug-in (Click to Disc) (HKLM-x32\...\InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 3.0.01.11230 - Sony Corporation)

Product Improvement Study for HP Officejet Pro 8620 (HKLM\...\{99039186-EBEB-4127-BFA2-18B10A05ACE2}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)

Protector Suite 2009 (HKLM\...\{CB974C3D-D101-4411-8F54-DCDC58DED815}) (Version: 5.9.2.5974 - UPEK Inc.)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6028 - Realtek Semiconductor Corp.)

Roxio Easy Media Creator 10 LJ (HKLM-x32\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3 - Roxio)

Setting Utility Series (HKLM-x32\...\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}) (Version: 5.1.0.13070 - Sony Corporation)

Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)

SmartWi Connection Utility (HKLM-x32\...\{9B5F85CA-90D4-4AFC-BB37-32477FD0D2B9}) (Version: 4.9.4.20091005.2246 - Sony)

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.16.0 - Synaptics Incorporated)

TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.93231 - TeamViewer)

TunnelBear (HKLM-x32\...\{58a01650-b45c-443b-a51e-90f586a63532}) (Version: 3.7.2.0 - TunnelBear)

TunnelBear (HKLM-x32\...\{C7E7F8CF-E23A-4FC1-8AAC-8710A70490E3}) (Version: 3.7.2.0 - TunnelBear) Hidden

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)

VAIO Care (HKLM\...\{CFF47016-B212-4D89-8DC2-15D5508A73BA}) (Version: 8.4.6.05111 - Sony Corporation)

VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.1.1.07160 - Sony Corporation)

VAIO Data Restore Tool (HKLM-x32\...\{34DC654E-6E43-4BFA-9E00-6C16CFA7B9F0}) (Version: 1.2.0.09150 - Sony Corporation) Hidden

VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.2.0.09150 - Sony Corporation)

VAIO DVD Menu Data (HKLM-x32\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 2.0.00.09240 - Sony Corporation)

VAIO Event Service (HKLM-x32\...\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}) (Version: 5.1.0.12290 - Sony Corporation)

VAIO Hardware Diagnostics (HKLM-x32\...\{6754AE0D-B2E1-45E4-835F-FDFEC373DE8A}) (Version: 3.9.1 - Sony Corporation) Hidden

VAIO Help and Support (HKLM-x32\...\{DB1C9CB7-DF65-4991-BD17-71BF9CD15BA0}) (Version: 10.00.1029 - Sony Corporation)

VAIO OOBE and Startup Assistant (HKLM-x32\...\{1B500D37-E7CF-480B-8054-8A563594EC4E}) (Version: 2.00.1110 - Sony Corporation)

VAIO Personalization Manager (HKLM\...\{95E0A642-69BB-45ED-98E0-5ECB58FE8E28}) (Version: 4.2.4.07160 - Sony Corporation)

VAIO Power Management (HKLM-x32\...\{803E4FA5-A940-4420-B89D-A8BC2E160247}) (Version: 5.0.0.12280 - Sony Corporation)

VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.4.0.15200 - Sony Corporation)

VAIO Wallpaper Contents (HKLM-x32\...\{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}) (Version: 2.0.0.06010 - Sony Corporation)

VAIO Window Organizer (HKLM-x32\...\{6D320CE8-79EB-4D45-8C6D-DEF74D84B49A}) (Version: 2.0.0.08280 - Sony Corporation)

VD64Inst (HKLM\...\{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}) (Version: 1.00.0000 - Roxio, Inc.) Hidden

Vidyo Desktop 3.6.3 (HKLM-x32\...\Vidyo Desktop) (Version: 3.6.3 - Vidyo Inc.)

Vidyo Desktop 3.6.9 - (David) (HKU\S-1-5-21-1133073292-3603896812-4173062283-1001\...\Vidyo Desktop) (Version: 3.6.9 - Vidyo Inc.)

Vidyo Desktop 3.6.9 - (David) (HKU\S-1-5-21-1133073292-3603896812-4173062283-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07052019105414055\...\Vidyo Desktop) (Version: 3.6.9 - Vidyo Inc.)

VidyoWeb - 1.4.0.0006 (HKLM-x32\...\{06B7CBBD-3D39-4FC9-94B3-72139C62608E}) (Version: 1.4.0.0006 - Vidyo, Inc.)

VUx64 (HKLM\...\{A0A2BE14-D3FF-41C8-9545-4B130E3FE9A4}) (Version: 1.2.0 - Sony Corporation) Hidden

VUx86 (HKLM-x32\...\{D04F1D22-4A47-42C6-A2B9-094A7B844D9B}) (Version: 1.2.0 - Sony Corporation) Hidden

WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.500 - Broadcom Corporation)

Windows Driver Package - Broadcom Bluetooth (09/09/2009 6.2.0.9405) (HKLM\...\930E4792BDAEAFB62A9514EE7578775658A5D07C) (Version: 09/09/2009 6.2.0.9405 - Broadcom)

Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)

Zoom (HKU\S-1-5-21-1133073292-3603896812-4173062283-1001\...\ZoomUMX) (Version: 4.1 - Zoom Video Communications, Inc.)

Zoom (HKU\S-1-5-21-1133073292-3603896812-4173062283-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07052019105414055\...\ZoomUMX) (Version: 4.1 - Zoom Video Communications, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1133073292-3603896812-4173062283-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07052019105414055_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => No File

CustomCLSID: HKU\S-1-5-21-1133073292-3603896812-4173062283-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => No File

ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ 0001IDSIcon1] -> {0FA6DCC0-CF0B-427D-A8AF-97C466AB5769} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2017-05-11] (Pro-Softnet Corporation, U.S.A) [File not signed]

ShellIconOverlayIdentifiers: [ 0001IDSIcon2] -> {66357BBE-D2E5-453C-95FF-8102EB32419D} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2017-05-11] (Pro-Softnet Corporation, U.S.A) [File not signed]

ShellIconOverlayIdentifiers: [ 0001IDSIcon3] -> {904E6336-8B13-43FA-B4C3-5B62C1C91971} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2017-05-11] (Pro-Softnet Corporation, U.S.A) [File not signed]

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-25] (Google LLC -> Google)

ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-25] (Google LLC -> Google)

ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-25] (Google LLC -> Google)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File

ShellIconOverlayIdentifiers: [UEAFOverlay] -> {F2F31467-B1AC-4df0-AE79-FD5FA085E22B} => c:\Program Files\Protector Suite\farchns.dll [2009-10-29] (UPEK Inc. -> UPEK Inc.)

ShellIconOverlayIdentifiers: [UEAFOverlayOpen] -> {A3E208F7-0E3A-4182-A7A6-B169D5D691AA} => c:\Program Files\Protector Suite\farchns.dll [2009-10-29] (UPEK Inc. -> UPEK Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)

ContextMenuHandlers1-x32: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll [2004-12-14] (Adobe Systems Inc.) [File not signed]

ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)

ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-25] (Google LLC -> Google)

ContextMenuHandlers1: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2017-05-11] () [File not signed]

ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-03-13] (Apple Inc. -> Apple Inc.)

ContextMenuHandlers1: [RXDCExtSvr] -> {0FB82570-BB2D-23D3-8D3B-AC2F34F1FA3C} => C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll [2009-09-01] (Sonic Solutions -> Sonic Solutions)

ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers2: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2017-05-11] () [File not signed]

ContextMenuHandlers2: [RXDCExtSvr] -> {0FB82570-BB2D-23D3-8D3B-AC2F34F1FA3C} => C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll [2009-09-01] (Sonic Solutions -> Sonic Solutions)

ContextMenuHandlers2: [SafearchiveContextMenu] -> {9AFDE8D6-200C-4b41-A5FC-B7251DFD1A8E} => c:\Program Files\Protector Suite\farchns.dll [2009-10-29] (UPEK Inc. -> UPEK Inc.)

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers3: [SafearchiveContextMenu] -> {9AFDE8D6-200C-4b41-A5FC-B7251DFD1A8E} => c:\Program Files\Protector Suite\farchns.dll [2009-10-29] (UPEK Inc. -> UPEK Inc.)

ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)

ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-25] (Google LLC -> Google)

ContextMenuHandlers4: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2017-05-11] () [File not signed]

ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)

ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2010-02-06] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2010-01-19] (NVIDIA Corporation -> NVIDIA Corporation)

ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers6: [RXDCExtSvr] -> {0FB82570-BB2D-23D3-8D3B-AC2F34F1FA3C} => C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll [2009-09-01] (Sonic Solutions -> Sonic Solutions)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\David\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm

Shortcut: C:\Users\David\Documents\OpenExchange\Sales\Prospects\GE\FavsZ\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm

ShortcutWithArgument: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp

==================== Loaded Modules (Whitelisted) ==============

2015-12-07 09:11 - 2017-05-11 14:38 - 000601600 _____ () [File not signed] C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll

2015-12-07 09:11 - 2017-05-11 14:38 - 000834048 _____ () [File not signed] C:\Program Files (x86)\IDriveWindows\sqlite3.dll

2010-02-06 20:38 - 2010-03-03 20:08 - 000058880 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

2015-12-03 20:56 - 2009-10-05 17:57 - 000016384 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe

2015-12-03 20:56 - 2009-10-05 17:42 - 000007680 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\DebugMsg.dll

2015-12-03 20:56 - 2009-10-05 17:42 - 000107008 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\DevicePanel.dll

2015-12-03 20:56 - 2009-10-05 17:42 - 000018944 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\DictionaryLookup.dll

2015-12-03 20:56 - 2009-10-05 17:42 - 000027648 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.BtPower.dll

2015-12-03 20:56 - 2009-10-05 17:42 - 000005120 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.Generic.dll

2015-12-03 20:56 - 2009-10-05 17:42 - 000015360 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.NativeWifiThirdPartyApp.dll

2015-12-03 20:56 - 2009-10-05 17:42 - 000011264 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.TosBtThirdPartyApp.dll

2015-12-03 20:56 - 2009-10-05 17:42 - 000006656 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.WlanPower.dll

2015-12-03 20:56 - 2009-10-05 17:42 - 000023040 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Generic.dll

2015-12-03 20:56 - 2009-10-05 17:42 - 000004608 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Power.dll

2015-12-03 20:56 - 2009-10-05 17:42 - 000005120 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.ThirdPartyApp.dll

2015-12-03 20:56 - 2009-10-05 17:42 - 000011264 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\MessageXML.dll

2015-12-03 20:56 - 2009-10-05 17:42 - 000033792 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe

2015-12-03 20:56 - 2009-10-05 17:42 - 000009728 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\Resources.dll

2015-12-03 20:56 - 2009-10-05 17:42 - 000015360 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\SharedInterfaces.dll

2015-12-03 20:56 - 2009-10-05 17:42 - 000121856 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\SonyCommonLib.dll

2015-12-03 20:56 - 2009-10-05 17:42 - 000005120 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\SystemPowerDLL.dll

2015-12-03 20:56 - 2009-10-05 17:42 - 000017920 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe

2015-12-03 21:10 - 2009-12-29 21:38 - 000010752 _____ () [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll

2015-12-03 21:10 - 2009-12-29 21:38 - 000009728 _____ () [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll

2018-10-29 18:09 - 2018-10-29 18:09 - 000030720 _____ () [File not signed] C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.Wrapper.dll

2018-10-29 18:09 - 2018-10-29 18:09 - 000167424 _____ () [File not signed] C:\Program Files (x86)\TunnelBear\TunnelBear.VigilantBear.Wrapper.dll

2010-03-05 10:21 - 2010-03-05 10:21 - 001501696 _____ () [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll

2019-05-15 06:23 - 2019-05-15 06:23 - 000170496 _____ () [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\9109216ecdcf9ae71a57b08b84995d99\IsdiInterop.ni.dll

2010-02-06 20:38 - 2009-11-04 16:37 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\xerces-c_2_7.dll

2010-02-06 20:38 - 2009-11-04 16:37 - 000077824 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\DTMessageLib.dll

2010-02-06 20:38 - 2009-11-04 16:30 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusStrings.dll

2010-02-06 20:38 - 2010-03-03 20:08 - 000163328 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUIHelper.dll

2010-02-06 20:38 - 2010-03-03 20:08 - 001046528 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll

2010-02-06 20:38 - 2010-03-03 19:53 - 000280064 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\ISDI.dll

2019-05-15 06:23 - 2019-05-15 06:23 - 000176640 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\d56ef23c56dafafbd705bda28d96a1c3\IAStorDataMgr.ni.dll

2019-05-15 06:23 - 2019-05-15 06:23 - 000019968 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgrSvc\f51e7c81612e76a3ff407f07402aca97\IAStorDataMgrSvc.ni.exe

2019-05-15 06:23 - 2019-05-15 06:23 - 000452608 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\5c758e4d1dc449e6ad7cd1292aaf3bce\IAStorUtil.ni.dll

2017-02-10 14:17 - 2017-02-10 14:17 - 000505856 _____ (Intel Corporation) [File not signed] C:\Windows\system32\IProsetMonitor.exe

2010-03-05 11:06 - 2010-03-05 11:06 - 001069056 _____ (Intel® Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll

2010-03-05 11:07 - 2010-03-05 11:07 - 001021952 _____ (Intel® Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll

2010-03-05 11:07 - 2010-03-05 11:07 - 003719168 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll

2010-03-05 11:09 - 2010-03-05 11:09 - 000828416 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IntStngs.dll

2010-03-05 11:08 - 2010-03-05 11:08 - 000336384 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL

2010-03-05 11:19 - 2010-03-05 11:19 - 001315840 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\MurocApi.dll

2010-03-05 11:12 - 2010-03-05 11:12 - 002257408 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll

2010-03-05 11:10 - 2010-03-05 11:10 - 000812032 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\PfQOSMgr.dll

2010-03-05 11:06 - 2010-03-05 11:06 - 000177152 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll

2010-03-05 11:18 - 2010-03-05 11:18 - 001757184 _____ (Intel® Corporation) [File not signed] C:\Windows\System32\IWMSSvc.dll

2015-12-03 21:10 - 2009-12-29 21:38 - 000344064 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\MSVCR70.dll

2017-02-05 15:07 - 2017-02-05 15:07 - 001656320 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\MFC80.DLL

2017-02-05 15:07 - 2017-02-05 15:07 - 001652736 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\MFC80U.DLL

2017-02-05 15:07 - 2017-02-05 15:07 - 000047104 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_fc42961a63b5a82b\MFC80ENU.DLL

2016-06-07 19:22 - 2016-06-07 19:22 - 000225280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll

2017-02-05 18:55 - 2017-02-05 18:55 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll

2017-02-05 18:55 - 2017-02-05 18:55 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll

2010-02-06 20:49 - 2009-10-17 01:05 - 000102400 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll

2010-02-06 20:49 - 2009-10-17 01:05 - 000009216 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\Sony Utilities\SonyInfo.dll

2016-12-09 13:43 - 2010-07-14 10:16 - 000196608 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Control Center\CommonSetting.dll

2015-12-03 21:10 - 2009-12-29 21:38 - 000110592 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESAppMon.dll

2015-12-03 21:10 - 2010-05-28 11:14 - 000110592 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESAutoDimmer.dll

2015-12-03 21:10 - 2009-12-29 21:38 - 000569344 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESColorMgr.dll

2015-12-03 21:10 - 2009-12-29 21:38 - 000172032 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESCommonUI.dll

2015-12-03 21:10 - 2010-05-28 11:14 - 000700416 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESHybridGfx2.dll

2015-12-03 21:10 - 2010-05-28 11:14 - 000172032 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESPerform.dll

2015-12-03 21:10 - 2009-12-29 21:38 - 000110592 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESRemoteKey.dll

2015-12-03 21:10 - 2009-12-29 21:38 - 000122880 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESStorageProtect.dll

2015-12-03 21:10 - 2009-12-29 21:38 - 000074752 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESSuEvent.dll

2015-12-03 21:10 - 2010-05-28 11:14 - 000118784 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESTransform.dll

2015-12-03 21:10 - 2009-12-29 21:38 - 000077824 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESUSBKeyboard.dll

2015-12-03 21:10 - 2009-12-29 21:38 - 000085504 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESWndMsg.dll

2015-12-03 21:10 - 2009-12-29 21:38 - 000005632 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESWndMsgHook.dll

2010-02-06 20:49 - 2009-10-17 01:05 - 000151552 _____ (Sony Corporation) [File not signed] C:\Program Files\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll

2016-07-14 10:53 - 2010-06-19 13:27 - 000220160 _____ (Sony Corporation) [File not signed] C:\Program Files\Sony\VAIO Power Management\SPMDam.dll

2015-12-03 21:10 - 2010-01-06 18:56 - 000077312 _____ (Sony Corporation) [File not signed] C:\Program Files\Sony\VAIO Power Management\SPMDrv.dll

2015-12-03 20:56 - 2009-10-05 17:42 - 000071168 _____ (Sony Electronics Corporation) [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\SnyUtilsWrapper.dll

2015-12-03 20:56 - 2009-10-05 17:42 - 000082944 _____ (Sony Electronics, Inc.) [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.GobiThirdPartyApp.dll

2015-12-03 20:56 - 2009-10-05 17:42 - 000007680 _____ (Sony Electronics, Inc.) [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\SendMessage.dll

2015-12-03 20:56 - 2009-10-05 17:42 - 000098816 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\NativeWifiWrap.dll

2015-12-03 20:56 - 2009-10-05 17:42 - 000015360 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\NotifyIconEx.dll

2015-12-03 20:56 - 2009-10-05 17:42 - 000045056 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\TosBtWrap.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2019-07-04 10:03 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\;C:\Program Files (x86)\Skype\Phone\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Common Files\Apple\Internet Services\

HKU\S-1-5-21-1133073292-3603896812-4173062283-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\David\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

HKU\S-1-5-21-1133073292-3603896812-4173062283-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07052019105414055\Control Panel\Desktop\\Wallpaper -> C:\Users\David\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 75.75.75.75 - 75.75.76.76

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName0 -> unimdm.tsp (Microsoft Windows -> Microsoft Corporation)

HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName1 -> kmddsp.tsp (Microsoft Windows -> Microsoft Corporation)

HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Microsoft Windows -> Microsoft Corporation)

HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName3 -> hidphone.tsp (Microsoft Windows -> Microsoft Corporation)

HKLM\software\wow6432node\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName0 -> unimdm.tsp (Microsoft Windows -> Microsoft Corporation)

HKLM\software\wow6432node\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName1 -> kmddsp.tsp (Microsoft Windows -> Microsoft Corporation)

HKLM\software\wow6432node\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Microsoft Windows -> Microsoft Corporation)

HKLM\software\wow6432node\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName3 -> hidphone.tsp (Microsoft Windows -> Microsoft Corporation)

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk => C:\Windows\pss\Adobe Acrobat Speed Launcher.lnk.CommonStartup

MSCONFIG\startupreg: Acrobat Assistant 7.0 => "C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"

MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

MSCONFIG\startupreg: Ditto => C:\Program Files\Ditto\Ditto.exe

MSCONFIG\startupreg: GoogleChromeAutoLaunch_9A83AADA066CCEA6F8C613E0AB5C7E19 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5

MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart

MSCONFIG\startupreg: HP Officejet Pro 8620 (NET) => "C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe" -deviceID "CN51QEK0D0:NW" -scfn "HP Officejet Pro 8620 (NET)" -AutoStart 1

MSCONFIG\startupreg: iCloudServices => "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"

MSCONFIG\startupreg: IDrive Background process => "C:\Program Files (x86)\IDriveWindows\id_bglaunch.exe" min

MSCONFIG\startupreg: IDrive Tray => "C:\Program Files (x86)\IDriveWindows\id_tray.exe" min

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"

MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch

MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

MSCONFIG\startupreg: Vidyo Desktop => C:\Users\David\AppData\Local\Vidyo\Vidyo Desktop\VidyoDesktop.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{065E6705-EB13-4243-B623-A9B4206E8362}] => (Allow) svchost.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{DB610348-9A6F-40C8-88E1-09704EEB9E86}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{DFF0BC8F-3B55-4B7F-B7CA-B5AC01FE9131}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [TCP Query User{DB9A9648-A7D5-408E-B0C7-5F53D5051019}C:\program files (x86)\idrivewindows\cmd_util\idwutil_600.exe] => (Allow) C:\program files (x86)\idrivewindows\cmd_util\idwutil_600.exe (Pro Softnet Corporation -> )

FirewallRules: [UDP Query User{775D7F89-68FB-482D-A68D-65E5FC73F11A}C:\program files (x86)\idrivewindows\cmd_util\idwutil_600.exe] => (Allow) C:\program files (x86)\idrivewindows\cmd_util\idwutil_600.exe (Pro Softnet Corporation -> )

FirewallRules: [{53942F69-4E0D-4914-8D8A-545A84CA80C0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{29775ECE-C826-4240-B32E-46144461FA62}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{363F9806-88B3-4E28-8F63-44B408210E9E}] => (Allow) C:\Program Files (x86)\Cisco\JabberVideo\JabberVideo.exe (Cisco Systems, Inc. -> Cisco)

FirewallRules: [{D0A606AC-B485-49B0-B1D0-BC3BA994DA35}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)

FirewallRules: [{DF00FCD5-1460-4B7E-AADA-C88C4C3A6BB0}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)

FirewallRules: [{55886C59-B9F3-436B-B045-351BFFFCB47E}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)

FirewallRules: [{477FA654-68FC-4D33-BEE1-D21CEA0928B4}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)

FirewallRules: [{A21EBB3C-5BAE-4E31-BE81-68A564B8967B}] => (Allow) LPort=5357

FirewallRules: [{077891EB-4C9B-4B1D-B04B-914D62F29CE6}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)

FirewallRules: [TCP Query User{6957ECB4-F1DE-4E83-8203-99B553A33EFB}C:\program files (x86)\vidyo\vidyo desktop\vidyodesktop.exe] => (Allow) C:\program files (x86)\vidyo\vidyo desktop\vidyodesktop.exe (Vidyo Inc. -> Vidyo)

FirewallRules: [UDP Query User{FE5D0588-97EB-48FB-B93D-9BE4371735AE}C:\program files (x86)\vidyo\vidyo desktop\vidyodesktop.exe] => (Allow) C:\program files (x86)\vidyo\vidyo desktop\vidyodesktop.exe (Vidyo Inc. -> Vidyo)

