Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 92290 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Win7 laptop has slowed significantly - often CPU at 100%

Win7 slow cpu 100%

  • This topic is locked This topic is locked
25 replies to this topic

#1 dpculbertson

dpculbertson

    New Member

  • Authentic Member
  • Pip
  • 16 posts

Posted 05 July 2019 - 10:29 AM

Hi - My Sony Vaio Z used to be so fast, but has slowed alot.  CPU is often at 100%.  Looking at program usage under Task Manager, doesn't add up to 100%.

 

FRST Log:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 3-07-2019
Ran by David (administrator) on DAVID-VAIO (Sony Corporation VPCZ119GX) (05-07-2019 11:42:56)
Running from C:\Users\David\Desktop
Loaded Profiles: David &  (Available Profiles: David)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
() [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
() [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Cambridge Silicon Radio Ltd. -> ) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\75.4.141\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\75.4.141\QtWebEngineProcess.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(Intel Corporation - Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation - Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) [File not signed] C:\Windows\System32\IPROSetMonitor.exe
(Intel® Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
(Logitech, Inc. -> ) C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Logitech, Inc. -> Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Logitech, Inc. -> Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\David\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> Logitech) C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvservice.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Pro Softnet Corporation -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_service.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor Crop.) C:\Program Files\Realtek\Audio\HDA\vncutil64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Care\VAIOTM\VTSvc.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Care\VAIOTM\VTUsr.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation of America -> ) C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(TunnelBear -> TunnelBear) C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe
(UPEK Inc. -> UPEK Inc.) C:\Program Files\Protector Suite\psqltray.exe
(UPEK Inc. -> UPEK Inc.) C:\Program Files\Protector Suite\upeksvr.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvCplDaemon] => C:\Windows\system32\NvCpl.dll [16414824 2010-01-19] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9962016 2016-07-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [vncutil] => C:\Program Files\Realtek\Audio\HDA\vncutil64.exe [475680 2016-07-14] (Realtek Semiconductor Corp -> Realtek Semiconductor Crop.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1886504 2010-01-29] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [PSQLLauncher] => c:\Program Files\Protector Suite\launcher.exe [84744 2009-10-29] (UPEK Inc. -> UPEK Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [CsrHCRPServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe [1134288 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrAudioguiCtrl] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe [511696 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CsrSyncMLServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe [244944 2012-03-22] (Cambridge Silicon Radio Ltd. -> )
HKLM\...\Run: [vksts] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe [25792 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [HarmonyUserStartup] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [39128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [CSRHarmonySkypePlugin] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe [146656 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\...\Run: [TrayApplication] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [529616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [SmartWiHelper] => C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe [80384 2009-10-05] (Sony Electronics Corporation) [File not signed]
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [320880 2009-08-26] (Sony Corporation -> Sony Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [5580608 2019-06-24] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech, Inc. -> Logitech Inc.)
HKU\S-1-5-21-1133073292-3603896812-4173062283-1001\...\Run: [updateMgr] => C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe [307200 2004-11-22] (Adobe Systems Incorporated) [File not signed]
HKU\S-1-5-21-1133073292-3603896812-4173062283-1001\...\Run: [GoogleChromeAutoLaunch_9A83AADA066CCEA6F8C613E0AB5C7E19] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1555952 2019-06-17] (Google LLC -> Google LLC)
HKU\S-1-5-21-1133073292-3603896812-4173062283-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07052019105414055\...\Run: [updateMgr] => C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe [307200 2004-11-22] (Adobe Systems Incorporated) [File not signed]
HKU\S-1-5-21-1133073292-3603896812-4173062283-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07052019105414055\...\Run: [GoogleChromeAutoLaunch_9A83AADA066CCEA6F8C613E0AB5C7E19] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1555952 2019-06-17] (Google LLC -> Google LLC)
HKLM\...\Providers\Internet Print Provider: inetpp.dll [166400 2017-08-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Providers\LanMan Print Services: win32spl.dll [757248 2017-08-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [vidc.i420] => lvcod64.dll [176416 2012-01-18] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [307488 2012-01-18] (Logitech, Inc. -> Logitech Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-19] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{18CBEEAA-6708-41A1-9379-D08915333CF2}] -> c:\Program Files\Protector Suite\provider.dll [2009-10-29] (UPEK Inc. -> UPEK Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2009-09-04] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{5355DA8C-FE32-49b4-A567-A67535C86592}] -> C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BLEtokenCredentialProvider.dll [2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\Software\...\Authentication\Credential Providers: [{8bf9a910-a8ff-457f-999f-a5ca10b4a885}] -> SmartcardCredentialProvider.dll [2013-10-03] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{94596c7e-3744-41ce-893e-bbf09122f76a}] -> SmartcardCredentialProvider.dll [2013-10-03] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
HKLM\Software\...\Authentication\Credential Provider Filters: [{AE583D93-8D1B-424F-9858-5623FB7824EE}] -> c:\Program Files\Protector Suite\provider.dll [2009-10-29] (UPEK Inc. -> UPEK Inc.)
HKLM\Software\...\Winlogon\GPExtensions: [{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}] -> wlgpclnt.dll [2009-07-13] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{0E28E245-9368-4853-AD84-6DA3BA35BB75}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{17D89FEC-5C44-4972-B12D-241CAEF74509}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{1A6364EB-776B-4120-ADE1-B63A406A76B5}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{25537BA6-77A8-11D2-9B6C-0000F8080861}] -> fdeploy.dll [2010-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{3A0DBA37-F8B2-4356-83DE-3E90BD5C261F}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{426031c0-0b47-4852-b0ca-ac3d37bfcb39}] -> gptext.dll [2009-07-13] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{42B5FAAE-6536-11d2-AE5A-0000F87571E3}] -> gpscript.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{5794DAFD-BE60-433f-88A2-1A31939AC01F}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{6232C319-91AC-4931-9385-E70C2B099F0E}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{6A4C88C6-C502-4f74-8F60-2CB23EDC24E2}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{7150F9BF-48AD-4da4-A49C-29EF4A8369BA}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{728EE579-943C-4519-9EF7-AB56765798ED}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{74EE6C03-5363-4554-B161-627540339CAB}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}] -> scecli.dll [2010-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{91FBB303-0CD5-4055-BF42-E512A681B325}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{A3F3E39B-5D83-4940-B954-28315B82F0A8}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{AADCED64-746C-4633-A97C-D61349046527}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{B087BE9D-ED37-454f-AF9C-04291E351182}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{B587E2B1-4D59-4e7e-AED9-22B9DF11D053}] -> dot3gpclnt.dll [2009-07-13] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{BC75B1ED-5833-4858-9BB8-CBF0B166DF9D}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{C418DD9D-0D14-4efb-8FBF-CFE535C8FAC7}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{c6dc5466-785a-11d2-84d0-00c04fb169f7}] -> appmgmts.dll [2009-07-13] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{cdeafc3d-948d-49dd-ab12-e578ba4af7aa}] -> gptext.dll [2009-07-13] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{E47248BA-94CC-49c4-BBB5-9EB7F05183D0}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{E4F48E54-F38D-4884-BFB9-D4D2E5729C18}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{E5094040-C46C-4115-B030-04FB2E545B00}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{E62688F0-25FD-4c90-BFF5-F508B9D2E31F}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{f3ccc681-b74c-4060-9f26-cd84525dca2a}] -> auditcse.dll [2009-07-13] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{F9C77450-3A41-477E-9310-9ACD617BD9E3}] -> gpprefcl.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{FB2CA36D-0B40-4307-821B-A13B252DE56C}] -> gptext.dll [2009-07-13] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{fbf687e6-f063-4d9f-9f4f-fd9a26acdd5f}] -> gptext.dll [2009-07-13] (Microsoft Windows -> Microsoft Corporation)
Lsa: [Notification Packages] scecli c:\Program Files\Protector Suite\psqlpwd.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-02-06]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2019-06-22]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
BootExecute: autocheck autochk * 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {00B32045-35FE-4D23-8EE3-5292A83324F6} - System32\Tasks\HP AR Program Upload - 96cc3e97fa5c4fa0be86992c2aa57b4fd914ad50335348f7a5215b41f71fde71 => C:\Program Files\HP\HP Officejet Pro 8620\bin\HPRewards.exe [3495944 2014-07-21] (Hewlett Packard -> TODO: <Company name>)
Task: {01DAD7A0-ACBE-4140-AED9-0A6EA7E99962} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2561392 2010-01-07] (Sony Corporation -> Sony Corporation)
Task: {06EE2B5F-D692-4B88-96B8-C4536F1DF999} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {0B6DFADE-0686-44F3-B834-DC1816C92EFD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1073528 2019-04-02] (HP Inc. -> HP Inc.)
Task: {0F90F4FD-54B9-4A2D-AECB-5E14B30ACDD7} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1741576 2016-03-17] (Intel® Software -> Intel Corporation)
Task: {11541F89-0F9F-4A97-BCBC-ADF1BC0C2458} - System32\Tasks\{D9B14A08-5B87-4D00-B591-36461E63AC97} => C:\Windows\system32\pcalua.exe -a C:\Users\David\AppData\Local\Temp\jre-8u181-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {11978F7C-80EB-4925-9C77-E9E7700247D3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1432E585-72C5-4C12-B3E3-54A4DD19B02A} - System32\Tasks\Sony Corporation\VAIO Care\VTSvc => C:\Program Files\Sony\VAIO Care\VAIOTM\VTSvc.exe [20872 2017-04-19] (Sony Corporation -> Sony Corporation)
Task: {16EE79EF-7F16-4600-9172-4A6E414B649D} - System32\Tasks\Sony\VAIO Survey => C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe
Task: {1BBA3A20-4CB7-4F75-9885-973CCA69CA7D} - System32\Tasks\Sony\Java Update => C:\Program Files\Java\jre6\bin\jusched.exe
Task: {1DE86BC7-00BA-4150-A929-55FE9AD510B7} - System32\Tasks\HPCustParticipation HP Officejet Pro 8620 => C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPCustPartic.exe [5745672 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Task: {1FDB348F-53EF-41DD-A20E-B4682102449F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {25402AD4-FAE7-4C6A-88AE-2AD3F82170AC} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804704 2017-05-11] (Sony Corporation -> Sony Corporation)
Task: {277FB0BD-56A4-4FFF-BCC9-FB3C3541D816} - System32\Tasks\HP AR Program Upload - a440867c3eed43a19bcd2da66587ec2d1d3641cff65b4726b95722f31764adff => C:\Program Files\HP\HP Officejet Pro 8620\bin\HPRewards.exe [3495944 2014-07-21] (Hewlett Packard -> TODO: <Company name>)
Task: {2C08859F-E9DC-4058-922C-851BB1C60A3C} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804704 2017-05-11] (Sony Corporation -> Sony Corporation)
Task: {2D559535-C8C4-4042-943D-6CB663EC02D0} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_Plugin.exe [1457208 2019-06-11] (Adobe Inc. -> Adobe)
Task: {2E20D3A9-D159-4535-9CA0-346AC95B7DC4} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113200 2019-07-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {2E3F33AC-4AE3-4939-9CBE-4495D7751CC9} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804704 2017-05-11] (Sony Corporation -> Sony Corporation)
Task: {395D58CD-3D5A-4F0E-AB3A-7A8EB3A3D5B8} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [18272 2017-05-11] (Sony Corporation -> Sony Corporation)
Task: {42649532-60CC-433F-B01D-92371C1F32D1} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs"
Task: {49470C9D-EEDD-40EF-B7AB-F7F6E37DA30A} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [481136 2010-06-19] (Sony Corporation -> Sony Corporation)
Task: {4B7BFB85-439D-43B6-AD4A-6F86CC5FFAF8} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804704 2017-05-11] (Sony Corporation -> Sony Corporation)
Task: {5573D6FA-4681-4641-AD07-2AF825B33F44} - System32\Tasks\HPCeeScheduleForDavid => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [97848 2016-01-22] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {56A1A2D2-740C-47EA-90DD-E1575E2C403E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-01-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {58F36B6E-8FC6-4CAD-A305-0B1309A1254F} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [481136 2010-06-19] (Sony Corporation -> Sony Corporation)
Task: {59C28BFF-7918-4CEC-9AFC-2B1C392DCB06} - System32\Tasks\Sony Corporation\VAIO Care\VTUsr => C:\Program Files\Sony\VAIO Care\VAIOTM\VTUsr.exe [20360 2017-04-19] (Sony Corporation -> Sony Corporation)
Task: {5A439110-CB81-47BA-8FCB-4300122E9A2F} - System32\Tasks\HP AR Program Upload - 2cd1f17b3c7343a8b70ad599cadb44924645674d7685469fa061b21b184ea4af => C:\Program Files\HP\HP Officejet Pro 8620\bin\HPRewards.exe [3495944 2014-07-21] (Hewlett Packard -> TODO: <Company name>)
Task: {5A60874B-922C-4F5B-B93E-A3567113B4EC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {5BEFBF29-44D6-45E1-ACAB-8FC4B50C86F4} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804704 2017-05-11] (Sony Corporation -> Sony Corporation)
Task: {665DBC1A-0AE9-4BEB-972B-0AD2CB4B5C03} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [481136 2010-06-19] (Sony Corporation -> Sony Corporation)
Task: {68AE8F14-B8D3-4DF4-A616-E6B4F7EE307A} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804704 2017-05-11] (Sony Corporation -> Sony Corporation)
Task: {6A791D15-2EA1-4759-92CE-F55491B5E507} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-06-07] (Google Inc -> Google Inc.)
Task: {812879C1-CCF4-4021-8867-B4DE5D3F7502} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2561392 2010-01-07] (Sony Corporation -> Sony Corporation)
Task: {85E06526-ECD2-4E44-BB93-1869DF09F2CE} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804704 2017-05-11] (Sony Corporation -> Sony Corporation)
Task: {8AD7C70C-B387-453A-B6DF-F873C0CA0D21} - System32\Tasks\Clean System Memory => C:\Windows\syswow64\CleanMem.exe [61440 2014-08-20] (PcWinTech.com) [File not signed]
Task: {8B331A9F-C70B-42A7-9411-8BE808A0D358} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN51QEK0D0 => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1073528 2019-04-02] (HP Inc. -> HP Inc.)
Task: {8EEA24BC-4A71-4A0A-AF10-734157B2A6F4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {91DFBE71-273A-4373-8CC7-36C5C7B60523} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804704 2017-05-11] (Sony Corporation -> Sony Corporation)
Task: {92003856-08D4-4F4B-8D01-7855767DD35C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448296 2019-07-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {9229BF39-E91E-4077-B313-D20C26ECC544} - System32\Tasks\Sony\OOBESendInfo => C:\Program Files\Sony\First Experience\OOBESendInfo.exe [74032 2009-11-05] (Sony Corporation of America -> )
Task: {973983C5-C05E-4F25-9D4C-3A9DEAFB94CA} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [45400 2017-05-11] (Sony Corporation -> Sony Corporation)
Task: {97B8826C-F1B0-4AEE-90E6-A872C6F06163} - System32\Tasks\HP AR Program Upload - 81f1f0e7f66443c3afb95b735510381e655a928f175e490e8b484ef73019ada7 => C:\Program Files\HP\HP Officejet Pro 8620\bin\HPRewards.exe [3495944 2014-07-21] (Hewlett Packard -> TODO: <Company name>)
Task: {97C75ED7-931D-4785-BDF6-78775DB19616} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804704 2017-05-11] (Sony Corporation -> Sony Corporation)
Task: {98B570A5-33DC-4E84-8CC9-1BDF517332B4} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [3152360 2019-04-12] (Sony Corporation -> Sony Corporation)
Task: {A3C5B754-D0CD-460A-8DD6-D20EF1C61922} - System32\Tasks\Sony Corporation\VAIO Care\VKSvcWeekly => C:\Program Files\Sony\VAIO Care\VAIOTM\VKSvc.exe [23128 2017-04-19] (Sony Corporation -> Sony Corporation)
Task: {A58D693F-50B6-4447-9FC4-73B4C4959589} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [654712 2019-06-05] (HP Inc. -> HP Inc.)
Task: {AA798388-12E2-47C4-8280-26F20E60868A} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {AB756854-D41A-4205-9FA8-0D2711061794} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe [122880 2010-11-20] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
Task: {B3B71086-EE96-4F43-9D92-1CC1374E33BF} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-17] (HP Inc. -> )
Task: {B8FB595C-9BAA-46D4-919E-2D9DB901DD2B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136056 2019-01-02] (HP Inc. -> HP Inc.)
Task: {B96D8DB3-67DF-47FD-9B9D-33B897EA3166} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {B978D9B5-D109-4E50-B60E-BE9C1CFF5B8C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448296 2019-07-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {C0220504-6798-4C10-BE1A-BB9BFEA2063B} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-07] (Dropbox, Inc -> Dropbox, Inc.)
Task: {CA5018E7-847F-4FA9-B9EB-5EA92BE35F66} - System32\Tasks\Sony Corporation\VAIO Care\VKSvcDaily => C:\Program Files\Sony\VAIO Care\VAIOTM\VKSvc.exe [23128 2017-04-19] (Sony Corporation -> Sony Corporation)
Task: {D1E8224A-98E0-46E6-82A2-DDD821F72B3F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-06-11] (Adobe Inc. -> Adobe)
Task: {D83D03B5-4F68-4A13-BC7F-A3AFBAA9CCC4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113200 2019-07-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe [36864 2009-07-13] (Microsoft Windows -> Microsoft Corporation)
Task: {E3E6E6D8-81BC-456A-B8C3-C0E9AB12550D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {E5C98D85-4D66-409D-B3FB-848CA6BD5F4C} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {E665D5CF-D46A-46CE-A24F-00A40560B994} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-07] (Dropbox, Inc -> Dropbox, Inc.)
Task: {EB653DBB-845F-4873-A652-55B5FDB4E19F} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [1213416 2019-04-12] (Sony Corporation -> Sony Corporation)
Task: {EBED9B68-2299-441F-AA51-453348440DF7} - System32\Tasks\Sony\OOBEReminder => C:\Program Files\Sony\First Experience\OOBEFcdRegistration.exe [274736 2009-11-05] (Sony Corporation of America -> Sony Electronics, Inc.)
Task: {ED43E16F-DDB5-408E-B467-D5FE21B7BF77} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [237432 2019-04-29] (HP Inc. -> HP Inc.)
Task: {FD3C6387-EB8E-4003-9876-CC337A166999} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-06-07] (Google Inc -> Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForDavid.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{1F263251-2FA4-4C80-AED7-F2A2B03E0301}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{B1B190B9-CAD1-4741-A3A8-F8C85DA3703F}: [DhcpNameServer] 172.18.13.1
 
Internet Explorer:
==================
HKU\S-1-5-21-1133073292-3603896812-4173062283-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?gws_rd=ssl#spf=1
HKU\S-1-5-21-1133073292-3603896812-4173062283-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://esupport.sony.com/
HKU\S-1-5-21-1133073292-3603896812-4173062283-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07052019105414055\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?gws_rd=ssl#spf=1
HKU\S-1-5-21-1133073292-3603896812-4173062283-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07052019105414055\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://esupport.sony.com/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-07-02] (Microsoft Corporation -> Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-10-03] (Google Inc -> Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2019-07-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-10-03] (Google Inc -> Google Inc.)
BHO-x32: AcroIEToolbarHelper Class -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14] (Adobe Systems Incorporated) [File not signed]
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2019-07-02] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-10-03] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14] (Adobe Systems Incorporated) [File not signed]
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-10-03] (Google Inc -> Google Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Software Sarl -> Skype Technologies)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll [2010-11-04] (Microsoft Corporation -> Microsoft Corporation)
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll [2010-11-04] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll [2010-11-04] (Microsoft Corporation -> Microsoft Corporation)
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll [2010-11-04] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll [2010-11-04] (Microsoft Corporation -> Microsoft Corporation)
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll [2010-11-04] (Microsoft Corporation -> Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: 97svsgyv.default
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\97svsgyv.default [2019-06-22]
FF Homepage: Mozilla\Firefox\Profiles\97svsgyv.default -> hxxps://zoom.us/profile|hxxps://vcse1.openexc.com/login|hxxps://vcse2.openexc.com/overview|hxxps://63.251.135.14/conference.html?name=30348%20-%20Chubb%2fCS
FF NewTabOverride: Mozilla\Firefox\Profiles\97svsgyv.default -> Disabled: newtaboverride@agenedia.com
FF Extension: (ReloadMatic) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\97svsgyv.default\Extensions\0.id@reloadmatic.webex.xpi [2017-12-05]
FF Extension: (Cisco WebEx Extension) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\97svsgyv.default\Extensions\ciscowebexstart1@cisco.com.xpi [2017-11-08]
FF Extension: (Honey) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\97svsgyv.default\Extensions\jid1-93CWPmRbVPjRQA@jetpack.xpi [2019-02-13]
FF Extension: (New Tab Override) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\97svsgyv.default\Extensions\newtaboverride@agenedia.com.xpi [2019-01-16]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_207.dll [2019-06-11] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_207.dll [2019-06-11] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1133073292-3603896812-4173062283-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\David\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2019-01-03] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF Plugin HKU\S-1-5-21-1133073292-3603896812-4173062283-1001: vidyo.com/VidyoWeb_1.4.0.0006 -> C:\Users\David\AppData\Roaming\VidyoInc\VidyoWeb\1.4.0.0006\npVidyoWeb.dll [2016-02-12] (Vidyo Inc. -> Vidyo, Inc.)
FF Plugin HKU\S-1-5-21-1133073292-3603896812-4173062283-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07052019105414055: @zoom.us/ZoomVideoPlugin -> C:\Users\David\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2019-01-03] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF Plugin HKU\S-1-5-21-1133073292-3603896812-4173062283-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07052019105414055: vidyo.com/VidyoWeb_1.4.0.0006 -> C:\Users\David\AppData\Roaming\VidyoInc\VidyoWeb\1.4.0.0006\npVidyoWeb.dll [2016-02-12] (Vidyo Inc. -> Vidyo, Inc.)
StartMenuInternet: Firefox- - kernel32::GetLongPathNameW(w R8, w .R7, i 1024)i .R6
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> file:///C:/users/Public/Documents/davehom16a.htm
CHR StartupUrls: Default -> "file:///C:/users/Public/Documents/davehom16a.htm"
CHR NewTab: Default ->  Active:"chrome-extension://icpgjfneehieebagbmdbhnlpiopdcmna/main.html"
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default [2019-07-05]
CHR Extension: (Easy Auto Refresh) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2019-07-04]
CHR Extension: (Consumer Reports) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\abmigknmjdpedgfbfjphohjdocmkapak [2019-05-30]
CHR Extension: (Google Drive) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-23]
CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-03]
CHR Extension: (Honey) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2019-06-19]
CHR Extension: (HelloFax) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\bocmleclimfnadgmcdgecijlblfcmfnm [2019-03-14]
CHR Extension: (Pushbullet) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2019-06-07]
CHR Extension: (OneNote Online) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciniambnphakdoflgeamacamhfllbkmo [2017-02-03]
CHR Extension: (Adobe Acrobat) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-06-22]
CHR Extension: (Vidyo Screen Share) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadjebjcpiiklefiadeicakcnkhgbaoo [2018-12-06]
CHR Extension: (Dashlane - Password Manager) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2019-07-04]
CHR Extension: (Chrome Remote Desktop) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-04-27]
CHR Extension: (Google Docs Offline) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-09]
CHR Extension: (Zoom) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmbjbjdpkobdjplfobhljndfdfdipjhg [2019-06-19]
CHR Extension: (New Tab Redirect) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2018-12-06]
CHR Extension: (Acano) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikalnbacgeabafoblilnnihbfgnbjfi [2018-12-06]
CHR Extension: (Cisco Jabber Guest) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbglbakaieakcdiaiabbihafndhapfki [2018-12-06]
CHR Extension: (Cisco Webex Extension) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2019-06-22]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-08-30]
CHR Extension: (Google Maps) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2017-02-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-06]
CHR Extension: (FoxClocks) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\obcbigljfpgappaaofailjjoabiikckk [2019-03-29]
CHR Extension: (Gmail) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-30]
CHR Extension: (Chrome Media Router) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-11]
CHR HKU\S-1-5-21-1133073292-3603896812-4173062283-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1133073292-3603896812-4173062283-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07052019105414055\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [69632 2017-01-18] (Adobe Systems) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-03-08] (Apple Inc. -> Apple Inc.)
R2 BtSwitcherService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [64216 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11413600 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
R2 CSRBtAudioService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [465624 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CsrBtOBEXService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [1041616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CsrBtService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [825032 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-07] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-07] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2019-06-24] (Dropbox, Inc -> Dropbox, Inc.)
R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] (Intel® Software Development Products -> )
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [356728 2019-06-12] (HP Inc. -> HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc. -> HP Inc.)
R2 IDriveService; C:\Program Files (x86)\IDriveWindows\id_service.exe [204520 2017-05-11] (Pro Softnet Corporation -> Prosoftnet)
R2 Intel® PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [505856 2017-02-10] (Intel Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 nebula; C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe [4485472 2018-07-09] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 nvservice; C:\Windows\system32\nvservice.exe [192800 2013-02-04] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2009-08-31] (Sonic Solutions -> Sonic Solutions)
S2 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2009-08-31] (Sonic Solutions -> Sonic Solutions)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [190496 2016-07-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
S2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [156928 2016-11-17] (Intel® Software Development Products -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7757552 2018-02-26] (TeamViewer GmbH -> TeamViewer GmbH)
R2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe [138872 2018-10-29] (TunnelBear -> TunnelBear)
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] (Intel® Software Development Products -> )
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1738728 2019-04-12] (Sony Corporation -> Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 CsrBtPort; C:\Windows\System32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrpan; C:\Windows\System32\DRIVERS\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrserial; C:\Windows\System32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrusb; C:\Windows\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrusbfilter; C:\Windows\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 dbx; C:\Windows\System32\DRIVERS\dbx.sys [47600 2019-06-04] (Microsoft Windows Hardware Compatibility Publisher -> Dropbox, Inc.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
S3 fwlanusb6_860; C:\Windows\System32\DRIVERS\fwlanusb6_860.sys [2274336 2015-07-20] (MEDIATEK INC. -> AVM GmbH)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [199768 2019-07-04] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [224408 2019-07-04] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73584 2019-07-04] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-07-04] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [106344 2019-07-04] (Malwarebytes Corporation -> Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R2 rimspci; C:\Windows\system32\drivers\rimssne64.sys [93696 2009-11-06] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R2 risdsnpe; C:\Windows\system32\drivers\risdsne64.sys [76800 2009-11-06] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R3 SFEP; C:\Windows\system32\drivers\SFEP.sys [12032 2009-12-02] (Microsoft Windows Hardware Compatibility Publisher -> Sony Corporation)
S3 tap-tb-0901; C:\Windows\System32\DRIVERS\tap-tb-0901.sys [38656 2017-09-06] (TunnelBear, Inc. -> The OpenVPN Project)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2016-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
U3 aswbdisk; no ImagePath
U2 MSSQL$DDNI; no ImagePath
U2 Oasis2Service; no ImagePath
S3 semav6msr64; \??\C:\Windows\system32\drivers\semav6msr64.sys [X]
U2 VCFw; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-07-05 11:42 - 2019-07-05 11:45 - 000062592 _____ C:\Users\David\Desktop\FRST.txt
2019-07-05 11:35 - 2019-07-05 11:42 - 000000000 ____D C:\FRST
2019-07-05 11:21 - 2019-07-05 11:21 - 002420224 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2019-07-05 11:08 - 2019-07-05 11:08 - 000006352 _____ C:\Users\Public\Documents\davehom16a.htm
2019-07-04 10:04 - 2019-07-04 10:04 - 000224408 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-07-04 10:04 - 2019-07-04 10:04 - 000106344 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-07-04 10:04 - 2019-07-04 10:04 - 000073584 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-07-04 10:04 - 2019-07-04 10:04 - 000000000 ___HD C:\OneDriveTemp
2019-07-04 09:37 - 2019-07-04 09:37 - 000000000 ____D C:\Users\David\AppData\Local\mbam
2019-07-04 09:36 - 2019-07-04 10:04 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-07-04 09:36 - 2019-07-04 09:36 - 000199768 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-07-04 09:36 - 2019-07-04 09:36 - 000000000 ____D C:\Users\David\AppData\Local\mbamtray
2019-07-04 09:35 - 2019-07-04 09:35 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-07-04 09:35 - 2019-07-04 09:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-07-04 09:35 - 2019-07-04 09:35 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-07-04 09:35 - 2019-07-04 09:35 - 000000000 ____D C:\Program Files\Malwarebytes
2019-07-04 09:35 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-07-04 09:33 - 2019-07-04 09:34 - 064374120 _____ (Malwarebytes ) C:\Users\David\Downloads\mb3-setup-consumer-3.8.3.2965-1.0.613-1.0.11384.exe
2019-06-25 18:47 - 2019-06-25 18:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-06-24 08:12 - 2019-06-24 08:12 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2019-06-24 08:12 - 2019-06-24 08:12 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2019-06-24 08:12 - 2019-06-24 08:12 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2019-06-24 08:12 - 2019-06-24 08:12 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2019-06-22 13:16 - 2019-06-16 14:56 - 000397112 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-06-22 13:16 - 2019-06-16 13:54 - 000348976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-06-22 13:16 - 2019-06-14 12:44 - 025736704 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-06-22 13:16 - 2019-06-14 12:20 - 002903552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-06-22 13:16 - 2019-06-14 12:19 - 000579584 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-06-22 13:16 - 2019-06-14 12:19 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-06-22 13:16 - 2019-06-14 12:09 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-06-22 13:16 - 2019-06-14 12:08 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-06-22 13:16 - 2019-06-14 12:07 - 020276224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-06-22 13:16 - 2019-06-14 12:07 - 005776384 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-06-22 13:16 - 2019-06-14 11:46 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-06-22 13:16 - 2019-06-14 11:43 - 002297344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-06-22 13:16 - 2019-06-14 11:37 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-06-22 13:16 - 2019-06-14 11:36 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-06-22 13:16 - 2019-06-14 11:34 - 015311872 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-06-22 13:16 - 2019-06-14 11:34 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-06-22 13:16 - 2019-06-14 11:34 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-06-22 13:16 - 2019-06-14 11:28 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-06-22 13:16 - 2019-06-14 11:22 - 004492800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-06-22 13:16 - 2019-06-14 11:19 - 013706240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-06-22 13:16 - 2019-06-14 11:16 - 001557504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-06-22 13:16 - 2019-06-14 11:16 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-06-22 13:16 - 2019-06-14 11:15 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-06-22 13:16 - 2019-06-14 11:15 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-06-22 13:16 - 2019-06-14 11:05 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-06-22 13:16 - 2019-06-14 11:02 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-06-22 13:16 - 2019-06-14 10:59 - 001323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-06-22 13:16 - 2019-06-11 00:59 - 000160488 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-06-22 13:16 - 2019-06-11 00:54 - 000732160 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-06-22 13:16 - 2019-06-10 22:59 - 002863104 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-06-22 13:16 - 2019-06-10 22:59 - 001712640 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-06-22 13:16 - 2019-06-10 22:59 - 000801792 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-06-22 13:16 - 2019-06-10 22:59 - 000634368 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-06-22 13:16 - 2019-06-10 22:59 - 000501760 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2019-06-22 13:16 - 2019-06-10 22:59 - 000456192 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-06-22 13:16 - 2019-06-10 22:59 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-06-22 13:16 - 2019-06-10 22:59 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-06-22 13:15 - 2019-06-14 12:32 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-06-22 13:15 - 2019-06-14 12:32 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-06-22 13:15 - 2019-06-14 12:20 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-06-22 13:15 - 2019-06-14 12:19 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-06-22 13:15 - 2019-06-14 12:18 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-06-22 13:15 - 2019-06-14 12:13 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-06-22 13:15 - 2019-06-14 12:12 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-06-22 13:15 - 2019-06-14 12:09 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-06-22 13:15 - 2019-06-14 12:09 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-06-22 13:15 - 2019-06-14 12:08 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-06-22 13:15 - 2019-06-14 12:03 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-06-22 13:15 - 2019-06-14 12:00 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-06-22 13:15 - 2019-06-14 11:55 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-06-22 13:15 - 2019-06-14 11:54 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-06-22 13:15 - 2019-06-14 11:54 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-06-22 13:15 - 2019-06-14 11:53 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-06-22 13:15 - 2019-06-14 11:51 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-06-22 13:15 - 2019-06-14 11:50 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-06-22 13:15 - 2019-06-14 11:48 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-06-22 13:15 - 2019-06-14 11:47 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-06-22 13:15 - 2019-06-14 11:45 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-06-22 13:15 - 2019-06-14 11:45 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-06-22 13:15 - 2019-06-14 11:45 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-06-22 13:15 - 2019-06-14 11:44 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-06-22 13:15 - 2019-06-14 11:40 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-06-22 13:15 - 2019-06-14 11:40 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-06-22 13:15 - 2019-06-14 11:38 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-06-22 13:15 - 2019-06-14 11:38 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-06-22 13:15 - 2019-06-14 11:37 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-06-22 13:15 - 2019-06-14 11:37 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-06-22 13:15 - 2019-06-14 11:36 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-06-22 13:15 - 2019-06-14 11:31 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-06-22 13:15 - 2019-06-14 11:27 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-06-22 13:15 - 2019-06-14 11:27 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-06-22 13:15 - 2019-06-14 11:26 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-06-22 13:15 - 2019-06-14 11:25 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-06-22 13:15 - 2019-06-14 11:24 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-06-22 13:15 - 2019-06-14 11:23 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-06-22 13:15 - 2019-06-14 11:22 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-06-22 13:15 - 2019-06-14 11:17 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-06-22 13:15 - 2019-06-14 10:57 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-06-22 10:57 - 2019-06-22 10:57 - 000000000 ____D C:\Windows\pss
2019-06-11 22:10 - 2019-06-03 19:11 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2019-06-11 22:10 - 2019-06-03 19:11 - 000474112 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2019-06-11 22:10 - 2019-06-03 19:10 - 000304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2019-06-11 22:10 - 2019-05-24 20:04 - 014185984 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-06-11 22:10 - 2019-05-24 20:03 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2019-06-11 22:10 - 2019-05-24 19:59 - 012880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-06-11 22:10 - 2019-05-24 19:58 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2019-06-11 22:10 - 2019-05-22 22:06 - 000806400 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2019-06-11 22:10 - 2019-05-22 22:06 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-06-11 22:10 - 2019-05-22 22:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-06-11 22:10 - 2019-05-22 21:58 - 000628224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2019-06-11 22:10 - 2019-05-22 21:58 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-06-11 22:10 - 2019-05-22 21:58 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-06-11 22:10 - 2019-05-22 20:31 - 001251840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-06-11 22:10 - 2019-05-22 20:05 - 001650176 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-06-11 22:10 - 2019-05-22 20:05 - 001182208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-06-11 22:10 - 2019-05-17 14:21 - 000372456 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2019-06-11 22:10 - 2019-05-16 11:22 - 004057312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-06-11 22:10 - 2019-05-16 11:22 - 003963624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-06-11 22:10 - 2019-05-16 11:21 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-06-11 22:10 - 2019-05-16 11:19 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-06-11 22:10 - 2019-05-16 11:19 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-06-11 22:10 - 2019-05-16 11:19 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-06-11 22:10 - 2019-05-16 11:19 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-06-11 22:10 - 2019-05-16 11:18 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-06-11 22:10 - 2019-05-16 11:18 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2019-06-11 22:10 - 2019-05-16 11:18 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-06-11 22:10 - 2019-05-16 11:18 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-06-11 22:10 - 2019-05-16 11:18 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-06-11 22:10 - 2019-05-16 11:17 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-06-11 22:10 - 2019-05-16 11:17 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-06-11 22:10 - 2019-05-16 11:17 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-06-11 22:10 - 2019-05-16 11:17 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-06-11 22:10 - 2019-05-16 11:10 - 005552872 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-06-11 22:10 - 2019-05-16 11:10 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-06-11 22:10 - 2019-05-16 11:09 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-06-11 22:10 - 2019-05-16 11:09 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-06-11 22:10 - 2019-05-16 11:09 - 000153832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-06-11 22:10 - 2019-05-16 11:09 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-06-11 22:10 - 2019-05-16 11:08 - 001664352 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-06-11 22:10 - 2019-05-16 11:07 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-06-11 22:10 - 2019-05-16 11:07 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-06-11 22:10 - 2019-05-16 11:07 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-06-11 22:10 - 2019-05-16 11:07 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-06-11 22:10 - 2019-05-16 11:07 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-06-11 22:10 - 2019-05-16 11:07 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-06-11 22:10 - 2019-05-16 11:07 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-06-11 22:10 - 2019-05-16 11:07 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-06-11 22:10 - 2019-05-16 11:07 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-06-11 22:10 - 2019-05-16 11:07 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-06-11 22:10 - 2019-05-16 11:07 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-06-11 22:10 - 2019-05-16 11:07 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-06-11 22:10 - 2019-05-16 11:07 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-06-11 22:10 - 2019-05-16 11:07 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-06-11 22:10 - 2019-05-16 11:07 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-06-11 22:10 - 2019-05-16 11:07 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-06-11 22:10 - 2019-05-16 11:07 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-06-11 22:10 - 2019-05-16 11:07 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-06-11 22:10 - 2019-05-16 11:06 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-06-11 22:10 - 2019-05-16 11:06 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-06-11 22:10 - 2019-05-16 11:06 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-06-11 22:10 - 2019-05-16 11:06 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-06-11 22:10 - 2019-05-16 11:06 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-06-11 22:10 - 2019-05-16 11:06 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-06-11 22:10 - 2019-05-16 11:06 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-06-11 22:10 - 2019-05-16 11:06 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-06-11 22:10 - 2019-05-16 10:48 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-06-11 22:10 - 2019-05-16 10:39 - 003229696 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-06-11 22:10 - 2019-05-16 10:38 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-06-11 22:10 - 2019-05-16 10:38 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-06-11 22:10 - 2019-05-16 10:35 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-06-11 22:10 - 2019-05-16 10:35 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-06-11 22:10 - 2019-05-16 10:35 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-06-11 22:10 - 2019-05-16 10:35 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-06-11 22:10 - 2019-05-16 10:35 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-06-11 22:10 - 2019-05-16 10:35 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-06-11 22:10 - 2019-05-16 10:34 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-06-11 22:10 - 2019-05-16 10:34 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-06-11 22:10 - 2019-05-16 10:34 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-06-11 22:10 - 2019-05-16 10:34 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-06-11 22:10 - 2019-05-16 10:34 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-06-11 22:10 - 2019-05-13 10:44 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-06-11 22:10 - 2019-05-13 10:44 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-06-11 22:10 - 2019-05-13 10:44 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-06-11 22:10 - 2019-05-13 10:44 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2019-06-11 22:10 - 2019-05-09 11:18 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-06-11 22:10 - 2019-05-09 11:18 - 002368000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-06-11 22:10 - 2019-05-09 11:18 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2019-06-11 22:10 - 2019-05-09 11:18 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2019-06-11 22:10 - 2019-05-09 11:18 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2019-06-11 22:10 - 2019-05-09 11:18 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2019-06-11 22:10 - 2019-05-09 11:18 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2019-06-11 22:10 - 2019-05-09 11:17 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2019-06-11 22:10 - 2019-05-09 11:17 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2019-06-11 22:10 - 2019-05-09 11:17 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2019-06-11 22:10 - 2019-05-09 11:17 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2019-06-11 22:10 - 2019-05-09 11:17 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2019-06-11 22:10 - 2019-05-09 11:17 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2019-06-11 22:10 - 2019-05-09 11:10 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2019-06-11 22:10 - 2019-05-09 11:09 - 000114400 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2019-06-11 22:10 - 2019-05-09 11:07 - 014637568 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-06-11 22:10 - 2019-05-09 11:07 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-06-11 22:10 - 2019-05-09 11:07 - 003247616 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-06-11 22:10 - 2019-05-09 11:07 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-06-11 22:10 - 2019-05-09 11:07 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2019-06-11 22:10 - 2019-05-09 11:07 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2019-06-11 22:10 - 2019-05-09 11:07 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2019-06-11 22:10 - 2019-05-09 11:07 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2019-06-11 22:10 - 2019-05-09 11:07 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2019-06-11 22:10 - 2019-05-09 11:07 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2019-06-11 22:10 - 2019-05-09 11:07 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-06-11 22:10 - 2019-05-09 11:06 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2019-06-11 22:10 - 2019-05-09 11:06 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2019-06-11 22:10 - 2019-05-09 11:06 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2019-06-11 22:10 - 2019-05-09 11:06 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2019-06-11 22:10 - 2019-05-09 11:06 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-06-11 22:10 - 2019-05-09 11:06 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2019-06-11 22:10 - 2019-05-09 11:06 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2019-06-11 22:10 - 2019-05-09 11:06 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2019-06-11 22:10 - 2019-05-09 11:06 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2019-06-11 22:10 - 2019-05-09 11:01 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-06-11 22:10 - 2019-05-09 10:51 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2019-06-11 22:10 - 2019-05-09 10:40 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2019-06-11 22:10 - 2019-04-29 22:07 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-06-11 22:10 - 2019-04-29 21:56 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-06-11 22:10 - 2019-04-25 11:18 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2019-06-11 22:10 - 2019-04-25 11:06 - 000110592 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2019-06-11 22:10 - 2019-04-24 11:11 - 001893096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-06-11 22:10 - 2019-04-24 11:09 - 000377064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2019-06-11 22:10 - 2019-04-24 11:09 - 000287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2019-06-11 22:10 - 2019-04-12 09:05 - 000994384 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-06-11 22:10 - 2019-04-12 09:05 - 000064248 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2019-06-11 22:10 - 2019-04-12 09:05 - 000020944 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2019-06-11 22:10 - 2019-04-12 09:05 - 000019408 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2019-06-11 22:10 - 2019-04-12 09:05 - 000017656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2019-06-11 22:10 - 2019-04-12 09:05 - 000017656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2019-06-11 22:10 - 2019-04-12 09:05 - 000016120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2019-06-11 22:10 - 2019-04-12 09:05 - 000015608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2019-06-11 22:10 - 2019-04-12 09:05 - 000014288 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2019-06-11 22:10 - 2019-04-12 09:05 - 000014072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2019-06-11 22:10 - 2019-04-12 09:05 - 000013560 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2019-06-11 22:10 - 2019-04-12 09:05 - 000012752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2019-06-11 22:10 - 2019-04-12 09:05 - 000012536 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2019-06-11 22:10 - 2019-04-12 09:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2019-06-11 22:10 - 2019-04-12 09:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2019-06-11 22:10 - 2019-04-12 09:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2019-06-11 22:10 - 2019-04-12 09:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2019-06-11 22:10 - 2019-04-12 09:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2019-06-11 22:10 - 2019-04-12 09:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2019-06-11 22:10 - 2019-04-12 09:05 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2019-06-11 22:10 - 2019-04-12 09:05 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2019-06-11 22:10 - 2019-04-12 09:05 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2019-06-11 22:10 - 2019-04-12 09:05 - 000011504 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2019-06-11 22:10 - 2019-04-12 09:04 - 000914584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2019-06-11 22:10 - 2019-04-12 09:04 - 000065784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2019-06-11 22:10 - 2019-04-12 09:04 - 000021752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2019-06-11 22:10 - 2019-04-12 09:04 - 000018680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2019-06-11 22:10 - 2019-04-12 09:04 - 000017352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2019-06-11 22:10 - 2019-04-12 09:04 - 000017144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2019-06-11 22:10 - 2019-04-12 09:04 - 000015608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2019-06-11 22:10 - 2019-04-12 09:04 - 000015096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2019-06-11 22:10 - 2019-04-12 09:04 - 000013560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2019-06-11 22:10 - 2019-04-12 09:04 - 000013560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2019-06-11 22:10 - 2019-04-12 09:04 - 000013048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2019-06-11 22:10 - 2019-04-12 09:04 - 000012024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2019-06-11 22:10 - 2019-04-12 09:04 - 000012024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2019-06-11 22:10 - 2019-04-12 09:04 - 000011728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2019-06-11 22:10 - 2019-04-12 09:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2019-06-11 22:10 - 2019-04-12 09:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2019-06-11 22:10 - 2019-04-12 09:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2019-06-11 22:10 - 2019-04-12 09:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2019-06-11 22:10 - 2019-04-12 09:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2019-06-11 22:10 - 2019-04-12 09:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2019-06-11 22:10 - 2019-04-12 09:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2019-06-11 22:10 - 2019-04-12 09:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2019-06-11 22:10 - 2019-04-12 09:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2019-06-11 22:10 - 2019-04-09 11:17 - 000174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2019-06-11 22:10 - 2019-04-09 11:05 - 003165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2019-06-11 22:10 - 2019-04-09 11:05 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2019-06-11 22:10 - 2019-04-09 11:05 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2019-06-11 22:10 - 2019-04-09 11:05 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2019-06-11 22:10 - 2019-04-09 11:05 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2019-06-11 22:10 - 2019-04-09 11:03 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2019-06-11 22:10 - 2019-04-09 10:53 - 002651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-06-11 22:10 - 2019-04-09 10:52 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2019-06-11 22:10 - 2019-04-09 10:52 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2019-06-11 22:10 - 2019-04-09 10:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2019-06-11 22:10 - 2019-04-09 10:52 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2019-06-11 22:09 - 2019-05-22 22:06 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2019-06-11 22:09 - 2019-05-22 21:58 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2019-06-11 22:09 - 2019-05-16 11:19 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-06-11 22:09 - 2019-05-16 11:19 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-06-11 22:09 - 2019-05-16 11:19 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-06-11 22:09 - 2019-05-16 11:19 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-06-11 22:09 - 2019-05-16 11:19 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-06-11 22:09 - 2019-05-16 11:18 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-06-11 22:09 - 2019-05-16 11:18 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-06-11 22:09 - 2019-05-16 11:18 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-06-11 22:09 - 2019-05-16 11:18 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-06-11 22:09 - 2019-05-16 11:18 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-06-11 22:09 - 2019-05-16 11:17 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-06-11 22:09 - 2019-05-16 11:17 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-06-11 22:09 - 2019-05-16 11:17 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-06-11 22:09 - 2019-05-16 11:17 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:17 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:07 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-06-11 22:09 - 2019-05-16 11:07 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-06-11 22:09 - 2019-05-16 11:07 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-06-11 22:09 - 2019-05-16 11:07 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-06-11 22:09 - 2019-05-16 11:07 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-06-11 22:09 - 2019-05-16 11:07 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-06-11 22:09 - 2019-05-16 11:07 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-06-11 22:09 - 2019-05-16 11:07 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-06-11 22:09 - 2019-05-16 11:07 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-06-11 22:09 - 2019-05-16 11:06 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-06-11 22:09 - 2019-05-16 11:06 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-06-11 22:09 - 2019-05-16 11:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-06-11 22:09 - 2019-05-16 11:06 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-06-11 22:09 - 2019-05-16 11:06 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-06-11 22:09 - 2019-05-16 11:06 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-06-11 22:09 - 2019-05-16 11:06 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:06 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 11:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 10:53 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-06-11 22:09 - 2019-05-16 10:53 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-06-11 22:09 - 2019-05-16 10:47 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-06-11 22:09 - 2019-05-16 10:47 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-06-11 22:09 - 2019-05-16 10:47 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-06-11 22:09 - 2019-05-16 10:47 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-06-11 22:09 - 2019-05-16 10:45 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-06-11 22:09 - 2019-05-16 10:45 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 10:45 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 10:45 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 10:45 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-06-11 22:09 - 2019-05-16 10:41 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-06-11 22:09 - 2019-05-16 10:41 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-06-11 22:09 - 2019-05-16 10:41 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-06-11 22:09 - 2019-05-16 10:41 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-06-11 22:09 - 2019-05-16 10:38 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-06-11 22:09 - 2019-05-16 10:34 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-06-11 22:09 - 2019-05-16 10:34 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-06-11 22:09 - 2019-05-09 11:18 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2019-06-11 22:09 - 2019-05-09 11:18 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2019-06-11 22:09 - 2019-05-09 11:18 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2019-06-11 22:09 - 2019-05-09 11:18 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll
2019-06-11 22:09 - 2019-05-09 11:18 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2019-06-11 22:09 - 2019-05-09 11:17 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2019-06-11 22:09 - 2019-05-09 11:17 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2019-06-11 22:09 - 2019-05-09 11:17 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2019-06-11 22:09 - 2019-05-09 11:17 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2019-06-11 22:09 - 2019-05-09 11:17 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2019-06-11 22:09 - 2019-05-09 11:17 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2019-06-11 22:09 - 2019-05-09 11:17 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2019-06-11 22:09 - 2019-05-09 11:17 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2019-06-11 22:09 - 2019-05-09 11:17 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2019-06-11 22:09 - 2019-05-09 11:07 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2019-06-11 22:09 - 2019-05-09 11:07 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2019-06-11 22:09 - 2019-05-09 11:07 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-06-11 22:09 - 2019-05-09 11:07 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-06-11 22:09 - 2019-05-09 11:07 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2019-06-11 22:09 - 2019-05-09 11:07 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2019-06-11 22:09 - 2019-05-09 11:07 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2019-06-11 22:09 - 2019-05-09 11:07 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2019-06-11 22:09 - 2019-05-09 11:07 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2019-06-11 22:09 - 2019-05-09 11:07 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2019-06-11 22:09 - 2019-05-09 11:07 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2019-06-11 22:09 - 2019-05-09 11:07 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2019-06-11 22:09 - 2019-05-09 11:07 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2019-06-11 22:09 - 2019-05-09 11:06 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2019-06-11 22:09 - 2019-05-09 11:06 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2019-06-11 22:09 - 2019-05-09 11:03 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2019-06-11 22:09 - 2019-05-09 11:03 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2019-06-11 22:09 - 2019-05-09 11:03 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2019-06-11 22:09 - 2019-05-09 11:02 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2019-06-11 22:09 - 2019-05-09 11:02 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2019-06-11 22:09 - 2019-05-09 10:49 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2019-06-11 22:09 - 2019-05-09 10:49 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2019-06-11 22:09 - 2019-05-09 10:37 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2019-06-11 22:09 - 2019-05-09 10:37 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2019-06-11 22:09 - 2019-04-09 11:05 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2019-06-11 22:09 - 2019-04-09 11:05 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2019-06-11 22:09 - 2019-04-09 10:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2019-06-11 22:09 - 2019-04-09 10:52 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
 
==================== One month (modified) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-07-05 11:46 - 2016-06-07 17:53 - 000000906 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2019-07-05 11:10 - 2009-07-14 00:45 - 000014160 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-07-05 11:10 - 2009-07-14 00:45 - 000014160 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-07-04 10:07 - 2009-07-14 01:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI
2019-07-04 10:07 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\inf
2019-07-04 10:04 - 2017-02-03 07:50 - 000000000 ___RD C:\Users\David\OneDrive
2019-07-04 10:03 - 2017-11-08 17:19 - 000000000 ____D C:\Program Files (x86)\TunnelBear
2019-07-04 10:03 - 2017-01-04 08:39 - 000000000 ____D C:\Users\David\AppData\LocalLow\Mozilla
2019-07-04 10:02 - 2016-06-07 17:53 - 000000902 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2019-07-04 10:02 - 2009-07-14 01:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-07-04 09:29 - 2019-01-18 22:38 - 000000332 _____ C:\Windows\Tasks\HPCeeScheduleForDavid.job
2019-07-04 08:32 - 2017-07-25 16:52 - 000003178 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1133073292-3603896812-4173062283-1001
2019-07-04 08:32 - 2017-02-03 07:50 - 000002162 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2019-07-02 10:47 - 2019-01-18 22:38 - 000003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForDavid
2019-07-02 08:15 - 2017-01-18 16:41 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-02 08:13 - 2017-01-18 16:40 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-07-02 08:07 - 2017-10-02 07:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-07-02 08:07 - 2016-08-30 22:30 - 000002000 _____ C:\Users\Public\Desktop\Google Slides.lnk
2019-07-02 08:07 - 2016-08-30 22:30 - 000001988 _____ C:\Users\Public\Desktop\Google Docs.lnk
2019-06-25 18:47 - 2016-06-07 17:53 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-06-22 16:22 - 2019-04-26 09:04 - 000000000 ____D C:\Windows\rescache
2019-06-22 14:32 - 2015-12-03 20:05 - 000000000 ____D C:\Windows\system32\appraiser
2019-06-22 13:52 - 2015-12-08 05:26 - 000774404 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-06-22 10:41 - 2016-08-30 22:31 - 000000000 ___RD C:\Users\David\Google Drive
2019-06-22 10:40 - 2017-01-04 11:44 - 000000000 ____D C:\Users\David\AppData\Roaming\Ditto
2019-06-19 12:41 - 2017-03-16 14:54 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-06-19 12:14 - 2016-06-07 04:52 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-19 12:14 - 2016-06-07 04:52 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-06-12 03:25 - 2009-07-14 00:45 - 000454024 _____ C:\Windows\system32\FNTCACHE.DAT
2019-06-12 03:22 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-06-12 03:22 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\system32\Dism
2019-06-12 03:02 - 2015-12-03 19:37 - 135349160 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-06-12 03:02 - 2015-12-03 19:37 - 000000000 ____D C:\Windows\system32\MRT
2019-06-11 13:51 - 2018-11-14 04:53 - 000000000 ____D C:\Users\David\AppData\Local\Apple Inc
2019-06-11 13:51 - 2016-06-07 07:11 - 000000000 ____D C:\Users\David\AppData\Roaming\Apple Computer
2019-06-11 13:51 - 2015-12-03 18:34 - 000000000 ____D C:\Users\David
2019-06-11 12:43 - 2016-06-07 05:40 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-06-11 03:23 - 2018-03-14 13:23 - 000004466 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-06-11 03:23 - 2016-06-16 13:00 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-06-11 03:23 - 2016-06-16 13:00 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-06-11 03:23 - 2016-06-16 13:00 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-06-11 03:23 - 2016-06-16 13:00 - 000000000 ____D C:\Windows\system32\Macromed
2019-06-11 03:23 - 2015-12-03 20:52 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-06-07 10:07 - 2016-06-07 17:58 - 000000000 ___RD C:\Users\David\Dropbox (OpenExchange)
2019-06-07 09:52 - 2016-06-07 17:52 - 000000000 ____D C:\Users\David\AppData\Local\Dropbox
 
==================== FLock ================
 
2015-12-03 20:43 C:\Windows\CSC
 
==================== SigCheck ===============================
 
(There is no automatic fix for files that do not pass verification.)
 
 
LastRegBack: 2019-07-02 10:20
==================== End of FRST.txt ============================
 
Thank you for any help/insight you can provide.
 
-David

    Advertisements

Register to Remove


#2 Juliet

Juliet

    SuperHelper

  • Retired Classroom Teacher
  • 7,317 posts
  • Interests:Boo!....
  • MVP

Posted 06 July 2019 - 05:16 AM

When Farbar Recovery Scan Tool (FRST) was first run it should had also created Addition.txt
Can you find this and copy and paste it in your next reply?
Sometimes the angels fly close enough to you that you can hear the flutter of their wings...


MS - MVP Consumer Security 2009 - 2016, WI-MVP 2016-17
Antivirus Scanners Online Scanners Firewalls Slow Computer??