FirewallRules: [TCP Query User{3DBA42E2-270A-4DC2-95FD-CB20E1E7F245}C:\program files (x86)\vidyo\vidyo desktop\vidyodesktop.exe] => (Allow) C:\program files (x86)\vidyo\vidyo desktop\vidyodesktop.exe (Vidyo Inc. -> Vidyo)

FirewallRules: [UDP Query User{1E91A196-3847-47E8-A121-AF7B4202210F}C:\program files (x86)\vidyo\vidyo desktop\vidyodesktop.exe] => (Allow) C:\program files (x86)\vidyo\vidyo desktop\vidyodesktop.exe (Vidyo Inc. -> Vidyo)

FirewallRules: [TCP Query User{04AEEDC7-CE2D-4B1D-B5FD-6FBC8ACCA13D}C:\program files\ditto\ditto.exe] => (Allow) C:\program files\ditto\ditto.exe () [File not signed]

FirewallRules: [UDP Query User{7F5876DE-5AED-4EAB-A550-13E88C1378CF}C:\program files\ditto\ditto.exe] => (Allow) C:\program files\ditto\ditto.exe () [File not signed]

FirewallRules: [TCP Query User{90401341-F257-4BC7-966F-0A8D5083E1F3}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [UDP Query User{5379CA9F-8309-4ACB-98BC-5DE37F57EDAF}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{C6D81044-7337-466B-9726-153F1A5D18B9}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{8917634B-F6DC-455D-A3B3-2126215B1F48}] => (Allow) LPort=2869

FirewallRules: [{CE4C02C0-AE43-491A-9361-98C57B63177C}] => (Allow) LPort=1900

FirewallRules: [{D75EF71F-4A2F-4606-94EE-FBA31D2FD5A4}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{AEF51192-9EDA-411D-80E8-76539E096A6A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{1A0282BE-13DB-47A9-8284-4AED805E0E0D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{0F3F93C4-88CC-433C-93E2-EF984B56B19C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{199BFB1A-9C3F-4E0E-A0E8-46D4B19AFC21}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{A3F04520-A195-44F3-ADCD-F12D3D7325F5}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe (Sony Corporation -> Sony Corporation)

FirewallRules: [{3FD6C2D1-0F4F-4DFC-A246-4EAE6433AABA}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe (Sony Corporation -> Sony Corporation)

FirewallRules: [{0F9523C6-D362-4C98-8565-725CCB8D324D}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe (Sony Corporation -> Sony Corporation)

FirewallRules: [{EC83D596-11D4-4B3B-A2FC-688EBA280940}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe (Sony Corporation -> Sony Corporation)

FirewallRules: [TCP Query User{CCFF0963-191C-4E99-AA87-520D08064A5E}C:\users\david\appdata\local\vidyo\vidyo desktop\vidyodesktop.exe] => (Allow) C:\users\david\appdata\local\vidyo\vidyo desktop\vidyodesktop.exe (Vidyo Inc. -> Vidyo)

FirewallRules: [UDP Query User{6BD53691-7394-443A-94E0-21FB179FC189}C:\users\david\appdata\local\vidyo\vidyo desktop\vidyodesktop.exe] => (Allow) C:\users\david\appdata\local\vidyo\vidyo desktop\vidyodesktop.exe (Vidyo Inc. -> Vidyo)

FirewallRules: [TCP Query User{376115B7-5659-4D5A-B613-E0AA5D8BF870}C:\users\david\appdata\local\vidyo\vidyo desktop\vidyodesktop.exe] => (Allow) C:\users\david\appdata\local\vidyo\vidyo desktop\vidyodesktop.exe (Vidyo Inc. -> Vidyo)

FirewallRules: [UDP Query User{1C633629-B921-4DA6-B43A-D8FE5DBE8DB3}C:\users\david\appdata\local\vidyo\vidyo desktop\vidyodesktop.exe] => (Allow) C:\users\david\appdata\local\vidyo\vidyo desktop\vidyodesktop.exe (Vidyo Inc. -> Vidyo)

FirewallRules: [{18B70D74-1919-4319-AE3D-E4103F0277E7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)

FirewallRules: [{0ACE7536-94CB-4E42-8828-E9BC5FA66B3B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)

FirewallRules: [{63501C9E-A089-476D-8DDD-CAC07C458B68}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)

FirewallRules: [{7B428C8A-3A26-4F8F-916F-D3C525766D68}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)

FirewallRules: [{54135BDD-1604-4BAF-A7C3-03277CC21D73}] => (Allow) C:\Users\David\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

FirewallRules: [{8B3BAC87-19DD-40FD-8405-3002E1F35387}] => (Allow) C:\Users\David\AppData\Roaming\Zoom\bin\airhost.exe No File

FirewallRules: [{4DAEB96C-9676-4AF7-ADCC-5277084F8C7A}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{5905743F-12F8-45D2-A948-9A39ACCE60D7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)

FirewallRules: [{8F0D460D-14A3-4139-A882-EB71C8107C1C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)

FirewallRules: [{C077E645-0392-4BD0-8A7A-36205F61766F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)

FirewallRules: [{2F418ADA-17EA-4CAB-97A9-6C185B891143}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)

FirewallRules: [{132DED1B-82B5-405B-9B12-A2D2C6D78359}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)

FirewallRules: [{E6C260CE-6D18-48BC-ABB9-3E16C2B52AFB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)

FirewallRules: [{EEFC82F5-E3E3-4C10-BC82-74ED21830793}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File

FirewallRules: [{EB10AAFB-0047-4891-AB30-04518561B563}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File

FirewallRules: [{8525A772-4F7E-494F-A407-CA77538A3181}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)

FirewallRules: [{2665AD5F-6268-417B-9C5D-848B7C461023}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)

FirewallRules: [{A189B240-14D4-43AD-9C58-03396B8D9A2B}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{E25E7B9B-7EBF-4887-BF64-3A5477A45A3F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

FirewallRules: [{2D18735B-1F98-40A6-922C-315D74D0F5AD}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

==================== Restore Points =========================

07-06-2019 12:29:43 Windows Update

10-06-2019 04:32:19 Windows Update

12-06-2019 03:00:11 Windows Update

22-06-2019 10:49:49 Windows Update

22-06-2019 13:32:59 Windows Update

25-06-2019 14:45:41 Windows Update

02-07-2019 08:01:00 Windows Update

05-07-2019 10:55:53 Windows Update

==================== Faulty Device Manager Devices =============

Name: TunnelBear Adapter V9

Description: TunnelBear Adapter V9

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: TunnelBear Provider V9

Service: tap-tb-0901

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: semav6msr64

Description: semav6msr64

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer:

Service: semav6msr64

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:

==================

Error: (07/05/2019 11:20:18 AM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\Users\David\AppData\Local\join.me\join.me.exe".Error in manifest or policy file "" on line .

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24470_none_e3721c9d30fc520b.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24470_none_2b1f537445787b11.manifest.

Error: (07/05/2019 11:08:59 AM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\Users\David\AppData\Local\join.me\join.me.exe".Error in manifest or policy file "" on line .

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24470_none_e3721c9d30fc520b.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24470_none_2b1f537445787b11.manifest.

Error: (07/05/2019 11:08:41 AM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\Users\David\AppData\Local\join.me\join.me.exe".Error in manifest or policy file "" on line .

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24470_none_e3721c9d30fc520b.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24470_none_2b1f537445787b11.manifest.

Error: (07/05/2019 10:52:54 AM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\Users\David\AppData\Local\join.me\join.me.exe".Error in manifest or policy file "" on line .

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24470_none_e3721c9d30fc520b.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24470_none_2b1f537445787b11.manifest.

Error: (07/05/2019 10:52:53 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: firefox.exe, version: 60.7.0.7005, time stamp: 0x00000000

Faulting module name: mozglue.dll, version: 60.7.0.7005, time stamp: 0x00000000

Exception code: 0xc0000005

Fault offset: 0x00075674

Faulting process id: 0x1798

Faulting application start time: 0x01d532714082b071

Faulting application path: C:\Users\David\Desktop\Tor 756\Browser\firefox.exe

Faulting module path: C:\Users\David\Desktop\Tor 756\Browser\mozglue.dll

Report Id: 90c03637-9f34-11e9-8fe2-506313be15bf

Error: (07/05/2019 10:52:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 87039806

Error: (07/05/2019 10:52:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 87039806

Error: (07/05/2019 10:52:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

System errors:

=============

Error: (07/04/2019 10:22:27 AM) (Source: BROWSER) (EventID: 8032) (User: )

Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{1F263251-2FA4-4C80-AED7-F2A2B03E0301}.

The backup browser is stopping.

Error: (07/04/2019 10:06:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The semav6msr64 service failed to start due to the following error:

The system cannot find the file specified.

Error: (07/04/2019 10:06:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The semav6msr64 service failed to start due to the following error:

The system cannot find the file specified.

Error: (07/04/2019 10:03:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Intel® System Usage Report Service SystemUsageReportSvc_QUEENCREEK service failed to start due to the following error:

The service did not respond to the start or control request in a timely fashion.

Error: (07/04/2019 10:03:14 AM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Intel® System Usage Report Service SystemUsageReportSvc_QUEENCREEK service to connect.

Error: (07/04/2019 10:02:43 AM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.

Error: (07/04/2019 10:01:20 AM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The CSR OBEX Service service terminated unexpectedly. It has done this 1 time(s).

Error: (07/04/2019 09:47:15 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)

Description: The following fatal alert was received: 40.

==================== Memory info ===========================

BIOS: INSYDE R3031C3 10/04/2011

Motherboard: Sony Corporation VAIO

Processor: Intel® Core™ i7 CPU M 620 @ 2.67GHz

Percentage of memory in use: 93%

Total physical RAM: 3765.82 MB

Available physical RAM: 226.5 MB

Total Virtual: 7875.47 MB

Available Virtual: 676.53 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.1 GB) (Free:73.18 GB) NTFS

\\?\Volume{fefa5b2b-9a1f-11e5-94d6-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

\\?\Volume{fefa5b2a-9a1f-11e5-94d6-806e6f6e6963}\ (Recovery) (Fixed) (Total:6.28 GB) (Free:0.84 GB) NTFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: 354C2441)

Partition 1: (Not Active) - (Size=6.3 GB) - (Type=27)

Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=232.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#4 Juliet

SuperHelper

Retired Classroom Teacher
7,686 posts

Interests:Boo!....

Posted 06 July 2019 - 04:28 PM

Start Farbar Recovery Scan Tool with Administrator privileges
(Right click on the FRST icon and select Run as administrator)

highlight on the text below and select Copy.
beginning with Start:: and finishing with End::
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Highlight the entire content of the quote box below and select Copy.

Start::
CloseProcesses:
CreateRestorePoint:
Task: {11541F89-0F9F-4A97-BCBC-ADF1BC0C2458} - System32\Tasks\{D9B14A08-5B87-4D00-B591-36461E63AC97} => C:\Windows\system32\pcalua.exe -a C:\Users\David\AppData\Local\Temp\jre-8u181-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {1BBA3A20-4CB7-4F75-9885-973CCA69CA7D} - System32\Tasks\Sony\Java Update => C:\Program Files\Java\jre6\bin\jusched.exe
U3 aswbdisk; no ImagePath
U2 MSSQL$DDNI; no ImagePath
U2 Oasis2Service; no ImagePath
S3 semav6msr64; \??\C:\Windows\system32\drivers\semav6msr64.sys [X]
U2 VCFw; no ImagePath
CustomCLSID: HKU\S-1-5-21-1133073292-3603896812-4173062283-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07052019105414055_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => No File
CustomCLSID: HKU\S-1-5-21-1133073292-3603896812-4173062283-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShortcutWithArgument: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
FirewallRules: [{8B3BAC87-19DD-40FD-8405-3002E1F35387}] => (Allow) C:\Users\David\AppData\Roaming\Zoom\bin\airhost.exe No File
FirewallRules: [{EEFC82F5-E3E3-4C10-BC82-74ED21830793}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File
FirewallRules: [{EB10AAFB-0047-4891-AB30-04518561B563}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File
C:\Windows\Temp\*.*
End::

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Start FRST (FRST64) with Administrator privileges
Press the Fix button. FRST will process the lines copied above from the clipboard.
When finished, a log file Fixlog.txt will pop up and saved in the same location the tool was ran from.

Please copy and paste its contents in your next reply.

~~~~~~~~~~~~~~~~~~~~~~

AdwCleaner - Fix Mode

Download AdwCleaner and move it to your Desktop
Right-click on AdwCleaner.exe and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
Accept the EULA (I accept), then click on Scan
Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Clean & Repair button. This will kill all the active processes
Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply

~~~~~~~~~~~~~~~~~~~~~~~~`

RogueKiller

Download the right version of RogueKiller for your Windows version (32 or 64-bit)
Once done, move the executable file to your Desktop, right-click on it and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
Click on the Start Scan button in the right panel, which will bring you to another tab, and click on it again (this time it'll be in the bottom right corner)
Wait for the scan to complete
On completion, the results will be displayed
Check every single entry (threat found), and click on the Remove Selected button
On completion, the results will be displayed. Click on the Open Report button in the bottom left corner, followed by the Open TXT button (also in the bottom left corner)
This will open the report in Notepad. Copy/paste its content in your next reply

created by Aura

P;ease post these 3 logs when finished.

#5 dpculbertson

New Member

Authentic Member
16 posts

Posted 06 July 2019 - 06:30 PM

Hi Juliet,

Thank you for your assistance. Below is the fixlog.txt log. I will send the other two after generating them.

David

Fix result of Farbar Recovery Scan Tool (x64) Version: 3-07-2019

Ran by David (06-07-2019 20:08:34) Run:1

Running from C:\Users\David\Desktop

Loaded Profiles: David & (Available Profiles: David)

Boot Mode: Normal

==============================================

fixlist content:

*****************

CloseProcesses:

CreateRestorePoint:

Task: {1BBA3A20-4CB7-4F75-9885-973CCA69CA7D} - System32\Tasks\Sony\Java Update => C:\Program Files\Java\jre6\bin\jusched.exe

U3 aswbdisk; no ImagePath

U2 MSSQL$DDNI; no ImagePath

U2 Oasis2Service; no ImagePath

S3 semav6msr64; \??\C:\Windows\system32\drivers\semav6msr64.sys [X]

U2 VCFw; no ImagePath

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File

FirewallRules: [{8B3BAC87-19DD-40FD-8405-3002E1F35387}] => (Allow) C:\Users\David\AppData\Roaming\Zoom\bin\airhost.exe No File

FirewallRules: [{EEFC82F5-E3E3-4C10-BC82-74ED21830793}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File

FirewallRules: [{EB10AAFB-0047-4891-AB30-04518561B563}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File

C:\Windows\Temp\*.*

*****************

Processes closed successfully.

Restore point was successfully created.

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{11541F89-0F9F-4A97-BCBC-ADF1BC0C2458}" => removed successfully

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11541F89-0F9F-4A97-BCBC-ADF1BC0C2458}" => removed successfully

C:\Windows\System32\Tasks\{D9B14A08-5B87-4D00-B591-36461E63AC97} => moved successfully

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D9B14A08-5B87-4D00-B591-36461E63AC97}" => removed successfully

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1BBA3A20-4CB7-4F75-9885-973CCA69CA7D}" => removed successfully

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BBA3A20-4CB7-4F75-9885-973CCA69CA7D}" => removed successfully

C:\Windows\System32\Tasks\Sony\Java Update => moved successfully

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Sony\Java Update" => removed successfully

HKLM\System\CurrentControlSet\Services\aswbdisk => removed successfully

aswbdisk => service removed successfully

HKLM\System\CurrentControlSet\Services\MSSQL$DDNI => removed successfully

MSSQL$DDNI => service removed successfully

HKLM\System\CurrentControlSet\Services\Oasis2Service => removed successfully

Oasis2Service => service removed successfully

HKLM\System\CurrentControlSet\Services\semav6msr64 => removed successfully

semav6msr64 => service removed successfully

HKLM\System\CurrentControlSet\Services\VCFw => removed successfully

VCFw => service removed successfully

HKU\S-1-5-21-1133073292-3603896812-4173062283-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5} => removed successfully

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully

HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found

C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk => Shortcut argument removed successfully

"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8B3BAC87-19DD-40FD-8405-3002E1F35387}" => removed successfully

"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EEFC82F5-E3E3-4C10-BC82-74ED21830793}" => removed successfully

"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EB10AAFB-0047-4891-AB30-04518561B563}" => removed successfully

=========== "C:\Windows\Temp\*.*" ==========

C:\Windows\Temp\.ses => moved successfully

C:\Windows\Temp\.session => moved successfully

C:\Windows\Temp\.session64 => moved successfully

C:\Windows\Temp\AdobeARM.log => moved successfully

C:\Windows\Temp\AdobeARM_NotLocked.log => moved successfully

C:\Windows\Temp\aria-debug-10096.log => moved successfully

C:\Windows\Temp\aria-debug-10104.log => moved successfully

C:\Windows\Temp\aria-debug-10128.log => moved successfully

C:\Windows\Temp\aria-debug-10196.log => moved successfully

C:\Windows\Temp\aria-debug-10260.log => moved successfully

C:\Windows\Temp\aria-debug-10388.log => moved successfully

C:\Windows\Temp\aria-debug-1044.log => moved successfully

C:\Windows\Temp\aria-debug-10488.log => moved successfully

C:\Windows\Temp\aria-debug-10644.log => moved successfully

C:\Windows\Temp\aria-debug-10732.log => moved successfully

C:\Windows\Temp\aria-debug-10904.log => moved successfully

C:\Windows\Temp\aria-debug-10908.log => moved successfully

C:\Windows\Temp\aria-debug-10968.log => moved successfully

C:\Windows\Temp\aria-debug-11000.log => moved successfully

C:\Windows\Temp\aria-debug-11012.log => moved successfully

C:\Windows\Temp\aria-debug-11088.log => moved successfully

C:\Windows\Temp\aria-debug-11108.log => moved successfully

C:\Windows\Temp\aria-debug-11184.log => moved successfully

C:\Windows\Temp\aria-debug-11188.log => moved successfully

C:\Windows\Temp\aria-debug-11472.log => moved successfully

C:\Windows\Temp\aria-debug-11688.log => moved successfully

C:\Windows\Temp\aria-debug-11932.log => moved successfully

C:\Windows\Temp\aria-debug-11936.log => moved successfully

C:\Windows\Temp\aria-debug-11940.log => moved successfully

C:\Windows\Temp\aria-debug-11952.log => moved successfully

C:\Windows\Temp\aria-debug-1208.log => moved successfully

C:\Windows\Temp\aria-debug-12108.log => moved successfully

C:\Windows\Temp\aria-debug-12136.log => moved successfully

C:\Windows\Temp\aria-debug-12192.log => moved successfully

C:\Windows\Temp\aria-debug-12240.log => moved successfully

C:\Windows\Temp\aria-debug-12256.log => moved successfully

C:\Windows\Temp\aria-debug-1232.log => moved successfully

C:\Windows\Temp\aria-debug-12368.log => moved successfully

C:\Windows\Temp\aria-debug-12476.log => moved successfully

C:\Windows\Temp\aria-debug-1260.log => moved successfully

C:\Windows\Temp\aria-debug-12632.log => moved successfully

C:\Windows\Temp\aria-debug-12752.log => moved successfully

C:\Windows\Temp\aria-debug-12792.log => moved successfully

C:\Windows\Temp\aria-debug-12848.log => moved successfully

C:\Windows\Temp\aria-debug-12876.log => moved successfully

C:\Windows\Temp\aria-debug-12904.log => moved successfully

C:\Windows\Temp\aria-debug-13040.log => moved successfully

C:\Windows\Temp\aria-debug-13368.log => moved successfully

C:\Windows\Temp\aria-debug-13772.log => moved successfully

C:\Windows\Temp\aria-debug-13844.log => moved successfully

C:\Windows\Temp\aria-debug-14080.log => moved successfully

C:\Windows\Temp\aria-debug-14168.log => moved successfully

C:\Windows\Temp\aria-debug-14292.log => moved successfully

C:\Windows\Temp\aria-debug-1468.log => moved successfully

C:\Windows\Temp\aria-debug-14852.log => moved successfully

C:\Windows\Temp\aria-debug-15116.log => moved successfully

C:\Windows\Temp\aria-debug-1532.log => moved successfully

C:\Windows\Temp\aria-debug-15620.log => moved successfully

C:\Windows\Temp\aria-debug-1588.log => moved successfully

C:\Windows\Temp\aria-debug-15888.log => moved successfully

C:\Windows\Temp\aria-debug-1592.log => moved successfully

C:\Windows\Temp\aria-debug-1596.log => moved successfully

C:\Windows\Temp\aria-debug-1604.log => moved successfully

C:\Windows\Temp\aria-debug-16048.log => moved successfully

C:\Windows\Temp\aria-debug-16212.log => moved successfully

C:\Windows\Temp\aria-debug-16548.log => moved successfully

C:\Windows\Temp\aria-debug-1664.log => moved successfully

C:\Windows\Temp\aria-debug-16724.log => moved successfully

C:\Windows\Temp\aria-debug-1708.log => moved successfully

C:\Windows\Temp\aria-debug-17200.log => moved successfully

C:\Windows\Temp\aria-debug-1728.log => moved successfully

C:\Windows\Temp\aria-debug-17380.log => moved successfully

C:\Windows\Temp\aria-debug-17992.log => moved successfully

C:\Windows\Temp\aria-debug-1800.log => moved successfully

C:\Windows\Temp\aria-debug-1812.log => moved successfully

C:\Windows\Temp\aria-debug-18144.log => moved successfully

C:\Windows\Temp\aria-debug-18168.log => moved successfully

C:\Windows\Temp\aria-debug-18252.log => moved successfully

C:\Windows\Temp\aria-debug-18460.log => moved successfully

C:\Windows\Temp\aria-debug-18492.log => moved successfully

C:\Windows\Temp\aria-debug-1852.log => moved successfully

C:\Windows\Temp\aria-debug-18644.log => moved successfully

C:\Windows\Temp\aria-debug-1872.log => moved successfully

C:\Windows\Temp\aria-debug-18812.log => moved successfully

C:\Windows\Temp\aria-debug-1888.log => moved successfully

C:\Windows\Temp\aria-debug-19260.log => moved successfully

C:\Windows\Temp\aria-debug-19372.log => moved successfully

C:\Windows\Temp\aria-debug-19380.log => moved successfully

C:\Windows\Temp\aria-debug-1964.log => moved successfully

C:\Windows\Temp\aria-debug-19852.log => moved successfully

C:\Windows\Temp\aria-debug-20300.log => moved successfully

C:\Windows\Temp\aria-debug-2040.log => moved successfully

C:\Windows\Temp\aria-debug-20620.log => moved successfully

C:\Windows\Temp\aria-debug-20716.log => moved successfully

C:\Windows\Temp\aria-debug-2088.log => moved successfully

C:\Windows\Temp\aria-debug-2100.log => moved successfully

C:\Windows\Temp\aria-debug-21124.log => moved successfully

C:\Windows\Temp\aria-debug-21348.log => moved successfully

C:\Windows\Temp\aria-debug-2156.log => moved successfully

C:\Windows\Temp\aria-debug-23120.log => moved successfully

C:\Windows\Temp\aria-debug-23136.log => moved successfully

C:\Windows\Temp\aria-debug-2420.log => moved successfully

C:\Windows\Temp\aria-debug-24980.log => moved successfully

C:\Windows\Temp\aria-debug-2500.log => moved successfully

C:\Windows\Temp\aria-debug-25408.log => moved successfully

C:\Windows\Temp\aria-debug-2560.log => moved successfully

C:\Windows\Temp\aria-debug-27288.log => moved successfully

C:\Windows\Temp\aria-debug-2740.log => moved successfully

C:\Windows\Temp\aria-debug-2776.log => moved successfully

C:\Windows\Temp\aria-debug-280.log => moved successfully

C:\Windows\Temp\aria-debug-2876.log => moved successfully

C:\Windows\Temp\aria-debug-2888.log => moved successfully

C:\Windows\Temp\aria-debug-29944.log => moved successfully

C:\Windows\Temp\aria-debug-31272.log => moved successfully

C:\Windows\Temp\aria-debug-3172.log => moved successfully

C:\Windows\Temp\aria-debug-3200.log => moved successfully

C:\Windows\Temp\aria-debug-328.log => moved successfully

C:\Windows\Temp\aria-debug-3300.log => moved successfully

C:\Windows\Temp\aria-debug-3320.log => moved successfully

C:\Windows\Temp\aria-debug-3496.log => moved successfully

C:\Windows\Temp\aria-debug-36088.log => moved successfully

C:\Windows\Temp\aria-debug-3692.log => moved successfully

C:\Windows\Temp\aria-debug-38948.log => moved successfully

C:\Windows\Temp\aria-debug-40460.log => moved successfully

C:\Windows\Temp\aria-debug-4048.log => moved successfully

C:\Windows\Temp\aria-debug-4412.log => moved successfully

C:\Windows\Temp\aria-debug-4508.log => moved successfully

C:\Windows\Temp\aria-debug-4524.log => moved successfully

C:\Windows\Temp\aria-debug-45356.log => moved successfully

C:\Windows\Temp\aria-debug-4576.log => moved successfully

C:\Windows\Temp\aria-debug-4620.log => moved successfully

C:\Windows\Temp\aria-debug-4680.log => moved successfully

C:\Windows\Temp\aria-debug-4688.log => moved successfully

C:\Windows\Temp\aria-debug-4720.log => moved successfully

C:\Windows\Temp\aria-debug-4888.log => moved successfully

C:\Windows\Temp\aria-debug-4920.log => moved successfully

C:\Windows\Temp\aria-debug-4960.log => moved successfully

C:\Windows\Temp\aria-debug-5004.log => moved successfully

C:\Windows\Temp\aria-debug-5024.log => moved successfully

C:\Windows\Temp\aria-debug-5072.log => moved successfully

C:\Windows\Temp\aria-debug-5104.log => moved successfully

C:\Windows\Temp\aria-debug-5140.log => moved successfully

C:\Windows\Temp\aria-debug-52220.log => moved successfully

C:\Windows\Temp\aria-debug-5236.log => moved successfully

C:\Windows\Temp\aria-debug-5408.log => moved successfully

C:\Windows\Temp\aria-debug-5480.log => moved successfully

C:\Windows\Temp\aria-debug-5508.log => moved successfully

C:\Windows\Temp\aria-debug-5568.log => moved successfully

C:\Windows\Temp\aria-debug-5596.log => moved successfully

C:\Windows\Temp\aria-debug-56020.log => moved successfully

C:\Windows\Temp\aria-debug-564.log => moved successfully

C:\Windows\Temp\aria-debug-5748.log => moved successfully

C:\Windows\Temp\aria-debug-5768.log => moved successfully

C:\Windows\Temp\aria-debug-5904.log => moved successfully

C:\Windows\Temp\aria-debug-6040.log => moved successfully

C:\Windows\Temp\aria-debug-61692.log => moved successfully

C:\Windows\Temp\aria-debug-6224.log => moved successfully

C:\Windows\Temp\aria-debug-6244.log => moved successfully

C:\Windows\Temp\aria-debug-6344.log => moved successfully

C:\Windows\Temp\aria-debug-6376.log => moved successfully

C:\Windows\Temp\aria-debug-6416.log => moved successfully

C:\Windows\Temp\aria-debug-6556.log => moved successfully

C:\Windows\Temp\aria-debug-7132.log => moved successfully

C:\Windows\Temp\aria-debug-716.log => moved successfully

C:\Windows\Temp\aria-debug-7196.log => moved successfully

C:\Windows\Temp\aria-debug-7436.log => moved successfully

C:\Windows\Temp\aria-debug-7440.log => moved successfully

C:\Windows\Temp\aria-debug-74560.log => moved successfully

C:\Windows\Temp\aria-debug-752.log => moved successfully

C:\Windows\Temp\aria-debug-7520.log => moved successfully

C:\Windows\Temp\aria-debug-7692.log => moved successfully

C:\Windows\Temp\aria-debug-77556.log => moved successfully

C:\Windows\Temp\aria-debug-7764.log => moved successfully

C:\Windows\Temp\aria-debug-7804.log => moved successfully

C:\Windows\Temp\aria-debug-7832.log => moved successfully

C:\Windows\Temp\aria-debug-7844.log => moved successfully

C:\Windows\Temp\aria-debug-81816.log => moved successfully

C:\Windows\Temp\aria-debug-8224.log => moved successfully

C:\Windows\Temp\aria-debug-82384.log => moved successfully

C:\Windows\Temp\aria-debug-8256.log => moved successfully

C:\Windows\Temp\aria-debug-8368.log => moved successfully

C:\Windows\Temp\aria-debug-8384.log => moved successfully

C:\Windows\Temp\aria-debug-84408.log => moved successfully

C:\Windows\Temp\aria-debug-85664.log => moved successfully

C:\Windows\Temp\aria-debug-86932.log => moved successfully

C:\Windows\Temp\aria-debug-8748.log => moved successfully

C:\Windows\Temp\aria-debug-8780.log => moved successfully

C:\Windows\Temp\aria-debug-8792.log => moved successfully

C:\Windows\Temp\aria-debug-8868.log => moved successfully

C:\Windows\Temp\aria-debug-8928.log => moved successfully

C:\Windows\Temp\aria-debug-8984.log => moved successfully

C:\Windows\Temp\aria-debug-9108.log => moved successfully

C:\Windows\Temp\aria-debug-9148.log => moved successfully

C:\Windows\Temp\aria-debug-9176.log => moved successfully

C:\Windows\Temp\aria-debug-9268.log => moved successfully

C:\Windows\Temp\aria-debug-9312.log => moved successfully

C:\Windows\Temp\aria-debug-9324.log => moved successfully

C:\Windows\Temp\aria-debug-9328.log => moved successfully

C:\Windows\Temp\aria-debug-94516.log => moved successfully

C:\Windows\Temp\aria-debug-9464.log => moved successfully

C:\Windows\Temp\aria-debug-9684.log => moved successfully

C:\Windows\Temp\aria-debug-9820.log => moved successfully

C:\Windows\Temp\ArmUI.ini => moved successfully

C:\Windows\Temp\ASPNETSetup_00000.log => moved successfully

C:\Windows\Temp\ASPNETSetup_00001.log => moved successfully

C:\Windows\Temp\ASPNETSetup_00002.log => moved successfully

C:\Windows\Temp\ASPNETSetup_00003.log => moved successfully

C:\Windows\Temp\ASPNETSetup_00004.log => moved successfully

C:\Windows\Temp\ASPNETSetup_00005.log => moved successfully

C:\Windows\Temp\chrome_installer.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190129-1720.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190129-1727.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190129-1733.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190129-1733a.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190129-1817.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190131-0406.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190131-0406a.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190131-0732.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190131-0801.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190201-0454.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190201-0644.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190202-0708.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190202-1235.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190203-0508.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190203-1434.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190204-0605.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190204-0918.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190204-1521.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190204-1528.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190204-1530.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190204-1535.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190204-1535a.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190204-1535b.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190204-1956.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190205-0659.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190205-1112.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190205-1115.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190205-1619.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190205-1620.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190206-0616.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190206-0743.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190206-1312.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190207-0554.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190207-0822.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190207-0943.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190208-0527.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190208-0955.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190209-0610.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190209-0901.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190210-0827.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190210-1438.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190211-0322.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190211-0451.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190211-0740.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190211-1010.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190211-1142.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190212-0534.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190212-0559.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190212-0604.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190212-0609.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190212-0623.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190212-0906.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190213-0252.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190213-0419.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190213-0437.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190314-0835.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190314-0838.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190314-0919.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190314-0930.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190314-0932.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190314-0935.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190314-1038.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190314-1038a.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190314-1039.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190314-1127.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190314-1731.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190314-1756.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190315-0324.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190315-0334.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190315-0415.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190328-0746.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190328-0755.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190328-0756.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190328-0758.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190328-1331.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190329-0657.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190329-0824.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190329-1013.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190329-1014.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190401-0502.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190401-0502a.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190401-0510.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190401-0553.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190401-0721.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190401-0734.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190401-0803.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190424-1306.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190424-1316.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190424-1343.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190424-1343a.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190424-1344.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190424-1356.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190425-0354.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190425-0354a.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190425-0354b.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190425-0354c.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190425-0355.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190425-0401.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190425-0413.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190425-0511.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190425-0522.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190426-0350.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190426-0659.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190426-0702.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190426-0705.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190426-0715.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190426-0854.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190426-0854a.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190427-0540.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190427-1220.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190427-1221.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190427-1224.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190427-1224a.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190427-1224b.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190427-1224c.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190427-1712.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190427-1840.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190427-1848.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190427-1857.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190427-1905.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190427-2250.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190428-0406.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190428-0450.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190428-1551.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190428-1552.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190430-0933.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190430-0938.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190430-0945.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190430-0945a.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190430-1001.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190430-1110.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190501-0446.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190501-0816.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190502-0506.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190502-0944.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190503-0552.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190503-0553.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190503-0556.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190503-0556a.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190503-0557.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190503-0557a.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190504-0435.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190504-0544.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190505-0403.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190505-0822.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190505-0823.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190506-0518.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190506-0849.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190509-0804.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190509-0813.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190509-0816.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190509-0817.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190509-1040.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190514-0735.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190514-0737.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190514-0740.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190514-0801.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190514-0802.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190514-0803.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190514-0854.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190515-0444.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190515-0559.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190515-0609.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190515-0737.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190515-0738.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190516-0337.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190516-0344.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190516-0754.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190516-1239.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190517-0502.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190517-0519.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190517-1053.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190517-1334.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190517-1334a.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190517-1336.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190517-1336a.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190517-1337.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190517-1337a.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190518-0439.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190518-0442.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190519-0514.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190519-0514a.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190519-0747.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190520-0642.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190520-1015.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190520-1405.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190521-0901.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190521-1335.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190522-0603.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190522-1054.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190522-1258.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190523-0328.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190523-0948.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190523-1012.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190523-1203.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190524-0829.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190524-0852.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190525-0836.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190525-1220.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190525-1221.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190525-1224.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190525-1224a.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190525-1224b.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190525-1224c.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190526-0812.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190526-1025.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190527-0542.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190527-0542a.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190527-0737.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190528-0404.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190528-0717.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190528-0723.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190528-0916.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190529-0345.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190529-0427.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190530-0302.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190530-0604.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190530-2002.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190604-0814.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190604-0816.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190604-0823.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190604-0826.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190604-0841.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190604-0842.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190604-0843.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190605-0545.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190605-0645.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190606-0500.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190606-0606.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190606-0607.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190606-0702.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190606-0731.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190606-1035.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190607-0430.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190607-0900.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190607-0929.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190607-0941.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190607-1200.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190607-1559.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190610-0154.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190610-0154a.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190610-0156.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190610-0203.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190610-0204.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190610-0205.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190610-0731.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190610-0741.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190610-0741a.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190610-1034.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190610-1338.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190610-1642.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190610-1946.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190611-0012.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190611-0644.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190611-0645.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190611-0708.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190611-0813.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190611-0851.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190611-1011.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190611-1044.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190611-1232.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190611-1244.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190611-1335.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190611-1352.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190611-1546.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190612-0325.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190612-0335.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190612-0407.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190612-0439.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190619-1206.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190619-1209.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190619-1209a.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190619-1209b.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190619-1216.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190619-1216a.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190619-1233.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190622-1040.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190622-1046.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190622-1047.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190622-1100.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190622-1110.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190622-1431.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190622-1434.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190622-1612.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190622-1647.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190622-1749.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190623-0916.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190623-1436.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190624-0448.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190624-0538.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190624-0842.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190624-1242.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190625-0830.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190625-1327.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190626-0548.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190626-0918.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190702-0808.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190702-0808a.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190702-0809.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190702-0813.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190702-0813a.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190702-0813b.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190702-1017.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190704-0842.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190704-0842a.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190704-0843.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190704-0929.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190704-0935.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190704-1002.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190704-1008.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190705-1105.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190705-1106.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190705-1307.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190705-1323.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190705-1617.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190705-1803.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190705-2203.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190706-0335.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190706-0445.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190706-1120.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190706-1302.log => moved successfully

C:\Windows\Temp\DAVID-VAIO-20190706-1451.log => moved successfully

Could not move "C:\Windows\Temp\DAVID-VAIO-20190706-2008.log" => Scheduled to move on reboot.

C:\Windows\Temp\dd_ndp46-kb4483451-x64_decompression_log.txt => moved successfully

C:\Windows\Temp\dd_NDP46-KB4495588-x64_decompression_log.txt => moved successfully

C:\Windows\Temp\dd_NDP47-KB4502558-x64_decompression_log.txt => moved successfully

C:\Windows\Temp\dd_wcf_CA_smci_20190213_101808_515.txt => moved successfully

C:\Windows\Temp\dd_wcf_CA_smci_20190213_101809_264.txt => moved successfully

C:\Windows\Temp\dd_wcf_CA_smci_20190515_071328_776.txt => moved successfully

C:\Windows\Temp\dd_wcf_CA_smci_20190515_071339_654.txt => moved successfully

C:\Windows\Temp\dd_wcf_CA_smci_20190622_174943_814.txt => moved successfully

C:\Windows\Temp\dd_wcf_CA_smci_20190622_174946_731.txt => moved successfully

C:\Windows\Temp\fwtsqmfile00.sqm => moved successfully

C:\Windows\Temp\fwtsqmfile01.sqm => moved successfully

C:\Windows\Temp\fwtsqmfile02.sqm => moved successfully

C:\Windows\Temp\fwtsqmfile03.sqm => moved successfully

C:\Windows\Temp\fwtsqmfile04.sqm => moved successfully

Could not move "C:\Windows\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.

Could not move "C:\Windows\Temp\FXSTIFFDebugLogFile.txt" => Scheduled to move on reboot.

C:\Windows\Temp\KB4483451_20190213_051736067-Microsoft .NET Framework 4.7.2-MSP0.txt => moved successfully

C:\Windows\Temp\KB4483451_20190213_051736067.html => moved successfully

C:\Windows\Temp\KB4495588_20190515_030124309-Microsoft .NET Framework 4.7.2-MSP0.txt => moved successfully

C:\Windows\Temp\KB4495588_20190515_030124309.html => moved successfully

C:\Windows\Temp\KB4502558_20190622_134749367-Microsoft .NET Framework 4.7.2-MSP0.txt => moved successfully

C:\Windows\Temp\KB4502558_20190622_134749367.html => moved successfully

C:\Windows\Temp\mat-debug-10036.log => moved successfully

C:\Windows\Temp\mat-debug-10124.log => moved successfully

C:\Windows\Temp\mat-debug-10132.log => moved successfully

C:\Windows\Temp\mat-debug-10196.log => moved successfully

C:\Windows\Temp\mat-debug-1032.log => moved successfully

C:\Windows\Temp\mat-debug-10480.log => moved successfully

C:\Windows\Temp\mat-debug-10512.log => moved successfully

C:\Windows\Temp\mat-debug-10548.log => moved successfully

C:\Windows\Temp\mat-debug-10788.log => moved successfully

C:\Windows\Temp\mat-debug-11016.log => moved successfully

C:\Windows\Temp\mat-debug-11068.log => moved successfully

C:\Windows\Temp\mat-debug-11692.log => moved successfully

C:\Windows\Temp\mat-debug-11764.log => moved successfully

C:\Windows\Temp\mat-debug-11880.log => moved successfully

C:\Windows\Temp\mat-debug-11888.log => moved successfully

C:\Windows\Temp\mat-debug-1200.log => moved successfully

C:\Windows\Temp\mat-debug-12072.log => moved successfully

C:\Windows\Temp\mat-debug-12092.log => moved successfully

C:\Windows\Temp\mat-debug-12536.log => moved successfully

C:\Windows\Temp\mat-debug-12680.log => moved successfully

C:\Windows\Temp\mat-debug-12748.log => moved successfully

C:\Windows\Temp\mat-debug-12792.log => moved successfully

C:\Windows\Temp\mat-debug-12860.log => moved successfully

C:\Windows\Temp\mat-debug-13056.log => moved successfully

C:\Windows\Temp\mat-debug-13196.log => moved successfully

C:\Windows\Temp\mat-debug-13220.log => moved successfully

C:\Windows\Temp\mat-debug-1324.log => moved successfully

C:\Windows\Temp\mat-debug-13268.log => moved successfully

C:\Windows\Temp\mat-debug-13296.log => moved successfully

C:\Windows\Temp\mat-debug-13464.log => moved successfully

C:\Windows\Temp\mat-debug-1356.log => moved successfully

C:\Windows\Temp\mat-debug-13576.log => moved successfully

C:\Windows\Temp\mat-debug-1504.log => moved successfully

C:\Windows\Temp\mat-debug-1544.log => moved successfully

C:\Windows\Temp\mat-debug-1556.log => moved successfully

C:\Windows\Temp\mat-debug-1560.log => moved successfully

C:\Windows\Temp\mat-debug-1568.log => moved successfully

C:\Windows\Temp\mat-debug-1580.log => moved successfully

C:\Windows\Temp\mat-debug-1588.log => moved successfully

C:\Windows\Temp\mat-debug-2580.log => moved successfully

C:\Windows\Temp\mat-debug-2880.log => moved successfully

C:\Windows\Temp\mat-debug-3140.log => moved successfully

C:\Windows\Temp\mat-debug-3192.log => moved successfully

C:\Windows\Temp\mat-debug-3308.log => moved successfully

C:\Windows\Temp\mat-debug-3364.log => moved successfully

C:\Windows\Temp\mat-debug-3824.log => moved successfully

C:\Windows\Temp\mat-debug-3884.log => moved successfully

C:\Windows\Temp\mat-debug-4016.log => moved successfully

C:\Windows\Temp\mat-debug-4224.log => moved successfully

C:\Windows\Temp\mat-debug-4260.log => moved successfully

C:\Windows\Temp\mat-debug-4412.log => moved successfully

C:\Windows\Temp\mat-debug-4664.log => moved successfully

C:\Windows\Temp\mat-debug-5024.log => moved successfully

C:\Windows\Temp\mat-debug-5056.log => moved successfully

C:\Windows\Temp\mat-debug-5132.log => moved successfully

C:\Windows\Temp\mat-debug-5176.log => moved successfully

C:\Windows\Temp\mat-debug-5192.log => moved successfully

C:\Windows\Temp\mat-debug-524.log => moved successfully

C:\Windows\Temp\mat-debug-5396.log => moved successfully

C:\Windows\Temp\mat-debug-5660.log => moved successfully

C:\Windows\Temp\mat-debug-5716.log => moved successfully

C:\Windows\Temp\mat-debug-5824.log => moved successfully

C:\Windows\Temp\mat-debug-6024.log => moved successfully

C:\Windows\Temp\mat-debug-6320.log => moved successfully

C:\Windows\Temp\mat-debug-6444.log => moved successfully

C:\Windows\Temp\mat-debug-6536.log => moved successfully

C:\Windows\Temp\mat-debug-6572.log => moved successfully

C:\Windows\Temp\mat-debug-6640.log => moved successfully

C:\Windows\Temp\mat-debug-676.log => moved successfully

C:\Windows\Temp\mat-debug-6784.log => moved successfully

C:\Windows\Temp\mat-debug-6824.log => moved successfully

C:\Windows\Temp\mat-debug-7244.log => moved successfully

C:\Windows\Temp\mat-debug-7268.log => moved successfully

C:\Windows\Temp\mat-debug-7588.log => moved successfully

C:\Windows\Temp\mat-debug-7860.log => moved successfully

C:\Windows\Temp\mat-debug-7888.log => moved successfully

C:\Windows\Temp\mat-debug-8000.log => moved successfully

C:\Windows\Temp\mat-debug-8120.log => moved successfully

C:\Windows\Temp\mat-debug-8300.log => moved successfully

C:\Windows\Temp\mat-debug-8452.log => moved successfully

C:\Windows\Temp\mat-debug-8576.log => moved successfully

C:\Windows\Temp\mat-debug-8604.log => moved successfully

C:\Windows\Temp\mat-debug-8616.log => moved successfully

C:\Windows\Temp\mat-debug-8696.log => moved successfully

C:\Windows\Temp\mat-debug-8704.log => moved successfully

C:\Windows\Temp\mat-debug-8788.log => moved successfully

C:\Windows\Temp\mat-debug-8876.log => moved successfully

C:\Windows\Temp\mat-debug-888.log => moved successfully

C:\Windows\Temp\mat-debug-8928.log => moved successfully

C:\Windows\Temp\mat-debug-8964.log => moved successfully

C:\Windows\Temp\mat-debug-9172.log => moved successfully

C:\Windows\Temp\mat-debug-924.log => moved successfully

C:\Windows\Temp\mat-debug-9384.log => moved successfully

Could not move "C:\Windows\Temp\mat-debug-9460.log" => Scheduled to move on reboot.