#3 dpculbertson

dpculbertson

    New Member

  • Authentic Member
  • Pip
  • 16 posts

Posted 06 July 2019 - 08:26 AM

Yes, here is the Addition.txt file contents:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 3-07-2019
Ran by David (05-07-2019 11:50:12)
Running from C:\Users\David\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-12-03 22:34:44)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1133073292-3603896812-4173062283-500 - Administrator - Disabled)
David (S-1-5-21-1133073292-3603896812-4173062283-1001 - Administrator - Enabled) => C:\Users\David
Guest (S-1-5-21-1133073292-3603896812-4173062283-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1133073292-3603896812-4173062283-1004 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
. . . (HKLM\...\{9117392B-B850-4568-83DD-6C62416B020D}) (Version: 2.1.28.3 - Intel) Hidden
. . . (HKLM-x32\...\{3531E043-2D73-4E84-AC74-67F9D25A7FD8}) (Version: 2.7.0.11 - Intel) Hidden
Adobe Acrobat 7.0 Standard (HKLM-x32\...\Adobe Acrobat 7.0 Standard) (Version: 7.0.0 - Adobe Systems)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.207 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.207 - Adobe)
Apple Application Support (32-bit) (HKLM-x32\...\{9F7041CB-8398-4691-B8CB-0D52273BB3D9}) (Version: 7.4 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{6E7DF4EE-1976-4215-9D81-755AFC95687D}) (Version: 7.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BA2A6DBB-B09A-43D8-84F3-21C1537B47D9}) (Version: 12.2.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Backup and Sync from Google (HKLM\...\{510D7DF1-732A-4E0D-9FE7-0BCBB9481A2F}) (Version: 3.44.5504.6203 - Google, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
Cisco Jabber Video for TelePresence (HKLM-x32\...\{5BF4E2A0-9C59-42AA-97E2-D45127CB9117}) (Version: 4.8.12.18951 - Cisco Systems, Inc.)
CleanMem (HKLM-x32\...\CleanMem) (Version: v2.5.0 - PcWinTech.com)
CSR Harmony Wireless Software Stack (HKLM\...\{17DEA095-8EE1-49A2-AC5A-9663DB098FA9}) (Version: 2.1.63.0 - Cambridge Silicon Radio Limited.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Ditto (HKLM\...\Ditto_is1) (Version:  - Scott Brogden)
Dropbox (HKLM-x32\...\Dropbox) (Version: 75.4.141 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HP Officejet Pro 8620 Basic Device Software (HKLM\...\{A977D10D-989A-40D4-B0B1-450954516543}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Officejet Pro 8620 Help (HKLM-x32\...\{9A4D71AB-9C68-4702-A4A2-A4DB7B0FE270}) (Version: 32.0.0 - Hewlett Packard)
HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.8.24.33 - HP)
HP Support Solutions Framework (HKLM-x32\...\{CE7447C2-EF12-4EF3-BE51-BFC3B049C0F6}) (Version: 12.11.24.11 - HP)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{03742818-3BC2-45BA-B6BB-4C2D453FD033}) (Version: 7.11.0.19 - Apple Inc.)
IDrive Version - 6.0 (HKLM-x32\...\IDrive_is1) (Version: 6.0 - Pro Softnet Corp)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Network Connections 22.0.18.0 (HKLM\...\PROSetDX) (Version: 22.0.18.0 - Intel)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{D16A2127-B927-4379-B153-3DEC091E4EEB}) (Version: 13.02.1000 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Intel® Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1002 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{7b9ce1f6-7029-4ca6-8bcd-38afc68a69df}) (Version: 2.7.0.11 - Intel)
iTunes (HKLM\...\{DF90B2B3-5832-4E85-934D-8048B33A1D67}) (Version: 12.9.4.102 - Apple Inc.)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Logi Firmware Update Tool for C930e (HKLM-x32\...\FWUpdateC930e) (Version: 8.0.916.0 - Logitech Europe S.A.)
Logitech Camera Settings (HKLM-x32\...\LogiUCDPP) (Version: 1.1.87.0 - Logitech Europe S.A.)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1133073292-3603896812-4173062283-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1133073292-3603896812-4173062283-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07052019105414055\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft OneNote Home and Student 2016 - en-us (HKLM\...\OneNoteFreeRetail - en-us) (Version: 16.0.11727.20230 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 54.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 en-US)) (Version: 54.0.1 - Mozilla)
Mozilla Firefox 55.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 en-US)) (Version: 55.0.3 - Mozilla)
Mozilla Firefox 65.0 (x64 en-US) (HKLM\...\Mozilla Firefox 65.0 (x64 en-US)) (Version: 65.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 65.0.0.6963 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11727.20230 - Microsoft Corporation) Hidden
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.12.0 - )
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PMB VAIO Edition plug-in (Click to Disc) (HKLM-x32\...\{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 3.0.01.11230 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (Click to Disc) (HKLM-x32\...\InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 3.0.01.11230 - Sony Corporation)
Product Improvement Study for HP Officejet Pro 8620 (HKLM\...\{99039186-EBEB-4127-BFA2-18B10A05ACE2}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
Protector Suite 2009 (HKLM\...\{CB974C3D-D101-4411-8F54-DCDC58DED815}) (Version: 5.9.2.5974 - UPEK Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6028 - Realtek Semiconductor Corp.)
Roxio Easy Media Creator 10 LJ (HKLM-x32\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3 - Roxio)
Setting Utility Series (HKLM-x32\...\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}) (Version: 5.1.0.13070 - Sony Corporation)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
SmartWi Connection Utility (HKLM-x32\...\{9B5F85CA-90D4-4AFC-BB37-32477FD0D2B9}) (Version: 4.9.4.20091005.2246 - Sony)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.16.0 - Synaptics Incorporated)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.93231 - TeamViewer)
TunnelBear (HKLM-x32\...\{58a01650-b45c-443b-a51e-90f586a63532}) (Version: 3.7.2.0 - TunnelBear)
TunnelBear (HKLM-x32\...\{C7E7F8CF-E23A-4FC1-8AAC-8710A70490E3}) (Version: 3.7.2.0 - TunnelBear) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VAIO Care (HKLM\...\{CFF47016-B212-4D89-8DC2-15D5508A73BA}) (Version: 8.4.6.05111 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.1.1.07160 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{34DC654E-6E43-4BFA-9E00-6C16CFA7B9F0}) (Version: 1.2.0.09150 - Sony Corporation) Hidden
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.2.0.09150 - Sony Corporation)
VAIO DVD Menu Data (HKLM-x32\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 2.0.00.09240 - Sony Corporation)
VAIO Event Service (HKLM-x32\...\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}) (Version: 5.1.0.12290 - Sony Corporation)
VAIO Hardware Diagnostics (HKLM-x32\...\{6754AE0D-B2E1-45E4-835F-FDFEC373DE8A}) (Version: 3.9.1 - Sony Corporation) Hidden
VAIO Help and Support (HKLM-x32\...\{DB1C9CB7-DF65-4991-BD17-71BF9CD15BA0}) (Version: 10.00.1029 - Sony Corporation)
VAIO OOBE and Startup Assistant (HKLM-x32\...\{1B500D37-E7CF-480B-8054-8A563594EC4E}) (Version: 2.00.1110 - Sony Corporation)
VAIO Personalization Manager (HKLM\...\{95E0A642-69BB-45ED-98E0-5ECB58FE8E28}) (Version: 4.2.4.07160 - Sony Corporation)
VAIO Power Management (HKLM-x32\...\{803E4FA5-A940-4420-B89D-A8BC2E160247}) (Version: 5.0.0.12280 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.4.0.15200 - Sony Corporation)
VAIO Wallpaper Contents (HKLM-x32\...\{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}) (Version: 2.0.0.06010 - Sony Corporation)
VAIO Window Organizer (HKLM-x32\...\{6D320CE8-79EB-4D45-8C6D-DEF74D84B49A}) (Version: 2.0.0.08280 - Sony Corporation)
VD64Inst (HKLM\...\{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}) (Version: 1.00.0000 - Roxio, Inc.) Hidden
Vidyo Desktop 3.6.3 (HKLM-x32\...\Vidyo Desktop) (Version: 3.6.3 - Vidyo Inc.)
Vidyo Desktop 3.6.9 - (David) (HKU\S-1-5-21-1133073292-3603896812-4173062283-1001\...\Vidyo Desktop) (Version: 3.6.9 - Vidyo Inc.)
Vidyo Desktop 3.6.9 - (David) (HKU\S-1-5-21-1133073292-3603896812-4173062283-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07052019105414055\...\Vidyo Desktop) (Version: 3.6.9 - Vidyo Inc.)
VidyoWeb - 1.4.0.0006 (HKLM-x32\...\{06B7CBBD-3D39-4FC9-94B3-72139C62608E}) (Version: 1.4.0.0006 - Vidyo, Inc.)
VUx64 (HKLM\...\{A0A2BE14-D3FF-41C8-9545-4B130E3FE9A4}) (Version: 1.2.0 - Sony Corporation) Hidden
VUx86 (HKLM-x32\...\{D04F1D22-4A47-42C6-A2B9-094A7B844D9B}) (Version: 1.2.0 - Sony Corporation) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.500 - Broadcom Corporation)
Windows Driver Package - Broadcom Bluetooth  (09/09/2009 6.2.0.9405) (HKLM\...\930E4792BDAEAFB62A9514EE7578775658A5D07C) (Version: 09/09/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-1133073292-3603896812-4173062283-1001\...\ZoomUMX) (Version: 4.1 - Zoom Video Communications, Inc.)
Zoom (HKU\S-1-5-21-1133073292-3603896812-4173062283-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07052019105414055\...\ZoomUMX) (Version: 4.1 - Zoom Video Communications, Inc.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1133073292-3603896812-4173062283-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07052019105414055_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => No File
CustomCLSID: HKU\S-1-5-21-1133073292-3603896812-4173062283-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => No File
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  0001IDSIcon1] -> {0FA6DCC0-CF0B-427D-A8AF-97C466AB5769} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2017-05-11] (Pro-Softnet Corporation, U.S.A) [File not signed]
ShellIconOverlayIdentifiers: [  0001IDSIcon2] -> {66357BBE-D2E5-453C-95FF-8102EB32419D} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2017-05-11] (Pro-Softnet Corporation, U.S.A) [File not signed]
ShellIconOverlayIdentifiers: [  0001IDSIcon3] -> {904E6336-8B13-43FA-B4C3-5B62C1C91971} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2017-05-11] (Pro-Softnet Corporation, U.S.A) [File not signed]
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-25] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-25] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-25] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [UEAFOverlay] -> {F2F31467-B1AC-4df0-AE79-FD5FA085E22B} => c:\Program Files\Protector Suite\farchns.dll [2009-10-29] (UPEK Inc. -> UPEK Inc.)
ShellIconOverlayIdentifiers: [UEAFOverlayOpen] -> {A3E208F7-0E3A-4182-A7A6-B169D5D691AA} => c:\Program Files\Protector Suite\farchns.dll [2009-10-29] (UPEK Inc. -> UPEK Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1-x32: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll [2004-12-14] (Adobe Systems Inc.) [File not signed]
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-25] (Google LLC -> Google)
ContextMenuHandlers1: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2017-05-11] () [File not signed]
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-03-13] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [RXDCExtSvr] -> {0FB82570-BB2D-23D3-8D3B-AC2F34F1FA3C} => C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll [2009-09-01] (Sonic Solutions -> Sonic Solutions)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers2: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2017-05-11] () [File not signed]
ContextMenuHandlers2: [RXDCExtSvr] -> {0FB82570-BB2D-23D3-8D3B-AC2F34F1FA3C} => C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll [2009-09-01] (Sonic Solutions -> Sonic Solutions)
ContextMenuHandlers2: [SafearchiveContextMenu] -> {9AFDE8D6-200C-4b41-A5FC-B7251DFD1A8E} => c:\Program Files\Protector Suite\farchns.dll [2009-10-29] (UPEK Inc. -> UPEK Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [SafearchiveContextMenu] -> {9AFDE8D6-200C-4b41-A5FC-B7251DFD1A8E} => c:\Program Files\Protector Suite\farchns.dll [2009-10-29] (UPEK Inc. -> UPEK Inc.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-25] (Google LLC -> Google)
ContextMenuHandlers4: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2017-05-11] () [File not signed]
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2010-02-06] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2010-01-19] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RXDCExtSvr] -> {0FB82570-BB2D-23D3-8D3B-AC2F34F1FA3C} => C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll [2009-09-01] (Sonic Solutions -> Sonic Solutions)
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
Shortcut: C:\Users\David\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm
Shortcut: C:\Users\David\Documents\OpenExchange\Sales\Prospects\GE\FavsZ\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm
 
ShortcutWithArgument: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-12-07 09:11 - 2017-05-11 14:38 - 000601600 _____ () [File not signed] C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll
2015-12-07 09:11 - 2017-05-11 14:38 - 000834048 _____ () [File not signed] C:\Program Files (x86)\IDriveWindows\sqlite3.dll
2010-02-06 20:38 - 2010-03-03 20:08 - 000058880 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2015-12-03 20:56 - 2009-10-05 17:57 - 000016384 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
2015-12-03 20:56 - 2009-10-05 17:42 - 000007680 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\DebugMsg.dll
2015-12-03 20:56 - 2009-10-05 17:42 - 000107008 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\DevicePanel.dll
2015-12-03 20:56 - 2009-10-05 17:42 - 000018944 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\DictionaryLookup.dll
2015-12-03 20:56 - 2009-10-05 17:42 - 000027648 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.BtPower.dll
2015-12-03 20:56 - 2009-10-05 17:42 - 000005120 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.Generic.dll
2015-12-03 20:56 - 2009-10-05 17:42 - 000015360 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.NativeWifiThirdPartyApp.dll
2015-12-03 20:56 - 2009-10-05 17:42 - 000011264 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.TosBtThirdPartyApp.dll
2015-12-03 20:56 - 2009-10-05 17:42 - 000006656 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.WlanPower.dll
2015-12-03 20:56 - 2009-10-05 17:42 - 000023040 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Generic.dll
2015-12-03 20:56 - 2009-10-05 17:42 - 000004608 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Power.dll
2015-12-03 20:56 - 2009-10-05 17:42 - 000005120 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.ThirdPartyApp.dll
2015-12-03 20:56 - 2009-10-05 17:42 - 000011264 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\MessageXML.dll
2015-12-03 20:56 - 2009-10-05 17:42 - 000033792 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
2015-12-03 20:56 - 2009-10-05 17:42 - 000009728 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\Resources.dll
2015-12-03 20:56 - 2009-10-05 17:42 - 000015360 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\SharedInterfaces.dll
2015-12-03 20:56 - 2009-10-05 17:42 - 000121856 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\SonyCommonLib.dll
2015-12-03 20:56 - 2009-10-05 17:42 - 000005120 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\SystemPowerDLL.dll
2015-12-03 20:56 - 2009-10-05 17:42 - 000017920 _____ () [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
2015-12-03 21:10 - 2009-12-29 21:38 - 000010752 _____ () [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2015-12-03 21:10 - 2009-12-29 21:38 - 000009728 _____ () [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll
2018-10-29 18:09 - 2018-10-29 18:09 - 000030720 _____ () [File not signed] C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.Wrapper.dll
2018-10-29 18:09 - 2018-10-29 18:09 - 000167424 _____ () [File not signed] C:\Program Files (x86)\TunnelBear\TunnelBear.VigilantBear.Wrapper.dll
2010-03-05 10:21 - 2010-03-05 10:21 - 001501696 _____ () [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2019-05-15 06:23 - 2019-05-15 06:23 - 000170496 _____ () [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\9109216ecdcf9ae71a57b08b84995d99\IsdiInterop.ni.dll
2010-02-06 20:38 - 2009-11-04 16:37 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\xerces-c_2_7.dll
2010-02-06 20:38 - 2009-11-04 16:37 - 000077824 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\DTMessageLib.dll
2010-02-06 20:38 - 2009-11-04 16:30 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusStrings.dll
2010-02-06 20:38 - 2010-03-03 20:08 - 000163328 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUIHelper.dll
2010-02-06 20:38 - 2010-03-03 20:08 - 001046528 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll
2010-02-06 20:38 - 2010-03-03 19:53 - 000280064 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\ISDI.dll
2019-05-15 06:23 - 2019-05-15 06:23 - 000176640 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\d56ef23c56dafafbd705bda28d96a1c3\IAStorDataMgr.ni.dll
2019-05-15 06:23 - 2019-05-15 06:23 - 000019968 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgrSvc\f51e7c81612e76a3ff407f07402aca97\IAStorDataMgrSvc.ni.exe
2019-05-15 06:23 - 2019-05-15 06:23 - 000452608 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\5c758e4d1dc449e6ad7cd1292aaf3bce\IAStorUtil.ni.dll
2017-02-10 14:17 - 2017-02-10 14:17 - 000505856 _____ (Intel Corporation) [File not signed] C:\Windows\system32\IProsetMonitor.exe
2010-03-05 11:06 - 2010-03-05 11:06 - 001069056 _____ (Intel® Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
2010-03-05 11:07 - 2010-03-05 11:07 - 001021952 _____ (Intel® Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll
2010-03-05 11:07 - 2010-03-05 11:07 - 003719168 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll
2010-03-05 11:09 - 2010-03-05 11:09 - 000828416 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IntStngs.dll
2010-03-05 11:08 - 2010-03-05 11:08 - 000336384 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL
2010-03-05 11:19 - 2010-03-05 11:19 - 001315840 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\MurocApi.dll
2010-03-05 11:12 - 2010-03-05 11:12 - 002257408 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll
2010-03-05 11:10 - 2010-03-05 11:10 - 000812032 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\PfQOSMgr.dll
2010-03-05 11:06 - 2010-03-05 11:06 - 000177152 _____ (Intel® Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll
2010-03-05 11:18 - 2010-03-05 11:18 - 001757184 _____ (Intel® Corporation) [File not signed] C:\Windows\System32\IWMSSvc.dll
2015-12-03 21:10 - 2009-12-29 21:38 - 000344064 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\MSVCR70.dll
2017-02-05 15:07 - 2017-02-05 15:07 - 001656320 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\MFC80.DLL
2017-02-05 15:07 - 2017-02-05 15:07 - 001652736 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\MFC80U.DLL
2017-02-05 15:07 - 2017-02-05 15:07 - 000047104 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_fc42961a63b5a82b\MFC80ENU.DLL
2016-06-07 19:22 - 2016-06-07 19:22 - 000225280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
2017-02-05 18:55 - 2017-02-05 18:55 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll
2017-02-05 18:55 - 2017-02-05 18:55 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
2010-02-06 20:49 - 2009-10-17 01:05 - 000102400 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll
2010-02-06 20:49 - 2009-10-17 01:05 - 000009216 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\Sony Utilities\SonyInfo.dll
2016-12-09 13:43 - 2010-07-14 10:16 - 000196608 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Control Center\CommonSetting.dll
2015-12-03 21:10 - 2009-12-29 21:38 - 000110592 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESAppMon.dll
2015-12-03 21:10 - 2010-05-28 11:14 - 000110592 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESAutoDimmer.dll
2015-12-03 21:10 - 2009-12-29 21:38 - 000569344 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESColorMgr.dll
2015-12-03 21:10 - 2009-12-29 21:38 - 000172032 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESCommonUI.dll
2015-12-03 21:10 - 2010-05-28 11:14 - 000700416 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESHybridGfx2.dll
2015-12-03 21:10 - 2010-05-28 11:14 - 000172032 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESPerform.dll
2015-12-03 21:10 - 2009-12-29 21:38 - 000110592 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESRemoteKey.dll
2015-12-03 21:10 - 2009-12-29 21:38 - 000122880 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESStorageProtect.dll
2015-12-03 21:10 - 2009-12-29 21:38 - 000074752 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESSuEvent.dll
2015-12-03 21:10 - 2010-05-28 11:14 - 000118784 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESTransform.dll
2015-12-03 21:10 - 2009-12-29 21:38 - 000077824 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESUSBKeyboard.dll
2015-12-03 21:10 - 2009-12-29 21:38 - 000085504 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESWndMsg.dll
2015-12-03 21:10 - 2009-12-29 21:38 - 000005632 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESWndMsgHook.dll
2010-02-06 20:49 - 2009-10-17 01:05 - 000151552 _____ (Sony Corporation) [File not signed] C:\Program Files\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll
2016-07-14 10:53 - 2010-06-19 13:27 - 000220160 _____ (Sony Corporation) [File not signed] C:\Program Files\Sony\VAIO Power Management\SPMDam.dll
2015-12-03 21:10 - 2010-01-06 18:56 - 000077312 _____ (Sony Corporation) [File not signed] C:\Program Files\Sony\VAIO Power Management\SPMDrv.dll
2015-12-03 20:56 - 2009-10-05 17:42 - 000071168 _____ (Sony Electronics Corporation) [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\SnyUtilsWrapper.dll
2015-12-03 20:56 - 2009-10-05 17:42 - 000082944 _____ (Sony Electronics, Inc.) [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.GobiThirdPartyApp.dll
2015-12-03 20:56 - 2009-10-05 17:42 - 000007680 _____ (Sony Electronics, Inc.) [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\SendMessage.dll
2015-12-03 20:56 - 2009-10-05 17:42 - 000098816 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\NativeWifiWrap.dll
2015-12-03 20:56 - 2009-10-05 17:42 - 000015360 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\NotifyIconEx.dll
2015-12-03 20:56 - 2009-10-05 17:42 - 000045056 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\Sony\SmartWi Connection Utility\TosBtWrap.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2019-07-04 10:03 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\;C:\Program Files (x86)\Skype\Phone\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Common Files\Apple\Internet Services\
HKU\S-1-5-21-1133073292-3603896812-4173062283-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\David\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1133073292-3603896812-4173062283-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07052019105414055\Control Panel\Desktop\\Wallpaper -> C:\Users\David\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName0 -> unimdm.tsp (Microsoft Windows -> Microsoft Corporation)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName1 -> kmddsp.tsp (Microsoft Windows -> Microsoft Corporation)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Microsoft Windows -> Microsoft Corporation)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName3 -> hidphone.tsp (Microsoft Windows -> Microsoft Corporation)
HKLM\software\wow6432node\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName0 -> unimdm.tsp (Microsoft Windows -> Microsoft Corporation)
HKLM\software\wow6432node\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName1 -> kmddsp.tsp (Microsoft Windows -> Microsoft Corporation)
HKLM\software\wow6432node\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (Microsoft Windows -> Microsoft Corporation)
HKLM\software\wow6432node\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName3 -> hidphone.tsp (Microsoft Windows -> Microsoft Corporation)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
If an entry is included in the fixlist, it will be removed.
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk => C:\Windows\pss\Adobe Acrobat Speed Launcher.lnk.CommonStartup
MSCONFIG\startupreg: Acrobat Assistant 7.0 => "C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Ditto => C:\Program Files\Ditto\Ditto.exe
MSCONFIG\startupreg: GoogleChromeAutoLaunch_9A83AADA066CCEA6F8C613E0AB5C7E19 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: HP Officejet Pro 8620 (NET) => "C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe" -deviceID "CN51QEK0D0:NW" -scfn "HP Officejet Pro 8620 (NET)" -AutoStart 1
MSCONFIG\startupreg: iCloudServices => "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
MSCONFIG\startupreg: IDrive Background process => "C:\Program Files (x86)\IDriveWindows\id_bglaunch.exe" min
MSCONFIG\startupreg: IDrive Tray => "C:\Program Files (x86)\IDriveWindows\id_tray.exe" min
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Vidyo Desktop => C:\Users\David\AppData\Local\Vidyo\Vidyo Desktop\VidyoDesktop.exe
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{065E6705-EB13-4243-B623-A9B4206E8362}] => (Allow) svchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{DB610348-9A6F-40C8-88E1-09704EEB9E86}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DFF0BC8F-3B55-4B7F-B7CA-B5AC01FE9131}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{DB9A9648-A7D5-408E-B0C7-5F53D5051019}C:\program files (x86)\idrivewindows\cmd_util\idwutil_600.exe] => (Allow) C:\program files (x86)\idrivewindows\cmd_util\idwutil_600.exe (Pro Softnet Corporation -> )
FirewallRules: [UDP Query User{775D7F89-68FB-482D-A68D-65E5FC73F11A}C:\program files (x86)\idrivewindows\cmd_util\idwutil_600.exe] => (Allow) C:\program files (x86)\idrivewindows\cmd_util\idwutil_600.exe (Pro Softnet Corporation -> )
FirewallRules: [{53942F69-4E0D-4914-8D8A-545A84CA80C0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{29775ECE-C826-4240-B32E-46144461FA62}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{363F9806-88B3-4E28-8F63-44B408210E9E}] => (Allow) C:\Program Files (x86)\Cisco\JabberVideo\JabberVideo.exe (Cisco Systems, Inc. -> Cisco)
FirewallRules: [{D0A606AC-B485-49B0-B1D0-BC3BA994DA35}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{DF00FCD5-1460-4B7E-AADA-C88C4C3A6BB0}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{55886C59-B9F3-436B-B045-351BFFFCB47E}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{477FA654-68FC-4D33-BEE1-D21CEA0928B4}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{A21EBB3C-5BAE-4E31-BE81-68A564B8967B}] => (Allow) LPort=5357
FirewallRules: [{077891EB-4C9B-4B1D-B04B-914D62F29CE6}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [TCP Query User{6957ECB4-F1DE-4E83-8203-99B553A33EFB}C:\program files (x86)\vidyo\vidyo desktop\vidyodesktop.exe] => (Allow) C:\program files (x86)\vidyo\vidyo desktop\vidyodesktop.exe (Vidyo Inc. -> Vidyo)
FirewallRules: [UDP Query User{FE5D0588-97EB-48FB-B93D-9BE4371735AE}C:\program files (x86)\vidyo\vidyo desktop\vidyodesktop.exe] => (Allow) C:\program files (x86)\vidyo\vidyo desktop\vidyodesktop.exe (Vidyo Inc. -> Vidyo)
FirewallRules: [TCP Query User{3DBA42E2-270A-4DC2-95FD-CB20E1E7F245}C:\program files (x86)\vidyo\vidyo desktop\vidyodesktop.exe] => (Allow) C:\program files (x86)\vidyo\vidyo desktop\vidyodesktop.exe (Vidyo Inc. -> Vidyo)
FirewallRules: [UDP Query User{1E91A196-3847-47E8-A121-AF7B4202210F}C:\program files (x86)\vidyo\vidyo desktop\vidyodesktop.exe] => (Allow) C:\program files (x86)\vidyo\vidyo desktop\vidyodesktop.exe (Vidyo Inc. -> Vidyo)
FirewallRules: [TCP Query User{04AEEDC7-CE2D-4B1D-B5FD-6FBC8ACCA13D}C:\program files\ditto\ditto.exe] => (Allow) C:\program files\ditto\ditto.exe () [File not signed]
FirewallRules: [UDP Query User{7F5876DE-5AED-4EAB-A550-13E88C1378CF}C:\program files\ditto\ditto.exe] => (Allow) C:\program files\ditto\ditto.exe () [File not signed]
FirewallRules: [TCP Query User{90401341-F257-4BC7-966F-0A8D5083E1F3}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{5379CA9F-8309-4ACB-98BC-5DE37F57EDAF}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C6D81044-7337-466B-9726-153F1A5D18B9}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8917634B-F6DC-455D-A3B3-2126215B1F48}] => (Allow) LPort=2869
FirewallRules: [{CE4C02C0-AE43-491A-9361-98C57B63177C}] => (Allow) LPort=1900
FirewallRules: [{D75EF71F-4A2F-4606-94EE-FBA31D2FD5A4}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AEF51192-9EDA-411D-80E8-76539E096A6A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1A0282BE-13DB-47A9-8284-4AED805E0E0D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0F3F93C4-88CC-433C-93E2-EF984B56B19C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{199BFB1A-9C3F-4E0E-A0E8-46D4B19AFC21}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A3F04520-A195-44F3-ADCD-F12D3D7325F5}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{3FD6C2D1-0F4F-4DFC-A246-4EAE6433AABA}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{0F9523C6-D362-4C98-8565-725CCB8D324D}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{EC83D596-11D4-4B3B-A2FC-688EBA280940}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [TCP Query User{CCFF0963-191C-4E99-AA87-520D08064A5E}C:\users\david\appdata\local\vidyo\vidyo desktop\vidyodesktop.exe] => (Allow) C:\users\david\appdata\local\vidyo\vidyo desktop\vidyodesktop.exe (Vidyo Inc. -> Vidyo)
FirewallRules: [UDP Query User{6BD53691-7394-443A-94E0-21FB179FC189}C:\users\david\appdata\local\vidyo\vidyo desktop\vidyodesktop.exe] => (Allow) C:\users\david\appdata\local\vidyo\vidyo desktop\vidyodesktop.exe (Vidyo Inc. -> Vidyo)
FirewallRules: [TCP Query User{376115B7-5659-4D5A-B613-E0AA5D8BF870}C:\users\david\appdata\local\vidyo\vidyo desktop\vidyodesktop.exe] => (Allow) C:\users\david\appdata\local\vidyo\vidyo desktop\vidyodesktop.exe (Vidyo Inc. -> Vidyo)
FirewallRules: [UDP Query User{1C633629-B921-4DA6-B43A-D8FE5DBE8DB3}C:\users\david\appdata\local\vidyo\vidyo desktop\vidyodesktop.exe] => (Allow) C:\users\david\appdata\local\vidyo\vidyo desktop\vidyodesktop.exe (Vidyo Inc. -> Vidyo)
FirewallRules: [{18B70D74-1919-4319-AE3D-E4103F0277E7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{0ACE7536-94CB-4E42-8828-E9BC5FA66B3B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{63501C9E-A089-476D-8DDD-CAC07C458B68}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{7B428C8A-3A26-4F8F-916F-D3C525766D68}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{54135BDD-1604-4BAF-A7C3-03277CC21D73}] => (Allow) C:\Users\David\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{8B3BAC87-19DD-40FD-8405-3002E1F35387}] => (Allow) C:\Users\David\AppData\Roaming\Zoom\bin\airhost.exe No File
FirewallRules: [{4DAEB96C-9676-4AF7-ADCC-5277084F8C7A}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5905743F-12F8-45D2-A948-9A39ACCE60D7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{8F0D460D-14A3-4139-A882-EB71C8107C1C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{C077E645-0392-4BD0-8A7A-36205F61766F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{2F418ADA-17EA-4CAB-97A9-6C185B891143}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{132DED1B-82B5-405B-9B12-A2D2C6D78359}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{E6C260CE-6D18-48BC-ABB9-3E16C2B52AFB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{EEFC82F5-E3E3-4C10-BC82-74ED21830793}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File
FirewallRules: [{EB10AAFB-0047-4891-AB30-04518561B563}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File
FirewallRules: [{8525A772-4F7E-494F-A407-CA77538A3181}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{2665AD5F-6268-417B-9C5D-848B7C461023}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{A189B240-14D4-43AD-9C58-03396B8D9A2B}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E25E7B9B-7EBF-4887-BF64-3A5477A45A3F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{2D18735B-1F98-40A6-922C-315D74D0F5AD}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
 
==================== Restore Points =========================
 
07-06-2019 12:29:43 Windows Update
10-06-2019 04:32:19 Windows Update
12-06-2019 03:00:11 Windows Update
22-06-2019 10:49:49 Windows Update
22-06-2019 13:32:59 Windows Update
25-06-2019 14:45:41 Windows Update
02-07-2019 08:01:00 Windows Update
05-07-2019 10:55:53 Windows Update
 
==================== Faulty Device Manager Devices =============
 
Name: TunnelBear Adapter V9
Description: TunnelBear Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TunnelBear Provider V9
Service: tap-tb-0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: semav6msr64
Description: semav6msr64
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: semav6msr64
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/05/2019 11:20:18 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Users\David\AppData\Local\join.me\join.me.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24470_none_e3721c9d30fc520b.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24470_none_2b1f537445787b11.manifest.
 
Error: (07/05/2019 11:08:59 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Users\David\AppData\Local\join.me\join.me.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24470_none_e3721c9d30fc520b.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24470_none_2b1f537445787b11.manifest.
 
Error: (07/05/2019 11:08:41 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Users\David\AppData\Local\join.me\join.me.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24470_none_e3721c9d30fc520b.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24470_none_2b1f537445787b11.manifest.
 
Error: (07/05/2019 10:52:54 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Users\David\AppData\Local\join.me\join.me.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24470_none_e3721c9d30fc520b.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.24470_none_2b1f537445787b11.manifest.
 
Error: (07/05/2019 10:52:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 60.7.0.7005, time stamp: 0x00000000
Faulting module name: mozglue.dll, version: 60.7.0.7005, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00075674
Faulting process id: 0x1798
Faulting application start time: 0x01d532714082b071
Faulting application path: C:\Users\David\Desktop\Tor 756\Browser\firefox.exe
Faulting module path: C:\Users\David\Desktop\Tor 756\Browser\mozglue.dll
Report Id: 90c03637-9f34-11e9-8fe2-506313be15bf
 
Error: (07/05/2019 10:52:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 87039806
 
Error: (07/05/2019 10:52:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 87039806
 
Error: (07/05/2019 10:52:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (07/04/2019 10:22:27 AM) (Source: BROWSER) (EventID: 8032) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{1F263251-2FA4-4C80-AED7-F2A2B03E0301}.
The backup browser is stopping.
 
Error: (07/04/2019 10:06:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The semav6msr64 service failed to start due to the following error: 
The system cannot find the file specified.
 
Error: (07/04/2019 10:06:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The semav6msr64 service failed to start due to the following error: 
The system cannot find the file specified.
 
Error: (07/04/2019 10:03:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Intel® System Usage Report Service SystemUsageReportSvc_QUEENCREEK service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (07/04/2019 10:03:14 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Intel® System Usage Report Service SystemUsageReportSvc_QUEENCREEK service to connect.
 
Error: (07/04/2019 10:02:43 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.
 
Error: (07/04/2019 10:01:20 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The CSR OBEX Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (07/04/2019 09:47:15 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.
 
 
==================== Memory info =========================== 
 
BIOS: INSYDE R3031C3 10/04/2011
Motherboard: Sony Corporation VAIO
Processor: Intel® Core™ i7 CPU M 620 @ 2.67GHz
Percentage of memory in use: 93%
Total physical RAM: 3765.82 MB
Available physical RAM: 226.5 MB
Total Virtual: 7875.47 MB
Available Virtual: 676.53 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:232.1 GB) (Free:73.18 GB) NTFS
 
\\?\Volume{fefa5b2b-9a1f-11e5-94d6-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{fefa5b2a-9a1f-11e5-94d6-806e6f6e6963}\ (Recovery) (Fixed) (Total:6.28 GB) (Free:0.84 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: 354C2441)
Partition 1: (Not Active) - (Size=6.3 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=232.1 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================


#4 Juliet

Juliet

    SuperHelper

  • Retired Classroom Teacher
  • 7,317 posts
  • Interests:Boo!....
  • MVP

Posted 06 July 2019 - 04:28 PM

Start Farbar Recovery Scan Tool with Administrator privileges
(Right click on the FRST icon and select Run as administrator)

highlight on the text below and select Copy.
beginning with Start:: and finishing with End::
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Highlight the entire content of the quote box below and select Copy.

 

Start::
CloseProcesses:
CreateRestorePoint:
Task: {11541F89-0F9F-4A97-BCBC-ADF1BC0C2458} - System32\Tasks\{D9B14A08-5B87-4D00-B591-36461E63AC97} => C:\Windows\system32\pcalua.exe -a C:\Users\David\AppData\Local\Temp\jre-8u181-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {1BBA3A20-4CB7-4F75-9885-973CCA69CA7D} - System32\Tasks\Sony\Java Update => C:\Program Files\Java\jre6\bin\jusched.exe
U3 aswbdisk; no ImagePath
U2 MSSQL$DDNI; no ImagePath
U2 Oasis2Service; no ImagePath
S3 semav6msr64; \??\C:\Windows\system32\drivers\semav6msr64.sys [X]
U2 VCFw; no ImagePath
CustomCLSID: HKU\S-1-5-21-1133073292-3603896812-4173062283-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07052019105414055_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => No File
CustomCLSID: HKU\S-1-5-21-1133073292-3603896812-4173062283-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShortcutWithArgument: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
FirewallRules: [{8B3BAC87-19DD-40FD-8405-3002E1F35387}] => (Allow) C:\Users\David\AppData\Roaming\Zoom\bin\airhost.exe No File
FirewallRules: [{EEFC82F5-E3E3-4C10-BC82-74ED21830793}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File
FirewallRules: [{EB10AAFB-0047-4891-AB30-04518561B563}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File
C:\Windows\Temp\*.*
End::

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Start FRST (FRST64) with Administrator privileges
Press the Fix button. FRST will process the lines copied above from the clipboard.
When finished, a log file Fixlog.txt will pop up and saved in the same location the tool was ran from.

Please copy and paste its contents in your next reply.

~~~~~~~~~~~~~~~~~~~~~~

zcMPezJ.pngAdwCleaner - Fix Mode
  • Download AdwCleaner and move it to your Desktop
  • Right-click on AdwCleaner.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Accept the EULA (I accept), then click on Scan
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Clean & Repair button. This will kill all the active processes
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply
~~~~~~~~~~~~~~~~~~~~~~~~`
RQKuhw1.pngRogueKiller
  • Download the right version of RogueKiller for your Windows version (32 or 64-bit)
  • Once done, move the executable file to your Desktop, right-click on it and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Click on the Start Scan button in the right panel, which will bring you to another tab, and click on it again (this time it'll be in the bottom right corner)
  • Wait for the scan to complete
  • On completion, the results will be displayed
  • Check every single entry (threat found), and click on the Remove Selected button
  • On completion, the results will be displayed. Click on the Open Report button in the bottom left corner, followed by the Open TXT button (also in the bottom left corner)
  • This will open the report in Notepad. Copy/paste its content in your next reply
created by Aura

P;ease post these 3 logs when finished.
Sometimes the angels fly close enough to you that you can hear the flutter of their wings...


MS - MVP Consumer Security 2009 - 2016, WI-MVP 2016-17
Antivirus Scanners Online Scanners Firewalls Slow Computer??

#5 dpculbertson

dpculbertson

    New Member

  • Authentic Member
  • Pip
  • 16 posts

Posted 06 July 2019 - 06:30 PM

Hi Juliet,

 

Thank you for your assistance.  Below is the fixlog.txt log.  I will send the other two after generating them.

 

David

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 3-07-2019
Ran by David (06-07-2019 20:08:34) Run:1
Running from C:\Users\David\Desktop
Loaded Profiles: David &  (Available Profiles: David)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
Task: {11541F89-0F9F-4A97-BCBC-ADF1BC0C2458} - System32\Tasks\{D9B14A08-5B87-4D00-B591-36461E63AC97} => C:\Windows\system32\pcalua.exe -a C:\Users\David\AppData\Local\Temp\jre-8u181-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {1BBA3A20-4CB7-4F75-9885-973CCA69CA7D} - System32\Tasks\Sony\Java Update => C:\Program Files\Java\jre6\bin\jusched.exe
U3 aswbdisk; no ImagePath
U2 MSSQL$DDNI; no ImagePath
U2 Oasis2Service; no ImagePath
S3 semav6msr64; \??\C:\Windows\system32\drivers\semav6msr64.sys [X]
U2 VCFw; no ImagePath
CustomCLSID: HKU\S-1-5-21-1133073292-3603896812-4173062283-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07052019105414055_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => No File
CustomCLSID: HKU\S-1-5-21-1133073292-3603896812-4173062283-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShortcutWithArgument: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
FirewallRules: [{8B3BAC87-19DD-40FD-8405-3002E1F35387}] => (Allow) C:\Users\David\AppData\Roaming\Zoom\bin\airhost.exe No File
FirewallRules: [{EEFC82F5-E3E3-4C10-BC82-74ED21830793}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File
FirewallRules: [{EB10AAFB-0047-4891-AB30-04518561B563}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File
C:\Windows\Temp\*.*
 
*****************
 
Processes closed successfully.
Restore point was successfully created.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{11541F89-0F9F-4A97-BCBC-ADF1BC0C2458}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11541F89-0F9F-4A97-BCBC-ADF1BC0C2458}" => removed successfully
C:\Windows\System32\Tasks\{D9B14A08-5B87-4D00-B591-36461E63AC97} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D9B14A08-5B87-4D00-B591-36461E63AC97}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1BBA3A20-4CB7-4F75-9885-973CCA69CA7D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BBA3A20-4CB7-4F75-9885-973CCA69CA7D}" => removed successfully
C:\Windows\System32\Tasks\Sony\Java Update => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Sony\Java Update" => removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => removed successfully
aswbdisk => service removed successfully
HKLM\System\CurrentControlSet\Services\MSSQL$DDNI => removed successfully
MSSQL$DDNI => service removed successfully
HKLM\System\CurrentControlSet\Services\Oasis2Service => removed successfully
Oasis2Service => service removed successfully
HKLM\System\CurrentControlSet\Services\semav6msr64 => removed successfully
semav6msr64 => service removed successfully
HKLM\System\CurrentControlSet\Services\VCFw => removed successfully
VCFw => service removed successfully
CustomCLSID: HKU\S-1-5-21-1133073292-3603896812-4173062283-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07052019105414055_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\David\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => No File => Error: No automatic fix found for this entry.
HKU\S-1-5-21-1133073292-3603896812-4173062283-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk => Shortcut argument removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8B3BAC87-19DD-40FD-8405-3002E1F35387}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EEFC82F5-E3E3-4C10-BC82-74ED21830793}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EB10AAFB-0047-4891-AB30-04518561B563}" => removed successfully
 
=========== "C:\Windows\Temp\*.*" ==========
 
C:\Windows\Temp\.ses => moved successfully
C:\Windows\Temp\.session => moved successfully
C:\Windows\Temp\.session64 => moved successfully
C:\Windows\Temp\AdobeARM.log => moved successfully
C:\Windows\Temp\AdobeARM_NotLocked.log => moved successfully
C:\Windows\Temp\aria-debug-10096.log => moved successfully
C:\Windows\Temp\aria-debug-10104.log => moved successfully
C:\Windows\Temp\aria-debug-10128.log => moved successfully
C:\Windows\Temp\aria-debug-10196.log => moved successfully
C:\Windows\Temp\aria-debug-10260.log => moved successfully
C:\Windows\Temp\aria-debug-10388.log => moved successfully
C:\Windows\Temp\aria-debug-1044.log => moved successfully
C:\Windows\Temp\aria-debug-10488.log => moved successfully
C:\Windows\Temp\aria-debug-10644.log => moved successfully
C:\Windows\Temp\aria-debug-10732.log => moved successfully
C:\Windows\Temp\aria-debug-10904.log => moved successfully
C:\Windows\Temp\aria-debug-10908.log => moved successfully
C:\Windows\Temp\aria-debug-10968.log => moved successfully
C:\Windows\Temp\aria-debug-11000.log => moved successfully
C:\Windows\Temp\aria-debug-11012.log => moved successfully
C:\Windows\Temp\aria-debug-11088.log => moved successfully
C:\Windows\Temp\aria-debug-11108.log => moved successfully
C:\Windows\Temp\aria-debug-11184.log => moved successfully
C:\Windows\Temp\aria-debug-11188.log => moved successfully
C:\Windows\Temp\aria-debug-11472.log => moved successfully
C:\Windows\Temp\aria-debug-11688.log => moved successfully
C:\Windows\Temp\aria-debug-11932.log => moved successfully
C:\Windows\Temp\aria-debug-11936.log => moved successfully
C:\Windows\Temp\aria-debug-11940.log => moved successfully
C:\Windows\Temp\aria-debug-11952.log => moved successfully
C:\Windows\Temp\aria-debug-1208.log => moved successfully
C:\Windows\Temp\aria-debug-12108.log => moved successfully
C:\Windows\Temp\aria-debug-12136.log => moved successfully
C:\Windows\Temp\aria-debug-12192.log => moved successfully
C:\Windows\Temp\aria-debug-12240.log => moved successfully
C:\Windows\Temp\aria-debug-12256.log => moved successfully
C:\Windows\Temp\aria-debug-1232.log => moved successfully
C:\Windows\Temp\aria-debug-12368.log => moved successfully
C:\Windows\Temp\aria-debug-12476.log => moved successfully
C:\Windows\Temp\aria-debug-1260.log => moved successfully
C:\Windows\Temp\aria-debug-12632.log => moved successfully
C:\Windows\Temp\aria-debug-12752.log => moved successfully
C:\Windows\Temp\aria-debug-12792.log => moved successfully
C:\Windows\Temp\aria-debug-12848.log => moved successfully
C:\Windows\Temp\aria-debug-12876.log => moved successfully
C:\Windows\Temp\aria-debug-12904.log => moved successfully
C:\Windows\Temp\aria-debug-13040.log => moved successfully
C:\Windows\Temp\aria-debug-13368.log => moved successfully
C:\Windows\Temp\aria-debug-13772.log => moved successfully
C:\Windows\Temp\aria-debug-13844.log => moved successfully
C:\Windows\Temp\aria-debug-14080.log => moved successfully
C:\Windows\Temp\aria-debug-14168.log => moved successfully
C:\Windows\Temp\aria-debug-14292.log => moved successfully
C:\Windows\Temp\aria-debug-1468.log => moved successfully
C:\Windows\Temp\aria-debug-14852.log => moved successfully
C:\Windows\Temp\aria-debug-15116.log => moved successfully
C:\Windows\Temp\aria-debug-1532.log => moved successfully
C:\Windows\Temp\aria-debug-15620.log => moved successfully
C:\Windows\Temp\aria-debug-1588.log => moved successfully
C:\Windows\Temp\aria-debug-15888.log => moved successfully
C:\Windows\Temp\aria-debug-1592.log => moved successfully
C:\Windows\Temp\aria-debug-1596.log => moved successfully
C:\Windows\Temp\aria-debug-1604.log => moved successfully
C:\Windows\Temp\aria-debug-16048.log => moved successfully
C:\Windows\Temp\aria-debug-16212.log => moved successfully
C:\Windows\Temp\aria-debug-16548.log => moved successfully
C:\Windows\Temp\aria-debug-1664.log => moved successfully
C:\Windows\Temp\aria-debug-16724.log => moved successfully
C:\Windows\Temp\aria-debug-1708.log => moved successfully
C:\Windows\Temp\aria-debug-17200.log => moved successfully
C:\Windows\Temp\aria-debug-1728.log => moved successfully
C:\Windows\Temp\aria-debug-17380.log => moved successfully
C:\Windows\Temp\aria-debug-17992.log => moved successfully
C:\Windows\Temp\aria-debug-1800.log => moved successfully
C:\Windows\Temp\aria-debug-1812.log => moved successfully
C:\Windows\Temp\aria-debug-18144.log => moved successfully
C:\Windows\Temp\aria-debug-18168.log => moved successfully
C:\Windows\Temp\aria-debug-18252.log => moved successfully
C:\Windows\Temp\aria-debug-18460.log => moved successfully
C:\Windows\Temp\aria-debug-18492.log => moved successfully
C:\Windows\Temp\aria-debug-1852.log => moved successfully
C:\Windows\Temp\aria-debug-18644.log => moved successfully
C:\Windows\Temp\aria-debug-1872.log => moved successfully
C:\Windows\Temp\aria-debug-18812.log => moved successfully
C:\Windows\Temp\aria-debug-1888.log => moved successfully
C:\Windows\Temp\aria-debug-19260.log => moved successfully
C:\Windows\Temp\aria-debug-19372.log => moved successfully
C:\Windows\Temp\aria-debug-19380.log => moved successfully
C:\Windows\Temp\aria-debug-1964.log => moved successfully
C:\Windows\Temp\aria-debug-19852.log => moved successfully
C:\Windows\Temp\aria-debug-20300.log => moved successfully
C:\Windows\Temp\aria-debug-2040.log => moved successfully
C:\Windows\Temp\aria-debug-20620.log => moved successfully
C:\Windows\Temp\aria-debug-20716.log => moved successfully
C:\Windows\Temp\aria-debug-2088.log => moved successfully
C:\Windows\Temp\aria-debug-2100.log => moved successfully
C:\Windows\Temp\aria-debug-21124.log => moved successfully
C:\Windows\Temp\aria-debug-21348.log => moved successfully
C:\Windows\Temp\aria-debug-2156.log => moved successfully
C:\Windows\Temp\aria-debug-23120.log => moved successfully
C:\Windows\Temp\aria-debug-23136.log => moved successfully
C:\Windows\Temp\aria-debug-2420.log => moved successfully
C:\Windows\Temp\aria-debug-24980.log => moved successfully
C:\Windows\Temp\aria-debug-2500.log => moved successfully
C:\Windows\Temp\aria-debug-25408.log => moved successfully
C:\Windows\Temp\aria-debug-2560.log => moved successfully
C:\Windows\Temp\aria-debug-27288.log => moved successfully
C:\Windows\Temp\aria-debug-2740.log => moved successfully
C:\Windows\Temp\aria-debug-2776.log => moved successfully
C:\Windows\Temp\aria-debug-280.log => moved successfully
C:\Windows\Temp\aria-debug-2876.log => moved successfully
C:\Windows\Temp\aria-debug-2888.log => moved successfully
C:\Windows\Temp\aria-debug-29944.log => moved successfully
C:\Windows\Temp\aria-debug-31272.log => moved successfully
C:\Windows\Temp\aria-debug-3172.log => moved successfully
C:\Windows\Temp\aria-debug-3200.log => moved successfully
C:\Windows\Temp\aria-debug-328.log => moved successfully
C:\Windows\Temp\aria-debug-3300.log => moved successfully
C:\Windows\Temp\aria-debug-3320.log => moved successfully
C:\Windows\Temp\aria-debug-3496.log => moved successfully
C:\Windows\Temp\aria-debug-36088.log => moved successfully
C:\Windows\Temp\aria-debug-3692.log => moved successfully
C:\Windows\Temp\aria-debug-38948.log => moved successfully
C:\Windows\Temp\aria-debug-40460.log => moved successfully
C:\Windows\Temp\aria-debug-4048.log => moved successfully
C:\Windows\Temp\aria-debug-4412.log => moved successfully
C:\Windows\Temp\aria-debug-4508.log => moved successfully
C:\Windows\Temp\aria-debug-4524.log => moved successfully
C:\Windows\Temp\aria-debug-45356.log => moved successfully
C:\Windows\Temp\aria-debug-4576.log => moved successfully
C:\Windows\Temp\aria-debug-4620.log => moved successfully
C:\Windows\Temp\aria-debug-4680.log => moved successfully
C:\Windows\Temp\aria-debug-4688.log => moved successfully
C:\Windows\Temp\aria-debug-4720.log => moved successfully
C:\Windows\Temp\aria-debug-4888.log => moved successfully
C:\Windows\Temp\aria-debug-4920.log => moved successfully
C:\Windows\Temp\aria-debug-4960.log => moved successfully
C:\Windows\Temp\aria-debug-5004.log => moved successfully
C:\Windows\Temp\aria-debug-5024.log => moved successfully
C:\Windows\Temp\aria-debug-5072.log => moved successfully
C:\Windows\Temp\aria-debug-5104.log => moved successfully
C:\Windows\Temp\aria-debug-5140.log => moved successfully
C:\Windows\Temp\aria-debug-52220.log => moved successfully
C:\Windows\Temp\aria-debug-5236.log => moved successfully
C:\Windows\Temp\aria-debug-5408.log => moved successfully
C:\Windows\Temp\aria-debug-5480.log => moved successfully
C:\Windows\Temp\aria-debug-5508.log => moved successfully
C:\Windows\Temp\aria-debug-5568.log => moved successfully
C:\Windows\Temp\aria-debug-5596.log => moved successfully
C:\Windows\Temp\aria-debug-56020.log => moved successfully
C:\Windows\Temp\aria-debug-564.log => moved successfully
C:\Windows\Temp\aria-debug-5748.log => moved successfully
C:\Windows\Temp\aria-debug-5768.log => moved successfully
C:\Windows\Temp\aria-debug-5904.log => moved successfully
C:\Windows\Temp\aria-debug-6040.log => moved successfully
C:\Windows\Temp\aria-debug-61692.log => moved successfully
C:\Windows\Temp\aria-debug-6224.log => moved successfully
C:\Windows\Temp\aria-debug-6244.log => moved successfully
C:\Windows\Temp\aria-debug-6344.log => moved successfully
C:\Windows\Temp\aria-debug-6376.log => moved successfully
C:\Windows\Temp\aria-debug-6416.log => moved successfully
C:\Windows\Temp\aria-debug-6556.log => moved successfully
C:\Windows\Temp\aria-debug-7132.log => moved successfully
C:\Windows\Temp\aria-debug-716.log => moved successfully
C:\Windows\Temp\aria-debug-7196.log => moved successfully
C:\Windows\Temp\aria-debug-7436.log => moved successfully
C:\Windows\Temp\aria-debug-7440.log => moved successfully
C:\Windows\Temp\aria-debug-74560.log => moved successfully
C:\Windows\Temp\aria-debug-752.log => moved successfully
C:\Windows\Temp\aria-debug-7520.log => moved successfully
C:\Windows\Temp\aria-debug-7692.log => moved successfully
C:\Windows\Temp\aria-debug-77556.log => moved successfully
C:\Windows\Temp\aria-debug-7764.log => moved successfully
C:\Windows\Temp\aria-debug-7804.log => moved successfully
C:\Windows\Temp\aria-debug-7832.log => moved successfully
C:\Windows\Temp\aria-debug-7844.log => moved successfully
C:\Windows\Temp\aria-debug-81816.log => moved successfully
C:\Windows\Temp\aria-debug-8224.log => moved successfully
C:\Windows\Temp\aria-debug-82384.log => moved successfully
C:\Windows\Temp\aria-debug-8256.log => moved successfully
C:\Windows\Temp\aria-debug-8368.log => moved successfully
C:\Windows\Temp\aria-debug-8384.log => moved successfully
C:\Windows\Temp\aria-debug-84408.log => moved successfully
C:\Windows\Temp\aria-debug-85664.log => moved successfully
C:\Windows\Temp\aria-debug-86932.log => moved successfully
C:\Windows\Temp\aria-debug-8748.log => moved successfully
C:\Windows\Temp\aria-debug-8780.log => moved successfully
C:\Windows\Temp\aria-debug-8792.log => moved successfully
C:\Windows\Temp\aria-debug-8868.log => moved successfully
C:\Windows\Temp\aria-debug-8928.log => moved successfully
C:\Windows\Temp\aria-debug-8984.log => moved successfully
C:\Windows\Temp\aria-debug-9108.log => moved successfully
C:\Windows\Temp\aria-debug-9148.log => moved successfully
C:\Windows\Temp\aria-debug-9176.log => moved successfully
C:\Windows\Temp\aria-debug-9268.log => moved successfully
C:\Windows\Temp\aria-debug-9312.log => moved successfully
C:\Windows\Temp\aria-debug-9324.log => moved successfully
C:\Windows\Temp\aria-debug-9328.log => moved successfully
C:\Windows\Temp\aria-debug-94516.log => moved successfully
C:\Windows\Temp\aria-debug-9464.log => moved successfully
C:\Windows\Temp\aria-debug-9684.log => moved successfully
C:\Windows\Temp\aria-debug-9820.log => moved successfully
C:\Windows\Temp\ArmUI.ini => moved successfully
C:\Windows\Temp\ASPNETSetup_00000.log => moved successfully
C:\Windows\Temp\ASPNETSetup_00001.log => moved successfully
C:\Windows\Temp\ASPNETSetup_00002.log => moved successfully
C:\Windows\Temp\ASPNETSetup_00003.log => moved successfully
C:\Windows\Temp\ASPNETSetup_00004.log => moved successfully
C:\Windows\Temp\ASPNETSetup_00005.log => moved successfully
C:\Windows\Temp\chrome_installer.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190129-1720.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190129-1727.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190129-1733.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190129-1733a.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190129-1817.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190131-0406.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190131-0406a.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190131-0732.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190131-0801.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190201-0454.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190201-0644.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190202-0708.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190202-1235.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190203-0508.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190203-1434.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190204-0605.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190204-0918.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190204-1521.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190204-1528.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190204-1530.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190204-1535.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190204-1535a.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190204-1535b.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190204-1956.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190205-0659.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190205-1112.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190205-1115.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190205-1619.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190205-1620.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190206-0616.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190206-0743.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190206-1312.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190207-0554.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190207-0822.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190207-0943.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190208-0527.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190208-0955.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190209-0610.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190209-0901.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190210-0827.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190210-1438.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190211-0322.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190211-0451.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190211-0740.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190211-1010.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190211-1142.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190212-0534.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190212-0559.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190212-0604.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190212-0609.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190212-0623.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190212-0906.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190213-0252.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190213-0419.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190213-0437.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190314-0835.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190314-0838.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190314-0919.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190314-0930.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190314-0932.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190314-0935.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190314-1038.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190314-1038a.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190314-1039.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190314-1127.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190314-1731.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190314-1756.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190315-0324.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190315-0334.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190315-0415.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190328-0746.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190328-0755.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190328-0756.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190328-0758.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190328-1331.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190329-0657.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190329-0824.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190329-1013.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190329-1014.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190401-0502.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190401-0502a.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190401-0510.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190401-0553.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190401-0721.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190401-0734.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190401-0803.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190424-1306.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190424-1316.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190424-1343.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190424-1343a.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190424-1344.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190424-1356.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190425-0354.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190425-0354a.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190425-0354b.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190425-0354c.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190425-0355.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190425-0401.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190425-0413.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190425-0511.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190425-0522.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190426-0350.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190426-0659.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190426-0702.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190426-0705.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190426-0715.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190426-0854.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190426-0854a.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190427-0540.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190427-1220.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190427-1221.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190427-1224.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190427-1224a.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190427-1224b.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190427-1224c.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190427-1712.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190427-1840.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190427-1848.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190427-1857.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190427-1905.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190427-2250.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190428-0406.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190428-0450.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190428-1551.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190428-1552.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190430-0933.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190430-0938.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190430-0945.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190430-0945a.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190430-1001.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190430-1110.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190501-0446.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190501-0816.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190502-0506.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190502-0944.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190503-0552.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190503-0553.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190503-0556.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190503-0556a.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190503-0557.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190503-0557a.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190504-0435.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190504-0544.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190505-0403.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190505-0822.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190505-0823.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190506-0518.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190506-0849.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190509-0804.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190509-0813.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190509-0816.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190509-0817.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190509-1040.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190514-0735.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190514-0737.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190514-0740.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190514-0801.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190514-0802.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190514-0803.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190514-0854.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190515-0444.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190515-0559.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190515-0609.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190515-0737.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190515-0738.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190516-0337.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190516-0344.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190516-0754.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190516-1239.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190517-0502.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190517-0519.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190517-1053.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190517-1334.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190517-1334a.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190517-1336.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190517-1336a.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190517-1337.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190517-1337a.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190518-0439.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190518-0442.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190519-0514.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190519-0514a.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190519-0747.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190520-0642.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190520-1015.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190520-1405.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190521-0901.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190521-1335.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190522-0603.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190522-1054.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190522-1258.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190523-0328.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190523-0948.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190523-1012.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190523-1203.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190524-0829.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190524-0852.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190525-0836.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190525-1220.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190525-1221.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190525-1224.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190525-1224a.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190525-1224b.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190525-1224c.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190526-0812.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190526-1025.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190527-0542.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190527-0542a.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190527-0737.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190528-0404.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190528-0717.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190528-0723.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190528-0916.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190529-0345.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190529-0427.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190530-0302.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190530-0604.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190530-2002.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190604-0814.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190604-0816.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190604-0823.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190604-0826.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190604-0841.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190604-0842.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190604-0843.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190605-0545.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190605-0645.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190606-0500.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190606-0606.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190606-0607.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190606-0702.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190606-0731.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190606-1035.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190607-0430.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190607-0900.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190607-0929.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190607-0941.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190607-1200.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190607-1559.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190610-0154.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190610-0154a.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190610-0156.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190610-0203.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190610-0204.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190610-0205.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190610-0731.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190610-0741.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190610-0741a.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190610-1034.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190610-1338.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190610-1642.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190610-1946.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190611-0012.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190611-0644.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190611-0645.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190611-0708.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190611-0813.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190611-0851.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190611-1011.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190611-1044.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190611-1232.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190611-1244.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190611-1335.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190611-1352.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190611-1546.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190612-0325.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190612-0335.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190612-0407.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190612-0439.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190619-1206.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190619-1209.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190619-1209a.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190619-1209b.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190619-1216.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190619-1216a.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190619-1233.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190622-1040.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190622-1046.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190622-1047.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190622-1100.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190622-1110.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190622-1431.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190622-1434.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190622-1612.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190622-1647.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190622-1749.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190623-0916.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190623-1436.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190624-0448.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190624-0538.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190624-0842.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190624-1242.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190625-0830.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190625-1327.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190626-0548.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190626-0918.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190702-0808.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190702-0808a.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190702-0809.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190702-0813.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190702-0813a.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190702-0813b.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190702-1017.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190704-0842.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190704-0842a.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190704-0843.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190704-0929.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190704-0935.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190704-1002.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190704-1008.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190705-1105.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190705-1106.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190705-1307.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190705-1323.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190705-1617.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190705-1803.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190705-2203.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190706-0335.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190706-0445.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190706-1120.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190706-1302.log => moved successfully
C:\Windows\Temp\DAVID-VAIO-20190706-1451.log => moved successfully
Could not move "C:\Windows\Temp\DAVID-VAIO-20190706-2008.log" => Scheduled to move on reboot.
C:\Windows\Temp\dd_ndp46-kb4483451-x64_decompression_log.txt => moved successfully
C:\Windows\Temp\dd_NDP46-KB4495588-x64_decompression_log.txt => moved successfully
C:\Windows\Temp\dd_NDP47-KB4502558-x64_decompression_log.txt => moved successfully
C:\Windows\Temp\dd_wcf_CA_smci_20190213_101808_515.txt => moved successfully
C:\Windows\Temp\dd_wcf_CA_smci_20190213_101809_264.txt => moved successfully
C:\Windows\Temp\dd_wcf_CA_smci_20190515_071328_776.txt => moved successfully
C:\Windows\Temp\dd_wcf_CA_smci_20190515_071339_654.txt => moved successfully
C:\Windows\Temp\dd_wcf_CA_smci_20190622_174943_814.txt => moved successfully
C:\Windows\Temp\dd_wcf_CA_smci_20190622_174946_731.txt => moved successfully
C:\Windows\Temp\fwtsqmfile00.sqm => moved successfully
C:\Windows\Temp\fwtsqmfile01.sqm => moved successfully
C:\Windows\Temp\fwtsqmfile02.sqm => moved successfully
C:\Windows\Temp\fwtsqmfile03.sqm => moved successfully
C:\Windows\Temp\fwtsqmfile04.sqm => moved successfully
Could not move "C:\Windows\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
Could not move "C:\Windows\Temp\FXSTIFFDebugLogFile.txt" => Scheduled to move on reboot.
C:\Windows\Temp\KB4483451_20190213_051736067-Microsoft .NET Framework 4.7.2-MSP0.txt => moved successfully
C:\Windows\Temp\KB4483451_20190213_051736067.html => moved successfully
C:\Windows\Temp\KB4495588_20190515_030124309-Microsoft .NET Framework 4.7.2-MSP0.txt => moved successfully
C:\Windows\Temp\KB4495588_20190515_030124309.html => moved successfully
C:\Windows\Temp\KB4502558_20190622_134749367-Microsoft .NET Framework 4.7.2-MSP0.txt => moved successfully
C:\Windows\Temp\KB4502558_20190622_134749367.html => moved successfully
C:\Windows\Temp\mat-debug-10036.log => moved successfully
C:\Windows\Temp\mat-debug-10124.log => moved successfully
C:\Windows\Temp\mat-debug-10132.log => moved successfully
C:\Windows\Temp\mat-debug-10196.log => moved successfully
C:\Windows\Temp\mat-debug-1032.log => moved successfully
C:\Windows\Temp\mat-debug-10480.log => moved successfully
C:\Windows\Temp\mat-debug-10512.log => moved successfully
C:\Windows\Temp\mat-debug-10548.log => moved successfully
C:\Windows\Temp\mat-debug-10788.log => moved successfully
C:\Windows\Temp\mat-debug-11016.log => moved successfully
C:\Windows\Temp\mat-debug-11068.log => moved successfully
C:\Windows\Temp\mat-debug-11692.log => moved successfully
C:\Windows\Temp\mat-debug-11764.log => moved successfully
C:\Windows\Temp\mat-debug-11880.log => moved successfully
C:\Windows\Temp\mat-debug-11888.log => moved successfully
C:\Windows\Temp\mat-debug-1200.log => moved successfully
C:\Windows\Temp\mat-debug-12072.log => moved successfully
C:\Windows\Temp\mat-debug-12092.log => moved successfully
C:\Windows\Temp\mat-debug-12536.log => moved successfully
C:\Windows\Temp\mat-debug-12680.log => moved successfully
C:\Windows\Temp\mat-debug-12748.log => moved successfully
C:\Windows\Temp\mat-debug-12792.log => moved successfully
C:\Windows\Temp\mat-debug-12860.log => moved successfully
C:\Windows\Temp\mat-debug-13056.log => moved successfully
C:\Windows\Temp\mat-debug-13196.log => moved successfully
C:\Windows\Temp\mat-debug-13220.log => moved successfully
C:\Windows\Temp\mat-debug-1324.log => moved successfully
C:\Windows\Temp\mat-debug-13268.log => moved successfully
C:\Windows\Temp\mat-debug-13296.log => moved successfully
C:\Windows\Temp\mat-debug-13464.log => moved successfully
C:\Windows\Temp\mat-debug-1356.log => moved successfully
C:\Windows\Temp\mat-debug-13576.log => moved successfully
C:\Windows\Temp\mat-debug-1504.log => moved successfully
C:\Windows\Temp\mat-debug-1544.log => moved successfully
C:\Windows\Temp\mat-debug-1556.log => moved successfully
C:\Windows\Temp\mat-debug-1560.log => moved successfully
C:\Windows\Temp\mat-debug-1568.log => moved successfully
C:\Windows\Temp\mat-debug-1580.log => moved successfully
C:\Windows\Temp\mat-debug-1588.log => moved successfully
C:\Windows\Temp\mat-debug-2580.log => moved successfully
C:\Windows\Temp\mat-debug-2880.log => moved successfully
C:\Windows\Temp\mat-debug-3140.log => moved successfully
C:\Windows\Temp\mat-debug-3192.log => moved successfully
C:\Windows\Temp\mat-debug-3308.log => moved successfully
C:\Windows\Temp\mat-debug-3364.log => moved successfully
C:\Windows\Temp\mat-debug-3824.log => moved successfully
C:\Windows\Temp\mat-debug-3884.log => moved successfully
C:\Windows\Temp\mat-debug-4016.log => moved successfully
C:\Windows\Temp\mat-debug-4224.log => moved successfully
C:\Windows\Temp\mat-debug-4260.log => moved successfully
C:\Windows\Temp\mat-debug-4412.log => moved successfully
C:\Windows\Temp\mat-debug-4664.log => moved successfully
C:\Windows\Temp\mat-debug-5024.log => moved successfully
C:\Windows\Temp\mat-debug-5056.log => moved successfully
C:\Windows\Temp\mat-debug-5132.log => moved successfully
C:\Windows\Temp\mat-debug-5176.log => moved successfully
C:\Windows\Temp\mat-debug-5192.log => moved successfully
C:\Windows\Temp\mat-debug-524.log => moved successfully
C:\Windows\Temp\mat-debug-5396.log => moved successfully
C:\Windows\Temp\mat-debug-5660.log => moved successfully
C:\Windows\Temp\mat-debug-5716.log => moved successfully
C:\Windows\Temp\mat-debug-5824.log => moved successfully
C:\Windows\Temp\mat-debug-6024.log => moved successfully
C:\Windows\Temp\mat-debug-6320.log => moved successfully
C:\Windows\Temp\mat-debug-6444.log => moved successfully
C:\Windows\Temp\mat-debug-6536.log => moved successfully
C:\Windows\Temp\mat-debug-6572.log => moved successfully
C:\Windows\Temp\mat-debug-6640.log => moved successfully
C:\Windows\Temp\mat-debug-676.log => moved successfully
C:\Windows\Temp\mat-debug-6784.log => moved successfully
C:\Windows\Temp\mat-debug-6824.log => moved successfully
C:\Windows\Temp\mat-debug-7244.log => moved successfully
C:\Windows\Temp\mat-debug-7268.log => moved successfully
C:\Windows\Temp\mat-debug-7588.log => moved successfully
C:\Windows\Temp\mat-debug-7860.log => moved successfully
C:\Windows\Temp\mat-debug-7888.log => moved successfully
C:\Windows\Temp\mat-debug-8000.log => moved successfully
C:\Windows\Temp\mat-debug-8120.log => moved successfully
C:\Windows\Temp\mat-debug-8300.log => moved successfully
C:\Windows\Temp\mat-debug-8452.log => moved successfully
C:\Windows\Temp\mat-debug-8576.log => moved successfully
C:\Windows\Temp\mat-debug-8604.log => moved successfully
C:\Windows\Temp\mat-debug-8616.log => moved successfully
C:\Windows\Temp\mat-debug-8696.log => moved successfully
C:\Windows\Temp\mat-debug-8704.log => moved successfully
C:\Windows\Temp\mat-debug-8788.log => moved successfully
C:\Windows\Temp\mat-debug-8876.log => moved successfully
C:\Windows\Temp\mat-debug-888.log => moved successfully
C:\Windows\Temp\mat-debug-8928.log => moved successfully
C:\Windows\Temp\mat-debug-8964.log => moved successfully
C:\Windows\Temp\mat-debug-9172.log => moved successfully
C:\Windows\Temp\mat-debug-924.log => moved successfully
C:\Windows\Temp\mat-debug-9384.log => moved successfully
Could not move "C:\Windows\Temp\mat-debug-9460.log" => Scheduled to move on reboot.
C:\Windows\Temp\mat-debug-9524.log => moved successfully
C:\Windows\Temp\mat-debug-9688.log => moved successfully
C:\Windows\Temp\mat-debug-9856.log => moved successfully
C:\Windows\Temp\mat-debug-9960.log => moved successfully
C:\Windows\Temp\mat-debug-9992.log => moved successfully
C:\Windows\Temp\MpCmdRun.log => moved successfully
C:\Windows\Temp\MpSigStub.log => moved successfully
C:\Windows\Temp\MSIede5d.LOG => moved successfully
C:\Windows\Temp\nsd6E7C.tmp => moved successfully
C:\Windows\Temp\officeclicktorun.exe_streamserver(2019020415350725D4).log => moved successfully
C:\Windows\Temp\officeclicktorun.exe_streamserver(20190314083824834).log => moved successfully
C:\Windows\Temp\officeclicktorun.exe_streamserver(2019042413560886C).log => moved successfully
C:\Windows\Temp\officeclicktorun.exe_streamserver(20190426070209638).log => moved successfully
C:\Windows\Temp\officeclicktorun.exe_streamserver(20190427184030714).log => moved successfully
C:\Windows\Temp\officeclicktorun.exe_streamserver(20190704100241608).log => moved successfully
Could not move "C:\Windows\Temp\officeclicktorun.exe_streamserver(2019070620083624F4).log" => Scheduled to move on reboot.
C:\Windows\Temp\RGI2658.tmp => moved successfully
C:\Windows\Temp\RGI2658.tmp-tmp => moved successfully
C:\Windows\Temp\RGI4325.tmp => moved successfully
C:\Windows\Temp\RGI4325.tmp-tmp => moved successfully
C:\Windows\Temp\RGI71E0.tmp => moved successfully
C:\Windows\Temp\RGI71E0.tmp-tmp => moved successfully
C:\Windows\Temp\TFR9150.tmp => moved successfully
C:\Windows\Temp\TFRB25E.tmp => moved successfully
C:\Windows\Temp\TFRD57B.tmp => moved successfully
C:\Windows\Temp\TS_2F2A.tmp => moved successfully
C:\Windows\Temp\TS_67B8.tmp => moved successfully
C:\Windows\Temp\~DF6614BC970DB4565B.TMP => moved successfully
C:\Windows\Temp\~DFA3057313125FA414.TMP => moved successfully
 