C:\Windows\Temp\mat-debug-9524.log => moved successfully

C:\Windows\Temp\mat-debug-9688.log => moved successfully

C:\Windows\Temp\mat-debug-9856.log => moved successfully

C:\Windows\Temp\mat-debug-9960.log => moved successfully

C:\Windows\Temp\mat-debug-9992.log => moved successfully

C:\Windows\Temp\MpCmdRun.log => moved successfully

C:\Windows\Temp\MpSigStub.log => moved successfully

C:\Windows\Temp\MSIede5d.LOG => moved successfully

C:\Windows\Temp\nsd6E7C.tmp => moved successfully

C:\Windows\Temp\officeclicktorun.exe_streamserver(2019020415350725D4).log => moved successfully

C:\Windows\Temp\officeclicktorun.exe_streamserver(20190314083824834).log => moved successfully

C:\Windows\Temp\officeclicktorun.exe_streamserver(2019042413560886C).log => moved successfully

C:\Windows\Temp\officeclicktorun.exe_streamserver(20190426070209638).log => moved successfully

C:\Windows\Temp\officeclicktorun.exe_streamserver(20190427184030714).log => moved successfully

C:\Windows\Temp\officeclicktorun.exe_streamserver(20190704100241608).log => moved successfully

Could not move "C:\Windows\Temp\officeclicktorun.exe_streamserver(2019070620083624F4).log" => Scheduled to move on reboot.

C:\Windows\Temp\RGI2658.tmp => moved successfully

C:\Windows\Temp\RGI2658.tmp-tmp => moved successfully

C:\Windows\Temp\RGI4325.tmp => moved successfully

C:\Windows\Temp\RGI4325.tmp-tmp => moved successfully

C:\Windows\Temp\RGI71E0.tmp => moved successfully

C:\Windows\Temp\RGI71E0.tmp-tmp => moved successfully

C:\Windows\Temp\TFR9150.tmp => moved successfully

C:\Windows\Temp\TFRB25E.tmp => moved successfully

C:\Windows\Temp\TFRD57B.tmp => moved successfully

C:\Windows\Temp\TS_2F2A.tmp => moved successfully

C:\Windows\Temp\TS_67B8.tmp => moved successfully

C:\Windows\Temp\~DF6614BC970DB4565B.TMP => moved successfully

C:\Windows\Temp\~DFA3057313125FA414.TMP => moved successfully

========= End -> "C:\Windows\Temp\*.*" ========

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 06-07-2019 20:14:08)

C:\Windows\Temp\DAVID-VAIO-20190706-2008.log => Is moved successfully

C:\Windows\Temp\FXSAPIDebugLogFile.txt => Could not move

C:\Windows\Temp\FXSTIFFDebugLogFile.txt => Could not move

C:\Windows\Temp\mat-debug-9460.log => Is moved successfully

C:\Windows\Temp\officeclicktorun.exe_streamserver(2019070620083624F4).log => Is moved successfully

==== End of Fixlog 20:14:08 ====

#6 dpculbertson

New Member

Authentic Member
16 posts

Posted 06 July 2019 - 06:39 PM

Hi Juliet,

Below is the AdwCleaner log.

David

# -------------------------------

# Malwarebytes AdwCleaner 7.3.0.0

# -------------------------------

# Build: 04-04-2019

# Database: 2019-06-28.1 (Cloud)

# Support: https://www.malwarebytes.com/support

# -------------------------------

# Mode: Clean

# -------------------------------

# Start: 07-06-2019

# Duration: 00:00:02

# OS: Windows 7 Professional

# Cleaned: 6

# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

Deleted C:\Windows\SysWOW64\rnd_chunk.bin

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|DriverSupport.exe

Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_GPU_RENDERING|DriverSupport.exe

***** [ Chromium (and derivatives) ] *****

Deleted gjkpcnacdgdlpfejlgflolpaigoicibh

***** [ Chromium URLs ] *****

Deleted Conduit

***** [ Firefox (and derivatives) ] *****

Deleted Honey

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

*************************

[+] Delete Tracing Keys

[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1569 octets] - [06/07/2019 20:28:28]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

#7 Juliet

SuperHelper

Retired Classroom Teacher
7,686 posts

Interests:Boo!....

Posted 07 July 2019 - 04:31 AM

Were you able to run RogueKiller?

#8 dpculbertson

New Member

Authentic Member
16 posts

Posted 07 July 2019 - 06:01 AM

Hi Juliet,

Roguekiller took a long time to run, but here is the report:

RogueKiller Anti-Malware V13.3.1.0 (x64) [Jul 1 2019] (Free) by Adlice Software

mail : https://adlice.com/contact/

Website : https://adlice.com/d...ad/roguekiller/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits

Started in : Normal mode

User : David [Administrator]

Started from : C:\Program Files\RogueKiller\RogueKiller64.exe

Signatures : 20190706_064132, Driver : Loaded

Mode : Standard Scan, Delete -- Date : 2019/07/07 07:55:54 (Duration : 02:43:16)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Delete ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

[PUP.Iolo (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\iolo -- -> Deleted

[PUP.Iolo (Potentially Malicious)] HKEY_USERS\S-1-5-21-1133073292-3603896812-4173062283-1001\Software\iolo -- -> Deleted

[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{376115B7-5659-4D5A-B613-E0AA5D8BF870}C:\users\david\appdata\local\vidyo\vidyo desktop\vidyodesktop.exe -- [%localappdata%\Vidyo\vidyo desktop\vidyodesktop.exe] -> Deleted

[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{CCFF0963-191C-4E99-AA87-520D08064A5E}C:\users\david\appdata\local\vidyo\vidyo desktop\vidyodesktop.exe -- [%localappdata%\Vidyo\vidyo desktop\vidyodesktop.exe] -> Deleted

[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{6BD53691-7394-443A-94E0-21FB179FC189}C:\users\david\appdata\local\vidyo\vidyo desktop\vidyodesktop.exe -- [%localappdata%\Vidyo\vidyo desktop\vidyodesktop.exe] -> Deleted

[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{1C633629-B921-4DA6-B43A-D8FE5DBE8DB3}C:\users\david\appdata\local\vidyo\vidyo desktop\vidyodesktop.exe -- [%localappdata%\Vidyo\vidyo desktop\vidyodesktop.exe] -> Deleted

[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{CCFF0963-191C-4E99-AA87-520D08064A5E}C:\users\david\appdata\local\vidyo\vidyo desktop\vidyodesktop.exe -- [%localappdata%\Vidyo\vidyo desktop\vidyodesktop.exe] -> Deleted

[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{6BD53691-7394-443A-94E0-21FB179FC189}C:\users\david\appdata\local\vidyo\vidyo desktop\vidyodesktop.exe -- [%localappdata%\Vidyo\vidyo desktop\vidyodesktop.exe] -> Deleted

[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{376115B7-5659-4D5A-B613-E0AA5D8BF870}C:\users\david\appdata\local\vidyo\vidyo desktop\vidyodesktop.exe -- [%localappdata%\Vidyo\vidyo desktop\vidyodesktop.exe] -> Deleted

[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{1C633629-B921-4DA6-B43A-D8FE5DBE8DB3}C:\users\david\appdata\local\vidyo\vidyo desktop\vidyodesktop.exe -- [%localappdata%\Vidyo\vidyo desktop\vidyodesktop.exe] -> Deleted

[PUP.Iolo (Potentially Malicious)] iolo -- %_David_appdata%\iolo -> Deleted

[PUP.Iolo (Potentially Malicious)] iolo -- %programdata%\iolo -> Deleted

[PUP.Gen2 (Potentially Malicious)] Honey -- jid1-93CWPmRbVPjRQA@jetpack -> Deleted

[PUP.Gen0 (Potentially Malicious)] Honey -- bmnlcjabgnpnenekpadlanbbkooimhnj -> Deleted

Is there anything else I need to do?

Thank you,

David

#9 Juliet

SuperHelper

Retired Classroom Teacher
7,686 posts

Interests:Boo!....

Posted 07 July 2019 - 07:05 AM

Looks like everything we run we find more, and I hope by this time your seeing improvements.

Just 2 more scans I use as a standard that should prove to be the end.

you're already running Malwarebytes 3, open Malwarebytes and check for updates. It might have already updated and if so just continue.

Then click on the Scan tab and select Threat Scan and click on Start Scan button.

If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
Upon completion of the scan (or after the reboot), click the Reports tab.
Double-click the Scan Log.
At the bottom click Export and choose Text file.

Save the file to your desktop and include its content in your next reply.

You can access the logs by going in the "Reports" tab, clicking on the latest "Scan" entry (the one with detections), then clicking on the "Export" button in the bottom-left corner and select "Copy to clipboard". After that, all you have to do is paste it here
Once the scan is completed click on the Export Summary button and save the file as a Text file to your desktop or other location you can find, and attach that log on your next reply.

~~~~~~~~~~~~~~~~~~~~~~~~

Emsisoft Emergency Kit - Fix Mode
Follow the instructions below to run a scan using the Emsisoft Emergency Kit.

Download the Emsisoft Emergency Kit and execute it. From there, click on the Install button to extract the program in the EEK folder;
Once the extraction is complete, the EEK folder will open. Right-click on start emergency kit scanner.exe and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
EEK will suggest that you run an online update before using the program. Click on Yes to launch it.
After the update, click on Malware Scan under 2. Scan and accept to let EEK detect PUPs (click on Yes).
Once the scan is complete, make sure that every item in the list is checked, and click on the Quarantine selected button;
If it asks you for a reboot to delete some items, click on Ok to reboot automatically;
After the restart, open EEK again (in the C:\EEK folder);
This time, click on Logs;
From there, go under the Quarantine Log tab, and click on the Export button;
Save the log on your desktop, then open it, and copy/paste its content in your next reply;

Please post these 2 logs when finished.

Also, tell me how the computer is now.

#10 dpculbertson

New Member

Authentic Member
16 posts

Posted 07 July 2019 - 07:52 AM

Hi Juliet,

I haven't yet been using the computer for other activities while I follow your instructions, so I don't have any updates on how it is running. I will do that after I finish the next operation. Below is the Malwarebytes text file.

Thanks,

David

Malwarebytes

www.malwarebytes.com

-Log Details-

Scan Date: 7/7/19

Scan Time: 9:12 AM

Log File: d0f1ced4-a0b8-11e9-9cb3-506313be15bf.json

-Software Information-

Version: 3.8.3.2965

Components Version: 1.0.613

Update Package Version: 1.0.11440

License: Trial

-System Information-

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: David-VAIO\David

-Scan Summary-

Scan Type: Threat Scan

Scan Initiated By: Manual

Result: Completed

Objects Scanned: 330537

Threats Detected: 0

Threats Quarantined: 0

Time Elapsed: 18 min, 4 sec

-Scan Options-

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Heuristics: Enabled

PUP: Detect

PUM: Detect

-Scan Details-

Process: 0

(No malicious items detected)

Module: 0

(No malicious items detected)

Registry Key: 0

(No malicious items detected)

Registry Value: 0

(No malicious items detected)

Registry Data: 0

(No malicious items detected)

Data Stream: 0

(No malicious items detected)

Folder: 0

(No malicious items detected)

File: 0

(No malicious items detected)

Physical Sector: 0

(No malicious items detected)

WMI: 0

(No malicious items detected)

(end)

Advertisements

Register to Remove

#11 dpculbertson

New Member

Authentic Member
16 posts

Posted 07 July 2019 - 08:48 AM

Hi Juliet,

Emisoft found nothing to quarantine. Below is the results file.

I will let you know how the computer is running.

Also, I have another computer that is running slow. Can I forward the Farbar files to you?

Thank you,

David

Emsisoft Emergency Kit - Version 2019.6

Last update: 7/7/2019 10:01:37 AM

User account: David-VAIO\David

Computer name: DAVID-VAIO

OS version: Windows 7x64 Service Pack 1

Scan settings:

Scan type: Malware Scan

Objects: Rootkits, Memory, Traces, Files

Detect PUPs: On

Scan archives: Off

Scan mail archives: Off

ADS Scan: On

File extension filter: Off

Direct disk access: Off

Scan start: 7/7/2019 10:02:28 AM

Scanned 88901

Found 0

Scan end: 7/7/2019 10:16:13 AM

Scan time: 0:13:45

#12 dpculbertson

New Member

Authentic Member
16 posts

Posted 07 July 2019 - 10:09 AM

Hi Juliet,

This laptop is running much faster now and also not always at 100% CPU.

Thank you for all your help.

Regards,

David

#13 dpculbertson

New Member

Authentic Member
16 posts

Posted 07 July 2019 - 10:13 AM

Hi Juliet,

Here are the FRST and Additional files from my other computer.

David

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 3-07-2019

Ran by David (administrator) on DPCVAIOT (Sony Corporation SVT15115CXS) (07-07-2019 08:15:28)

Running from C:\Users\David\Desktop

Loaded Profiles: David (Available Profiles: David)

Platform: Windows 10 Home Version 1803 17134.829 (X64) Language: English (United States)

Default browser: Edge

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1905.28.0_x64__8wekyb3d8bbwe\Calculator.exe

() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

(Avaya Inc. -> Avaya, Inc.) C:\Users\David\AppData\Local\Radvision\Conference Client\8.3.400.72\CUCore.exe

(Cisco Systems, Inc. -> Cisco) C:\Program Files (x86)\Cisco\JabberVideo\JabberVideo.exe

(CONDUSIV TECHNOLOGIES -> Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe

(Dashlane USA, Inc. -> Dashlane, Inc.) C:\Users\David\AppData\Roaming\Dashlane\Dashlane.exe

(Dashlane USA, Inc. -> Dashlane, Inc.) C:\Users\David\AppData\Roaming\Dashlane\DashlanePlugin.exe

(Ditto -> ) [File not signed] C:\Program Files\Ditto\Ditto.exe

(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe

(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\75.4.141\QtWebEngineProcess.exe

(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe

(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe

(Google LLC -> ) C:\Program Files\Google\Drive File Stream\32.0.9.0\crashpad_handler.exe

(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\74.0.3729.56\remoting_host.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\32.0.11.0\GoogleDriveFS.exe

(Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\32.0.9.0\GoogleDriveFS.exe

(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe

(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe

(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe

(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe

(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe

(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Intel® Upgrade Service -> Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intuit, Inc. -> Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

(Logitech Inc -> Logitech) C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe

(Logitech, Inc. -> ) C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe

(Logitech, Inc. -> Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe

(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

(Microsoft Corporation -> Microsoft Corp.) C:\Users\David\AppData\Local\Microsoft\OffCAT\OffCAT_RTS.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Users\David\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\FileCoAuth.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Users\David\AppData\Local\Microsoft\OneDrive\OneDrive.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe

(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\MsMpEng.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\NisSrv.exe

(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe

(Novatel Wireless Inc.) [File not signed] C:\Program Files (x86)\Novatel Wireless\LTE Support\VZWMSConfig.exe

(Novatel Wireless Inc.) [File not signed] C:\Program Files (x86)\Novatel Wireless\MiFi4510\Drivers\NWHelper.exe

(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

(Pro Softnet Corporation -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_bglaunch.exe

(Pro Softnet Corporation -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_service.exe

(Pro Softnet Corporation -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_tray.exe

(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Seagate Technology LLC -> Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe

(Seagate Technology LLC -> Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe

(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe

(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe

(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe

(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe

(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe

(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe

(Sony Corporation -> Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe

(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\Store App Support Utility\StoreAppSupportUtility.exe

(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe

(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe

(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe

(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe

(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe

(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe

(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe

(StagWare) [File not signed] C:\Program Files (x86)\NoteBook FanControl\NbfcService.exe

(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe

(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe

(TomTom International BV -> TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-09-20] (Realtek Semiconductor Corp -> Realtek Semiconductor)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3928264 2015-05-27] (Synaptics Incorporated -> Synaptics Incorporated)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech -> Logitech, Inc.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-05-07] (Apple Inc. -> Apple Inc.)

HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation -> Sony Corporation)

HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2362392 2013-11-21] (Sony Corporation -> Sony Corporation)

HKLM-x32\...\Run: [Acrobat Assistant 7.0] => C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [483328 2004-12-14] (Adobe Systems Inc.) [File not signed]

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)

HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1562304 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)

HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech, Inc. -> Logitech Inc.)

HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.) [File not signed]

HKLM-x32\...\Run: [IDrive Background process] => C:\Program Files (x86)\IDriveWindows\id_bglaunch.exe [72736 2016-01-18] (Pro Softnet Corporation -> Prosoftnet)

HKLM-x32\...\Run: [IDrive Tray] => C:\Program Files (x86)\IDriveWindows\id_tray.exe [1985056 2016-01-18] (Pro Softnet Corporation -> Prosoftnet)

HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [5580608 2019-06-24] (Dropbox, Inc -> Dropbox, Inc.)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle America, Inc. -> Oracle Corporation)

HKLM\...\Policies\Explorer\Run: [BtvStack] => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"

HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)

HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)

HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25638872 2018-04-23] (Google Inc -> Google)

HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-05-08] (Apple Inc. -> Apple Inc.)

HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [Ditto] => C:\Program Files\Ditto\Ditto.exe [1717872 2012-11-08] (Ditto -> ) [File not signed]

HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [142568 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)

HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [HP Officejet Pro 8620 (NET)] => C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)

HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [Cisco JabberVideo] => C:\Program Files (x86)\Cisco\JabberVideo\JabberVideo.exe [1938848 2015-08-10] (Cisco Systems, Inc. -> Cisco)

HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [Google Update] => C:\Users\David\AppData\Local\Google\Update\1.3.34.11\GoogleUpdateCore.exe [410920 2019-05-15] (Google Inc -> Google LLC)

HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [eFax 4.4] => C:\Program Files (x86)\eFax Messenger 4.4\J2GDllCmd.exe [95232 2015-05-11] (j2 Global, Inc.) [File not signed]

HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2019-05-08] (Apple Inc. -> Apple Inc.)

HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [Spotify Web Helper] => C:\Users\David\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524336 2016-02-25] (Spotify AB -> Spotify Ltd)

HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [Spotify] => C:\Users\David\AppData\Roaming\Spotify\Spotify.exe [6743664 2016-02-25] (Spotify AB -> Spotify Ltd)

HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [CUCore Agent] => C:\Users\David\AppData\Local\Radvision\Conference Client\8.3.400.72\ConfAgent.exe [405624 2016-04-29] (Avaya Inc. -> Avaya, Inc.)

HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [Zoom] => [X]

HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [Dashlane] => C:\Users\David\AppData\Roaming\Dashlane\Dashlane.exe [390736 2019-06-10] (Dashlane USA, Inc. -> Dashlane, Inc.)

HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [DashlanePlugin] => C:\Users\David\AppData\Roaming\Dashlane\DashlanePlugin.exe [413264 2019-06-10] (Dashlane USA, Inc. -> Dashlane, Inc.)

HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [254840 2017-03-17] (TomTom International BV -> TomTom)

HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [Vidyo Desktop] => C:\Program Files (x86)\Vidyo\Vidyo Desktop\VidyoDesktop.exe [14306832 2016-03-01] (Vidyo Inc. -> Vidyo)

HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\David\AppData\Local\slack\Update.exe [1569296 2019-06-14] (Slack Technologies, Inc. -> )

HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [OffCAT] => C:\Users\David\AppData\Local\Microsoft\OffCAT\OffCAT_RTS.exe [365440 2016-08-01] (Microsoft Corporation -> Microsoft Corp.)

HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\32.0.11.0\GoogleDriveFS.exe [38275880 2019-06-27] (Google LLC -> Google, Inc.)

HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [8x8 Virtual Office] => C:\Program Files (x86)\8x8 Virtual Office\8x8 - Virtual Office\8x8 - Virtual Office.exe [146432 2018-05-04] (8x8, Inc.) [File not signed]

HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19589208 2018-12-10] (Piriform Software Ltd -> Piriform Software Ltd)

HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2019-05-08] (Apple Inc. -> Apple Inc.)

HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2019-05-08] (Apple Inc. -> Apple Inc.)

HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\RunOnce: [Application Restart #3] => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [503424 2014-11-17] (Sony Corporation -> Sony Corporation)

HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\David\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"

HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\David\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"

HKLM\...\Drivers32: [vidc.i420] => C:\WINDOWS\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)

HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)

HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\LameACM.acm [756224 2012-02-28] (hxxp://www.mp3dev.org/) [File not signed]

HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-11-28] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]

HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-11-28] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]

Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Cisco Jabber Video for TelePresence.lnk [2015-12-11]

ShortcutTarget: Cisco Jabber Video for TelePresence.lnk -> C:\Windows\Installer\{5BF4E2A0-9C59-42AA-97E2-D45127CB9117}\ProgramsMenuShortc_4006CC1BCEA547598252A09E7D12FA42.exe (Cisco Systems, Inc. -> Flexera Software, Inc.)

Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\eFax 4.4.lnk [2015-11-02]

ShortcutTarget: eFax 4.4.lnk -> C:\Program Files (x86)\eFax Messenger 4.4\J2GTray.exe (j2 Global, Inc.) [File not signed]

Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2015-06-27]

ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corporation -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk [2019-03-19]

ShortcutTarget: Logitech . Product Registration.lnk -> C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Logitech -> Leader Technologies/Logitech)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {027D5B1B-75CA-454E-8DEA-EE0D1008F814} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION

Task: {039B0B14-53E9-4D4E-B7C3-1026A9EECCA1} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804704 2017-05-15] (Sony Corporation -> Sony Corporation)

Task: {065232B5-3BA6-49AA-BE2A-2255105E1190} - System32\Tasks\HP AR Program Upload - ff5be722cce942b6ab77702d958c2ce490ddb601792b47a4a337f326dc2b2696 => C:\Program Files\HP\HP Officejet Pro 8620\bin\HPRewards.exe [3495944 2014-07-21] (Hewlett Packard -> TODO: <Company name>)

Task: {089F3A5B-EEF1-40E2-8B97-28CB3605DCA5} - System32\Tasks\HP AR Program Upload - 55138fad193640cfa9efbe27955557385fec4d1a0eda4222b140b8b501a6c136 => C:\Program Files\HP\HP Officejet Pro 8620\bin\HPRewards.exe [3495944 2014-07-21] (Hewlett Packard -> TODO: <Company name>)

Task: {094CD275-5C71-4753-B57E-5566CA859498} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}

Task: {0F6DBBD1-1FA5-490B-A482-1F43FCC689E6} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}

Task: {0F9AC311-4326-452C-8A47-9BE1BCF0006D} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [735400 2012-10-23] (Sony Corporation -> Sony Corporation)

Task: {11548D7B-60F8-4F20-A8FB-0E5DE42C8897} - System32\Tasks\VAIO Health Report => C:\Program Files (x86)\Sony\VAIO Health Report\VAIOHealthReport.exe [2920296 2013-06-20] (Sony Corporation of America -> Sony Electronics)

Task: {11A0BB0B-B998-40FF-B50C-62755E0CC227} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804704 2017-05-15] (Sony Corporation -> Sony Corporation)

Task: {14CA38FE-9616-41DA-AB9C-3E7FDE58F3AB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136056 2019-01-02] (HP Inc. -> HP Inc.)

Task: {15EC6371-30D7-4569-85B9-2C89D9A4AFFE} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [45400 2017-05-15] (Sony Corporation -> Sony Corporation)

Task: {1E77EFDC-56A9-4930-B97B-309ED94040AA} - System32\Tasks\David => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [1812160 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)

Task: {1EE1C2F3-F0FF-4EAC-97BA-6839244163F7} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [338544 2012-07-24] (CyberLink -> CyberLink Corp.)

Task: {223C40A0-2223-456C-9EB6-86E3B2C2D0CF} - System32\Tasks\Norton 360\Norton Autofix => C:\Program Files (x86)\Norton Security Suite\Engine\22.6.0.142\SymErr.exe

Task: {258D86E3-0B78-4A5B-BD1B-23132C9A73B8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)

Task: {2628117B-5B4E-458F-9F7E-4E0D828BE3D3} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

Task: {29274F90-0E6D-41B1-9754-104AF346F7D0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [237432 2019-04-29] (HP Inc. -> HP Inc.)

Task: {2AE8687C-F8F3-4D18-9238-273987929E11} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804704 2017-05-15] (Sony Corporation -> Sony Corporation)

Task: {2D0D8313-700A-438E-842B-9C7FBB97669F} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [978016 2013-02-21] (Sony Corporation -> Sony Corporation)

Task: {2E35066F-432A-4550-B795-51E00D8EDFBF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION

Task: {303B178D-B46A-4A4D-A952-C898348E2B00} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}

Task: {33D4D126-5686-4C21-87AA-2B42E2297DC0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe

Task: {357B2A6E-C305-4CC8-816B-31DA4B81DF5A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3199809883-61864900-496248842-1001Core1d257e35ef07b1c => C:\Users\David\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)

Task: {3A2764E5-904D-41A9-AC31-CE10E1831358} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3199809883-61864900-496248842-1001UA => C:\Users\David\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)

Task: {3C0B14EE-4C92-4E1F-BEF3-D99692DEB823} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

Task: {3CE76ACC-61D4-466F-8909-30F8A6FB75EA} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_pepper.exe [1452600 2019-06-11] (Adobe Inc. -> Adobe)

Task: {3F95F05C-DD1D-40D4-922E-4B450A05E7FF} - System32\Tasks\0 => c:\program files\internet explorer\iexplore.exe <==== ATTENTION

Task: {40EFF008-0C31-4AEB-86BE-0311F62FE547} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)

Task: {41744001-656B-4E68-8832-D33BA636288D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)

Task: {4522FFA1-DE84-4F90-AEF5-E20B2CAB6DDE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION

Task: {457CA86F-D651-4CD4-ADCF-37C99567F3CF} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION

Task: {4A5C0AA4-14B1-4CAE-B083-83E81470BAF4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {4B775C8B-349C-459B-96F7-DC62BD80B78B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14636224 2018-12-10] (Piriform Software Ltd -> Piriform Software Ltd)

Task: {4F39BF6C-8C17-47E5-A5BD-50A2191D6443} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe [1688152 2013-09-28] (Sony Corporation -> Sony Corporation)

Task: {4F3A8903-6D3F-458D-9A30-6249D57ECF65} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [1005144 2016-03-04] (Sony Corporation -> Sony Corporation)

Task: {5297FED8-6312-483E-AB15-6B0C35D12A2B} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs"

Task: {5526799D-B59B-43A2-AA3F-AC5FA8A02E77} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION

Task: {560BCCE1-EB4E-4C53-B1C9-34FF396C2A99} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [135349160 2019-06-14] (Microsoft Corporation -> Microsoft Corporation)

Task: {566D396C-F5FA-4449-8626-AD527D7ACB2C} - \GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3199809883-61864900-496248842-1001 -> No File <==== ATTENTION

Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [33280 2018-04-11] (Microsoft Windows -> Microsoft Corporation)

Task: {5E62E198-CDA8-454A-AA69-3A75E64F9CA8} - System32\Tasks\David Merge => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [1812160 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)

Task: {5E8E701D-9B71-4799-A9A1-FB15F6524ABA} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [18272 2017-05-15] (Sony Corporation -> Sony Corporation)

Task: {6382090F-B455-4ABE-AB38-34B9790B16CC} - \Safer-Networking\Spybot - Search and Destroy\Refresh immunization -> No File <==== ATTENTION

Task: {63A17FCD-7D1A-471C-9052-B8909DEA8494} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION

Task: {69488D22-5D11-4186-A20D-84059F488A84} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {6ACC8B28-05C5-4B1C-97BF-3662C5FC5134} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804704 2017-05-15] (Sony Corporation -> Sony Corporation)

Task: {6CD3B177-2433-4602-AA12-F86EF9A035EF} - System32\Tasks\HPCustParticipation HP Officejet Pro 8620 => C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPCustPartic.exe [5745672 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)

Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Task: {6F343C24-FB91-423A-95C4-809FF0645920} - \Safer-Networking\Spybot - Search and Destroy\Check for updates -> No File <==== ATTENTION

Task: {6F65A252-EF54-47A1-B5D4-AD4C2F6E609B} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\22.6.0.142\SymErr.exe

Task: {72B6271B-893E-423B-B72F-EC5AEF5287BB} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1741576 2016-03-17] (Intel® Software -> Intel Corporation)

Task: {72C2F7B5-3F22-4BB1-B3CC-0F924CFD9D02} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION

Task: {77C36013-C62B-453F-AFD9-BF653FE1E528} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804704 2017-05-15] (Sony Corporation -> Sony Corporation)

Task: {783F2979-3C0A-4D61-81CD-2429A933E459} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [538280 2012-09-06] (Sony Corporation -> Sony Corporation)

Task: {7B6E62B1-B4A2-4039-8842-CC970ECECDF9} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-19] (HP Inc. -> )

Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}

Task: {87306712-750E-4084-BB2B-526430E778BA} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804704 2017-05-15] (Sony Corporation -> Sony Corporation)

Task: {877BB4B5-2CEC-4E18-BD77-283188033BE9} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804704 2017-05-15] (Sony Corporation -> Sony Corporation)

Task: {8B6759EE-1C08-4B8F-955C-774AB5A6544E} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}

Task: {8D0B6A9D-0C0E-4278-8273-3D19A1DB3246} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)

Task: {90E7DA1D-2AED-4132-B3B6-98EA6FD1A8B4} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-08] (Dropbox, Inc -> Dropbox, Inc.)

Task: {97B72A37-FD67-4554-8C35-5DA36EA39421} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN51QEK0D0 => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1073528 2019-04-02] (HP Inc. -> HP Inc.)

Task: {9D085884-1E28-4C59-83AC-07673614A63D} - \WPD\SqmUpload_S-1-5-21-3199809883-61864900-496248842-1001 -> No File <==== ATTENTION

Task: {9EE980C4-7F01-4B3F-B10E-1867D8E24361} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [495248 2013-11-07] (Sony Corporation -> Sony Corporation)

Task: {A1BD051C-043E-4EE6-AF07-5BDDEDECA0FC} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_Plugin.exe [1457208 2019-06-11] (Adobe Inc. -> Adobe)

Task: {A40D2CD6-69A0-4F8B-A5A5-E1925E4D4D4B} - System32\Tasks\Sony Corporation\VAIO Care\VTSvc => C:\Program Files\Sony\VAIO Care\VAIOTM\VTSvc.exe

Task: {A5806EA4-D11A-4F52-83BA-3EBCBB77F482} - System32\Tasks\David1 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [1812160 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)

Task: {A83CBB33-ACE5-432A-B0C9-608D4859614B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3199809883-61864900-496248842-1001Core => C:\Users\David\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)

Task: {AB3DBC1C-141E-42D1-B1A5-D3E77F481CE0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION

Task: {ACEB84F7-BD80-40CE-A503-0FFB99FE5E2F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)

Task: {AD07EB69-07EB-4AEB-B1F8-8EB94015335D} - System32\Tasks\HPCeeScheduleForDavid => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [97848 2016-01-22] (Hewlett-Packard Company -> Hewlett-Packard)

Task: {AD606FD3-BE04-43FC-A8AF-36A6A896A5D5} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION

Task: {AFCDC37F-83DB-4F68-9F20-6E92AD8D48A2} - System32\Tasks\Clean System Memory => C:\Windows\syswow64\CleanMem.exe [61440 2012-04-01] (PcWinTech.com) [File not signed]

Task: {B000E381-FA3C-4635-8B70-F2BFF26EB55E} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle America, Inc. -> Oracle Corporation)

Task: {B0EAEE2D-F249-4D3B-B27F-AF76905390E9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)

Task: {B1CF9A68-3AEF-45EF-962E-3F8E0B177796} - System32\Tasks\Sony Corporation\VAIO Care\UpdateConfig => C:\ProgramData\Sony Corporation\VCM Data\UpdateConfig.exe [19488 2015-03-03] (Sony Corporation -> Sony Corporation)

Task: {B4853B5D-FD9D-4D43-B1A7-9BE2CE04006B} - System32\Tasks\Sony Corporation\VAIO Care\VKSvcWeekly => C:\Program Files\Sony\VAIO Care\VAIOTM\VKSvc.exe [23128 2017-04-19] (Sony Corporation -> Sony Corporation)

Task: {B5321100-B659-4174-AF66-0242E13263E1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION

Task: {B7FF1422-A70C-401D-A1F5-16C47F536EAD} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}