========= End -> "C:\Windows\Temp\*.*" ========
 
 
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 06-07-2019 20:14:08)
 
C:\Windows\Temp\DAVID-VAIO-20190706-2008.log => Is moved successfully
C:\Windows\Temp\FXSAPIDebugLogFile.txt => Could not move
C:\Windows\Temp\FXSTIFFDebugLogFile.txt => Could not move
C:\Windows\Temp\mat-debug-9460.log => Is moved successfully
C:\Windows\Temp\officeclicktorun.exe_streamserver(2019070620083624F4).log => Is moved successfully
 
==== End of Fixlog 20:14:08 ====


#6 dpculbertson

dpculbertson

    New Member

  • Authentic Member
  • Pip
  • 16 posts

Posted 06 July 2019 - 06:39 PM

Hi Juliet,

 

Below is the AdwCleaner log.

 

David

 

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build:    04-04-2019
# Database: 2019-06-28.1 (Cloud)
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    07-06-2019
# Duration: 00:00:02
# OS:       Windows 7 Professional
# Cleaned:  6
# Failed:   0
 
 
***** [ Services ] *****
 
No malicious services cleaned.
 
***** [ Folders ] *****
 
No malicious folders cleaned.
 
***** [ Files ] *****
 
Deleted       C:\Windows\SysWOW64\rnd_chunk.bin
 
***** [ DLL ] *****
 
No malicious DLLs cleaned.
 
***** [ WMI ] *****
 
No malicious WMI cleaned.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts cleaned.
 
***** [ Tasks ] *****
 
No malicious tasks cleaned.
 
***** [ Registry ] *****
 
Deleted       HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|DriverSupport.exe
Deleted       HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_GPU_RENDERING|DriverSupport.exe
 
***** [ Chromium (and derivatives) ] *****
 
Deleted       gjkpcnacdgdlpfejlgflolpaigoicibh
 
***** [ Chromium URLs ] *****
 
Deleted       Conduit
 
***** [ Firefox (and derivatives) ] *****
 
Deleted       Honey
 
***** [ Firefox URLs ] *****
 
No malicious Firefox URLs cleaned.
 
 
*************************
 
[+] Delete Tracing Keys
[+] Reset Winsock
 
*************************
 
AdwCleaner[S00].txt - [1569 octets] - [06/07/2019 20:28:28]
 
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########


#7 Juliet

Juliet

    SuperHelper

  • Retired Classroom Teacher
  • 7,317 posts
  • Interests:Boo!....
  • MVP

Posted 07 July 2019 - 04:31 AM

Were you able to run RogueKiller?
Sometimes the angels fly close enough to you that you can hear the flutter of their wings...


MS - MVP Consumer Security 2009 - 2016, WI-MVP 2016-17
Antivirus Scanners Online Scanners Firewalls Slow Computer??

#8 dpculbertson

dpculbertson

    New Member

  • Authentic Member
  • Pip
  • 16 posts

Posted 07 July 2019 - 06:01 AM

Hi Juliet,

 

Roguekiller took a long time to run, but here is the report:

 

RogueKiller Anti-Malware V13.3.1.0 (x64) [Jul  1 2019] (Free) by Adlice Software
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits
Started in : Normal mode
User : David [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Signatures : 20190706_064132, Driver : Loaded
Mode : Standard Scan, Delete -- Date : 2019/07/07 07:55:54 (Duration : 02:43:16)
 
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Delete ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[PUP.Iolo (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\iolo --  -> Deleted
[PUP.Iolo (Potentially Malicious)] HKEY_USERS\S-1-5-21-1133073292-3603896812-4173062283-1001\Software\iolo --  -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{376115B7-5659-4D5A-B613-E0AA5D8BF870}C:\users\david\appdata\local\vidyo\vidyo desktop\vidyodesktop.exe -- [%localappdata%\Vidyo\vidyo desktop\vidyodesktop.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{CCFF0963-191C-4E99-AA87-520D08064A5E}C:\users\david\appdata\local\vidyo\vidyo desktop\vidyodesktop.exe -- [%localappdata%\Vidyo\vidyo desktop\vidyodesktop.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{6BD53691-7394-443A-94E0-21FB179FC189}C:\users\david\appdata\local\vidyo\vidyo desktop\vidyodesktop.exe -- [%localappdata%\Vidyo\vidyo desktop\vidyodesktop.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{1C633629-B921-4DA6-B43A-D8FE5DBE8DB3}C:\users\david\appdata\local\vidyo\vidyo desktop\vidyodesktop.exe -- [%localappdata%\Vidyo\vidyo desktop\vidyodesktop.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{CCFF0963-191C-4E99-AA87-520D08064A5E}C:\users\david\appdata\local\vidyo\vidyo desktop\vidyodesktop.exe -- [%localappdata%\Vidyo\vidyo desktop\vidyodesktop.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{6BD53691-7394-443A-94E0-21FB179FC189}C:\users\david\appdata\local\vidyo\vidyo desktop\vidyodesktop.exe -- [%localappdata%\Vidyo\vidyo desktop\vidyodesktop.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{376115B7-5659-4D5A-B613-E0AA5D8BF870}C:\users\david\appdata\local\vidyo\vidyo desktop\vidyodesktop.exe -- [%localappdata%\Vidyo\vidyo desktop\vidyodesktop.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{1C633629-B921-4DA6-B43A-D8FE5DBE8DB3}C:\users\david\appdata\local\vidyo\vidyo desktop\vidyodesktop.exe -- [%localappdata%\Vidyo\vidyo desktop\vidyodesktop.exe] -> Deleted
[PUP.Iolo (Potentially Malicious)] iolo -- %_David_appdata%\iolo -> Deleted
[PUP.Iolo (Potentially Malicious)] iolo -- %programdata%\iolo -> Deleted
[PUP.Gen2 (Potentially Malicious)] Honey -- jid1-93CWPmRbVPjRQA@jetpack -> Deleted
[PUP.Gen0 (Potentially Malicious)] Honey -- bmnlcjabgnpnenekpadlanbbkooimhnj -> Deleted
 
Is there anything else I need to do?
 
Thank you,
David


#9 Juliet

Juliet

    SuperHelper

  • Retired Classroom Teacher
  • 7,317 posts
  • Interests:Boo!....
  • MVP

Posted 07 July 2019 - 07:05 AM

Looks like everything we run we find more, and I hope by this time your seeing improvements.

Just 2 more scans I use as a standard that should prove to be the end.

you're already running Malwarebytes 3, open Malwarebytes and check for updates. It might have already updated and if so just continue.

Then click on the Scan tab and select Threat Scan and click on Start Scan button.

If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
Upon completion of the scan (or after the reboot), click the Reports tab.
Double-click the Scan Log.
At the bottom click Export and choose Text file.

Save the file to your desktop and include its content in your next reply.