Task: {B8814942-F891-4656-886D-239842879352} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [67896 2019-05-08] (Apple Inc. -> Apple Inc.)

Task: {BAB85500-CB5F-4D2E-A2DA-F95B62D1C8C3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-06-11] (Adobe Inc. -> Adobe)

Task: {BBBEF481-5E23-458D-994E-06EFF0577957} - System32\Tasks\David DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1562304 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)

Task: {BDE2D558-B5A8-4E3C-B3F0-2C8B428F12D4} - System32\Tasks\Sony Corporation\VAIO Care\VTUsr => C:\Program Files\Sony\VAIO Care\VAIOTM\VTUsr.exe

Task: {C2E47FB1-6061-4051-A3EF-5DBF44D4EB68} - System32\Tasks\Sony Corporation\Store App Support Utility\Store App Support Utility Logon Start => C:\Program Files\Sony\Store App Support Utility\StoreAppSupportUtility.exe [219736 2014-02-25] (Sony Corporation -> Sony Corporation)

Task: {C369F876-1C75-4BA0-B8B6-FC55A0CFCFD6} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804704 2017-05-15] (Sony Corporation -> Sony Corporation)

Task: {C40924E1-23B7-4CFA-B373-4D4F94514E28} - System32\Tasks\David1 Merge => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [1812160 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)

Task: {C781562C-6EE6-41D7-9966-7878A1104A4F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3199809883-61864900-496248842-1001UA1d257e35f357f1f => C:\Users\David\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)

Task: {C9793F35-4ABB-4390-8288-DD67322A7489} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {C9DCF59E-6B97-4C0C-8641-B8261089C8CA} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}

Task: {CBC449B9-0ADF-431C-9B10-7EF60C5E47C9} - System32\Tasks\HP AR Program Upload - 353a101a1c83446ca8ac6bfb209398f9acfbfb15d48e407eb858c9711756eb7b => C:\Program Files\HP\HP Officejet Pro 8620\bin\HPRewards.exe [3495944 2014-07-21] (Hewlett Packard -> TODO: <Company name>)

Task: {CC9397AF-2402-4B4F-9FF3-C74E1FC2D516} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION

Task: {CD95D71D-49D3-48FF-88F7-14166C863CBF} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\22.6.0.142\SymErr.exe

Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}

Task: {CEE2EE2E-418E-4B67-B70D-AE3F58015026} - System32\Tasks\Sony Corporation\VAIO Care\VKSvcDaily => C:\Program Files\Sony\VAIO Care\VAIOTM\VKSvc.exe [23128 2017-04-19] (Sony Corporation -> Sony Corporation)

Task: {D1DFFB10-9552-41FF-9078-56BB0816BBD2} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3928264 2015-05-27] (Synaptics Incorporated -> Synaptics Incorporated)

Task: {D22A3B5D-93D0-4BE6-9EA3-95717F3EF797} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-08] (Dropbox, Inc -> Dropbox, Inc.)

Task: {D39A942F-0E2F-444B-B569-5ADC3760836D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [654712 2019-06-05] (HP Inc. -> HP Inc.)

Task: {D53CB833-975F-4D7E-8D49-951B40CA1144} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)

Task: {D66F681A-CAA4-4088-87A1-CAED54464388} - System32\Tasks\Sony Corporation\VAIO Care\UpdateContacts => C:\ProgramData\Sony Corporation\VAIO Care\UpdateContacts.exe

Task: {DB21EF32-6BA9-4118-BBC1-BC4FF48961E5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}

Task: {DE53CBA3-0FA2-4023-B5BC-7D202D3ADF83} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION

Task: {DF07C858-174F-4A01-9AFC-A45EAC3786C1} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804704 2017-05-15] (Sony Corporation -> Sony Corporation)

Task: {E8823C03-4639-4A5E-A141-B6C2615C84F5} - \Safer-Networking\Spybot - Search and Destroy\Scan the system -> No File <==== ATTENTION

Task: {E8975AF6-E371-4E24-8674-6C52B4EAE5B8} - System32\Tasks\HP Photo Creations Communicator => C:\Users\David\AppData\Roaming\HP Photo Creations\Communicator.exe [186368 2011-06-16] (Visan Industries -> )

Task: {E9CD334E-9AB0-401E-B79D-EB70FBDAF116} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [1952448 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)

Task: {EB9BEDEE-2809-4E90-A553-244A143E13A6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1073528 2019-04-02] (HP Inc. -> HP Inc.)

Task: {F0900528-8615-4F5A-A776-72357797D015} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [1213416 2019-04-12] (Sony Corporation -> Sony Corporation)

Task: {F31E6D9D-5442-4499-9F77-1AFEFE21A599} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [3152360 2019-04-12] (Sony Corporation -> Sony Corporation)

Task: {F7E3E331-052B-4F54-9109-B9157633576E} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [503424 2014-11-17] (Sony Corporation -> Sony Corporation)

Task: {FA4EE449-A473-485A-BE52-A00BB691DB36} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [503424 2014-11-17] (Sony Corporation -> Sony Corporation)

Task: {FE09554C-9A31-404B-9AD5-06047A5AB3EF} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [538280 2012-09-06] (Sony Corporation -> Sony Corporation)

Task: {FFAFE67E-7417-4FDD-BA5A-48DC2A7D94B5} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3199809883-61864900-496248842-1001Core.job => C:\Users\David\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3199809883-61864900-496248842-1001UA.job => C:\Users\David\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\HP Photo Creations Communicator.job => C:\Users\David\AppData\Roaming\HP Photo Creations\Communicator.exe

Task: C:\WINDOWS\Tasks\HPCeeScheduleForDavid.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

Tcpip\..\Interfaces\{6fbef3f6-e4d6-49ce-9f7b-977942c2cc19}: [DhcpNameServer] 50.233.39.194 50.233.39.193 192.168.1.1

Tcpip\..\Interfaces\{9ff057e2-3eca-4bcd-90bc-59b82789396e}: [DhcpNameServer] 75.75.75.75 75.75.76.76

Tcpip\..\Interfaces\{b35869f5-a8c9-4b9d-9dee-18d4b49cbc77}: [DhcpNameServer] 172.20.10.1

Internet Explorer:

==================

HKU\S-1-5-21-3199809883-61864900-496248842-1001\Software\Microsoft\Internet Explorer\Main,Start Page = file:///C:/Users/David/dpc%20(Newlaptop)/davehom16a.htm

SearchScopes: HKLM -> DefaultScope value is missing

SearchScopes: HKLM-x32 -> DefaultScope value is missing

SearchScopes: HKU\S-1-5-21-3199809883-61864900-496248842-1001 -> DefaultScope D944692F681E415B822A203AC76693E4 URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}

SearchScopes: HKU\S-1-5-21-3199809883-61864900-496248842-1001 -> D944692F681E415B822A203AC76693E4 URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}

SearchScopes: HKU\S-1-5-21-3199809883-61864900-496248842-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc -> Google Inc.)

BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> No File

BHO-x32: Dashlane BHO -> {42D79B50-CC4A-4A8E-860F-BE674AF053A2} -> C:\Users\David\AppData\Roaming\Dashlane\ie\Dashlanei.dll [2019-06-10] (Dashlane USA, Inc. -> Dashlane, Inc.)

BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-05-21] (Oracle America, Inc. -> Oracle Corporation)

BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2018-11-01] (Evernote Corporation -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc -> Google Inc.)

BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-05-21] (Oracle America, Inc. -> Oracle Corporation)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc -> Google Inc.)

Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc -> Google Inc.)

Toolbar: HKLM-x32 - Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\David\AppData\Roaming\Dashlane\ie\KWIEBar.dll [2019-06-10] (Dashlane USA, Inc. -> Dashlane, Inc.)

Toolbar: HKU\S-1-5-21-3199809883-61864900-496248842-1001 -> No Name - {B24BA06E-FB7B-4757-95C2-DC01125F750E} - No File

DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.24.0.cab

DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://akamaicdn.webex.com/client/WBXclient-T28L10NSP10EP1-16277/webex/ieatgpc1.cab

DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} hxxps://remoteoffice.mizuhosecurities.com/dana-cached/sc/JuniperSetupClient.cab

DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} hxxps://secure.logmein.com//activex/ractrl.cab?lmi=1058

FireFox:

========

FF DefaultProfile: 92o22qtv.default-1497019795269

FF ProfilePath: C:\Users\David\AppData\Roaming\TomTom\HOME\Profiles\80vptxht.default [2017-07-03]

FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\92o22qtv.default-1497019795269 [2019-06-11]

FF Homepage: Mozilla\Firefox\Profiles\92o22qtv.default-1497019795269 -> hxxps://zoom.us/profile|hxxps://vcse1.openexc.com/login|hxxps://vcse2.openexc.com/overview|hxxps://63.251.135.14/conference.html?name=30348%20-%20Chubb%2fCS

FF NewTabOverride: Mozilla\Firefox\Profiles\92o22qtv.default-1497019795269 -> Disabled: newtaboverride@agenedia.com

FF NewTabOverride: Mozilla\Firefox\Profiles\92o22qtv.default-1497019795269 -> Enabled: jetpack-extension@dashlane.com

FF NewTabOverride: Mozilla\Firefox\Profiles\92o22qtv.default-1497019795269 -> Enabled: httpdns@shield.mozilla.org

FF Extension: (ReloadMatic) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\92o22qtv.default-1497019795269\Extensions\0.id@reloadmatic.webex.xpi [2018-05-08]

FF Extension: (Cisco WebEx Extension) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\92o22qtv.default-1497019795269\Extensions\ciscowebexstart1@cisco.com.xpi [2017-11-08]

FF Extension: (Dashlane) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\92o22qtv.default-1497019795269\Extensions\jetpack-extension@dashlane.com.xpi [2019-06-03] [UpdateUrl:hxxps://ws1.dashlane.com/5/binaries/query?logins=&platform=firefox&target=ff_web_extension&format=json&version=]

FF Extension: (Honey) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\92o22qtv.default-1497019795269\Extensions\jid1-93CWPmRbVPjRQA@jetpack.xpi [2019-06-03]

FF Extension: (New Tab Override) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\92o22qtv.default-1497019795269\Extensions\newtaboverride@agenedia.com.xpi [2018-12-31]

FF ProfilePath: C:\Users\David\AppData\Roaming\KompoZer\Profiles\1xwz33vp.default [2014-10-07]

FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon => not found

FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook

FF Extension: (FiddlerHook) - C:\Program Files (x86)\Fiddler2\FiddlerHook [2014-01-16] [Legacy] [not signed]

FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon => not found

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_207.dll [2019-06-11] (Adobe Inc. -> )

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_207.dll [2019-06-11] (Adobe Inc. -> )

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-05-21] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-05-21] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2013-12-10] (Nero AG -> Nero AG)

FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2012-07-12] (Sony Corporation) [File not signed]

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)

FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-02] (Adobe Inc. -> Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-3199809883-61864900-496248842-1001: 8x8.com/VMPlugin -> C:\Program Files (x86)\8x8 Virtual Office\8x8 - Virtual Office\VMPlugin\npVMPlugin.dll [No File]

FF Plugin HKU\S-1-5-21-3199809883-61864900-496248842-1001: 8x8.com/VMPlugin64_x86_64 -> C:\Program Files (x86)\8x8 Virtual Office\8x8 - Virtual Office\VMPlugin64\npVMPlugin64.dll [No File]

FF Plugin HKU\S-1-5-21-3199809883-61864900-496248842-1001: @radvision.com/ConfClient -> C:\Users\David\AppData\Local\Radvision\Installer\1.5.5.1\npclientinstmgr.dll [2016-04-29] (Avaya Inc. -> Avaya, Inc.)

FF Plugin HKU\S-1-5-21-3199809883-61864900-496248842-1001: @ringcentral.com/RingCentralMeetingsPlugin -> C:\Users\David\AppData\Roaming\RingCentralMeetings\bin\nprcmsplugin.dll [2018-04-23] (RingCentral, Inc. -> RingCentral Video Communications, Inc. and RingCentral Inc.)

FF Plugin HKU\S-1-5-21-3199809883-61864900-496248842-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\David\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-06-16] (Visan Industries -> RocketLife, LLP)

FF Plugin HKU\S-1-5-21-3199809883-61864900-496248842-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\David\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google Inc -> Google)

FF Plugin HKU\S-1-5-21-3199809883-61864900-496248842-1001: @talk.google.com/O1DPlugin -> C:\Users\David\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google Inc -> Google)

FF Plugin HKU\S-1-5-21-3199809883-61864900-496248842-1001: @tools.google.com/Google Update;version=3 -> C:\Users\David\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)

FF Plugin HKU\S-1-5-21-3199809883-61864900-496248842-1001: @tools.google.com/Google Update;version=9 -> C:\Users\David\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)

FF Plugin HKU\S-1-5-21-3199809883-61864900-496248842-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\David\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2019-04-22] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

FF Plugin HKU\S-1-5-21-3199809883-61864900-496248842-1001: bluejeans.com/rbjninstallplugin -> C:\Users\David\AppData\Roaming\Blue Jeans\rbjnplugin\1.6.199.5\nprbjninstallplugin_1.6.199.5.dll [2013-06-15] (Blue Jeans Network -> Blue Jeans)

FF Plugin HKU\S-1-5-21-3199809883-61864900-496248842-1001: bluejeans.com/rbjnplugin -> C:\Users\David\AppData\Roaming\Blue Jeans\rbjnplugin\1.6.199.5\nprbjnplugin_1.6.199.5.dll [2013-06-15] (Blue Jeans Network -> Blue Jeans)

FF Plugin HKU\S-1-5-21-3199809883-61864900-496248842-1001: SkypeForBusinessPlugin-15.8 -> C:\Users\David\AppData\Local\Microsoft\SkypeForBusinessPlugin\15.8.20020.400\npGatewayNpapi.dll [2015-06-15] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin HKU\S-1-5-21-3199809883-61864900-496248842-1001: SkypeForBusinessPlugin64-15.8 -> C:\Users\David\AppData\Local\Microsoft\SkypeForBusinessPlugin\15.8.20020.400\npGatewayNpapi-x64.dll [2015-06-15] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin HKU\S-1-5-21-3199809883-61864900-496248842-1001: vidyo.com/VidyoWeb_1.4.0.0006 -> C:\Users\David\AppData\Roaming\VidyoInc\VidyoWeb\1.4.0.0006\npVidyoWeb.dll [2016-02-12] (Vidyo Inc. -> Vidyo, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Users\David\AppData\Roaming\mozilla\plugins\npatgpc.dll [2017-11-08]

FF Plugin ProgramFiles/Appdata: C:\Users\David\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2017-11-08]

FF Plugin ProgramFiles/Appdata: C:\Users\David\AppData\Roaming\mozilla\plugins\npo1d.dll [2017-11-08]

FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-05-26] <==== ATTENTION

Chrome:

=======

CHR DefaultProfile: Default

CHR HomePage: Default -> file:///C:/users/Public/Documents/davehom16a.htm

CHR StartupUrls: Default -> "file:///C:/users/Public/Documents/davehom16a.htm"

CHR NewTab: Default -> Active:"chrome-extension://icpgjfneehieebagbmdbhnlpiopdcmna/main.html"

CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default [2019-07-07]

CHR Extension: (Easy Auto Refresh) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2019-07-05]

CHR Extension: (Consumer Reports) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\abmigknmjdpedgfbfjphohjdocmkapak [2019-05-10]

CHR Extension: (Docs) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-19]

CHR Extension: (Google Drive) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]

CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]

CHR Extension: (Honey) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2019-06-14]

CHR Extension: (HelloFax) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\bocmleclimfnadgmcdgecijlblfcmfnm [2019-03-04]

CHR Extension: (Pushbullet) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2019-06-11]

CHR Extension: (OneNote Online) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciniambnphakdoflgeamacamhfllbkmo [2018-12-06]

CHR Extension: (Google Search) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]

CHR Extension: (Adobe Acrobat) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-06-11]

CHR Extension: (Vidyo Screen Share) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadjebjcpiiklefiadeicakcnkhgbaoo [2017-01-08]

CHR Extension: (Dashlane - Password Manager) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2019-07-05]

CHR Extension: (Chrome Remote Desktop) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-05-09]

CHR Extension: (Google Docs Offline) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]

CHR Extension: (Zoom) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmbjbjdpkobdjplfobhljndfdfdipjhg [2019-06-19]

CHR Extension: (New Tab Redirect) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2019-07-06]

CHR Extension: (Acano) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikalnbacgeabafoblilnnihbfgnbjfi [2015-09-11]

CHR Extension: (Cisco Jabber Guest) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbglbakaieakcdiaiabbihafndhapfki [2018-05-01]

CHR Extension: (Cisco Webex Extension) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2019-06-14]

CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-07]

CHR Extension: (Google Maps) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-09-21]

CHR Extension: (Chrome Web Store Payments) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-07]

CHR Extension: (FoxClocks) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\obcbigljfpgappaaofailjjoabiikckk [2019-03-30]

CHR Extension: (Hola - Unlimited Proxy VPN) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\opalpjjboefohnelaemnhdhlceibbcgl [2015-11-16]

CHR Extension: (XFINITY® TV Go Stream Live TV Online) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbefpbidnpmpfbkledpohpejdcgfnfif [2016-09-18]

CHR Extension: (Gmail) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-09]

CHR Extension: (Chrome Media Router) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-25]

CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security Suite\Engine\22.6.0.142\Exts\Chrome.crx <not found>

CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

CHR HKU\S-1-5-21-3199809883-61864900-496248842-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security Suite\Engine\22.6.0.142\Exts\Chrome.crx <not found>

CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-04-29] (Apple Inc. -> Apple Inc.)

R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\74.0.3729.56\remoting_host.exe [73200 2019-04-01] (Google LLC -> Google Inc.)

S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-08] (Dropbox, Inc -> Dropbox, Inc.)

S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-08] (Dropbox, Inc -> Dropbox, Inc.)

R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-06-24] (Dropbox, Inc -> Dropbox, Inc.)

S3 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] (Intel® Software Development Products -> )

R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [107344 2012-11-20] (CONDUSIV TECHNOLOGIES -> Condusiv Technologies)

R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [356728 2019-06-12] (HP Inc. -> HP Inc.)

R2 IDriveService; C:\Program Files (x86)\IDriveWindows\id_service.exe [154656 2016-01-18] (Pro Softnet Corporation -> Prosoftnet)

R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [319096 2016-05-12] (Intel Corporation - pGFX -> Intel Corporation)

R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation -> Intel Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation -> Intel Corporation)

R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)

R2 NbfcService; C:\Program Files (x86)\NoteBook FanControl\NbfcService.exe [7168 2016-12-17] (StagWare) [File not signed]

R2 nebula; C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe [4486896 2018-06-26] (Logitech Inc -> Logitech)

S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-11-14] (Hewlett-Packard) [File not signed]

S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [625240 2013-09-28] (Sony Corporation -> Sony Corporation)

R2 NWHelper; C:\Program Files (x86)\Novatel Wireless\MiFi4510\Drivers\NWHelper.exe [270336 2010-06-03] (Novatel Wireless Inc.) [File not signed]

R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481304 2013-11-21] (Sony Corporation -> Sony Corporation)

S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-11-14] (Hewlett-Packard) [File not signed]

S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc. -> CACE Technologies, Inc.)

R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16120 2017-03-27] (Seagate Technology LLC -> Seagate Technology LLC)

R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [143560 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)

S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2012-09-19] (Sony Corporation) [File not signed]

S2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [156928 2016-11-17] (Intel® Software Development Products -> )

R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11814232 2019-06-05] (TeamViewer GmbH -> TeamViewer GmbH)

S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] (Intel® Software Development Products -> )

S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation) [File not signed]

R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1738728 2019-04-12] (Sony Corporation -> Sony Corporation)

R2 VZWConfigService; C:\Program Files (x86)\Novatel Wireless\LTE Support\VZWMSConfig.exe [169472 2011-02-11] (Novatel Wireless Inc.) [File not signed]

R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\NisSrv.exe [2433136 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MsMpEng.exe [109896 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-11-28] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2018-04-11] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)

R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [610336 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros)

R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink -> CyberLink)

R3 dbx; C:\WINDOWS\System32\DRIVERS\dbx.sys [47600 2019-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Dropbox, Inc.)

R1 excfs; C:\WINDOWS\System32\DRIVERS\excfs.sys [25424 2012-11-20] (CONDUSIV TECHNOLOGIES -> Condusiv Technologies)

R0 excsd; C:\WINDOWS\System32\DRIVERS\excsd.sys [111952 2012-11-20] (CONDUSIV TECHNOLOGIES -> Condusiv Technologies)

R1 googledrivefs2713; C:\WINDOWS\System32\DRIVERS\googledrivefs2713.sys [123736 2019-05-06] (Google LLC -> Google, Inc.)

S3 LcUvcUpper; C:\WINDOWS\system32\DRIVERS\LcUvcUpper.sys [34408 2013-10-14] (Microsoft Corporation -> Microsoft Corporation)

S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)

R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-06-25] (Malwarebytes Corporation -> Malwarebytes)

S3 NANMp50; C:\WINDOWS\System32\Drivers\NANMp50.sys [46776 2010-03-25] (PRINTING COMMUNICATIONS ASSOCIATES, INC -> Printing Communications Assoc., Inc. (PCAUSA))

S3 NANSp50; C:\WINDOWS\System32\Drivers\NANSp50.sys [45752 2010-03-25] (PRINTING COMMUNICATIONS ASSOCIATES, INC -> Printing Communications Assoc., Inc. (PCAUSA))

S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2013-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)

S3 netr28ux; C:\WINDOWS\System32\drivers\netr28ux.sys [2224128 2018-04-11] (Microsoft Windows -> MediaTek Inc.)

R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc. -> CACE Technologies, Inc.)

R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-11] (Microsoft Windows -> Realtek )

R3 SFEP; C:\WINDOWS\System32\drivers\SFEP.sys [14336 2012-07-11] (Microsoft Windows Hardware Compatibility Publisher -> Sony Corporation)

R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-05-27] (Synaptics Incorporated -> Synaptics Incorporated)

R3 SOWS; C:\WINDOWS\System32\drivers\sows.sys [24280 2012-06-10] (WDKTestCert kaneda,129651282666891607 -> Sony Corporation)

R2 speedfan; C:\WINDOWS\SysWoW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)

S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)

S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47496 2019-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [337632 2019-06-05] (Microsoft Windows -> Microsoft Corporation)

R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-06-05] (Microsoft Windows -> Microsoft Corporation)

R1 WinRing0_1_2_0; C:\PROGRAM FILES (X86)\NOTEBOOK FANCONTROL\PLUGINS\WinRing0x64.sys [14544 2018-07-18] (Noriyuki MIYAZAKI -> OpenLibSys.org)

S3 cpuz140; \??\C:\Users\David\AppData\Local\Temp\cpuz140\cpuz140_x64.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-07 08:15 - 2019-07-07 08:22 - 000076476 _____ C:\Users\David\Desktop\FRST.txt

2019-07-07 08:15 - 2019-07-07 08:15 - 000000000 ____D C:\FRST

2019-07-07 08:12 - 2019-07-07 08:12 - 002420224 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe

2019-07-05 11:09 - 2019-07-05 11:09 - 000006352 _____ C:\Users\Public\Documents\davehom16a.htm

2019-07-05 10:53 - 2019-07-05 10:53 - 000000000 ___SH C:\DkHyperbootSync

2019-07-04 05:21 - 2019-07-04 05:21 - 000000000 ___HD C:\OneDriveTemp

2019-06-26 01:45 - 2019-06-26 01:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox

2019-06-24 08:12 - 2019-06-24 08:12 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe

2019-06-24 08:12 - 2019-06-24 08:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys

2019-06-24 08:12 - 2019-06-24 08:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys

2019-06-24 08:12 - 2019-06-24 08:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys

2019-06-24 08:12 - 2019-06-24 08:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx.sys

2019-06-22 21:48 - 2019-06-25 07:46 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys

2019-06-14 06:01 - 2019-06-07 07:04 - 021388752 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2019-06-14 06:01 - 2019-06-07 01:57 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll

2019-06-14 06:01 - 2019-06-07 01:57 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll

2019-06-14 06:01 - 2019-06-07 01:56 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2019-06-14 06:01 - 2019-06-07 01:46 - 006569344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll

2019-06-14 06:01 - 2019-06-07 01:38 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2019-06-14 06:01 - 2019-06-07 01:37 - 022019584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2019-06-14 06:01 - 2019-06-07 01:31 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2019-06-14 06:01 - 2019-06-07 01:27 - 022718976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2019-06-14 06:01 - 2019-06-07 01:21 - 007588864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll

2019-06-14 06:01 - 2019-05-17 02:42 - 005625160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll

2019-06-14 06:01 - 2019-05-17 02:19 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2019-06-14 06:01 - 2019-05-17 01:44 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

2019-06-14 06:01 - 2019-05-17 01:38 - 004709376 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll

2019-06-14 06:01 - 2019-05-17 01:31 - 004937216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2019-06-14 06:00 - 2019-06-07 07:04 - 001633136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll

2019-06-14 06:00 - 2019-06-07 06:48 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll

2019-06-14 06:00 - 2019-06-07 06:47 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll

2019-06-14 06:00 - 2019-06-07 06:45 - 012756480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2019-06-14 06:00 - 2019-06-07 06:42 - 003613696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

2019-06-14 06:00 - 2019-06-07 06:41 - 004055552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll

2019-06-14 06:00 - 2019-06-07 06:40 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll

2019-06-14 06:00 - 2019-06-07 06:40 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll

2019-06-14 06:00 - 2019-06-07 06:23 - 001453920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll

2019-06-14 06:00 - 2019-06-07 06:19 - 020383832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2019-06-14 06:00 - 2019-06-07 06:10 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll

2019-06-14 06:00 - 2019-06-07 06:07 - 011942400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2019-06-14 06:00 - 2019-06-07 06:04 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll

2019-06-14 06:00 - 2019-06-07 06:04 - 002881536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys

2019-06-14 06:00 - 2019-06-07 06:04 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll

2019-06-14 06:00 - 2019-06-07 02:07 - 000707384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys

2019-06-14 06:00 - 2019-06-07 02:01 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe

2019-06-14 06:00 - 2019-06-07 01:58 - 001220112 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe

2019-06-14 06:00 - 2019-06-07 01:58 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe

2019-06-14 06:00 - 2019-06-07 01:58 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe

2019-06-14 06:00 - 2019-06-07 01:58 - 000422416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll

2019-06-14 06:00 - 2019-06-07 01:58 - 000135176 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll

2019-06-14 06:00 - 2019-06-07 01:58 - 000076304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys

2019-06-14 06:00 - 2019-06-07 01:57 - 002811192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2019-06-14 06:00 - 2019-06-07 01:57 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys

2019-06-14 06:00 - 2019-06-07 01:57 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll

2019-06-14 06:00 - 2019-06-07 01:57 - 001209696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll

2019-06-14 06:00 - 2019-06-07 01:57 - 000792888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys

2019-06-14 06:00 - 2019-06-07 01:57 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys

2019-06-14 06:00 - 2019-06-07 01:57 - 000594024 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe

2019-06-14 06:00 - 2019-06-07 01:57 - 000494304 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll

2019-06-14 06:00 - 2019-06-07 01:57 - 000435000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll

2019-06-14 06:00 - 2019-06-07 01:57 - 000413720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll

2019-06-14 06:00 - 2019-06-07 01:57 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys

2019-06-14 06:00 - 2019-06-07 01:57 - 000383504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys

2019-06-14 06:00 - 2019-06-07 01:57 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys

2019-06-14 06:00 - 2019-06-07 01:57 - 000148280 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll

2019-06-14 06:00 - 2019-06-07 01:57 - 000137448 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll

2019-06-14 06:00 - 2019-06-07 01:56 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll

2019-06-14 06:00 - 2019-06-07 01:47 - 000380432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll

2019-06-14 06:00 - 2019-06-07 01:47 - 000097272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll

2019-06-14 06:00 - 2019-06-07 01:46 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll

2019-06-14 06:00 - 2019-06-07 01:46 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll

2019-06-14 06:00 - 2019-06-07 01:46 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll

2019-06-14 06:00 - 2019-06-07 01:46 - 000581048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll

2019-06-14 06:00 - 2019-06-07 01:46 - 000357072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll

2019-06-14 06:00 - 2019-06-07 01:46 - 000128792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll

2019-06-14 06:00 - 2019-06-07 01:24 - 005784064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll

2019-06-14 06:00 - 2019-06-07 01:24 - 003400704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2019-06-14 06:00 - 2019-06-07 01:24 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll

2019-06-14 06:00 - 2019-06-07 01:23 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll

2019-06-14 06:00 - 2019-06-07 01:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll

2019-06-14 06:00 - 2019-06-07 01:23 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll

2019-06-14 06:00 - 2019-06-07 01:22 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll

2019-06-14 06:00 - 2019-06-07 01:22 - 003710976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2019-06-14 06:00 - 2019-06-07 01:22 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll

2019-06-14 06:00 - 2019-06-07 01:22 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll

2019-06-14 06:00 - 2019-06-07 01:22 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll

2019-06-14 06:00 - 2019-06-07 01:21 - 004866048 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2019-06-14 06:00 - 2019-06-07 01:21 - 001778688 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2019-06-14 06:00 - 2019-06-07 01:21 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll

2019-06-14 06:00 - 2019-06-07 01:21 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll

2019-06-14 06:00 - 2019-06-07 01:21 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll

2019-06-14 06:00 - 2019-06-07 01:20 - 002610688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll

2019-06-14 06:00 - 2019-06-07 01:20 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll

2019-06-14 06:00 - 2019-06-07 01:20 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll

2019-06-14 06:00 - 2019-06-07 01:20 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll

2019-06-14 06:00 - 2019-06-07 01:19 - 003212288 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll

2019-06-14 06:00 - 2019-06-07 01:19 - 002175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll

2019-06-14 06:00 - 2019-06-07 01:19 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll

2019-06-14 06:00 - 2019-06-07 01:19 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll

2019-06-14 06:00 - 2019-06-07 01:19 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll

2019-06-14 06:00 - 2019-06-07 01:19 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll

2019-06-14 06:00 - 2019-06-07 01:18 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

2019-06-14 06:00 - 2019-06-07 01:18 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll

2019-06-14 06:00 - 2019-06-07 01:18 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2019-06-14 06:00 - 2019-06-07 01:17 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll

2019-06-14 06:00 - 2019-06-07 01:17 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll

2019-06-14 06:00 - 2019-06-07 01:17 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll

2019-06-14 06:00 - 2019-06-07 01:16 - 001102336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys

2019-06-14 06:00 - 2019-06-07 01:16 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll

2019-06-14 06:00 - 2019-06-07 01:16 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2019-06-14 06:00 - 2019-06-07 01:16 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll

2019-06-14 06:00 - 2019-06-07 00:00 - 000001308 _____ C:\WINDOWS\system32\tcbres.wim

2019-06-14 06:00 - 2019-05-18 18:12 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll

2019-06-14 06:00 - 2019-05-18 18:12 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll

2019-06-14 06:00 - 2019-05-18 18:12 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll

2019-06-14 06:00 - 2019-05-18 18:12 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll

2019-06-14 06:00 - 2019-05-17 08:44 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe

2019-06-14 06:00 - 2019-05-17 08:40 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL

2019-06-14 06:00 - 2019-05-17 08:40 - 000280888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys

2019-06-14 06:00 - 2019-05-17 08:27 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2019-06-14 06:00 - 2019-05-17 08:26 - 004393984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll

2019-06-14 06:00 - 2019-05-17 08:25 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll

2019-06-14 06:00 - 2019-05-17 08:25 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe

2019-06-14 06:00 - 2019-05-17 08:25 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe

2019-06-14 06:00 - 2019-05-17 08:24 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll

2019-06-14 06:00 - 2019-05-17 08:23 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll

2019-06-14 06:00 - 2019-05-17 08:22 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2019-06-14 06:00 - 2019-05-17 08:22 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll

2019-06-14 06:00 - 2019-05-17 08:21 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll

2019-06-14 06:00 - 2019-05-17 08:21 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll

2019-06-14 06:00 - 2019-05-17 08:21 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll

2019-06-14 06:00 - 2019-05-17 08:21 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3gpui.dll

2019-06-14 06:00 - 2019-05-17 08:21 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2019-06-14 06:00 - 2019-05-17 08:20 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2019-06-14 06:00 - 2019-05-17 08:19 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2019-06-14 06:00 - 2019-05-17 08:07 - 002206424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL

2019-06-14 06:00 - 2019-05-17 08:00 - 005658112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2019-06-14 06:00 - 2019-05-17 07:58 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe

2019-06-14 06:00 - 2019-05-17 07:56 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2019-06-14 06:00 - 2019-05-17 07:56 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3gpui.dll

2019-06-14 06:00 - 2019-05-17 07:55 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll

2019-06-14 06:00 - 2019-05-17 07:55 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2019-06-14 06:00 - 2019-05-17 07:55 - 000470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll

2019-06-14 06:00 - 2019-05-17 07:54 - 002016768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2019-06-14 06:00 - 2019-05-17 07:54 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll

2019-06-14 06:00 - 2019-05-17 05:33 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll

2019-06-14 06:00 - 2019-05-17 04:52 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll

2019-06-14 06:00 - 2019-05-17 03:07 - 000105272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys

2019-06-14 06:00 - 2019-05-17 02:44 - 000829960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe

2019-06-14 06:00 - 2019-05-17 02:44 - 000550520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll

2019-06-14 06:00 - 2019-05-17 02:43 - 000297688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll

2019-06-14 06:00 - 2019-05-17 02:42 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll

2019-06-14 06:00 - 2019-05-17 02:42 - 002256560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2019-06-14 06:00 - 2019-05-17 02:42 - 001989552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll

2019-06-14 06:00 - 2019-05-17 02:42 - 001980256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll

2019-06-14 06:00 - 2019-05-17 02:42 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2019-06-14 06:00 - 2019-05-17 02:42 - 001380096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll

2019-06-14 06:00 - 2019-05-17 02:42 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll

2019-06-14 06:00 - 2019-05-17 02:42 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll

2019-06-14 06:00 - 2019-05-17 02:42 - 000125504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll

2019-06-14 06:00 - 2019-05-17 02:30 - 013878784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

2019-06-14 06:00 - 2019-05-17 02:26 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll

2019-06-14 06:00 - 2019-05-17 02:23 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe

2019-06-14 06:00 - 2019-05-17 02:23 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll

2019-06-14 06:00 - 2019-05-17 02:23 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll

2019-06-14 06:00 - 2019-05-17 02:22 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll

2019-06-14 06:00 - 2019-05-17 02:22 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll

2019-06-14 06:00 - 2019-05-17 02:21 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll

2019-06-14 06:00 - 2019-05-17 02:21 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe

2019-06-14 06:00 - 2019-05-17 02:21 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll

2019-06-14 06:00 - 2019-05-17 02:20 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll

2019-06-14 06:00 - 2019-05-17 02:20 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll

2019-06-14 06:00 - 2019-05-17 02:19 - 001630720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2019-06-14 06:00 - 2019-05-17 02:19 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll

2019-06-14 06:00 - 2019-05-17 02:19 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll

2019-06-14 06:00 - 2019-05-17 02:19 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll

2019-06-14 06:00 - 2019-05-17 02:19 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll

2019-06-14 06:00 - 2019-05-17 02:18 - 002796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll

2019-06-14 06:00 - 2019-05-17 02:18 - 001006592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll

2019-06-14 06:00 - 2019-05-17 02:18 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll

2019-06-14 06:00 - 2019-05-17 02:08 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi

2019-06-14 06:00 - 2019-05-17 02:08 - 000723432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll

2019-06-14 06:00 - 2019-05-17 02:08 - 000491200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll

2019-06-14 06:00 - 2019-05-17 02:08 - 000401328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll

2019-06-14 06:00 - 2019-05-17 02:07 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll

2019-06-14 06:00 - 2019-05-17 02:07 - 002768960 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2019-06-14 06:00 - 2019-05-17 02:07 - 002571640 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll

2019-06-14 06:00 - 2019-05-17 02:07 - 002467320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll

2019-06-14 06:00 - 2019-05-17 02:07 - 001459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi

2019-06-14 06:00 - 2019-05-17 02:07 - 001288712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll

2019-06-14 06:00 - 2019-05-17 02:07 - 001260272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe

2019-06-14 06:00 - 2019-05-17 02:07 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe

2019-06-14 06:00 - 2019-05-17 02:07 - 000275768 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll

2019-06-14 06:00 - 2019-05-17 02:07 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll

2019-06-14 06:00 - 2019-05-17 02:06 - 001943136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2019-06-14 06:00 - 2019-05-17 02:06 - 001784696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll

2019-06-14 06:00 - 2019-05-17 02:06 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll

2019-06-14 06:00 - 2019-05-17 02:06 - 001140992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi

2019-06-14 06:00 - 2019-05-17 02:06 - 001098056 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll

2019-06-14 06:00 - 2019-05-17 02:06 - 000983424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe

2019-06-14 06:00 - 2019-05-17 02:06 - 000151888 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll

2019-06-14 06:00 - 2019-05-17 02:04 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll

2019-06-14 06:00 - 2019-05-17 02:00 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll

2019-06-14 06:00 - 2019-05-17 01:37 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll

2019-06-14 06:00 - 2019-05-17 01:37 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll

2019-06-14 06:00 - 2019-05-17 01:37 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll

2019-06-14 06:00 - 2019-05-17 01:36 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys

2019-06-14 06:00 - 2019-05-17 01:36 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll

2019-06-14 06:00 - 2019-05-17 01:36 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll

2019-06-14 06:00 - 2019-05-17 01:36 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll

2019-06-14 06:00 - 2019-05-17 01:36 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe

2019-06-14 06:00 - 2019-05-17 01:36 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll

2019-06-14 06:00 - 2019-05-17 01:36 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll

2019-06-14 06:00 - 2019-05-17 01:35 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe

2019-06-14 06:00 - 2019-05-17 01:35 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe

2019-06-14 06:00 - 2019-05-17 01:35 - 000322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe

2019-06-14 06:00 - 2019-05-17 01:34 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll

2019-06-14 06:00 - 2019-05-17 01:34 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll

2019-06-14 06:00 - 2019-05-17 01:34 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll

2019-06-14 06:00 - 2019-05-17 01:34 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe

2019-06-14 06:00 - 2019-05-17 01:34 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll

2019-06-14 06:00 - 2019-05-17 01:34 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll

2019-06-14 06:00 - 2019-05-17 01:34 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll

2019-06-14 06:00 - 2019-05-17 01:34 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll

2019-06-14 06:00 - 2019-05-17 01:33 - 003091456 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll

2019-06-14 06:00 - 2019-05-17 01:33 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2019-06-14 06:00 - 2019-05-17 01:33 - 002370560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll

2019-06-14 06:00 - 2019-05-17 01:33 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll

2019-06-14 06:00 - 2019-05-17 01:33 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll

2019-06-14 06:00 - 2019-05-17 01:33 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys

2019-06-14 06:00 - 2019-05-17 01:33 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll

2019-06-14 06:00 - 2019-05-17 01:32 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll

2019-06-14 06:00 - 2019-05-17 01:32 - 000815104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll

2019-06-14 06:00 - 2019-05-17 01:31 - 003376640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll

2019-06-14 06:00 - 2019-05-17 01:31 - 003293184 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll

2019-06-14 06:00 - 2019-05-17 01:31 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll

2019-06-14 06:00 - 2019-05-17 01:31 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2019-06-14 06:00 - 2019-05-17 01:31 - 001383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll

2019-06-14 06:00 - 2019-05-17 01:31 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll

2019-06-14 06:00 - 2019-05-17 01:31 - 001211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll

2019-06-14 06:00 - 2019-05-17 01:31 - 001027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll

2019-06-14 06:00 - 2019-05-17 01:31 - 000620032 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll

2019-06-14 06:00 - 2019-05-17 01:31 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll

2019-06-14 06:00 - 2019-05-17 01:30 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll

2019-06-14 06:00 - 2019-05-17 01:30 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll

2019-06-14 06:00 - 2019-05-17 01:30 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll

2019-06-11 17:14 - 2019-02-13 01:47 - 001909560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll

2019-06-11 07:49 - 2019-06-11 07:49 - 000001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk

2019-06-11 07:49 - 2019-06-11 07:49 - 000001028 _____ C:\Users\Public\Desktop\TeamViewer 14.lnk

2019-06-11 07:22 - 2019-06-11 07:22 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk

2019-06-11 07:22 - 2019-06-11 07:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2019-06-11 07:22 - 2019-06-11 07:22 - 000000000 ____D C:\Program Files\iPod

2019-06-11 07:20 - 2019-06-11 07:22 - 000000000 ____D C:\Program Files\iTunes

2019-06-11 07:03 - 2019-06-11 07:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud

2019-06-11 04:22 - 2019-06-11 06:08 - 004650040 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-07 08:23 - 2018-07-12 17:37 - 000004148 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A884EA09-47D2-445A-9A3F-C4A36B4EBEFC}

2019-07-07 08:05 - 2018-07-12 16:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy

2019-07-07 06:40 - 2018-04-11 19:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2019-07-06 21:59 - 2019-02-10 23:58 - 000003242 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForDavid

2019-07-06 21:59 - 2019-02-10 23:57 - 000000350 _____ C:\WINDOWS\Tasks\HPCeeScheduleForDavid.job

2019-07-05 11:47 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\AppReadiness

2019-07-05 10:46 - 2013-05-30 13:59 - 000000000 ____D C:\Users\David\AppData\Roaming\Ditto

2019-07-04 09:59 - 2015-07-31 18:21 - 000000000 ____D C:\Users\David\AppData\Roaming\Slack

2019-07-04 05:21 - 2014-01-19 15:09 - 000000000 ___RD C:\Users\David\SkyDrive

2019-07-04 05:19 - 2018-07-12 17:37 - 000003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3199809883-61864900-496248842-1001

2019-07-04 05:19 - 2018-07-12 16:43 - 000002397 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2019-07-01 15:10 - 2018-05-15 18:25 - 000002088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drive File Stream.lnk

2019-07-01 03:58 - 2013-04-05 16:39 - 000000000 ____D C:\Users\David\AppData\Local\CrashDumps

2019-06-30 05:33 - 2018-04-11 19:38 - 000000000 ___HD C:\Program Files\WindowsApps

2019-06-30 05:24 - 2016-10-27 09:26 - 000000000 ____D C:\Users\David\AppData\Roaming\Dashlane

2019-06-28 12:16 - 2014-01-24 12:43 - 000000000 ____D C:\Program Files (x86)\TeamViewer

2019-06-27 17:50 - 2018-07-10 20:31 - 000000000 ____D C:\ProgramData\Packages

2019-06-26 01:47 - 2016-06-08 09:58 - 000000000 ____D C:\Program Files (x86)\Dropbox

2019-06-25 11:27 - 2014-10-02 12:46 - 000000000 __SHD C:\Users\David\IntelGraphicsProfiles

2019-06-25 11:26 - 2018-07-12 16:43 - 000000000 ____D C:\Users\David

2019-06-25 07:44 - 2018-07-12 17:37 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT

2019-06-22 21:45 - 2018-04-11 17:04 - 001835008 _____ C:\WINDOWS\system32\config\BBI

2019-06-22 09:23 - 2018-01-11 19:26 - 000000000 ____D C:\Program Files\rempl

2019-06-21 04:17 - 2013-03-23 22:11 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2019-06-20 12:27 - 2016-01-04 07:37 - 000000000 ___RD C:\Users\David\iCloudDrive

2019-06-19 15:16 - 2018-01-03 12:40 - 000002000 _____ C:\Users\David\Desktop\Dashlane.lnk

2019-06-19 12:08 - 2017-06-15 13:01 - 000000000 ____D C:\Program Files\UNP

2019-06-19 09:43 - 2019-03-07 04:30 - 000001814 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dashlane.lnk

2019-06-16 05:11 - 2015-07-06 16:37 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

2019-06-14 22:57 - 2018-04-30 06:04 - 000000000 ____D C:\Users\David\AppData\Local\slack

2019-06-14 22:56 - 2018-04-30 06:05 - 000002231 _____ C:\Users\David\Desktop\Slack.lnk

2019-06-14 22:56 - 2015-07-31 18:21 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies

2019-06-14 22:56 - 2015-07-31 18:20 - 000000000 ____D C:\Users\David\AppData\Local\SquirrelTemp

2019-06-14 21:50 - 2018-04-11 19:36 - 000000000 ____D C:\WINDOWS\INF

2019-06-14 21:49 - 2018-07-12 17:00 - 000843946 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2019-06-14 21:46 - 2018-02-17 16:10 - 000000000 ___RD C:\Users\David\3D Objects

2019-06-14 21:46 - 2013-03-21 20:42 - 000000000 __RHD C:\Users\Public\AccountPictures

2019-06-14 21:44 - 2018-07-12 16:34 - 000448560 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2019-06-14 21:38 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\TextInput

2019-06-14 21:38 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\ShellExperiences

2019-06-14 21:38 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\Provisioning

2019-06-14 21:38 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\bcastdvr

2019-06-14 06:17 - 2018-04-11 19:30 - 000000000 ____D C:\WINDOWS\CbsTemp

2019-06-14 05:59 - 2013-07-30 05:00 - 000000000 ____D C:\WINDOWS\system32\MRT

2019-06-14 05:45 - 2013-03-21 21:59 - 135349160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2019-06-13 06:46 - 2018-02-17 13:19 - 000000000 ____D C:\Users\David\AppData\Local\Packages

2019-06-11 07:53 - 2013-03-21 22:16 - 000000000 ____D C:\Update

2019-06-11 07:34 - 2017-05-24 04:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox

2019-06-11 07:34 - 2013-04-05 11:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2019-06-11 06:09 - 2018-07-12 17:37 - 000004538 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier

2019-06-11 06:09 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\Macromed

2019-06-11 06:08 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed

2019-06-11 04:23 - 2018-07-12 17:37 - 000004574 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier

==================== Files in the root of some directories ================

2018-05-15 18:24 - 2018-05-16 04:48 - 007065600 _____ () C:\Program Files (x86)\GUT6762.tmp

2017-01-01 11:50 - 2017-01-01 11:50 - 000000000 _____ () C:\Users\David\AppData\Roaming\b6818ccd-b023-4366-8897-2b0db89437d4.storage

2016-10-27 11:40 - 2016-10-27 11:40 - 000004394 _____ () C:\Users\David\AppData\Roaming\Comma Separated Values (DOS).NOT

2014-07-29 15:14 - 2019-02-23 13:11 - 000038471 _____ () C:\Users\David\AppData\Roaming\Comma Separated Values (Windows).ADR

2014-07-29 15:03 - 2014-07-29 15:03 - 000012984 _____ () C:\Users\David\AppData\Roaming\Comma Separated Values (Windows).CAL

2014-12-02 15:31 - 2014-12-02 15:42 - 000038518 _____ () C:\Users\David\AppData\Roaming\Microsoft Excel 97-2003.ADR

2015-07-06 11:39 - 2015-07-06 11:39 - 000000037 ___SH () C:\Users\David\AppData\Local\134e6589520e51682091c0.32666518

2013-12-29 13:25 - 2013-12-29 13:25 - 000000037 ___SH () C:\Users\David\AppData\Local\559f784a51b0e1ff90f3e5.52689754

2013-12-29 10:21 - 2013-12-29 10:21 - 000000037 ___SH () C:\Users\David\AppData\Local\70149b02515b3bb20dd492.47983420

2013-05-21 14:39 - 2018-12-05 03:12 - 000013824 _____ () C:\Users\David\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2014-08-07 10:07 - 2015-10-09 06:30 - 000007628 _____ () C:\Users\David\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 3-07-2019

Ran by David (07-07-2019 08:25:14)

Running from C:\Users\David\Desktop

Windows 10 Home Version 1803 17134.829 (X64) (2018-07-12 21:39:06)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3199809883-61864900-496248842-500 - Administrator - Disabled)

David (S-1-5-21-3199809883-61864900-496248842-1001 - Administrator - Enabled) => C:\Users\David

DefaultAccount (S-1-5-21-3199809883-61864900-496248842-503 - Limited - Disabled)

Guest (S-1-5-21-3199809883-61864900-496248842-501 - Limited - Disabled)

Sonos (S-1-5-21-3199809883-61864900-496248842-1004 - Limited - Enabled)