You can access the logs by going in the "Reports" tab, clicking on the latest "Scan" entry (the one with detections), then clicking on the "Export" button in the bottom-left corner and select "Copy to clipboard". After that, all you have to do is paste it here
Once the scan is completed click on the Export Summary button and save the file as a Text file to your desktop or other location you can find, and attach that log on your next reply.

~~~~~~~~~~~~~~~~~~~~~~~~

G0tu5D9.pngEmsisoft Emergency Kit - Fix Mode
Follow the instructions below to run a scan using the Emsisoft Emergency Kit.
  • Download the Emsisoft Emergency Kit and execute it. From there, click on the Install button to extract the program in the EEK folder;
  • Once the extraction is complete, the EEK folder will open. Right-click on G0tu5D9.pngstart emergency kit scanner.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • EEK will suggest that you run an online update before using the program. Click on Yes to launch it.
  • After the update, click on Malware Scan under 2. Scan and accept to let EEK detect PUPs (click on Yes).
  • Once the scan is complete, make sure that every item in the list is checked, and click on the Quarantine selected button;
  • If it asks you for a reboot to delete some items, click on Ok to reboot automatically;
  • After the restart, open EEK again (in the C:\EEK folder);
  • This time, click on Logs;
  • From there, go under the Quarantine Log tab, and click on the Export button;
  • Save the log on your desktop, then open it, and copy/paste its content in your next reply;
Please post these 2 logs when finished.

Also, tell me how the computer is now.
Sometimes the angels fly close enough to you that you can hear the flutter of their wings...


MS - MVP Consumer Security 2009 - 2016, WI-MVP 2016-17
Antivirus Scanners Online Scanners Firewalls Slow Computer??

#10 dpculbertson

dpculbertson

    New Member

  • Authentic Member
  • Pip
  • 16 posts

Posted 07 July 2019 - 07:52 AM

Hi Juliet,

 

I haven't yet been using the computer for other activities while I follow your instructions, so I don't have any updates on how it is running.  I will do that after I finish the next operation.  Below is the Malwarebytes text file.

 

Thanks,

David

 

Malwarebytes
www.malwarebytes.com
 
-Log Details-
Scan Date: 7/7/19
Scan Time: 9:12 AM
Log File: d0f1ced4-a0b8-11e9-9cb3-506313be15bf.json
 
-Software Information-
Version: 3.8.3.2965
Components Version: 1.0.613
Update Package Version: 1.0.11440
License: Trial
 
-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: David-VAIO\David
 
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 330537
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 18 min, 4 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
 
-Scan Details-
Process: 0
(No malicious items detected)
 
Module: 0
(No malicious items detected)
 
Registry Key: 0
(No malicious items detected)
 
Registry Value: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Data Stream: 0
(No malicious items detected)
 
Folder: 0
(No malicious items detected)
 
File: 0
(No malicious items detected)
 
Physical Sector: 0
(No malicious items detected)
 
WMI: 0
(No malicious items detected)
 
 
(end)

    Advertisements

Register to Remove


#11 dpculbertson

dpculbertson

    New Member

  • Authentic Member
  • Pip
  • 16 posts

Posted 07 July 2019 - 08:48 AM

Hi Juliet,

 

Emisoft found nothing to quarantine.  Below is the results file.

 

I will let you know how the computer is running.

 

Also, I have another computer that is running slow.  Can I forward the Farbar files to you?

 

Thank you,

David

 

Emsisoft Emergency Kit - Version 2019.6
Last update: 7/7/2019 10:01:37 AM
User account: David-VAIO\David
Computer name: DAVID-VAIO
OS version: Windows 7x64 Service Pack 1
 
Scan settings:
 
Scan type: Malware Scan
Objects: Rootkits, Memory, Traces, Files
 
Detect PUPs: On
Scan archives: Off
Scan mail archives: Off
ADS Scan: On
File extension filter: Off
Direct disk access: Off
 
Scan start: 7/7/2019 10:02:28 AM
 
Scanned 88901
Found 0
 
Scan end: 7/7/2019 10:16:13 AM
Scan time: 0:13:45


#12 dpculbertson

dpculbertson

    New Member

  • Authentic Member
  • Pip
  • 16 posts

Posted 07 July 2019 - 10:09 AM

Hi Juliet,

 

This laptop is running much faster now and also not always at 100% CPU.

 

Thank you for all your help.

 

Regards,

David



#13 dpculbertson

dpculbertson

    New Member

  • Authentic Member
  • Pip
  • 16 posts

Posted 07 July 2019 - 10:13 AM

Hi Juliet,

 

Here are the FRST and Additional files from my other computer.

 

David

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 3-07-2019
Ran by David (administrator) on DPCVAIOT (Sony Corporation SVT15115CXS) (07-07-2019 08:15:28)
Running from C:\Users\David\Desktop
Loaded Profiles: David (Available Profiles: David)
Platform: Windows 10 Home Version 1803 17134.829 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1905.28.0_x64__8wekyb3d8bbwe\Calculator.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Avaya Inc. -> Avaya, Inc.) C:\Users\David\AppData\Local\Radvision\Conference Client\8.3.400.72\CUCore.exe
(Cisco Systems, Inc. -> Cisco) C:\Program Files (x86)\Cisco\JabberVideo\JabberVideo.exe
(CONDUSIV TECHNOLOGIES -> Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(Dashlane USA, Inc. -> Dashlane, Inc.) C:\Users\David\AppData\Roaming\Dashlane\Dashlane.exe
(Dashlane USA, Inc. -> Dashlane, Inc.) C:\Users\David\AppData\Roaming\Dashlane\DashlanePlugin.exe
(Ditto -> ) [File not signed] C:\Program Files\Ditto\Ditto.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\75.4.141\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\75.4.141\QtWebEngineProcess.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> ) C:\Program Files\Google\Drive File Stream\32.0.9.0\crashpad_handler.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\74.0.3729.56\remoting_host.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\74.0.3729.56\remoting_host.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\32.0.11.0\GoogleDriveFS.exe
(Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\32.0.11.0\GoogleDriveFS.exe
(Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\32.0.11.0\GoogleDriveFS.exe
(Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\32.0.9.0\GoogleDriveFS.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Intel® Upgrade Service -> Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intuit, Inc. -> Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Logitech Inc -> Logitech) C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe
(Logitech, Inc. -> ) C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Logitech, Inc. -> Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Users\David\AppData\Local\Microsoft\OffCAT\OffCAT_RTS.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\David\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\David\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\NisSrv.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Novatel Wireless Inc.) [File not signed] C:\Program Files (x86)\Novatel Wireless\LTE Support\VZWMSConfig.exe
(Novatel Wireless Inc.) [File not signed] C:\Program Files (x86)\Novatel Wireless\MiFi4510\Drivers\NWHelper.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Pro Softnet Corporation -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_bglaunch.exe
(Pro Softnet Corporation -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_service.exe
(Pro Softnet Corporation -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_tray.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Seagate Technology LLC -> Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
(Seagate Technology LLC -> Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\Store App Support Utility\StoreAppSupportUtility.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(StagWare) [File not signed] C:\Program Files (x86)\NoteBook FanControl\NbfcService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(TomTom International BV -> TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-09-20] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3928264 2015-05-27] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-05-07] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation -> Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2362392 2013-11-21] (Sony Corporation -> Sony Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 7.0] => C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [483328 2004-12-14] (Adobe Systems Inc.) [File not signed]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1562304 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech, Inc. -> Logitech Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.) [File not signed]
HKLM-x32\...\Run: [IDrive Background process] => C:\Program Files (x86)\IDriveWindows\id_bglaunch.exe [72736 2016-01-18] (Pro Softnet Corporation -> Prosoftnet)
HKLM-x32\...\Run: [IDrive Tray] => C:\Program Files (x86)\IDriveWindows\id_tray.exe [1985056 2016-01-18] (Pro Softnet Corporation -> Prosoftnet)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [5580608 2019-06-24] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25638872 2018-04-23] (Google Inc -> Google)
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-05-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [Ditto] => C:\Program Files\Ditto\Ditto.exe [1717872 2012-11-08] (Ditto -> ) [File not signed]
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [142568 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [HP Officejet Pro 8620 (NET)] => C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [Cisco JabberVideo] => C:\Program Files (x86)\Cisco\JabberVideo\JabberVideo.exe [1938848 2015-08-10] (Cisco Systems, Inc. -> Cisco)
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [Google Update] => C:\Users\David\AppData\Local\Google\Update\1.3.34.11\GoogleUpdateCore.exe [410920 2019-05-15] (Google Inc -> Google LLC)
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [eFax 4.4] => C:\Program Files (x86)\eFax Messenger 4.4\J2GDllCmd.exe [95232 2015-05-11] (j2 Global, Inc.) [File not signed]
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2019-05-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [Spotify Web Helper] => C:\Users\David\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524336 2016-02-25] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [Spotify] => C:\Users\David\AppData\Roaming\Spotify\Spotify.exe [6743664 2016-02-25] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [CUCore Agent] => C:\Users\David\AppData\Local\Radvision\Conference Client\8.3.400.72\ConfAgent.exe [405624 2016-04-29] (Avaya Inc. -> Avaya, Inc.)
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [Zoom] => [X]
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [Dashlane] => C:\Users\David\AppData\Roaming\Dashlane\Dashlane.exe [390736 2019-06-10] (Dashlane USA, Inc. -> Dashlane, Inc.)
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [DashlanePlugin] => C:\Users\David\AppData\Roaming\Dashlane\DashlanePlugin.exe [413264 2019-06-10] (Dashlane USA, Inc. -> Dashlane, Inc.)
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [254840 2017-03-17] (TomTom International BV -> TomTom)
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [Vidyo Desktop] => C:\Program Files (x86)\Vidyo\Vidyo Desktop\VidyoDesktop.exe [14306832 2016-03-01] (Vidyo Inc. -> Vidyo)
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\David\AppData\Local\slack\Update.exe [1569296 2019-06-14] (Slack Technologies, Inc. -> )
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [OffCAT] => C:\Users\David\AppData\Local\Microsoft\OffCAT\OffCAT_RTS.exe [365440 2016-08-01] (Microsoft Corporation -> Microsoft Corp.)
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\32.0.11.0\GoogleDriveFS.exe [38275880 2019-06-27] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [8x8 Virtual Office] => C:\Program Files (x86)\8x8 Virtual Office\8x8 - Virtual Office\8x8 - Virtual Office.exe [146432 2018-05-04] (8x8, Inc.) [File not signed]
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19589208 2018-12-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2019-05-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2019-05-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\RunOnce: [Application Restart #3] => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [503424 2014-11-17] (Sony Corporation -> Sony Corporation)
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\David\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\David\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKLM\...\Drivers32: [vidc.i420] => C:\WINDOWS\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\LameACM.acm [756224 2012-02-28] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-21] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-11-28] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-11-28] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Cisco Jabber Video for TelePresence.lnk [2015-12-11]
ShortcutTarget: Cisco Jabber Video for TelePresence.lnk -> C:\Windows\Installer\{5BF4E2A0-9C59-42AA-97E2-D45127CB9117}\ProgramsMenuShortc_4006CC1BCEA547598252A09E7D12FA42.exe (Cisco Systems, Inc. -> Flexera Software, Inc.)
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\eFax 4.4.lnk [2015-11-02]
ShortcutTarget: eFax 4.4.lnk -> C:\Program Files (x86)\eFax Messenger 4.4\J2GTray.exe (j2 Global, Inc.) [File not signed]
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2015-06-27]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corporation -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk [2019-03-19]
ShortcutTarget: Logitech . Product Registration.lnk -> C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Logitech -> Leader Technologies/Logitech)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {027D5B1B-75CA-454E-8DEA-EE0D1008F814} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {039B0B14-53E9-4D4E-B7C3-1026A9EECCA1} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804704 2017-05-15] (Sony Corporation -> Sony Corporation)
Task: {065232B5-3BA6-49AA-BE2A-2255105E1190} - System32\Tasks\HP AR Program Upload - ff5be722cce942b6ab77702d958c2ce490ddb601792b47a4a337f326dc2b2696 => C:\Program Files\HP\HP Officejet Pro 8620\bin\HPRewards.exe [3495944 2014-07-21] (Hewlett Packard -> TODO: <Company name>)
Task: {089F3A5B-EEF1-40E2-8B97-28CB3605DCA5} - System32\Tasks\HP AR Program Upload - 55138fad193640cfa9efbe27955557385fec4d1a0eda4222b140b8b501a6c136 => C:\Program Files\HP\HP Officejet Pro 8620\bin\HPRewards.exe [3495944 2014-07-21] (Hewlett Packard -> TODO: <Company name>)
Task: {094CD275-5C71-4753-B57E-5566CA859498} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {0F6DBBD1-1FA5-490B-A482-1F43FCC689E6} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {0F9AC311-4326-452C-8A47-9BE1BCF0006D} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [735400 2012-10-23] (Sony Corporation -> Sony Corporation)
Task: {11548D7B-60F8-4F20-A8FB-0E5DE42C8897} - System32\Tasks\VAIO Health Report => C:\Program Files (x86)\Sony\VAIO Health Report\VAIOHealthReport.exe [2920296 2013-06-20] (Sony Corporation of America -> Sony Electronics)
Task: {11A0BB0B-B998-40FF-B50C-62755E0CC227} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804704 2017-05-15] (Sony Corporation -> Sony Corporation)
Task: {14CA38FE-9616-41DA-AB9C-3E7FDE58F3AB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136056 2019-01-02] (HP Inc. -> HP Inc.)
Task: {15EC6371-30D7-4569-85B9-2C89D9A4AFFE} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [45400 2017-05-15] (Sony Corporation -> Sony Corporation)
Task: {1E77EFDC-56A9-4930-B97B-309ED94040AA} - System32\Tasks\David => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [1812160 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)
Task: {1EE1C2F3-F0FF-4EAC-97BA-6839244163F7} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [338544 2012-07-24] (CyberLink -> CyberLink Corp.)
Task: {223C40A0-2223-456C-9EB6-86E3B2C2D0CF} - System32\Tasks\Norton 360\Norton Autofix => C:\Program Files (x86)\Norton Security Suite\Engine\22.6.0.142\SymErr.exe
Task: {258D86E3-0B78-4A5B-BD1B-23132C9A73B8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {2628117B-5B4E-458F-9F7E-4E0D828BE3D3} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {29274F90-0E6D-41B1-9754-104AF346F7D0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [237432 2019-04-29] (HP Inc. -> HP Inc.)
Task: {2AE8687C-F8F3-4D18-9238-273987929E11} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804704 2017-05-15] (Sony Corporation -> Sony Corporation)
Task: {2D0D8313-700A-438E-842B-9C7FBB97669F} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [978016 2013-02-21] (Sony Corporation -> Sony Corporation)
Task: {2E35066F-432A-4550-B795-51E00D8EDFBF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {303B178D-B46A-4A4D-A952-C898348E2B00} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {33D4D126-5686-4C21-87AA-2B42E2297DC0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {357B2A6E-C305-4CC8-816B-31DA4B81DF5A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3199809883-61864900-496248842-1001Core1d257e35ef07b1c => C:\Users\David\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {3A2764E5-904D-41A9-AC31-CE10E1831358} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3199809883-61864900-496248842-1001UA => C:\Users\David\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {3C0B14EE-4C92-4E1F-BEF3-D99692DEB823} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {3CE76ACC-61D4-466F-8909-30F8A6FB75EA} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_pepper.exe [1452600 2019-06-11] (Adobe Inc. -> Adobe)
Task: {3F95F05C-DD1D-40D4-922E-4B450A05E7FF} - System32\Tasks\0 => c:\program files\internet explorer\iexplore.exe  <==== ATTENTION
Task: {40EFF008-0C31-4AEB-86BE-0311F62FE547} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {41744001-656B-4E68-8832-D33BA636288D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {4522FFA1-DE84-4F90-AEF5-E20B2CAB6DDE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {457CA86F-D651-4CD4-ADCF-37C99567F3CF} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {4A5C0AA4-14B1-4CAE-B083-83E81470BAF4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4B775C8B-349C-459B-96F7-DC62BD80B78B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14636224 2018-12-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4F39BF6C-8C17-47E5-A5BD-50A2191D6443} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe [1688152 2013-09-28] (Sony Corporation -> Sony Corporation)
Task: {4F3A8903-6D3F-458D-9A30-6249D57ECF65} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [1005144 2016-03-04] (Sony Corporation -> Sony Corporation)
Task: {5297FED8-6312-483E-AB15-6B0C35D12A2B} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs"
Task: {5526799D-B59B-43A2-AA3F-AC5FA8A02E77} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {560BCCE1-EB4E-4C53-B1C9-34FF396C2A99} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [135349160 2019-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {566D396C-F5FA-4449-8626-AD527D7ACB2C} - \GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3199809883-61864900-496248842-1001 -> No File <==== ATTENTION
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [33280 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
Task: {5E62E198-CDA8-454A-AA69-3A75E64F9CA8} - System32\Tasks\David Merge => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [1812160 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)
Task: {5E8E701D-9B71-4799-A9A1-FB15F6524ABA} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [18272 2017-05-15] (Sony Corporation -> Sony Corporation)
Task: {6382090F-B455-4ABE-AB38-34B9790B16CC} - \Safer-Networking\Spybot - Search and Destroy\Refresh immunization -> No File <==== ATTENTION
Task: {63A17FCD-7D1A-471C-9052-B8909DEA8494} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {69488D22-5D11-4186-A20D-84059F488A84} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6ACC8B28-05C5-4B1C-97BF-3662C5FC5134} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804704 2017-05-15] (Sony Corporation -> Sony Corporation)
Task: {6CD3B177-2433-4602-AA12-F86EF9A035EF} - System32\Tasks\HPCustParticipation HP Officejet Pro 8620 => C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPCustPartic.exe [5745672 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {6F343C24-FB91-423A-95C4-809FF0645920} - \Safer-Networking\Spybot - Search and Destroy\Check for updates -> No File <==== ATTENTION
Task: {6F65A252-EF54-47A1-B5D4-AD4C2F6E609B} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\22.6.0.142\SymErr.exe
Task: {72B6271B-893E-423B-B72F-EC5AEF5287BB} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1741576 2016-03-17] (Intel® Software -> Intel Corporation)
Task: {72C2F7B5-3F22-4BB1-B3CC-0F924CFD9D02} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {77C36013-C62B-453F-AFD9-BF653FE1E528} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804704 2017-05-15] (Sony Corporation -> Sony Corporation)
Task: {783F2979-3C0A-4D61-81CD-2429A933E459} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [538280 2012-09-06] (Sony Corporation -> Sony Corporation)
Task: {7B6E62B1-B4A2-4039-8842-CC970ECECDF9} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-19] (HP Inc. -> )
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {87306712-750E-4084-BB2B-526430E778BA} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804704 2017-05-15] (Sony Corporation -> Sony Corporation)
Task: {877BB4B5-2CEC-4E18-BD77-283188033BE9} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804704 2017-05-15] (Sony Corporation -> Sony Corporation)
Task: {8B6759EE-1C08-4B8F-955C-774AB5A6544E} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {8D0B6A9D-0C0E-4278-8273-3D19A1DB3246} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {90E7DA1D-2AED-4132-B3B6-98EA6FD1A8B4} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-08] (Dropbox, Inc -> Dropbox, Inc.)
Task: {97B72A37-FD67-4554-8C35-5DA36EA39421} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN51QEK0D0 => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1073528 2019-04-02] (HP Inc. -> HP Inc.)
Task: {9D085884-1E28-4C59-83AC-07673614A63D} - \WPD\SqmUpload_S-1-5-21-3199809883-61864900-496248842-1001 -> No File <==== ATTENTION
Task: {9EE980C4-7F01-4B3F-B10E-1867D8E24361} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [495248 2013-11-07] (Sony Corporation -> Sony Corporation)
Task: {A1BD051C-043E-4EE6-AF07-5BDDEDECA0FC} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_Plugin.exe [1457208 2019-06-11] (Adobe Inc. -> Adobe)
Task: {A40D2CD6-69A0-4F8B-A5A5-E1925E4D4D4B} - System32\Tasks\Sony Corporation\VAIO Care\VTSvc => C:\Program Files\Sony\VAIO Care\VAIOTM\VTSvc.exe
Task: {A5806EA4-D11A-4F52-83BA-3EBCBB77F482} - System32\Tasks\David1 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [1812160 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)
Task: {A83CBB33-ACE5-432A-B0C9-608D4859614B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3199809883-61864900-496248842-1001Core => C:\Users\David\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {AB3DBC1C-141E-42D1-B1A5-D3E77F481CE0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {ACEB84F7-BD80-40CE-A503-0FFB99FE5E2F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {AD07EB69-07EB-4AEB-B1F8-8EB94015335D} - System32\Tasks\HPCeeScheduleForDavid => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [97848 2016-01-22] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {AD606FD3-BE04-43FC-A8AF-36A6A896A5D5} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {AFCDC37F-83DB-4F68-9F20-6E92AD8D48A2} - System32\Tasks\Clean System Memory => C:\Windows\syswow64\CleanMem.exe [61440 2012-04-01] (PcWinTech.com) [File not signed]
Task: {B000E381-FA3C-4635-8B70-F2BFF26EB55E} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle America, Inc. -> Oracle Corporation)
Task: {B0EAEE2D-F249-4D3B-B27F-AF76905390E9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {B1CF9A68-3AEF-45EF-962E-3F8E0B177796} - System32\Tasks\Sony Corporation\VAIO Care\UpdateConfig => C:\ProgramData\Sony Corporation\VCM Data\UpdateConfig.exe [19488 2015-03-03] (Sony Corporation -> Sony Corporation)
Task: {B4853B5D-FD9D-4D43-B1A7-9BE2CE04006B} - System32\Tasks\Sony Corporation\VAIO Care\VKSvcWeekly => C:\Program Files\Sony\VAIO Care\VAIOTM\VKSvc.exe [23128 2017-04-19] (Sony Corporation -> Sony Corporation)
Task: {B5321100-B659-4174-AF66-0242E13263E1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B7FF1422-A70C-401D-A1F5-16C47F536EAD} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {B8814942-F891-4656-886D-239842879352} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [67896 2019-05-08] (Apple Inc. -> Apple Inc.)
Task: {BAB85500-CB5F-4D2E-A2DA-F95B62D1C8C3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-06-11] (Adobe Inc. -> Adobe)
Task: {BBBEF481-5E23-458D-994E-06EFF0577957} - System32\Tasks\David DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1562304 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)
Task: {BDE2D558-B5A8-4E3C-B3F0-2C8B428F12D4} - System32\Tasks\Sony Corporation\VAIO Care\VTUsr => C:\Program Files\Sony\VAIO Care\VAIOTM\VTUsr.exe
Task: {C2E47FB1-6061-4051-A3EF-5DBF44D4EB68} - System32\Tasks\Sony Corporation\Store App Support Utility\Store App Support Utility Logon Start => C:\Program Files\Sony\Store App Support Utility\StoreAppSupportUtility.exe [219736 2014-02-25] (Sony Corporation -> Sony Corporation)
Task: {C369F876-1C75-4BA0-B8B6-FC55A0CFCFD6} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804704 2017-05-15] (Sony Corporation -> Sony Corporation)
Task: {C40924E1-23B7-4CFA-B373-4D4F94514E28} - System32\Tasks\David1 Merge => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [1812160 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)
Task: {C781562C-6EE6-41D7-9966-7878A1104A4F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3199809883-61864900-496248842-1001UA1d257e35f357f1f => C:\Users\David\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {C9793F35-4ABB-4390-8288-DD67322A7489} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C9DCF59E-6B97-4C0C-8641-B8261089C8CA} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {CBC449B9-0ADF-431C-9B10-7EF60C5E47C9} - System32\Tasks\HP AR Program Upload - 353a101a1c83446ca8ac6bfb209398f9acfbfb15d48e407eb858c9711756eb7b => C:\Program Files\HP\HP Officejet Pro 8620\bin\HPRewards.exe [3495944 2014-07-21] (Hewlett Packard -> TODO: <Company name>)
Task: {CC9397AF-2402-4B4F-9FF3-C74E1FC2D516} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {CD95D71D-49D3-48FF-88F7-14166C863CBF} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\22.6.0.142\SymErr.exe
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {CEE2EE2E-418E-4B67-B70D-AE3F58015026} - System32\Tasks\Sony Corporation\VAIO Care\VKSvcDaily => C:\Program Files\Sony\VAIO Care\VAIOTM\VKSvc.exe [23128 2017-04-19] (Sony Corporation -> Sony Corporation)
Task: {D1DFFB10-9552-41FF-9078-56BB0816BBD2} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3928264 2015-05-27] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {D22A3B5D-93D0-4BE6-9EA3-95717F3EF797} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-08] (Dropbox, Inc -> Dropbox, Inc.)
Task: {D39A942F-0E2F-444B-B569-5ADC3760836D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [654712 2019-06-05] (HP Inc. -> HP Inc.)
Task: {D53CB833-975F-4D7E-8D49-951B40CA1144} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {D66F681A-CAA4-4088-87A1-CAED54464388} - System32\Tasks\Sony Corporation\VAIO Care\UpdateContacts => C:\ProgramData\Sony Corporation\VAIO Care\UpdateContacts.exe
Task: {DB21EF32-6BA9-4118-BBC1-BC4FF48961E5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {DE53CBA3-0FA2-4023-B5BC-7D202D3ADF83} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {DF07C858-174F-4A01-9AFC-A45EAC3786C1} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [804704 2017-05-15] (Sony Corporation -> Sony Corporation)
Task: {E8823C03-4639-4A5E-A141-B6C2615C84F5} - \Safer-Networking\Spybot - Search and Destroy\Scan the system -> No File <==== ATTENTION
Task: {E8975AF6-E371-4E24-8674-6C52B4EAE5B8} - System32\Tasks\HP Photo Creations Communicator => C:\Users\David\AppData\Roaming\HP Photo Creations\Communicator.exe [186368 2011-06-16] (Visan Industries -> )
Task: {E9CD334E-9AB0-401E-B79D-EB70FBDAF116} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [1952448 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)
Task: {EB9BEDEE-2809-4E90-A553-244A143E13A6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1073528 2019-04-02] (HP Inc. -> HP Inc.)
Task: {F0900528-8615-4F5A-A776-72357797D015} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [1213416 2019-04-12] (Sony Corporation -> Sony Corporation)
Task: {F31E6D9D-5442-4499-9F77-1AFEFE21A599} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [3152360 2019-04-12] (Sony Corporation -> Sony Corporation)
Task: {F7E3E331-052B-4F54-9109-B9157633576E} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [503424 2014-11-17] (Sony Corporation -> Sony Corporation)
Task: {FA4EE449-A473-485A-BE52-A00BB691DB36} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [503424 2014-11-17] (Sony Corporation -> Sony Corporation)
Task: {FE09554C-9A31-404B-9AD5-06047A5AB3EF} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [538280 2012-09-06] (Sony Corporation -> Sony Corporation)
Task: {FFAFE67E-7417-4FDD-BA5A-48DC2A7D94B5} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3199809883-61864900-496248842-1001Core.job => C:\Users\David\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3199809883-61864900-496248842-1001UA.job => C:\Users\David\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HP Photo Creations Communicator.job => C:\Users\David\AppData\Roaming\HP Photo Creations\Communicator.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForDavid.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{6fbef3f6-e4d6-49ce-9f7b-977942c2cc19}: [DhcpNameServer] 50.233.39.194 50.233.39.193 192.168.1.1
Tcpip\..\Interfaces\{9ff057e2-3eca-4bcd-90bc-59b82789396e}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{b35869f5-a8c9-4b9d-9dee-18d4b49cbc77}: [DhcpNameServer] 172.20.10.1
 
Internet Explorer:
==================
HKU\S-1-5-21-3199809883-61864900-496248842-1001\Software\Microsoft\Internet Explorer\Main,Start Page = file:///C:/Users/David/dpc%20(Newlaptop)/davehom16a.htm
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-3199809883-61864900-496248842-1001 -> DefaultScope D944692F681E415B822A203AC76693E4 URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-3199809883-61864900-496248842-1001 -> D944692F681E415B822A203AC76693E4 URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-3199809883-61864900-496248842-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc -> Google Inc.)
BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> No File
BHO-x32: Dashlane BHO -> {42D79B50-CC4A-4A8E-860F-BE674AF053A2} -> C:\Users\David\AppData\Roaming\Dashlane\ie\Dashlanei.dll [2019-06-10] (Dashlane USA, Inc. -> Dashlane, Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-05-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2018-11-01] (Evernote Corporation -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc -> Google Inc.)
BHO-x32: AcroIEToolbarHelper Class -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14] (Adobe Systems Incorporated) [File not signed]
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-05-21] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14] (Adobe Systems Incorporated) [File not signed]
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\David\AppData\Roaming\Dashlane\ie\KWIEBar.dll [2019-06-10] (Dashlane USA, Inc. -> Dashlane, Inc.)
Toolbar: HKU\S-1-5-21-3199809883-61864900-496248842-1001 -> No Name - {B24BA06E-FB7B-4757-95C2-DC01125F750E} -  No File
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.24.0.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://akamaicdn.webex.com/client/WBXclient-T28L10NSP10EP1-16277/webex/ieatgpc1.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} hxxps://remoteoffice.mizuhosecurities.com/dana-cached/sc/JuniperSetupClient.cab
DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} hxxps://secure.logmein.com//activex/ractrl.cab?lmi=1058
 
FireFox:
========
FF DefaultProfile: 92o22qtv.default-1497019795269
FF ProfilePath: C:\Users\David\AppData\Roaming\TomTom\HOME\Profiles\80vptxht.default [2017-07-03]
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\92o22qtv.default-1497019795269 [2019-06-11]
FF Homepage: Mozilla\Firefox\Profiles\92o22qtv.default-1497019795269 -> hxxps://zoom.us/profile|hxxps://vcse1.openexc.com/login|hxxps://vcse2.openexc.com/overview|hxxps://63.251.135.14/conference.html?name=30348%20-%20Chubb%2fCS
FF NewTabOverride: Mozilla\Firefox\Profiles\92o22qtv.default-1497019795269 -> Disabled: newtaboverride@agenedia.com
FF NewTabOverride: Mozilla\Firefox\Profiles\92o22qtv.default-1497019795269 -> Enabled: jetpack-extension@dashlane.com
FF NewTabOverride: Mozilla\Firefox\Profiles\92o22qtv.default-1497019795269 -> Enabled: httpdns@shield.mozilla.org
FF Extension: (ReloadMatic) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\92o22qtv.default-1497019795269\Extensions\0.id@reloadmatic.webex.xpi [2018-05-08]
FF Extension: (Cisco WebEx Extension) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\92o22qtv.default-1497019795269\Extensions\ciscowebexstart1@cisco.com.xpi [2017-11-08]
FF Extension: (Dashlane) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\92o22qtv.default-1497019795269\Extensions\jetpack-extension@dashlane.com.xpi [2019-06-03] [UpdateUrl:hxxps://ws1.dashlane.com/5/binaries/query?logins=&platform=firefox&target=ff_web_extension&format=json&version=]
FF Extension: (Honey) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\92o22qtv.default-1497019795269\Extensions\jid1-93CWPmRbVPjRQA@jetpack.xpi [2019-06-03]
FF Extension: (New Tab Override) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\92o22qtv.default-1497019795269\Extensions\newtaboverride@agenedia.com.xpi [2018-12-31]
FF ProfilePath: C:\Users\David\AppData\Roaming\KompoZer\Profiles\1xwz33vp.default [2014-10-07]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon => not found
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: (FiddlerHook) - C:\Program Files (x86)\Fiddler2\FiddlerHook [2014-01-16] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_207.dll [2019-06-11] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_207.dll [2019-06-11] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-05-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-05-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2013-12-10] (Nero AG -> Nero AG)
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2012-07-12] (Sony Corporation) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3199809883-61864900-496248842-1001: 8x8.com/VMPlugin -> C:\Program Files (x86)\8x8 Virtual Office\8x8 - Virtual Office\VMPlugin\npVMPlugin.dll [No File]
FF Plugin HKU\S-1-5-21-3199809883-61864900-496248842-1001: 8x8.com/VMPlugin64_x86_64 -> C:\Program Files (x86)\8x8 Virtual Office\8x8 - Virtual Office\VMPlugin64\npVMPlugin64.dll [No File]
FF Plugin HKU\S-1-5-21-3199809883-61864900-496248842-1001: @radvision.com/ConfClient -> C:\Users\David\AppData\Local\Radvision\Installer\1.5.5.1\npclientinstmgr.dll [2016-04-29] (Avaya Inc. -> Avaya, Inc.)
FF Plugin HKU\S-1-5-21-3199809883-61864900-496248842-1001: @ringcentral.com/RingCentralMeetingsPlugin -> C:\Users\David\AppData\Roaming\RingCentralMeetings\bin\nprcmsplugin.dll [2018-04-23] (RingCentral, Inc. -> RingCentral Video Communications, Inc. and RingCentral Inc.)
FF Plugin HKU\S-1-5-21-3199809883-61864900-496248842-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\David\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-06-16] (Visan Industries -> RocketLife, LLP)
FF Plugin HKU\S-1-5-21-3199809883-61864900-496248842-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\David\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google Inc -> Google)
FF Plugin HKU\S-1-5-21-3199809883-61864900-496248842-1001: @talk.google.com/O1DPlugin -> C:\Users\David\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google Inc -> Google)
FF Plugin HKU\S-1-5-21-3199809883-61864900-496248842-1001: @tools.google.com/Google Update;version=3 -> C:\Users\David\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-3199809883-61864900-496248842-1001: @tools.google.com/Google Update;version=9 -> C:\Users\David\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-3199809883-61864900-496248842-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\David\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2019-04-22] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF Plugin HKU\S-1-5-21-3199809883-61864900-496248842-1001: bluejeans.com/rbjninstallplugin -> C:\Users\David\AppData\Roaming\Blue Jeans\rbjnplugin\1.6.199.5\nprbjninstallplugin_1.6.199.5.dll [2013-06-15] (Blue Jeans Network -> Blue Jeans)
FF Plugin HKU\S-1-5-21-3199809883-61864900-496248842-1001: bluejeans.com/rbjnplugin -> C:\Users\David\AppData\Roaming\Blue Jeans\rbjnplugin\1.6.199.5\nprbjnplugin_1.6.199.5.dll [2013-06-15] (Blue Jeans Network -> Blue Jeans)
FF Plugin HKU\S-1-5-21-3199809883-61864900-496248842-1001: SkypeForBusinessPlugin-15.8 -> C:\Users\David\AppData\Local\Microsoft\SkypeForBusinessPlugin\15.8.20020.400\npGatewayNpapi.dll [2015-06-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-3199809883-61864900-496248842-1001: SkypeForBusinessPlugin64-15.8 -> C:\Users\David\AppData\Local\Microsoft\SkypeForBusinessPlugin\15.8.20020.400\npGatewayNpapi-x64.dll [2015-06-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-3199809883-61864900-496248842-1001: vidyo.com/VidyoWeb_1.4.0.0006 -> C:\Users\David\AppData\Roaming\VidyoInc\VidyoWeb\1.4.0.0006\npVidyoWeb.dll [2016-02-12] (Vidyo Inc. -> Vidyo, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\David\AppData\Roaming\mozilla\plugins\npatgpc.dll [2017-11-08]
FF Plugin ProgramFiles/Appdata: C:\Users\David\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2017-11-08]
FF Plugin ProgramFiles/Appdata: C:\Users\David\AppData\Roaming\mozilla\plugins\npo1d.dll [2017-11-08]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-05-26] <==== ATTENTION
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> file:///C:/users/Public/Documents/davehom16a.htm
CHR StartupUrls: Default -> "file:///C:/users/Public/Documents/davehom16a.htm"
CHR NewTab: Default ->  Active:"chrome-extension://icpgjfneehieebagbmdbhnlpiopdcmna/main.html"
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default [2019-07-07]
CHR Extension: (Easy Auto Refresh) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2019-07-05]
CHR Extension: (Consumer Reports) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\abmigknmjdpedgfbfjphohjdocmkapak [2019-05-10]
CHR Extension: (Docs) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-19]
CHR Extension: (Google Drive) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Honey) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2019-06-14]
CHR Extension: (HelloFax) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\bocmleclimfnadgmcdgecijlblfcmfnm [2019-03-04]
CHR Extension: (Pushbullet) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2019-06-11]
CHR Extension: (OneNote Online) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciniambnphakdoflgeamacamhfllbkmo [2018-12-06]
CHR Extension: (Google Search) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Adobe Acrobat) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-06-11]
CHR Extension: (Vidyo Screen Share) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadjebjcpiiklefiadeicakcnkhgbaoo [2017-01-08]
CHR Extension: (Dashlane - Password Manager) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2019-07-05]
CHR Extension: (Chrome Remote Desktop) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-05-09]
CHR Extension: (Google Docs Offline) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]
CHR Extension: (Zoom) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmbjbjdpkobdjplfobhljndfdfdipjhg [2019-06-19]
CHR Extension: (New Tab Redirect) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2019-07-06]
CHR Extension: (Acano) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikalnbacgeabafoblilnnihbfgnbjfi [2015-09-11]
CHR Extension: (Cisco Jabber Guest) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbglbakaieakcdiaiabbihafndhapfki [2018-05-01]
CHR Extension: (Cisco Webex Extension) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2019-06-14]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-07]
CHR Extension: (Google Maps) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-09-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-07]
CHR Extension: (FoxClocks) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\obcbigljfpgappaaofailjjoabiikckk [2019-03-30]
CHR Extension: (Hola - Unlimited Proxy VPN) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\opalpjjboefohnelaemnhdhlceibbcgl [2015-11-16]
CHR Extension: (XFINITY® TV Go Stream Live TV Online) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbefpbidnpmpfbkledpohpejdcgfnfif [2016-09-18]
CHR Extension: (Gmail) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-09]
CHR Extension: (Chrome Media Router) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-25]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security Suite\Engine\22.6.0.142\Exts\Chrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3199809883-61864900-496248842-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security Suite\Engine\22.6.0.142\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-04-29] (Apple Inc. -> Apple Inc.)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\74.0.3729.56\remoting_host.exe [73200 2019-04-01] (Google LLC -> Google Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-08] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-08] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-06-24] (Dropbox, Inc -> Dropbox, Inc.)
S3 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] (Intel® Software Development Products -> )
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [107344 2012-11-20] (CONDUSIV TECHNOLOGIES -> Condusiv Technologies)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [356728 2019-06-12] (HP Inc. -> HP Inc.)
R2 IDriveService; C:\Program Files (x86)\IDriveWindows\id_service.exe [154656 2016-01-18] (Pro Softnet Corporation -> Prosoftnet)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [319096 2016-05-12] (Intel Corporation - pGFX -> Intel Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 NbfcService; C:\Program Files (x86)\NoteBook FanControl\NbfcService.exe [7168 2016-12-17] (StagWare) [File not signed]
R2 nebula; C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe [4486896 2018-06-26] (Logitech Inc -> Logitech)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-11-14] (Hewlett-Packard) [File not signed]
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [625240 2013-09-28] (Sony Corporation -> Sony Corporation)
R2 NWHelper; C:\Program Files (x86)\Novatel Wireless\MiFi4510\Drivers\NWHelper.exe [270336 2010-06-03] (Novatel Wireless Inc.) [File not signed]
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481304 2013-11-21] (Sony Corporation -> Sony Corporation)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-11-14] (Hewlett-Packard) [File not signed]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16120 2017-03-27] (Seagate Technology LLC -> Seagate Technology LLC)
R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [143560 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2012-09-19] (Sony Corporation) [File not signed]
S2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [156928 2016-11-17] (Intel® Software Development Products -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11814232 2019-06-05] (TeamViewer GmbH -> TeamViewer GmbH)
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] (Intel® Software Development Products -> )
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1738728 2019-04-12] (Sony Corporation -> Sony Corporation)
R2 VZWConfigService; C:\Program Files (x86)\Novatel Wireless\LTE Support\VZWMSConfig.exe [169472 2011-02-11] (Novatel Wireless Inc.) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\NisSrv.exe [2433136 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MsMpEng.exe [109896 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-11-28] (Atheros) [File not signed]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2018-04-11] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [610336 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink -> CyberLink)
R3 dbx; C:\WINDOWS\System32\DRIVERS\dbx.sys [47600 2019-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Dropbox, Inc.)
R1 excfs; C:\WINDOWS\System32\DRIVERS\excfs.sys [25424 2012-11-20] (CONDUSIV TECHNOLOGIES -> Condusiv Technologies)
R0 excsd; C:\WINDOWS\System32\DRIVERS\excsd.sys [111952 2012-11-20] (CONDUSIV TECHNOLOGIES -> Condusiv Technologies)
R1 googledrivefs2713; C:\WINDOWS\System32\DRIVERS\googledrivefs2713.sys [123736 2019-05-06] (Google LLC -> Google, Inc.)
S3 LcUvcUpper; C:\WINDOWS\system32\DRIVERS\LcUvcUpper.sys [34408 2013-10-14] (Microsoft Corporation -> Microsoft Corporation)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-06-25] (Malwarebytes Corporation -> Malwarebytes)
S3 NANMp50; C:\WINDOWS\System32\Drivers\NANMp50.sys [46776 2010-03-25] (PRINTING COMMUNICATIONS ASSOCIATES, INC -> Printing Communications Assoc., Inc. (PCAUSA))
S3 NANSp50; C:\WINDOWS\System32\Drivers\NANSp50.sys [45752 2010-03-25] (PRINTING COMMUNICATIONS ASSOCIATES, INC -> Printing Communications Assoc., Inc. (PCAUSA))
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2013-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 netr28ux; C:\WINDOWS\System32\drivers\netr28ux.sys [2224128 2018-04-11] (Microsoft Windows -> MediaTek Inc.)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-11] (Microsoft Windows -> Realtek )
R3 SFEP; C:\WINDOWS\System32\drivers\SFEP.sys [14336 2012-07-11] (Microsoft Windows Hardware Compatibility Publisher -> Sony Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-05-27] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SOWS; C:\WINDOWS\System32\drivers\sows.sys [24280 2012-06-10] (WDKTestCert kaneda,129651282666891607 -> Sony Corporation)
R2 speedfan; C:\WINDOWS\SysWoW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47496 2019-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [337632 2019-06-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-06-05] (Microsoft Windows -> Microsoft Corporation)
R1 WinRing0_1_2_0; C:\PROGRAM FILES (X86)\NOTEBOOK FANCONTROL\PLUGINS\WinRing0x64.sys [14544 2018-07-18] (Noriyuki MIYAZAKI -> OpenLibSys.org)
S3 cpuz140; \??\C:\Users\David\AppData\Local\Temp\cpuz140\cpuz140_x64.sys [X] <==== ATTENTION
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-07-07 08:15 - 2019-07-07 08:22 - 000076476 _____ C:\Users\David\Desktop\FRST.txt
2019-07-07 08:15 - 2019-07-07 08:15 - 000000000 ____D C:\FRST
2019-07-07 08:12 - 2019-07-07 08:12 - 002420224 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2019-07-05 11:09 - 2019-07-05 11:09 - 000006352 _____ C:\Users\Public\Documents\davehom16a.htm
2019-07-05 10:53 - 2019-07-05 10:53 - 000000000 ___SH C:\DkHyperbootSync
2019-07-04 05:21 - 2019-07-04 05:21 - 000000000 ___HD C:\OneDriveTemp
2019-06-26 01:45 - 2019-06-26 01:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-06-24 08:12 - 2019-06-24 08:12 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2019-06-24 08:12 - 2019-06-24 08:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2019-06-24 08:12 - 2019-06-24 08:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2019-06-24 08:12 - 2019-06-24 08:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2019-06-24 08:12 - 2019-06-24 08:12 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx.sys
2019-06-22 21:48 - 2019-06-25 07:46 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-06-14 06:01 - 2019-06-07 07:04 - 021388752 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-06-14 06:01 - 2019-06-07 01:57 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-06-14 06:01 - 2019-06-07 01:57 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-06-14 06:01 - 2019-06-07 01:56 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-06-14 06:01 - 2019-06-07 01:46 - 006569344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-06-14 06:01 - 2019-06-07 01:38 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-06-14 06:01 - 2019-06-07 01:37 - 022019584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-06-14 06:01 - 2019-06-07 01:31 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-06-14 06:01 - 2019-06-07 01:27 - 022718976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-06-14 06:01 - 2019-06-07 01:21 - 007588864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-06-14 06:01 - 2019-05-17 02:42 - 005625160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-06-14 06:01 - 2019-05-17 02:19 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-06-14 06:01 - 2019-05-17 01:44 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-06-14 06:01 - 2019-05-17 01:38 - 004709376 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-06-14 06:01 - 2019-05-17 01:31 - 004937216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-06-14 06:00 - 2019-06-07 07:04 - 001633136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-06-14 06:00 - 2019-06-07 06:48 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-06-14 06:00 - 2019-06-07 06:47 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-06-14 06:00 - 2019-06-07 06:45 - 012756480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-06-14 06:00 - 2019-06-07 06:42 - 003613696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-06-14 06:00 - 2019-06-07 06:41 - 004055552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-06-14 06:00 - 2019-06-07 06:40 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-06-14 06:00 - 2019-06-07 06:40 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-06-14 06:00 - 2019-06-07 06:23 - 001453920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-06-14 06:00 - 2019-06-07 06:19 - 020383832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-06-14 06:00 - 2019-06-07 06:10 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-06-14 06:00 - 2019-06-07 06:07 - 011942400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-06-14 06:00 - 2019-06-07 06:04 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-06-14 06:00 - 2019-06-07 06:04 - 002881536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-06-14 06:00 - 2019-06-07 06:04 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-06-14 06:00 - 2019-06-07 02:07 - 000707384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-06-14 06:00 - 2019-06-07 02:01 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-06-14 06:00 - 2019-06-07 01:58 - 001220112 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-06-14 06:00 - 2019-06-07 01:58 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-06-14 06:00 - 2019-06-07 01:58 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-06-14 06:00 - 2019-06-07 01:58 - 000422416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2019-06-14 06:00 - 2019-06-07 01:58 - 000135176 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-06-14 06:00 - 2019-06-07 01:58 - 000076304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-06-14 06:00 - 2019-06-07 01:57 - 002811192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-06-14 06:00 - 2019-06-07 01:57 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-06-14 06:00 - 2019-06-07 01:57 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-06-14 06:00 - 2019-06-07 01:57 - 001209696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-06-14 06:00 - 2019-06-07 01:57 - 000792888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-06-14 06:00 - 2019-06-07 01:57 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-06-14 06:00 - 2019-06-07 01:57 - 000594024 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-06-14 06:00 - 2019-06-07 01:57 - 000494304 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-06-14 06:00 - 2019-06-07 01:57 - 000435000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-06-14 06:00 - 2019-06-07 01:57 - 000413720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-06-14 06:00 - 2019-06-07 01:57 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-06-14 06:00 - 2019-06-07 01:57 - 000383504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-06-14 06:00 - 2019-06-07 01:57 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-06-14 06:00 - 2019-06-07 01:57 - 000148280 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-06-14 06:00 - 2019-06-07 01:57 - 000137448 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2019-06-14 06:00 - 2019-06-07 01:56 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-06-14 06:00 - 2019-06-07 01:47 - 000380432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-06-14 06:00 - 2019-06-07 01:47 - 000097272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2019-06-14 06:00 - 2019-06-07 01:46 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-06-14 06:00 - 2019-06-07 01:46 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-06-14 06:00 - 2019-06-07 01:46 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-06-14 06:00 - 2019-06-07 01:46 - 000581048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-06-14 06:00 - 2019-06-07 01:46 - 000357072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-06-14 06:00 - 2019-06-07 01:46 - 000128792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-06-14 06:00 - 2019-06-07 01:24 - 005784064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-06-14 06:00 - 2019-06-07 01:24 - 003400704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-06-14 06:00 - 2019-06-07 01:24 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-06-14 06:00 - 2019-06-07 01:23 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-06-14 06:00 - 2019-06-07 01:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-06-14 06:00 - 2019-06-07 01:23 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-06-14 06:00 - 2019-06-07 01:22 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-06-14 06:00 - 2019-06-07 01:22 - 003710976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-06-14 06:00 - 2019-06-07 01:22 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-06-14 06:00 - 2019-06-07 01:22 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2019-06-14 06:00 - 2019-06-07 01:22 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2019-06-14 06:00 - 2019-06-07 01:21 - 004866048 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-06-14 06:00 - 2019-06-07 01:21 - 001778688 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-06-14 06:00 - 2019-06-07 01:21 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-06-14 06:00 - 2019-06-07 01:21 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-06-14 06:00 - 2019-06-07 01:21 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-06-14 06:00 - 2019-06-07 01:20 - 002610688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-06-14 06:00 - 2019-06-07 01:20 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-06-14 06:00 - 2019-06-07 01:20 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-06-14 06:00 - 2019-06-07 01:20 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-06-14 06:00 - 2019-06-07 01:19 - 003212288 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-06-14 06:00 - 2019-06-07 01:19 - 002175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-06-14 06:00 - 2019-06-07 01:19 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-06-14 06:00 - 2019-06-07 01:19 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-06-14 06:00 - 2019-06-07 01:19 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-06-14 06:00 - 2019-06-07 01:19 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2019-06-14 06:00 - 2019-06-07 01:18 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-06-14 06:00 - 2019-06-07 01:18 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-06-14 06:00 - 2019-06-07 01:18 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-06-14 06:00 - 2019-06-07 01:17 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-06-14 06:00 - 2019-06-07 01:17 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-06-14 06:00 - 2019-06-07 01:17 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-06-14 06:00 - 2019-06-07 01:16 - 001102336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-06-14 06:00 - 2019-06-07 01:16 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-06-14 06:00 - 2019-06-07 01:16 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-06-14 06:00 - 2019-06-07 01:16 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2019-06-14 06:00 - 2019-06-07 00:00 - 000001308 _____ C:\WINDOWS\system32\tcbres.wim
2019-06-14 06:00 - 2019-05-18 18:12 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-06-14 06:00 - 2019-05-18 18:12 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-06-14 06:00 - 2019-05-18 18:12 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-06-14 06:00 - 2019-05-18 18:12 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-06-14 06:00 - 2019-05-17 08:44 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-06-14 06:00 - 2019-05-17 08:40 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-06-14 06:00 - 2019-05-17 08:40 - 000280888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-06-14 06:00 - 2019-05-17 08:27 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-06-14 06:00 - 2019-05-17 08:26 - 004393984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-06-14 06:00 - 2019-05-17 08:25 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-06-14 06:00 - 2019-05-17 08:25 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-06-14 06:00 - 2019-05-17 08:25 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe
2019-06-14 06:00 - 2019-05-17 08:24 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-06-14 06:00 - 2019-05-17 08:23 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2019-06-14 06:00 - 2019-05-17 08:22 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-06-14 06:00 - 2019-05-17 08:22 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2019-06-14 06:00 - 2019-05-17 08:21 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-06-14 06:00 - 2019-05-17 08:21 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2019-06-14 06:00 - 2019-05-17 08:21 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-06-14 06:00 - 2019-05-17 08:21 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3gpui.dll
2019-06-14 06:00 - 2019-05-17 08:21 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2019-06-14 06:00 - 2019-05-17 08:20 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-06-14 06:00 - 2019-05-17 08:19 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-06-14 06:00 - 2019-05-17 08:07 - 002206424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2019-06-14 06:00 - 2019-05-17 08:00 - 005658112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-06-14 06:00 - 2019-05-17 07:58 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-06-14 06:00 - 2019-05-17 07:56 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2019-06-14 06:00 - 2019-05-17 07:56 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3gpui.dll
2019-06-14 06:00 - 2019-05-17 07:55 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-06-14 06:00 - 2019-05-17 07:55 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-06-14 06:00 - 2019-05-17 07:55 - 000470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2019-06-14 06:00 - 2019-05-17 07:54 - 002016768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-06-14 06:00 - 2019-05-17 07:54 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2019-06-14 06:00 - 2019-05-17 05:33 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-06-14 06:00 - 2019-05-17 04:52 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-06-14 06:00 - 2019-05-17 03:07 - 000105272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-06-14 06:00 - 2019-05-17 02:44 - 000829960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2019-06-14 06:00 - 2019-05-17 02:44 - 000550520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-06-14 06:00 - 2019-05-17 02:43 - 000297688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2019-06-14 06:00 - 2019-05-17 02:42 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-06-14 06:00 - 2019-05-17 02:42 - 002256560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-06-14 06:00 - 2019-05-17 02:42 - 001989552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-06-14 06:00 - 2019-05-17 02:42 - 001980256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-06-14 06:00 - 2019-05-17 02:42 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-06-14 06:00 - 2019-05-17 02:42 - 001380096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-06-14 06:00 - 2019-05-17 02:42 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-06-14 06:00 - 2019-05-17 02:42 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-06-14 06:00 - 2019-05-17 02:42 - 000125504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-06-14 06:00 - 2019-05-17 02:30 - 013878784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-06-14 06:00 - 2019-05-17 02:26 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-06-14 06:00 - 2019-05-17 02:23 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-06-14 06:00 - 2019-05-17 02:23 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-06-14 06:00 - 2019-05-17 02:23 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-06-14 06:00 - 2019-05-17 02:22 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2019-06-14 06:00 - 2019-05-17 02:22 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2019-06-14 06:00 - 2019-05-17 02:21 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-06-14 06:00 - 2019-05-17 02:21 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2019-06-14 06:00 - 2019-05-17 02:21 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2019-06-14 06:00 - 2019-05-17 02:20 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-06-14 06:00 - 2019-05-17 02:20 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-06-14 06:00 - 2019-05-17 02:19 - 001630720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-06-14 06:00 - 2019-05-17 02:19 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2019-06-14 06:00 - 2019-05-17 02:19 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-06-14 06:00 - 2019-05-17 02:19 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2019-06-14 06:00 - 2019-05-17 02:19 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-06-14 06:00 - 2019-05-17 02:18 - 002796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-06-14 06:00 - 2019-05-17 02:18 - 001006592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-06-14 06:00 - 2019-05-17 02:18 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-06-14 06:00 - 2019-05-17 02:08 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-06-14 06:00 - 2019-05-17 02:08 - 000723432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-06-14 06:00 - 2019-05-17 02:08 - 000491200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-06-14 06:00 - 2019-05-17 02:08 - 000401328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2019-06-14 06:00 - 2019-05-17 02:07 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-06-14 06:00 - 2019-05-17 02:07 - 002768960 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-06-14 06:00 - 2019-05-17 02:07 - 002571640 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-06-14 06:00 - 2019-05-17 02:07 - 002467320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-06-14 06:00 - 2019-05-17 02:07 - 001459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-06-14 06:00 - 2019-05-17 02:07 - 001288712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-06-14 06:00 - 2019-05-17 02:07 - 001260272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-06-14 06:00 - 2019-05-17 02:07 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2019-06-14 06:00 - 2019-05-17 02:07 - 000275768 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-06-14 06:00 - 2019-05-17 02:07 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-06-14 06:00 - 2019-05-17 02:06 - 001943136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-06-14 06:00 - 2019-05-17 02:06 - 001784696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-06-14 06:00 - 2019-05-17 02:06 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-06-14 06:00 - 2019-05-17 02:06 - 001140992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-06-14 06:00 - 2019-05-17 02:06 - 001098056 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-06-14 06:00 - 2019-05-17 02:06 - 000983424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-06-14 06:00 - 2019-05-17 02:06 - 000151888 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-06-14 06:00 - 2019-05-17 02:04 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-06-14 06:00 - 2019-05-17 02:00 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-06-14 06:00 - 2019-05-17 01:37 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-06-14 06:00 - 2019-05-17 01:37 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2019-06-14 06:00 - 2019-05-17 01:37 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2019-06-14 06:00 - 2019-05-17 01:36 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-06-14 06:00 - 2019-05-17 01:36 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-06-14 06:00 - 2019-05-17 01:36 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-06-14 06:00 - 2019-05-17 01:36 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-06-14 06:00 - 2019-05-17 01:36 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-06-14 06:00 - 2019-05-17 01:36 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-06-14 06:00 - 2019-05-17 01:36 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-06-14 06:00 - 2019-05-17 01:35 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-06-14 06:00 - 2019-05-17 01:35 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2019-06-14 06:00 - 2019-05-17 01:35 - 000322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-06-14 06:00 - 2019-05-17 01:34 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-06-14 06:00 - 2019-05-17 01:34 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-06-14 06:00 - 2019-05-17 01:34 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-06-14 06:00 - 2019-05-17 01:34 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2019-06-14 06:00 - 2019-05-17 01:34 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2019-06-14 06:00 - 2019-05-17 01:34 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-06-14 06:00 - 2019-05-17 01:34 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-06-14 06:00 - 2019-05-17 01:34 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2019-06-14 06:00 - 2019-05-17 01:33 - 003091456 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-06-14 06:00 - 2019-05-17 01:33 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-06-14 06:00 - 2019-05-17 01:33 - 002370560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-06-14 06:00 - 2019-05-17 01:33 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-06-14 06:00 - 2019-05-17 01:33 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-06-14 06:00 - 2019-05-17 01:33 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-06-14 06:00 - 2019-05-17 01:33 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2019-06-14 06:00 - 2019-05-17 01:32 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2019-06-14 06:00 - 2019-05-17 01:32 - 000815104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-06-14 06:00 - 2019-05-17 01:31 - 003376640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-06-14 06:00 - 2019-05-17 01:31 - 003293184 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-06-14 06:00 - 2019-05-17 01:31 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-06-14 06:00 - 2019-05-17 01:31 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-06-14 06:00 - 2019-05-17 01:31 - 001383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-06-14 06:00 - 2019-05-17 01:31 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-06-14 06:00 - 2019-05-17 01:31 - 001211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-06-14 06:00 - 2019-05-17 01:31 - 001027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2019-06-14 06:00 - 2019-05-17 01:31 - 000620032 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-06-14 06:00 - 2019-05-17 01:31 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-06-14 06:00 - 2019-05-17 01:30 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-06-14 06:00 - 2019-05-17 01:30 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-06-14 06:00 - 2019-05-17 01:30 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2019-06-11 17:14 - 2019-02-13 01:47 - 001909560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-06-11 07:49 - 2019-06-11 07:49 - 000001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk
2019-06-11 07:49 - 2019-06-11 07:49 - 000001028 _____ C:\Users\Public\Desktop\TeamViewer 14.lnk
2019-06-11 07:22 - 2019-06-11 07:22 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk
2019-06-11 07:22 - 2019-06-11 07:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2019-06-11 07:22 - 2019-06-11 07:22 - 000000000 ____D C:\Program Files\iPod
2019-06-11 07:20 - 2019-06-11 07:22 - 000000000 ____D C:\Program Files\iTunes
2019-06-11 07:03 - 2019-06-11 07:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2019-06-11 04:22 - 2019-06-11 06:08 - 004650040 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
 
==================== One month (modified) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-07-07 08:23 - 2018-07-12 17:37 - 000004148 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A884EA09-47D2-445A-9A3F-C4A36B4EBEFC}
2019-07-07 08:05 - 2018-07-12 16:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-07-07 06:40 - 2018-04-11 19:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-06 21:59 - 2019-02-10 23:58 - 000003242 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForDavid
2019-07-06 21:59 - 2019-02-10 23:57 - 000000350 _____ C:\WINDOWS\Tasks\HPCeeScheduleForDavid.job
2019-07-05 11:47 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-07-05 10:46 - 2013-05-30 13:59 - 000000000 ____D C:\Users\David\AppData\Roaming\Ditto
2019-07-04 09:59 - 2015-07-31 18:21 - 000000000 ____D C:\Users\David\AppData\Roaming\Slack
2019-07-04 05:21 - 2014-01-19 15:09 - 000000000 ___RD C:\Users\David\SkyDrive
2019-07-04 05:19 - 2018-07-12 17:37 - 000003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3199809883-61864900-496248842-1001
2019-07-04 05:19 - 2018-07-12 16:43 - 000002397 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-07-01 15:10 - 2018-05-15 18:25 - 000002088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drive File Stream.lnk
2019-07-01 03:58 - 2013-04-05 16:39 - 000000000 ____D C:\Users\David\AppData\Local\CrashDumps
2019-06-30 05:33 - 2018-04-11 19:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-30 05:24 - 2016-10-27 09:26 - 000000000 ____D C:\Users\David\AppData\Roaming\Dashlane
2019-06-28 12:16 - 2014-01-24 12:43 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-06-27 17:50 - 2018-07-10 20:31 - 000000000 ____D C:\ProgramData\Packages
2019-06-26 01:47 - 2016-06-08 09:58 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-06-25 11:27 - 2014-10-02 12:46 - 000000000 __SHD C:\Users\David\IntelGraphicsProfiles
2019-06-25 11:26 - 2018-07-12 16:43 - 000000000 ____D C:\Users\David
2019-06-25 07:44 - 2018-07-12 17:37 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-06-22 21:45 - 2018-04-11 17:04 - 001835008 _____ C:\WINDOWS\system32\config\BBI
2019-06-22 09:23 - 2018-01-11 19:26 - 000000000 ____D C:\Program Files\rempl
2019-06-21 04:17 - 2013-03-23 22:11 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-20 12:27 - 2016-01-04 07:37 - 000000000 ___RD C:\Users\David\iCloudDrive
2019-06-19 15:16 - 2018-01-03 12:40 - 000002000 _____ C:\Users\David\Desktop\Dashlane.lnk
2019-06-19 12:08 - 2017-06-15 13:01 - 000000000 ____D C:\Program Files\UNP
2019-06-19 09:43 - 2019-03-07 04:30 - 000001814 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dashlane.lnk
2019-06-16 05:11 - 2015-07-06 16:37 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-06-14 22:57 - 2018-04-30 06:04 - 000000000 ____D C:\Users\David\AppData\Local\slack
2019-06-14 22:56 - 2018-04-30 06:05 - 000002231 _____ C:\Users\David\Desktop\Slack.lnk
2019-06-14 22:56 - 2015-07-31 18:21 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies
2019-06-14 22:56 - 2015-07-31 18:20 - 000000000 ____D C:\Users\David\AppData\Local\SquirrelTemp
2019-06-14 21:50 - 2018-04-11 19:36 - 000000000 ____D C:\WINDOWS\INF
2019-06-14 21:49 - 2018-07-12 17:00 - 000843946 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-06-14 21:46 - 2018-02-17 16:10 - 000000000 ___RD C:\Users\David\3D Objects
2019-06-14 21:46 - 2013-03-21 20:42 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-06-14 21:44 - 2018-07-12 16:34 - 000448560 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-06-14 21:38 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-06-14 21:38 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-06-14 21:38 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\Provisioning
2019-06-14 21:38 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-06-14 06:17 - 2018-04-11 19:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-06-14 05:59 - 2013-07-30 05:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-06-14 05:45 - 2013-03-21 21:59 - 135349160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-06-13 06:46 - 2018-02-17 13:19 - 000000000 ____D C:\Users\David\AppData\Local\Packages
2019-06-11 07:53 - 2013-03-21 22:16 - 000000000 ____D C:\Update
2019-06-11 07:34 - 2017-05-24 04:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-06-11 07:34 - 2013-04-05 11:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-06-11 06:09 - 2018-07-12 17:37 - 000004538 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-06-11 06:09 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-06-11 06:08 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-06-11 04:23 - 2018-07-12 17:37 - 000004574 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
 
==================== Files in the root of some directories ================
 
2018-05-15 18:24 - 2018-05-16 04:48 - 007065600 _____ () C:\Program Files (x86)\GUT6762.tmp
2017-01-01 11:50 - 2017-01-01 11:50 - 000000000 _____ () C:\Users\David\AppData\Roaming\b6818ccd-b023-4366-8897-2b0db89437d4.storage
2016-10-27 11:40 - 2016-10-27 11:40 - 000004394 _____ () C:\Users\David\AppData\Roaming\Comma Separated Values (DOS).NOT
2014-07-29 15:14 - 2019-02-23 13:11 - 000038471 _____ () C:\Users\David\AppData\Roaming\Comma Separated Values (Windows).ADR
2014-07-29 15:03 - 2014-07-29 15:03 - 000012984 _____ () C:\Users\David\AppData\Roaming\Comma Separated Values (Windows).CAL
2014-12-02 15:31 - 2014-12-02 15:42 - 000038518 _____ () C:\Users\David\AppData\Roaming\Microsoft Excel 97-2003.ADR
2015-07-06 11:39 - 2015-07-06 11:39 - 000000037 ___SH () C:\Users\David\AppData\Local\134e6589520e51682091c0.32666518
2013-12-29 13:25 - 2013-12-29 13:25 - 000000037 ___SH () C:\Users\David\AppData\Local\559f784a51b0e1ff90f3e5.52689754
2013-12-29 10:21 - 2013-12-29 10:21 - 000000037 ___SH () C:\Users\David\AppData\Local\70149b02515b3bb20dd492.47983420
2013-05-21 14:39 - 2018-12-05 03:12 - 000013824 _____ () C:\Users\David\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-07 10:07 - 2015-10-09 06:30 - 000007628 _____ () C:\Users\David\AppData\Local\Resmon.ResmonCfg
 
==================== SigCheck ===============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 3-07-2019
Ran by David (07-07-2019 08:25:14)
Running from C:\Users\David\Desktop
Windows 10 Home Version 1803 17134.829 (X64) (2018-07-12 21:39:06)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3199809883-61864900-496248842-500 - Administrator - Disabled)