WDAGUtilityAccount (S-1-5-21-3199809883-61864900-496248842-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

. . . (HKLM\...\{9117392B-B850-4568-83DD-6C62416B020D}) (Version: 2.1.28.3 - Intel) Hidden

. . . (HKLM-x32\...\{3531E043-2D73-4E84-AC74-67F9D25A7FD8}) (Version: 2.7.0.11 - Intel) Hidden

64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden

64 Bit HP CIO Components Installer (HKLM\...\{F8F948EA-5AEA-4158-8821-A2F788ECE936}) (Version: 16.2.1 - Hewlett-Packard) Hidden

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)

8x8 - Virtual Office (HKLM-x32\...\{B1A6CB20-C032-4228-940F-AC3BC9BF6B3E}) (Version: 5.3.1.19599 - 8x8, Inc.)

ACID Music Studio 9.0 (HKLM-x32\...\{78EB80B0-18A0-11E2-9761-F04DA23A5C58}) (Version: 9.0.35 - Sony)

Adobe Acrobat 7.0 Standard (HKLM-x32\...\Adobe Acrobat 7.0 Standard - V) (Version: 7.0.0 - Adobe Systems)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated)

Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.207 - Adobe)

Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.207 - Adobe)

Apple Application Support (32-bit) (HKLM-x32\...\{C1BCFECF-6EC2-4750-9072-5E2489423F8F}) (Version: 7.5 - Apple Inc.)

Apple Application Support (64-bit) (HKLM\...\{B202C7F5-7DE3-4FBF-B259-E70E625F56FC}) (Version: 7.5 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{B5A46811-3612-4DA5-8A5A-E6DED5D7C523}) (Version: 12.2.1.12 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)

ArtRage Studio (HKLM-x32\...\{5A9FE63F-F201-4D55-9F5F-06DDB239AC4F}) (Version: 3.5.5 - Ambient Design)

Avaya Scopia® Desktop Client (HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\{D4B018FD-B6EF-42E0-BE6D-31E1C60189E4}) (Version: - Avaya, Inc.)

AVS Audio Converter 7.3 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 7.3.1.535 - Online Media Technologies Ltd.)

Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)

CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden

Camtasia Studio 7 (HKLM-x32\...\{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}) (Version: 7.1.1 - TechSmith Corporation)

CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)

Chrome Remote Desktop Host (HKLM-x32\...\{786E64DA-CDC1-432B-BCAB-5912C73A72E9}) (Version: 74.0.3729.56 - Google Inc.)

ChromecastApp (HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)

Cisco Jabber Video for TelePresence (HKLM-x32\...\{5BF4E2A0-9C59-42AA-97E2-D45127CB9117}) (Version: 4.8.12.18951 - Cisco Systems, Inc.)

Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)

CleanMem (HKLM-x32\...\CleanMem) (Version: v2.4.0 - PcWinTech.com)

ContactMonkey Outlook Add-in (HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\{9cd3d330-2d31-4bd2-8a6d-565f2ec1259f}) (Version: 1.3.1.0 - ContactMonkey)

ContactMonkeyOutlook2007AddIn (HKLM-x32\...\{1CBC7F76-D282-4757-8513-EDCBB8B4B5AC}) (Version: 1.3.1 - ContactMonkey) Hidden

CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.2126 - CyberLink Corp.)

CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.6426.52 - CyberLink Corp.)

D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden

Dashlane (HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Dashlane) (Version: 6.1924.0.21110 - Dashlane, Inc.)

Ditto (HKLM\...\Ditto_is1) (Version: - Scott Brogden)

Dropbox (HKLM-x32\...\Dropbox) (Version: 75.4.141 - Dropbox, Inc.)

Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden

DVD Architect Studio 5.0 (HKLM-x32\...\{42C509F1-C451-11E1-AEC9-F04DA23A5C58}) (Version: 5.0.161 - Sony)

DVDStyler v2.7.2 (HKLM-x32\...\DVDStyler_is1) (Version: - )

eFax Messenger (HKLM-x32\...\{DF6DA606-904D-4C18-823F-A4CFC3035E53}) (Version: 4.4.4.572 - j2 Global)

erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden

Evernote v. 6.16.4 (HKLM-x32\...\{69BDFB62-DE11-11E8-B2A0-005056951CAD}) (Version: 6.16.4.8094 - Evernote Corp.)

ExpressCache (HKLM\...\{196E43FB-929D-4838-B859-BF27557A6CA0}) (Version: 1.0.98.0 - Condusiv Technologies)

FDUx86 (HKLM-x32\...\{3490653F-2789-46A1-B1BF-6BD4CF4131AB}) (Version: 1.0.0 - Sony Corporation) Hidden

Fiddler (HKLM-x32\...\Fiddler2) (Version: 4.4.5.9 - Telerik)

GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)

GoAcanoClient (HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\0e6831bc9358f1f3) (Version: 1.7.8.0 - Acano)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)

Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)

Google Drive File Stream (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 32.0.11.0 - Google, Inc.)

Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)

Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden

Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)

Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden

Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden

GoTo Opener (HKLM-x32\...\{1F803452-798F-49FB-A5DD-9F527F7017E4}) (Version: 1.0.473 - LogMeIn, Inc.)

HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)

HP LaserJet Professional M1530 MFP Series (HKLM-x32\...\{74280B5D-A0AF-46c5-9C85-D9EA078262F1}) (Version: - Hewlett-Packard)

HP LJ M1530 MFP Series HP Scan (HKLM-x32\...\{C05002F1-06F8-4A15-B6F8-E4DC655C28AA}) (Version: 1.0.302.0 - Hewlett-Packard Co.)

HP Officejet Pro 8620 Basic Device Software (HKLM\...\{A977D10D-989A-40D4-B0B1-450954516543}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)

HP Officejet Pro 8620 Help (HKLM-x32\...\{9A4D71AB-9C68-4702-A4A2-A4DB7B0FE270}) (Version: 32.0.0 - Hewlett Packard)

HP Photo Creations (HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\HP Photo Creations) (Version: 1.0.0.18702 - HP)

HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.8.24.33 - HP)

HP Support Solutions Framework (HKLM-x32\...\{CE7447C2-EF12-4EF3-BE51-BFC3B049C0F6}) (Version: 12.11.24.11 - HP)

HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)

HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden

I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)

iBackupBot 5.4.4 (HKLM-x32\...\iBackupBot) (Version: 5.4.4 - VOWSoft, Ltd.)

iCloud (HKLM\...\{DA6D808E-3629-4933-8FB3-583F9BCB0DEF}) (Version: 7.12.0.14 - Apple Inc.)

IDrive Version - 6.0 (HKLM-x32\...\IDrive_is1) (Version: 6.0 - Pro Softnet Corp)

Infinite HD™ App (HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Octoshape Streaming Services) (Version: - Octoshape ApS)

inSSIDer Office (HKLM-x32\...\{8C127DE3-EC36-4BA3-A6EE-6DC4A9B6C526}) (Version: 3.1.1.6 - MetaGeek, LLC)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4425 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)

Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)

Intel® Driver Update Utility (HKLM-x32\...\{7b9ce1f6-7029-4ca6-8bcd-38afc68a69df}) (Version: 2.7.0.11 - Intel)

IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)

iTunes (HKLM\...\{A8AF3EF8-5010-4A92-BCCA-90F62A7D62B8}) (Version: 12.9.5.7 - Apple Inc.)

Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)

Jing (HKLM-x32\...\{8C784F8B-89D0-4A59-A000-7EEF129E1574}) (Version: 2.9.15255.1 - TechSmith Corporation)

join.me (HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\JoinMe) (Version: 3.0.0.3668 - LogMeIn, Inc.)

Juniper Networks, Inc. Setup Client (HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Juniper_Setup_Client) (Version: 7.4.9.44981 - Juniper Networks, Inc.)

Juniper Networks, Inc. Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)

Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

KUx86 (HKLM-x32\...\{857087BB-A988-4462-A5C6-CF6739143B56}) (Version: 1.0.0 - Sony Corporation) Hidden

LifeSize ClearSea (HKLM-x32\...\{48F754A8-23F6-4524-ADDF-BBE8DAF4077A}) (Version: 8.2.6 - LifeSize)

Linksys Connect (HKLM-x32\...\Linksys Connect) (Version: 1.5.15287.0 - Linksys LLC)

Logitech Camera Settings (HKLM-x32\...\LogiUCDPP) (Version: 1.0.568.0 - Logitech Europe S.A.)

Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)

Malwarebytes version 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)

MergeModule_x64 (HKLM\...\{20E0665F-E4EE-4E2A-8E86-EFC65129FE41}) (Version: 8.0.00 - Sony Corporation) Hidden

Microsoft Expression Encoder 4 (HKLM-x32\...\Encoder_4.0.4276.0) (Version: 4.0.4276.0 - Microsoft Corporation)

Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{64C12304-7010-43F3-A25B-BDC38DE41E46}) (Version: 4.0.4276.0 - Microsoft Corporation)

Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)

Microsoft Office Configuration Analyzer Tool 2.2 (HKLM-x32\...\{EA5C0F11-00CA-0321-0801-141002021782}) (Version: 2.2.6018.801 - Microsoft Corporation)

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)

Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Sync Framework 2.0 Core Components (x64) ENU (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)

Microsoft Sync Framework 2.0 Provider Services (x64) ENU (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)

MiFi4510 Mobile Broadband Drivers (HKLM-x32\...\{CBA640FF-4754-4DB7-AC90-64D007FA8ACD}) (Version: 1.02.001.001.13 - Novatel Wireless)

Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Movie Studio Platinum 12.0 (64-bit) (HKLM\...\{BF6B9ECF-0BDF-11E2-97FB-F04DA23A5C58}) (Version: 12.0.530 - Sony)

Mozilla Firefox 66.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 66.0.3 (x64 en-US)) (Version: 66.0.3 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 66.0.3.7038 - Mozilla)

MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)

Nero 2014 (HKLM-x32\...\{0128492C-AB60-43BE-9D9A-8CA622CAF06E}) (Version: 15.0.07700 - Nero AG)

Nero 2014 Content Pack (HKLM-x32\...\{204A26F0-01B8-4656-8607-5CCEDE820BC2}) (Version: 15.0.00200 - Nero AG)

Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)

NetStress 2.0.9686.0 (HKLM-x32\...\NetStress_is1) (Version: - Nuts About Nets, LLC)

NetSurveyor 2.0.9686.0 (HKLM-x32\...\NetSurveyor_is1) (Version: - Nuts About Nets, LLC)

Network Stumbler 0.4.0 (remove only) (HKLM-x32\...\Network Stumbler) (Version: - )

Networkx64 (HKLM\...\{AD1A77F2-5E5F-4A1C-A5C5-74CE7CEC5EC6}) (Version: 1.0.0 - Sony Corporation) Hidden

NoteBook FanControl (HKLM-x32\...\{00111A7A-77A7-4AC6-A272-A56DFAD517E7}) (Version: 1.5.0.0 - Stefan Hirschmann - StagWare) Hidden

NoteBook FanControl (HKLM-x32\...\{666d9f07-291b-44a5-b86f-d5240e78692d}) (Version: 1.5.0.0 - Stefan Hirschmann - StagWare)

ODIR (HKLM-x32\...\ODIR_is1) (Version: - Vaita)

Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.7 - )

PlayMemories Home (HKLM-x32\...\{4C93E894-BE17-463B-A789-4CAB706987A0}) (Version: 8.0.21.11211 - Sony Corporation)

Polycom Telepresence m100 (HKLM-x32\...\{E53C2A31-6A91-4140-9622-0C483A2A8596}) (Version: 1.0.5.29417_4151 - Polycom, Inc.)

Prerequisite installer (HKLM-x32\...\{5909A89E-C97F-407C-AE2B-47BDED86BF5D}) (Version: 15.0.0005 - Nero AG) Hidden

Product Improvement Study for HP Officejet Pro 8620 (HKLM\...\{99039186-EBEB-4127-BFA2-18B10A05ACE2}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)

Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.312 - Qualcomm Atheros Communications)

QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)

rbjnplugin (HKLM-x32\...\{893E7AD9-4905-4DFE-A747-40CB5712E781}) (Version: 1.6.199.5 - Blue Jeans)

Reader for PC (HKLM-x32\...\{25340F94-F74E-4CCF-ABDF-ECBCF03911BE}) (Version: 2.0.00.07121 - Sony Corporation)

Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.28146 - Realtek Semiconductor Corp.)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6695 - Realtek Semiconductor Corp.)

Remote Keyboard (HKLM-x32\...\{6466EF6E-700E-470F-94CB-D0050302C84E}) (Version: 1.2.0.09270 - Sony Corporation) Hidden

Restore (HKLM-x32\...\{ECCEB4D0-7080-4F8A-B498-E40A32A4FBED}) (Version: 1.0.0 - Sony Corporation) Hidden

RingCentral Meetings (HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\RingCentralMeetings) (Version: 6.1 - Zoom Video Communications, Inc. and RingCentral Inc.)

Seagate Dashboard (HKLM-x32\...\{EA266F00-A8E7-43A0-8DED-FBFE3F076934}) (Version: 4.9.2.0 - Seagate)

Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)

Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)

Skype for Business Web App Plug-in (HKLM-x32\...\{37C8167B-B653-4955-A6E8-EBB8DE937DDD}) (Version: 15.8.20020.400 - Microsoft Corporation)

Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.106 - Skype Technologies S.A.)

Slack (HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\slack) (Version: 3.4.3 - Slack Technologies)

SOHLib for PlayMemories Home (HKLM\...\{CBA577D0-C972-4A26-B948-A315DF3ECE0E}) (Version: 1.0.1.11110 - Sony Corporation) Hidden

Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 34.7.35161 - Sonos, Inc.)

Sound Forge Audio Studio 10.0 (HKLM-x32\...\{7A263871-BEEC-11E1-AC53-F04DA23A5C58}) (Version: 10.0.178 - Sony)

SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )

Spotify (HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Spotify) (Version: 1.0.23.90.g42187855 - Spotify AB)

SSLx64 (HKLM\...\{312395BC-7CC2-434C-A660-30250276A926}) (Version: 1.0.0 - Sony Corporation ) Hidden

SSLx86 (HKLM-x32\...\{63C43435-F428-42BA-8E7B-5848749D9262}) (Version: 1.0.0 - Sony Corporation ) Hidden

Store App Support Utility (HKLM\...\{B93C07D4-49FF-440D-8A6A-054A42AEA960}) (Version: 1.0.0.02240 - Sony Corporation)

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.5.0 - Synaptics Incorporated)

SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)

System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)

TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.3.4730 - TeamViewer)

TomTom HOME (HKLM-x32\...\{30E6FC43-C31F-4968-9A06-AA38E3C3CF73}) (Version: 2.10.1 - TomTom)

TomTom MyDrive Connect 4.1.5.3181 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.5.3181 - TomTom)

Trillian (HKLM-x32\...\Trillian) (Version: - Cerulean Studios, LLC)

TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)

TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)

TurboTax 2014 (HKLM-x32\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc)

TurboTax 2015 (HKLM-x32\...\TurboTax 2015) (Version: 2015.0 - Intuit, Inc)

TurboTax 2016 (HKLM-x32\...\TurboTax 2016) (Version: 2016.0 - Intuit, Inc)

TurboTax 2017 (HKLM-x32\...\TurboTax 2017) (Version: 2017.0 - Intuit, Inc)

TurboTax 2018 (HKLM-x32\...\TurboTax 2018) (Version: 2018.0 - Intuit, Inc)

TurboTax Business 2014 (HKLM-x32\...\TurboTax Business 2014) (Version: 2014.0 - Intuit, Inc)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)

Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)

VAIO - Remote Keyboard (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.2.0.09270 - Sony Corporation)

VAIO - Remote Keyboard with PlayStation®3 (HKLM-x32\...\{E682702C-609C-4017-99E7-3129C163955F}) (Version: 1.2.0.09210 - Sony Corporation)

VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.4.0.15030 - Sony Corporation)

VAIO Care (HKLM\...\{9C4E9490-3862-4EE0-90E6-C2457B67CD5F}) (Version: 8.4.6.05116 - Sony Corporation)

VAIO Care Hardware Diagnostics Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.11.1.11210 - Sony Corporation)

VAIO Care Recovery (HKLM\...\{15B9204E-BA09-485E-8F2C-094AC0077664}) (Version: 1.1.2.13230 - Sony Corporation)

VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.1.0.10300 - Sony Corporation)

VAIO CPU Fan Diagnostic (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation)

VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.10.0.07270 - Sony Corporation)

VAIO Gate (HKLM-x32\...\{14AC95A2-7675-4988-A5BD-3F5B943AED08}) (Version: 3.0.1.02270 - Sony Corporation)

VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 3.1.0.10240 - Sony Corporation)

VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.1.0.10220 - Sony Corporation)

VAIO Gesture Control (HKLM-x32\...\{A31E4DB3-B774-45C8-BE70-DB8BE53D2A5B}) (Version: 2.1.0.10220 - Sony Corporation) Hidden

VAIO Health Report (HKLM-x32\...\VAIO Health Report1.0) (Version: 1.0 - Sony Electronics)

VAIO Image Optimizer (HKLM-x32\...\{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.0.00.08170 - Sony Corporation) Hidden

VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.3.00.10220 - Sony Corporation)

VAIO Manual (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 3.0.0.08100 - Sony Corporation)

VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.0.1.10170 - Sony Corporation)

VAIO Movie Creator (HKLM-x32\...\{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.0.00.10170 - Sony Corporation) Hidden

VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.3.01.11140 - Sony Corporation)

VAIO Movie Creator Template Data (HKLM-x32\...\{00A663F1-6C03-48CA-8E85-55806AAE2615}) (Version: 4.0.00.08170 - Sony Corporation) Hidden

VAIO Movie Creator Template Data (HKLM-x32\...\InstallShield_{00A663F1-6C03-48CA-8E85-55806AAE2615}) (Version: 4.0.00.08170 - Sony Corporation) Hidden

VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.9.0.11060 - Sony Corporation)

VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.4.0.15200 - Sony Corporation)

VCCMMX64 (HKLM\...\{606DF716-F28D-4449-B0B1-3AB6081F51AF}) (Version: 1.0.0 - Sony Corporation) Hidden

VCCMMx64 (HKLM\...\{B812401D-BAB2-4E33-9AC7-9862BC8CAF64}) (Version: 1.0.0 - Sony Corporation) Hidden

VCCMMX86 (HKLM-x32\...\{BC3FFCF0-3DB7-47D2-BF15-1979AB59D12B}) (Version: 1.0.0 - Sony Corporation) Hidden

VCCMMx86 (HKLM-x32\...\{CC87BAAD-AA25-4727-9B7C-E0876722B784}) (Version: 1.0.0 - Sony Corporation) Hidden

VCCx64 (HKLM\...\{25ECAFCB-DCFB-4FCE-A5B2-772A57F59860}) (Version: 1.0.0 - Sony Corporation) Hidden

VCCx64 (HKLM\...\{AB447E3B-7A95-4CA6-8ECD-B25C96314B67}) (Version: 1.0.0 - Sony Corporation) Hidden

VCCx86 (HKLM-x32\...\{AFDC0CC0-39E8-42C0-9823-2C1C182676DC}) (Version: 1.0.0 - Sony Corporation) Hidden

VCCx86 (HKLM-x32\...\{B31938C7-7E97-49EE-8F88-951E156268A3}) (Version: 1.0.0 - Sony Corporation) Hidden

VGClientX64 (HKLM\...\{5388ABD8-6E23-4498-BE10-01079387590F}) (Version: 1.0.0 - Sony Corporation) Hidden

VGClientX64 (HKLM\...\{553C52C6-993E-47D4-8E49-3097B4BD4969}) (Version: 1.0.0 - Sony Corporation) Hidden

VHD (HKLM-x32\...\{9D8112DB-3490-4BF1-AAFA-1D224FFB5D3C}) (Version: 1.0.0 - Sony Corporation) Hidden

Vidyo Desktop 3.6.3 (HKLM-x32\...\Vidyo Desktop) (Version: 3.6.3 - Vidyo Inc.)

VidyoWeb - 1.4.0.0006 (HKLM-x32\...\{06B7CBBD-3D39-4FC9-94B3-72139C62608E}) (Version: 1.4.0.0006 - Vidyo, Inc.)

Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)

VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)

VMLx86 (HKLM-x32\...\{7E5A5CA6-B7D0-406E-A75E-157CAB47EB94}) (Version: 1.0.0 - Sony Corporation) Hidden

VPMx64 (HKLM\...\{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}) (Version: 1.0.0 - Sony Corporation ) Hidden

VSSTx64 (HKLM\...\{4F31AC31-0A28-4F5A-8416-513972DA1F79}) (Version: 1.0.0 - Sony Corporation ) Hidden

VSSTx86 (HKLM-x32\...\{B24BB74E-8359-43AA-985A-8E80C9219C70}) (Version: 1.0.0 - Sony Corporation) Hidden

VU5x64 (HKLM\...\{46261E1C-5E0D-484E-8CCC-7F770375FBA2}) (Version: 1.0.0 - Sony Corporation ) Hidden

VU5x86 (HKLM-x32\...\{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}) (Version: 1.0.0 - Sony Corporation ) Hidden

VUx64 (HKLM\...\{4B432082-B58C-4035-91FB-F28D504D3148}) (Version: 1.0.0 - Sony Corporation ) Hidden

VUx64 (HKLM\...\{A0A2BE14-D3FF-41C8-9545-4B130E3FE9A4}) (Version: 1.2.0 - Sony Corporation) Hidden

VUx86 (HKLM-x32\...\{10181264-340D-4BE7-B879-3A49604A6FD1}) (Version: 1.0.0 - Sony Corporation ) Hidden

VUx86 (HKLM-x32\...\{D04F1D22-4A47-42C6-A2B9-094A7B844D9B}) (Version: 1.2.0 - Sony Corporation) Hidden

VWSTx86 (HKLM-x32\...\{B8991D99-88FD-41F2-8C32-DB70278D5C30}) (Version: 1.0.0 - Sony Corporation) Hidden

WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 6.18 - NCH Software)

Windows Driver Package - Qualcomm Atheros Communications Inc. (athr) Net (07/15/2013 10.0.0.260) (HKLM\...\FF9ECD00DD25FDB7D3208607214790302878ACBE) (Version: 07/15/2013 10.0.0.260 - Qualcomm Atheros Communications Inc.)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )

WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)

Wireshark 1.8.6 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.8.6 - The Wireshark developer community, hxxp://www.wireshark.org)

Xirrus Wi-Fi Inspector (HKLM-x32\...\{BBB21AB1-2C45-435D-A05A-B563072E7B9B}) (Version: 1.2.1.4 - Xirrus)

XperiaLinkx86 (HKLM-x32\...\{EE402ACB-8269-4E44-9CA1-D81FDC4B4545}) (Version: 1.0.0 - Sony Corporation) Hidden

Zoom (HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\ZoomUMX) (Version: 4.4 - Zoom Video Communications, Inc.)

Packages:

=========

Album by Sony -> C:\Program Files\WindowsApps\BD9B8345.AlbumbySony_2.2.2.8170_x86__05bme2bjq6sag [2015-08-25] (ms-resource:SZ_DeveloperName)

Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.0.2.0_x64__tf1gferkr813w [2019-05-28] (Autodesk Inc.)

Clock (Live tile, alarm, timer) -> C:\Program Files\WindowsApps\12199Asparion.AsparionClock_4.0.2.69_x64__f89vgcf3qm37t [2017-11-01] (Asparion) [MS Ad]

Google -> C:\Program Files\WindowsApps\GoogleInc.GoogleSearch_2.1.19.0_x64__yfg5n0ztvskxp [2016-01-01] (Google Inc)

HP Scan and Capture -> C:\Program Files\WindowsApps\AD2F1837.HPScanandCapture_40.0.245.0_x64__v10z8vjag6ke6 [2018-05-11] (Hewlett-Packard Company)

HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_100.1.575.0_x64__v10z8vjag6ke6 [2019-06-27] (HP Inc.)

Hulu -> C:\Program Files\WindowsApps\HuluLLC.HuluPlus_2.5.3.0_neutral__fphbd361v8tya [2019-03-10] (Hulu.)

iHeartRadio -> C:\Program Files\WindowsApps\ClearChannelRadioDigital.iHeartRadio_6.0.44.0_x64__a76a11dkgb644 [2019-06-26] (iHeartMedia.)

Intel AppUp® Catalogue App – (V) Americas Edition -> C:\Program Files\WindowsApps\AppUp.IntelAppUpCatalogueAppVAmericasEdition_1.3.37.881_x64__8j3eq9eme6ctt [2013-10-03] (INTEL CORP)

Kaspersky Now -> C:\Program Files\WindowsApps\KasperskyLab.KasperskyNow_1.0.0.43_neutral__8jx5e25qw3tdc [2014-06-09] (Kaspersky Lab)

Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2015-06-21] (AMZN Mobile LLC)

KYOCERA Print Center -> C:\Program Files\WindowsApps\A97ECD55.KYOCERAPrintCenter_2.2.20410.0_x64__kqmhh0ktdt7dg [2019-05-09] (KYOCERA Document Solutions Inc)

Lexmark Printer Home -> C:\Program Files\WindowsApps\58539F3C.LexmarkPrinterHome_3.0.73.0_neutral__xyj5e99tmxdva [2016-04-01] (Lexmark International, Inc.)

Logitech Camera Controller -> C:\Program Files\WindowsApps\E97CB0A1.LogitechCameraController_1.0.0.135_x86__wd885nsp30hay [2013-03-23] (LOGITECH Europe S.A.)

Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-05-30] (Microsoft Corporation) [MS Ad]

Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]

Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]

Microsoft Minesweeper -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_2.7.4300.0_x86__8wekyb3d8bbwe [2018-05-17] (Microsoft Studios) [MS Ad]

Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11723.0_x64__8wekyb3d8bbwe [2019-06-26] (Microsoft Corporation) [MS Ad]

Microsoft Phone -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x64__8wekyb3d8bbwe [2018-09-09] (Microsoft Corporation)

Microsoft Phone Companion -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-02-13] (Microsoft Corporation)

Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-17] (Microsoft Studios) [MS Ad]

MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]

MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]

MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.29.10701.0_x64__8wekyb3d8bbwe [2019-03-22] (Microsoft Corporation) [MS Ad]

MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.28.3242.0_x64__8wekyb3d8bbwe [2018-12-14] (Microsoft Corporation) [MS Ad]

MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]

MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]

Music by Sony -> C:\Program Files\WindowsApps\BD9B8345.MusicbySony_1.2.0.14240_x86__05bme2bjq6sag [2014-03-13] (Sony Corporation)

My Speaker -> C:\Program Files\WindowsApps\39732ControlAV.PhonosforAlexapreview_2.2.1.0_x86__fqz1935ay4xrp [2019-04-30] (ControlAV)

Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.93.478.0_x64__mcm4njqhnhss8 [2019-06-27] (Netflix, Inc.)

Photo Editor -> C:\Program Files\WindowsApps\57AB5DD0.PhotoEditor_2.0.0.3_x86__6hb943tstq5q8 [2018-04-06] (Aviary, Inc.)

Pinball FX2 -> C:\Program Files\WindowsApps\Microsoft.Studios.PinballFx2_1.8.1.957_x86__8wekyb3d8bbwe [2015-04-14] (Microsoft Studios)

PuzzleTouch -> C:\Program Files\WindowsApps\1430GreenfieldTechnologie.PuzzleTouch_1.1.0.3_neutral__9tq5q6h98v2wa [2014-07-21] (Greenfield Technologies)

Skype WiFi -> C:\Program Files\WindowsApps\Microsoft.SkypeWiFi_1.2.0.7_x86__kzf8qxf38zg5c [2014-05-28] (Skype)

Slacker Radio -> C:\Program Files\WindowsApps\C49B256F.SlackerRadio_1.1.16.0_neutral__w203ptv5wvzt2 [2018-01-16] (Slacker Inc.)

Socialife News -> C:\Program Files\WindowsApps\BD9B8345.Socialife_2.4.3.10090_x64__05bme2bjq6sag [2015-10-15] (Sony Corporation)

Sony Select -> C:\Program Files\WindowsApps\BD9B8345.VAIOMessageCenter_2.1.1.2210_x64__05bme2bjq6sag [2014-03-26] (Sony Corporation)

Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.7.25.0_x64__43tkc6nmykmb6 [2019-06-18] (Ookla)

Taptiles -> C:\Program Files\WindowsApps\Microsoft.Taptiles_2.6.288.0_x86__8wekyb3d8bbwe [2018-10-25] (Microsoft Studios) [MS Ad]

Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)

VAIO Care -> C:\Program Files\WindowsApps\BD9B8345.VAIOCare_1.4.1.14090_x64__05bme2bjq6sag [2015-02-25] (Sony Corporation)

Youtube Player -> C:\Program Files\WindowsApps\35227CA4B1EC.YoutubePlayer_1.2.0.4_neutral__vz2dsdkbwapd8 [2013-03-24] (T.O.K.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\ChromeHTML: -> <==== ATTENTION

CustomCLSID: HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\David\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File

CustomCLSID: HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{7ECF6F97-B4F3-4168-9835-F59C06D7875F}\InprocServer32 -> C:\Users\David\AppData\Local\Microsoft\SkypeForBusinessPlugin\15.8.20020.400\GatewayActiveX-x64.dll (Microsoft Corporation -> Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)

CustomCLSID: HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\David\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll (Google Inc -> Google LLC)

CustomCLSID: HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\David\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File

CustomCLSID: HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{9EE0C242-8973-456D-B382-0752476703FD}\InprocServer32 -> C:\Program Files\Google\Drive File Stream\27.1.49.1806\drivefsext.dll => No File

CustomCLSID: HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\David\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File

CustomCLSID: HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{DAE467D6-5C66-404A-BD99-4AC8261A733A}\InprocServer32 -> C:\Users\David\AppData\Local\Microsoft\OffCAT\OffCATv2Addin.dll (Microsoft Corporation -> Microsoft)

CustomCLSID: HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox (Personal)] => C:\Users\David\Dropbox (Personal) [2015-06-02 16:58]

CustomCLSID: HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1B} -> [Dropbox (OpenExchange)] => C:\Users\David\Dropbox (OpenExchange) [2013-03-23 13:51]

CustomCLSID: HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\David\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll (Google Inc -> Google LLC)

CustomCLSID: HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\David\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File

ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\32.0.11.0\drivefsext.dll [2019-06-27] (Google LLC -> Google, Inc.)

ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\32.0.11.0\drivefsext.dll [2019-06-27] (Google LLC -> Google, Inc.)

ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\32.0.11.0\drivefsext.dll [2019-06-27] (Google LLC -> Google, Inc.)