David (S-1-5-21-3199809883-61864900-496248842-1001 - Administrator - Enabled) => C:\Users\David
DefaultAccount (S-1-5-21-3199809883-61864900-496248842-503 - Limited - Disabled)
Guest (S-1-5-21-3199809883-61864900-496248842-501 - Limited - Disabled)
Sonos (S-1-5-21-3199809883-61864900-496248842-1004 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-3199809883-61864900-496248842-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
. . . (HKLM\...\{9117392B-B850-4568-83DD-6C62416B020D}) (Version: 2.1.28.3 - Intel) Hidden
. . . (HKLM-x32\...\{3531E043-2D73-4E84-AC74-67F9D25A7FD8}) (Version: 2.7.0.11 - Intel) Hidden
64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (HKLM\...\{F8F948EA-5AEA-4158-8821-A2F788ECE936}) (Version: 16.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
8x8 - Virtual Office (HKLM-x32\...\{B1A6CB20-C032-4228-940F-AC3BC9BF6B3E}) (Version: 5.3.1.19599 - 8x8, Inc.)
ACID Music Studio 9.0 (HKLM-x32\...\{78EB80B0-18A0-11E2-9761-F04DA23A5C58}) (Version: 9.0.35 - Sony)
Adobe Acrobat 7.0 Standard (HKLM-x32\...\Adobe Acrobat 7.0 Standard - V) (Version: 7.0.0 - Adobe Systems)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.207 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.207 - Adobe)
Apple Application Support (32-bit) (HKLM-x32\...\{C1BCFECF-6EC2-4750-9072-5E2489423F8F}) (Version: 7.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B202C7F5-7DE3-4FBF-B259-E70E625F56FC}) (Version: 7.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B5A46811-3612-4DA5-8A5A-E6DED5D7C523}) (Version: 12.2.1.12 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ArtRage Studio (HKLM-x32\...\{5A9FE63F-F201-4D55-9F5F-06DDB239AC4F}) (Version: 3.5.5 - Ambient Design)
Avaya Scopia® Desktop Client (HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\{D4B018FD-B6EF-42E0-BE6D-31E1C60189E4}) (Version:  - Avaya, Inc.)
AVS Audio Converter 7.3 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 7.3.1.535 - Online Media Technologies Ltd.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
Camtasia Studio 7 (HKLM-x32\...\{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}) (Version: 7.1.1 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
Chrome Remote Desktop Host (HKLM-x32\...\{786E64DA-CDC1-432B-BCAB-5912C73A72E9}) (Version: 74.0.3729.56 - Google Inc.)
ChromecastApp (HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)
Cisco Jabber Video for TelePresence (HKLM-x32\...\{5BF4E2A0-9C59-42AA-97E2-D45127CB9117}) (Version: 4.8.12.18951 - Cisco Systems, Inc.)
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
CleanMem (HKLM-x32\...\CleanMem) (Version: v2.4.0 - PcWinTech.com)
ContactMonkey Outlook Add-in (HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\{9cd3d330-2d31-4bd2-8a6d-565f2ec1259f}) (Version: 1.3.1.0 - ContactMonkey)
ContactMonkeyOutlook2007AddIn (HKLM-x32\...\{1CBC7F76-D282-4757-8513-EDCBB8B4B5AC}) (Version: 1.3.1 - ContactMonkey) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.2126 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.6426.52 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dashlane (HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Dashlane) (Version: 6.1924.0.21110 - Dashlane, Inc.)
Ditto (HKLM\...\Ditto_is1) (Version:  - Scott Brogden)
Dropbox (HKLM-x32\...\Dropbox) (Version: 75.4.141 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
DVD Architect Studio 5.0 (HKLM-x32\...\{42C509F1-C451-11E1-AEC9-F04DA23A5C58}) (Version: 5.0.161 - Sony)
DVDStyler v2.7.2 (HKLM-x32\...\DVDStyler_is1) (Version:  - )
eFax Messenger (HKLM-x32\...\{DF6DA606-904D-4C18-823F-A4CFC3035E53}) (Version: 4.4.4.572 - j2 Global)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Evernote v. 6.16.4 (HKLM-x32\...\{69BDFB62-DE11-11E8-B2A0-005056951CAD}) (Version: 6.16.4.8094 - Evernote Corp.)
ExpressCache (HKLM\...\{196E43FB-929D-4838-B859-BF27557A6CA0}) (Version: 1.0.98.0 - Condusiv Technologies)
FDUx86 (HKLM-x32\...\{3490653F-2789-46A1-B1BF-6BD4CF4131AB}) (Version: 1.0.0 - Sony Corporation) Hidden
Fiddler (HKLM-x32\...\Fiddler2) (Version: 4.4.5.9 - Telerik)
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
GoAcanoClient (HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\0e6831bc9358f1f3) (Version: 1.7.8.0 - Acano)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Drive File Stream (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 32.0.11.0 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GoTo Opener (HKLM-x32\...\{1F803452-798F-49FB-A5DD-9F527F7017E4}) (Version: 1.0.473 - LogMeIn, Inc.)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP LaserJet Professional M1530 MFP Series (HKLM-x32\...\{74280B5D-A0AF-46c5-9C85-D9EA078262F1}) (Version:  - Hewlett-Packard)
HP LJ M1530 MFP Series HP Scan (HKLM-x32\...\{C05002F1-06F8-4A15-B6F8-E4DC655C28AA}) (Version: 1.0.302.0 - Hewlett-Packard Co.)
HP Officejet Pro 8620 Basic Device Software (HKLM\...\{A977D10D-989A-40D4-B0B1-450954516543}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Officejet Pro 8620 Help (HKLM-x32\...\{9A4D71AB-9C68-4702-A4A2-A4DB7B0FE270}) (Version: 32.0.0 - Hewlett Packard)
HP Photo Creations (HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\HP Photo Creations) (Version: 1.0.0.18702 - HP)
HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.8.24.33 - HP)
HP Support Solutions Framework (HKLM-x32\...\{CE7447C2-EF12-4EF3-BE51-BFC3B049C0F6}) (Version: 12.11.24.11 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iBackupBot 5.4.4 (HKLM-x32\...\iBackupBot) (Version: 5.4.4 - VOWSoft, Ltd.)
iCloud (HKLM\...\{DA6D808E-3629-4933-8FB3-583F9BCB0DEF}) (Version: 7.12.0.14 - Apple Inc.)
IDrive Version - 6.0 (HKLM-x32\...\IDrive_is1) (Version: 6.0 - Pro Softnet Corp)
Infinite HD™ App (HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Octoshape Streaming Services) (Version:  - Octoshape ApS)
inSSIDer Office (HKLM-x32\...\{8C127DE3-EC36-4BA3-A6EE-6DC4A9B6C526}) (Version: 3.1.1.6 - MetaGeek, LLC)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4425 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{7b9ce1f6-7029-4ca6-8bcd-38afc68a69df}) (Version: 2.7.0.11 - Intel)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
iTunes (HKLM\...\{A8AF3EF8-5010-4A92-BCCA-90F62A7D62B8}) (Version: 12.9.5.7 - Apple Inc.)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Jing (HKLM-x32\...\{8C784F8B-89D0-4A59-A000-7EEF129E1574}) (Version: 2.9.15255.1 - TechSmith Corporation)
join.me (HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\JoinMe) (Version: 3.0.0.3668 - LogMeIn, Inc.)
Juniper Networks, Inc. Setup Client (HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Juniper_Setup_Client) (Version: 7.4.9.44981 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
KUx86 (HKLM-x32\...\{857087BB-A988-4462-A5C6-CF6739143B56}) (Version: 1.0.0 - Sony Corporation) Hidden
LifeSize ClearSea (HKLM-x32\...\{48F754A8-23F6-4524-ADDF-BBE8DAF4077A}) (Version: 8.2.6 - LifeSize)
Linksys Connect (HKLM-x32\...\Linksys Connect) (Version: 1.5.15287.0 - Linksys LLC)
Logitech Camera Settings (HKLM-x32\...\LogiUCDPP) (Version: 1.0.568.0 - Logitech Europe S.A.)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
Malwarebytes version 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
MergeModule_x64 (HKLM\...\{20E0665F-E4EE-4E2A-8E86-EFC65129FE41}) (Version: 8.0.00 - Sony Corporation) Hidden
Microsoft Expression Encoder 4 (HKLM-x32\...\Encoder_4.0.4276.0) (Version: 4.0.4276.0 - Microsoft Corporation)
Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{64C12304-7010-43F3-A25B-BDC38DE41E46}) (Version: 4.0.4276.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Configuration Analyzer Tool 2.2 (HKLM-x32\...\{EA5C0F11-00CA-0321-0801-141002021782}) (Version: 2.2.6018.801 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU  (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU  (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MiFi4510 Mobile Broadband Drivers (HKLM-x32\...\{CBA640FF-4754-4DB7-AC90-64D007FA8ACD}) (Version: 1.02.001.001.13 - Novatel Wireless)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Studio Platinum 12.0 (64-bit) (HKLM\...\{BF6B9ECF-0BDF-11E2-97FB-F04DA23A5C58}) (Version: 12.0.530 - Sony)
Mozilla Firefox 66.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 66.0.3 (x64 en-US)) (Version: 66.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 66.0.3.7038 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nero 2014 (HKLM-x32\...\{0128492C-AB60-43BE-9D9A-8CA622CAF06E}) (Version: 15.0.07700 - Nero AG)
Nero 2014 Content Pack (HKLM-x32\...\{204A26F0-01B8-4656-8607-5CCEDE820BC2}) (Version: 15.0.00200 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
NetStress 2.0.9686.0 (HKLM-x32\...\NetStress_is1) (Version:  - Nuts About Nets, LLC)
NetSurveyor 2.0.9686.0 (HKLM-x32\...\NetSurveyor_is1) (Version:  - Nuts About Nets, LLC)
Network Stumbler 0.4.0 (remove only) (HKLM-x32\...\Network Stumbler) (Version:  - )
Networkx64 (HKLM\...\{AD1A77F2-5E5F-4A1C-A5C5-74CE7CEC5EC6}) (Version: 1.0.0 - Sony Corporation) Hidden
NoteBook FanControl (HKLM-x32\...\{00111A7A-77A7-4AC6-A272-A56DFAD517E7}) (Version: 1.5.0.0 - Stefan Hirschmann - StagWare) Hidden
NoteBook FanControl (HKLM-x32\...\{666d9f07-291b-44a5-b86f-d5240e78692d}) (Version: 1.5.0.0 - Stefan Hirschmann - StagWare)
ODIR (HKLM-x32\...\ODIR_is1) (Version:  - Vaita)
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.7 - )
PlayMemories Home (HKLM-x32\...\{4C93E894-BE17-463B-A789-4CAB706987A0}) (Version: 8.0.21.11211 - Sony Corporation)
Polycom Telepresence m100 (HKLM-x32\...\{E53C2A31-6A91-4140-9622-0C483A2A8596}) (Version: 1.0.5.29417_4151 - Polycom, Inc.)
Prerequisite installer (HKLM-x32\...\{5909A89E-C97F-407C-AE2B-47BDED86BF5D}) (Version: 15.0.0005 - Nero AG) Hidden
Product Improvement Study for HP Officejet Pro 8620 (HKLM\...\{99039186-EBEB-4127-BFA2-18B10A05ACE2}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.312 - Qualcomm Atheros Communications)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
rbjnplugin (HKLM-x32\...\{893E7AD9-4905-4DFE-A747-40CB5712E781}) (Version: 1.6.199.5 - Blue Jeans)
Reader for PC (HKLM-x32\...\{25340F94-F74E-4CCF-ABDF-ECBCF03911BE}) (Version: 2.0.00.07121 - Sony Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.28146 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6695 - Realtek Semiconductor Corp.)
Remote Keyboard (HKLM-x32\...\{6466EF6E-700E-470F-94CB-D0050302C84E}) (Version: 1.2.0.09270 - Sony Corporation) Hidden
Restore (HKLM-x32\...\{ECCEB4D0-7080-4F8A-B498-E40A32A4FBED}) (Version: 1.0.0 - Sony Corporation) Hidden
RingCentral Meetings (HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\RingCentralMeetings) (Version: 6.1 - Zoom Video Communications, Inc. and RingCentral Inc.)
Seagate Dashboard (HKLM-x32\...\{EA266F00-A8E7-43A0-8DED-FBFE3F076934}) (Version: 4.9.2.0 - Seagate)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype for Business Web App Plug-in (HKLM-x32\...\{37C8167B-B653-4955-A6E8-EBB8DE937DDD}) (Version: 15.8.20020.400 - Microsoft Corporation)
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.106 - Skype Technologies S.A.)
Slack (HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\slack) (Version: 3.4.3 - Slack Technologies)
SOHLib for PlayMemories Home (HKLM\...\{CBA577D0-C972-4A26-B948-A315DF3ECE0E}) (Version: 1.0.1.11110 - Sony Corporation) Hidden
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 34.7.35161 - Sonos, Inc.)
Sound Forge Audio Studio 10.0 (HKLM-x32\...\{7A263871-BEEC-11E1-AC53-F04DA23A5C58}) (Version: 10.0.178 - Sony)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\Spotify) (Version: 1.0.23.90.g42187855 - Spotify AB)
SSLx64 (HKLM\...\{312395BC-7CC2-434C-A660-30250276A926}) (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (HKLM-x32\...\{63C43435-F428-42BA-8E7B-5848749D9262}) (Version: 1.0.0 - Sony Corporation ) Hidden
Store App Support Utility (HKLM\...\{B93C07D4-49FF-440D-8A6A-054A42AEA960}) (Version: 1.0.0.02240 - Sony Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.5.0 - Synaptics Incorporated)
SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.3.4730 - TeamViewer)
TomTom HOME (HKLM-x32\...\{30E6FC43-C31F-4968-9A06-AA38E3C3CF73}) (Version: 2.10.1 - TomTom)
TomTom MyDrive Connect 4.1.5.3181 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.5.3181 - TomTom)
Trillian (HKLM-x32\...\Trillian) (Version:  - Cerulean Studios, LLC)
TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
TurboTax 2014 (HKLM-x32\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc)
TurboTax 2015 (HKLM-x32\...\TurboTax 2015) (Version: 2015.0 - Intuit, Inc)
TurboTax 2016 (HKLM-x32\...\TurboTax 2016) (Version: 2016.0 - Intuit, Inc)
TurboTax 2017 (HKLM-x32\...\TurboTax 2017) (Version: 2017.0 - Intuit, Inc)
TurboTax 2018 (HKLM-x32\...\TurboTax 2018) (Version: 2018.0 - Intuit, Inc)
TurboTax Business 2014 (HKLM-x32\...\TurboTax Business 2014) (Version: 2014.0 - Intuit, Inc)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
VAIO - Remote Keyboard (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.2.0.09270 - Sony Corporation)
VAIO - Remote Keyboard with PlayStation®3 (HKLM-x32\...\{E682702C-609C-4017-99E7-3129C163955F}) (Version: 1.2.0.09210 - Sony Corporation)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.4.0.15030 - Sony Corporation)
VAIO Care (HKLM\...\{9C4E9490-3862-4EE0-90E6-C2457B67CD5F}) (Version: 8.4.6.05116 - Sony Corporation)
VAIO Care Hardware Diagnostics Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.11.1.11210 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{15B9204E-BA09-485E-8F2C-094AC0077664}) (Version: 1.1.2.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.1.0.10300 - Sony Corporation)
VAIO CPU Fan Diagnostic (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.10.0.07270 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{14AC95A2-7675-4988-A5BD-3F5B943AED08}) (Version: 3.0.1.02270 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 3.1.0.10240 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.1.0.10220 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{A31E4DB3-B774-45C8-BE70-DB8BE53D2A5B}) (Version: 2.1.0.10220 - Sony Corporation) Hidden
VAIO Health Report (HKLM-x32\...\VAIO Health Report1.0) (Version: 1.0 - Sony Electronics)
VAIO Image Optimizer (HKLM-x32\...\{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.0.00.08170 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.3.00.10220 - Sony Corporation)
VAIO Manual (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 3.0.0.08100 - Sony Corporation)
VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.0.1.10170 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.0.00.10170 - Sony Corporation) Hidden
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.3.01.11140 - Sony Corporation)
VAIO Movie Creator Template Data (HKLM-x32\...\{00A663F1-6C03-48CA-8E85-55806AAE2615}) (Version: 4.0.00.08170 - Sony Corporation) Hidden
VAIO Movie Creator Template Data (HKLM-x32\...\InstallShield_{00A663F1-6C03-48CA-8E85-55806AAE2615}) (Version: 4.0.00.08170 - Sony Corporation) Hidden
VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.9.0.11060 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.4.0.15200 - Sony Corporation)
VCCMMX64 (HKLM\...\{606DF716-F28D-4449-B0B1-3AB6081F51AF}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCMMx64 (HKLM\...\{B812401D-BAB2-4E33-9AC7-9862BC8CAF64}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCMMX86 (HKLM-x32\...\{BC3FFCF0-3DB7-47D2-BF15-1979AB59D12B}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCMMx86 (HKLM-x32\...\{CC87BAAD-AA25-4727-9B7C-E0876722B784}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCx64 (HKLM\...\{25ECAFCB-DCFB-4FCE-A5B2-772A57F59860}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCx64 (HKLM\...\{AB447E3B-7A95-4CA6-8ECD-B25C96314B67}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (HKLM-x32\...\{AFDC0CC0-39E8-42C0-9823-2C1C182676DC}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (HKLM-x32\...\{B31938C7-7E97-49EE-8F88-951E156268A3}) (Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (HKLM\...\{5388ABD8-6E23-4498-BE10-01079387590F}) (Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (HKLM\...\{553C52C6-993E-47D4-8E49-3097B4BD4969}) (Version: 1.0.0 - Sony Corporation) Hidden
VHD (HKLM-x32\...\{9D8112DB-3490-4BF1-AAFA-1D224FFB5D3C}) (Version: 1.0.0 - Sony Corporation) Hidden
Vidyo Desktop 3.6.3 (HKLM-x32\...\Vidyo Desktop) (Version: 3.6.3 - Vidyo Inc.)
VidyoWeb - 1.4.0.0006 (HKLM-x32\...\{06B7CBBD-3D39-4FC9-94B3-72139C62608E}) (Version: 1.4.0.0006 - Vidyo, Inc.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
VMLx86 (HKLM-x32\...\{7E5A5CA6-B7D0-406E-A75E-157CAB47EB94}) (Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (HKLM\...\{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}) (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (HKLM\...\{4F31AC31-0A28-4F5A-8416-513972DA1F79}) (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (HKLM-x32\...\{B24BB74E-8359-43AA-985A-8E80C9219C70}) (Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (HKLM\...\{46261E1C-5E0D-484E-8CCC-7F770375FBA2}) (Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (HKLM-x32\...\{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}) (Version: 1.0.0 - Sony Corporation ) Hidden
VUx64 (HKLM\...\{4B432082-B58C-4035-91FB-F28D504D3148}) (Version: 1.0.0 - Sony Corporation ) Hidden
VUx64 (HKLM\...\{A0A2BE14-D3FF-41C8-9545-4B130E3FE9A4}) (Version: 1.2.0 - Sony Corporation) Hidden
VUx86 (HKLM-x32\...\{10181264-340D-4BE7-B879-3A49604A6FD1}) (Version: 1.0.0 - Sony Corporation ) Hidden
VUx86 (HKLM-x32\...\{D04F1D22-4A47-42C6-A2B9-094A7B844D9B}) (Version: 1.2.0 - Sony Corporation) Hidden
VWSTx86 (HKLM-x32\...\{B8991D99-88FD-41F2-8C32-DB70278D5C30}) (Version: 1.0.0 - Sony Corporation) Hidden
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 6.18 - NCH Software)
Windows Driver Package - Qualcomm Atheros Communications Inc. (athr) Net  (07/15/2013 10.0.0.260) (HKLM\...\FF9ECD00DD25FDB7D3208607214790302878ACBE) (Version: 07/15/2013 10.0.0.260 - Qualcomm Atheros Communications Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Wireshark 1.8.6 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.8.6 - The Wireshark developer community, hxxp://www.wireshark.org)
Xirrus Wi-Fi Inspector (HKLM-x32\...\{BBB21AB1-2C45-435D-A05A-B563072E7B9B}) (Version: 1.2.1.4 - Xirrus)
XperiaLinkx86 (HKLM-x32\...\{EE402ACB-8269-4E44-9CA1-D81FDC4B4545}) (Version: 1.0.0 - Sony Corporation) Hidden
Zoom (HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\ZoomUMX) (Version: 4.4 - Zoom Video Communications, Inc.)
 
Packages:
=========
Album by Sony -> C:\Program Files\WindowsApps\BD9B8345.AlbumbySony_2.2.2.8170_x86__05bme2bjq6sag [2015-08-25] (ms-resource:SZ_DeveloperName)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.0.2.0_x64__tf1gferkr813w [2019-05-28] (Autodesk Inc.)
Clock (Live tile, alarm, timer) -> C:\Program Files\WindowsApps\12199Asparion.AsparionClock_4.0.2.69_x64__f89vgcf3qm37t [2017-11-01] (Asparion) [MS Ad]
Google -> C:\Program Files\WindowsApps\GoogleInc.GoogleSearch_2.1.19.0_x64__yfg5n0ztvskxp [2016-01-01] (Google Inc)
HP Scan and Capture -> C:\Program Files\WindowsApps\AD2F1837.HPScanandCapture_40.0.245.0_x64__v10z8vjag6ke6 [2018-05-11] (Hewlett-Packard Company)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_100.1.575.0_x64__v10z8vjag6ke6 [2019-06-27] (HP Inc.)
Hulu -> C:\Program Files\WindowsApps\HuluLLC.HuluPlus_2.5.3.0_neutral__fphbd361v8tya [2019-03-10] (Hulu.)
iHeartRadio -> C:\Program Files\WindowsApps\ClearChannelRadioDigital.iHeartRadio_6.0.44.0_x64__a76a11dkgb644 [2019-06-26] (iHeartMedia.)
Intel AppUp® Catalogue App – (V) Americas Edition -> C:\Program Files\WindowsApps\AppUp.IntelAppUpCatalogueAppVAmericasEdition_1.3.37.881_x64__8j3eq9eme6ctt [2013-10-03] (INTEL CORP)
Kaspersky Now -> C:\Program Files\WindowsApps\KasperskyLab.KasperskyNow_1.0.0.43_neutral__8jx5e25qw3tdc [2014-06-09] (Kaspersky Lab)
Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2015-06-21] (AMZN Mobile LLC)
KYOCERA Print Center -> C:\Program Files\WindowsApps\A97ECD55.KYOCERAPrintCenter_2.2.20410.0_x64__kqmhh0ktdt7dg [2019-05-09] (KYOCERA Document Solutions Inc)
Lexmark Printer Home -> C:\Program Files\WindowsApps\58539F3C.LexmarkPrinterHome_3.0.73.0_neutral__xyj5e99tmxdva [2016-04-01] (Lexmark International, Inc.)
Logitech Camera Controller -> C:\Program Files\WindowsApps\E97CB0A1.LogitechCameraController_1.0.0.135_x86__wd885nsp30hay [2013-03-23] (LOGITECH Europe S.A.)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-05-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Minesweeper -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_2.7.4300.0_x86__8wekyb3d8bbwe [2018-05-17] (Microsoft Studios) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11723.0_x64__8wekyb3d8bbwe [2019-06-26] (Microsoft Corporation) [MS Ad]
Microsoft Phone -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x64__8wekyb3d8bbwe [2018-09-09] (Microsoft Corporation)
Microsoft Phone Companion -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-02-13] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-17] (Microsoft Studios) [MS Ad]
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.29.10701.0_x64__8wekyb3d8bbwe [2019-03-22] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.28.3242.0_x64__8wekyb3d8bbwe [2018-12-14] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Music by Sony -> C:\Program Files\WindowsApps\BD9B8345.MusicbySony_1.2.0.14240_x86__05bme2bjq6sag [2014-03-13] (Sony Corporation)
My Speaker -> C:\Program Files\WindowsApps\39732ControlAV.PhonosforAlexapreview_2.2.1.0_x86__fqz1935ay4xrp [2019-04-30] (ControlAV)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.93.478.0_x64__mcm4njqhnhss8 [2019-06-27] (Netflix, Inc.)
Photo Editor -> C:\Program Files\WindowsApps\57AB5DD0.PhotoEditor_2.0.0.3_x86__6hb943tstq5q8 [2018-04-06] (Aviary, Inc.)
Pinball FX2 -> C:\Program Files\WindowsApps\Microsoft.Studios.PinballFx2_1.8.1.957_x86__8wekyb3d8bbwe [2015-04-14] (Microsoft Studios)
PuzzleTouch -> C:\Program Files\WindowsApps\1430GreenfieldTechnologie.PuzzleTouch_1.1.0.3_neutral__9tq5q6h98v2wa [2014-07-21] (Greenfield Technologies)
Skype WiFi -> C:\Program Files\WindowsApps\Microsoft.SkypeWiFi_1.2.0.7_x86__kzf8qxf38zg5c [2014-05-28] (Skype)
Slacker Radio -> C:\Program Files\WindowsApps\C49B256F.SlackerRadio_1.1.16.0_neutral__w203ptv5wvzt2 [2018-01-16] (Slacker Inc.)
Socialife News -> C:\Program Files\WindowsApps\BD9B8345.Socialife_2.4.3.10090_x64__05bme2bjq6sag [2015-10-15] (Sony Corporation)
Sony Select -> C:\Program Files\WindowsApps\BD9B8345.VAIOMessageCenter_2.1.1.2210_x64__05bme2bjq6sag [2014-03-26] (Sony Corporation)
Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.7.25.0_x64__43tkc6nmykmb6 [2019-06-18] (Ookla)
Taptiles -> C:\Program Files\WindowsApps\Microsoft.Taptiles_2.6.288.0_x86__8wekyb3d8bbwe [2018-10-25] (Microsoft Studios) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)
VAIO Care -> C:\Program Files\WindowsApps\BD9B8345.VAIOCare_1.4.1.14090_x64__05bme2bjq6sag [2015-02-25] (Sony Corporation)
Youtube Player -> C:\Program Files\WindowsApps\35227CA4B1EC.YoutubePlayer_1.2.0.4_neutral__vz2dsdkbwapd8 [2013-03-24] (T.O.K.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\ChromeHTML: ->  <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\David\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{7ECF6F97-B4F3-4168-9835-F59C06D7875F}\InprocServer32 -> C:\Users\David\AppData\Local\Microsoft\SkypeForBusinessPlugin\15.8.20020.400\GatewayActiveX-x64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\David\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\David\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{9EE0C242-8973-456D-B382-0752476703FD}\InprocServer32 -> C:\Program Files\Google\Drive File Stream\27.1.49.1806\drivefsext.dll => No File
CustomCLSID: HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\David\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{DAE467D6-5C66-404A-BD99-4AC8261A733A}\InprocServer32 -> C:\Users\David\AppData\Local\Microsoft\OffCAT\OffCATv2Addin.dll (Microsoft Corporation -> Microsoft)
CustomCLSID: HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox (Personal)] => C:\Users\David\Dropbox (Personal) [2015-06-02 16:58]
CustomCLSID: HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1B} -> [Dropbox (OpenExchange)] => C:\Users\David\Dropbox (OpenExchange) [2013-03-23 13:51]
CustomCLSID: HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\David\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\David\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\32.0.11.0\drivefsext.dll [2019-06-27] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\32.0.11.0\drivefsext.dll [2019-06-27] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\32.0.11.0\drivefsext.dll [2019-06-27] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  0001IDSIcon1] -> {0FA6DCC0-CF0B-427D-A8AF-97C466AB5769} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2015-11-25] (Pro-Softnet Corporation, U.S.A) [File not signed]
ShellIconOverlayIdentifiers: [  0001IDSIcon2] -> {66357BBE-D2E5-453C-95FF-8102EB32419D} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2015-11-25] (Pro-Softnet Corporation, U.S.A) [File not signed]
ShellIconOverlayIdentifiers: [  0001IDSIcon3] -> {904E6336-8B13-43FA-B4C3-5B62C1C91971} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2015-11-25] (Pro-Softnet Corporation, U.S.A) [File not signed]
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  -> No File
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers1-x32: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll [2004-12-14] (Adobe Systems Inc.) [File not signed]
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-10-23] (CyberLink -> Cyberlink)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\32.0.11.0\drivefsext.dll [2019-06-27] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1-x32: [HotShellExt_40] -> {6872D785-FE43-44cb-9B2A-2DF4C5EB13B2} => C:\Program Files (x86)\eFax Messenger 4.4\J2GShell.dll [2015-05-11] (j2 Global, Inc.) [File not signed]
ContextMenuHandlers1: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2015-11-25] () [File not signed]
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-05-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll [2013-05-27] (Online Media Technologies Ltd. -> Online Media Technologies Ltd.) [File not signed]
ContextMenuHandlers2: [AddtoVAIOGate] -> {6988D6F2-F24F-4732-8855-A39DB1AA1346} => C:\Program Files\Sony\VAIO Gate\VAIOGateShellExt.dll [2013-02-21] (Sony Corporation -> Sony Corporation)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-10-23] (CyberLink -> Cyberlink)
ContextMenuHandlers2: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2015-11-25] () [File not signed]
ContextMenuHandlers3: [AddtoVAIOGate] -> {6988D6F2-F24F-4732-8855-A39DB1AA1346} => C:\Program Files\Sony\VAIO Gate\VAIOGateShellExt.dll [2013-02-21] (Sony Corporation -> Sony Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\32.0.11.0\drivefsext.dll [2019-06-27] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers4: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2015-11-25] () [File not signed]
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\32.0.11.0\drivefsext.dll [2019-06-27] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2016-05-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AddtoVAIOGate] -> {6988D6F2-F24F-4732-8855-A39DB1AA1346} => C:\Program Files\Sony\VAIO Gate\VAIOGateShellExt.dll [2013-02-21] (Sony Corporation -> Sony Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
Shortcut: C:\Users\David\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm
Shortcut: C:\Users\David\Favorites\FavsZ\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm
Shortcut: C:\Users\David\Documents\OpenExchange\Sales\Prospects\GE\FavsZ\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm
 
ShortcutWithArgument: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Zoom.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=hmbjbjdpkobdjplfobhljndfdfdipjhg
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-01-19 11:30 - 2015-11-25 14:03 - 000601600 _____ () [File not signed] C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll
2016-01-19 11:30 - 2016-01-18 17:27 - 000043520 _____ () [File not signed] C:\Program Files (x86)\IDriveWindows\RemoteManagement.dll
2016-01-19 11:30 - 2015-11-25 14:03 - 000834048 _____ () [File not signed] C:\Program Files (x86)\IDriveWindows\sqlite3.dll
2016-01-19 11:30 - 2016-01-18 17:27 - 000013312 _____ () [File not signed] C:\Program Files (x86)\IDriveWindows\SqliteWrapper.dll
2016-01-19 11:30 - 2015-11-25 14:03 - 000412672 _____ () [File not signed] C:\Program Files (x86)\IDriveWindows\Sync.dll
2016-04-29 11:09 - 2016-04-29 11:09 - 000112142 _____ () [File not signed] C:\Users\David\AppData\Local\Radvision\Conference Client\8.3.400.72\libgcc_s_dw2-1.dll
2016-04-29 11:09 - 2016-04-29 11:09 - 000847872 _____ () [File not signed] C:\Users\David\AppData\Local\Radvision\Conference Client\8.3.400.72\RVVIDEOCHANNEL.dll
2016-04-29 11:09 - 2016-04-29 11:09 - 010141696 _____ () [File not signed] C:\Users\David\AppData\Local\Radvision\Conference Client\8.3.400.72\RVVIDEOCODEC.dll
2016-04-29 11:09 - 2016-04-29 11:09 - 000188416 _____ () [File not signed] C:\Users\David\AppData\Local\Radvision\Conference Client\8.3.400.72\rvVideoTools.dll
2013-11-28 22:14 - 2013-11-28 22:14 - 000323584 _____ (Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
2016-04-29 11:09 - 2016-04-29 11:09 - 001513472 _____ (Avaya, Inc.) [File not signed] C:\Users\David\AppData\Local\Radvision\Conference Client\8.3.400.72\CoreRes.dll
2006-09-13 01:00 - 2006-09-13 05:00 - 000234496 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMLM7R.DLL
2013-05-30 13:59 - 2012-11-08 20:17 - 001717872 _____ (Ditto -> ) [File not signed] C:\Program Files\Ditto\Ditto.exe
2013-05-30 13:59 - 2012-11-08 20:17 - 000052848 _____ (Ditto -> Ditto Utility Addin) [File not signed] C:\Program Files\Ditto\Addins\DittoUtil.dll
2009-09-16 18:44 - 2009-09-16 18:44 - 000153088 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hptcpmib.dll
2009-09-16 18:45 - 2009-09-16 18:45 - 000331264 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\HpTcpMon.dll
2009-09-16 11:44 - 2009-09-16 11:44 - 000132096 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hpzjrd01.dll
2010-11-18 21:08 - 2010-11-18 21:08 - 000086016 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2013-08-07 14:24 - 2013-08-07 14:24 - 000514048 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\ISDI2.dll
2013-08-07 14:24 - 2013-08-07 14:24 - 000286720 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\PsiData.dll
2009-09-16 18:45 - 2009-09-16 18:45 - 000317440 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\HPTcpMUI.dll
2018-07-12 16:50 - 2018-07-12 16:50 - 000113664 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8a1dd9552ed7f8d8\ATL80.DLL
2011-02-11 16:45 - 2011-02-11 16:45 - 000169472 _____ (Novatel Wireless Inc.) [File not signed] C:\Program Files (x86)\Novatel Wireless\LTE Support\VZWMSConfig.exe
2010-06-03 14:50 - 2010-06-03 14:50 - 000270336 _____ (Novatel Wireless Inc.) [File not signed] C:\Program Files (x86)\Novatel Wireless\MiFi4510\Drivers\NWHelper.exe
2015-03-20 16:17 - 2013-05-27 17:48 - 000150888 _____ (Online Media Technologies Ltd. -> Online Media Technologies Ltd.) [File not signed] C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll
2016-01-19 11:30 - 2016-01-18 17:26 - 000057856 _____ (Pro Softnet) [File not signed] C:\Program Files (x86)\IDriveWindows\AppResources.dll
2016-01-19 11:30 - 2016-01-18 17:26 - 000667648 _____ (Pro Softnet) [File not signed] C:\Program Files (x86)\IDriveWindows\en-US\AppResources.resources.dll
2016-01-19 11:30 - 2016-01-18 17:27 - 001073664 _____ (Prosoftnet) [File not signed] C:\Program Files (x86)\IDriveWindows\IDComponent.dll
2016-01-19 11:30 - 2016-01-18 17:27 - 001061888 _____ (Prosoftnet) [File not signed] C:\Program Files (x86)\IDriveWindows\UserControls.dll
2016-12-17 12:26 - 2016-12-17 12:26 - 000007168 _____ (StagWare) [File not signed] C:\Program Files (x86)\NoteBook FanControl\NbfcService.exe
2019-05-15 12:12 - 2019-05-15 12:12 - 000017408 _____ (StagWare) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\NbfcService\f933de6f0ef51ba71f5d2344b0db0ff9\NbfcService.ni.exe
2019-05-15 12:11 - 2019-05-15 12:11 - 000017408 _____ (StagWare) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\StagWare.BiosInfo\087e3df72aa7680592225e182c5fa4a1\StagWare.BiosInfo.ni.dll
2019-05-15 12:12 - 2019-05-15 12:12 - 000052224 _____ (StagWare) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\StagWare.Fa1fc2d056#\25525f90925f95a0057e39fe05e8e7c4\StagWare.FanControl.Service.ni.dll
2019-05-15 12:11 - 2019-05-15 12:11 - 000165888 _____ (StagWare) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\StagWare.Fafc31ac88#\95ca0b17827068d45089549c81b87aa3\StagWare.FanControl.Configurations.ni.dll
2019-05-15 12:12 - 2019-05-15 12:12 - 000140800 _____ (StagWare) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\StagWare.FanControl\ada8244855eee240d9b9f1dbacc795d9\StagWare.FanControl.ni.dll
2016-04-29 11:09 - 2016-04-29 11:09 - 001486848 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\David\AppData\Local\Radvision\Conference Client\8.3.400.72\libeay32.dll
2016-04-29 11:09 - 2016-04-29 11:09 - 000335360 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\David\AppData\Local\Radvision\Conference Client\8.3.400.72\ssleay32.dll
2018-07-13 15:20 - 2019-06-10 14:55 - 001240064 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\David\AppData\Roaming\Dashlane\libeay32.dll
2018-07-13 15:20 - 2019-06-10 14:55 - 000281600 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\David\AppData\Roaming\Dashlane\ssleay32.dll
2019-06-19 09:54 - 2019-06-10 14:55 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Users\David\AppData\Roaming\Dashlane\6.1924.0.21110\bin\Qt\imageformats\qgif.dll
2019-06-19 09:54 - 2019-06-10 14:55 - 000034816 _____ (The Qt Company Ltd.) [File not signed] C:\Users\David\AppData\Roaming\Dashlane\6.1924.0.21110\bin\Qt\imageformats\qicns.dll
2019-06-19 09:54 - 2019-06-10 14:55 - 000025600 _____ (The Qt Company Ltd.) [File not signed] C:\Users\David\AppData\Roaming\Dashlane\6.1924.0.21110\bin\Qt\imageformats\qico.dll
2019-06-19 09:54 - 2019-06-10 14:55 - 000298496 _____ (The Qt Company Ltd.) [File not signed] C:\Users\David\AppData\Roaming\Dashlane\6.1924.0.21110\bin\Qt\imageformats\qjpeg.dll
2019-06-19 09:54 - 2019-06-10 14:55 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Users\David\AppData\Roaming\Dashlane\6.1924.0.21110\bin\Qt\imageformats\qsvg.dll
2019-06-19 09:54 - 2019-06-10 14:55 - 000019968 _____ (The Qt Company Ltd.) [File not signed] C:\Users\David\AppData\Roaming\Dashlane\6.1924.0.21110\bin\Qt\imageformats\qtga.dll
2019-06-19 09:54 - 2019-06-10 14:55 - 000332288 _____ (The Qt Company Ltd.) [File not signed] C:\Users\David\AppData\Roaming\Dashlane\6.1924.0.21110\bin\Qt\imageformats\qtiff.dll
2019-06-19 09:54 - 2019-06-10 14:55 - 000019456 _____ (The Qt Company Ltd.) [File not signed] C:\Users\David\AppData\Roaming\Dashlane\6.1924.0.21110\bin\Qt\imageformats\qwbmp.dll
2019-06-19 09:54 - 2019-06-10 14:55 - 000414720 _____ (The Qt Company Ltd.) [File not signed] C:\Users\David\AppData\Roaming\Dashlane\6.1924.0.21110\bin\Qt\imageformats\qwebp.dll
2019-06-19 09:54 - 2019-06-10 14:55 - 001126400 _____ (The Qt Company Ltd.) [File not signed] C:\Users\David\AppData\Roaming\Dashlane\6.1924.0.21110\bin\Qt\platforms\qwindows.dll
2019-06-19 09:54 - 2019-06-10 14:55 - 004994048 _____ (The Qt Company Ltd.) [File not signed] C:\Users\David\AppData\Roaming\Dashlane\6.1924.0.21110\bin\Qt\Qt5Core.dll
2019-06-19 09:54 - 2019-06-10 14:55 - 003637248 _____ (The Qt Company Ltd.) [File not signed] C:\Users\David\AppData\Roaming\Dashlane\6.1924.0.21110\bin\Qt\Qt5Gui.dll
2019-06-19 09:54 - 2019-06-10 14:55 - 001088512 _____ (The Qt Company Ltd.) [File not signed] C:\Users\David\AppData\Roaming\Dashlane\6.1924.0.21110\bin\Qt\Qt5Network.dll
2019-06-19 09:54 - 2019-06-10 14:55 - 000280576 _____ (The Qt Company Ltd.) [File not signed] C:\Users\David\AppData\Roaming\Dashlane\6.1924.0.21110\bin\Qt\Qt5Positioning.dll
2019-06-19 09:54 - 2019-06-10 14:55 - 000278016 _____ (The Qt Company Ltd.) [File not signed] C:\Users\David\AppData\Roaming\Dashlane\6.1924.0.21110\bin\Qt\Qt5PrintSupport.dll
2019-06-19 09:54 - 2019-06-10 14:55 - 002966016 _____ (The Qt Company Ltd.) [File not signed] C:\Users\David\AppData\Roaming\Dashlane\6.1924.0.21110\bin\Qt\Qt5Qml.dll
2019-06-19 09:54 - 2019-06-10 14:55 - 002796032 _____ (The Qt Company Ltd.) [File not signed] C:\Users\David\AppData\Roaming\Dashlane\6.1924.0.21110\bin\Qt\Qt5Quick.dll
2019-06-19 09:54 - 2019-06-10 14:55 - 000048640 _____ (The Qt Company Ltd.) [File not signed] C:\Users\David\AppData\Roaming\Dashlane\6.1924.0.21110\bin\Qt\Qt5QuickWidgets.dll
2019-06-19 09:54 - 2019-06-10 14:55 - 000163840 _____ (The Qt Company Ltd.) [File not signed] C:\Users\David\AppData\Roaming\Dashlane\6.1924.0.21110\bin\Qt\Qt5Sql.dll
2019-06-19 09:54 - 2019-06-10 14:55 - 000268288 _____ (The Qt Company Ltd.) [File not signed] C:\Users\David\AppData\Roaming\Dashlane\6.1924.0.21110\bin\Qt\Qt5Svg.dll
2019-06-19 09:54 - 2019-06-10 14:55 - 000092160 _____ (The Qt Company Ltd.) [File not signed] C:\Users\David\AppData\Roaming\Dashlane\6.1924.0.21110\bin\Qt\Qt5WebChannel.dll
2019-06-19 09:54 - 2019-06-10 14:55 - 055062528 _____ (The Qt Company Ltd.) [File not signed] C:\Users\David\AppData\Roaming\Dashlane\6.1924.0.21110\bin\Qt\Qt5WebEngineCore.dll
2019-06-19 09:54 - 2019-06-10 14:55 - 000190976 _____ (The Qt Company Ltd.) [File not signed] C:\Users\David\AppData\Roaming\Dashlane\6.1924.0.21110\bin\Qt\Qt5WebEngineWidgets.dll
2019-06-19 09:54 - 2019-06-10 14:55 - 004590592 _____ (The Qt Company Ltd.) [File not signed] C:\Users\David\AppData\Roaming\Dashlane\6.1924.0.21110\bin\Qt\Qt5Widgets.dll
2019-06-19 09:54 - 2019-06-10 14:55 - 000122368 _____ (The Qt Company Ltd.) [File not signed] C:\Users\David\AppData\Roaming\Dashlane\6.1924.0.21110\bin\Qt\styles\qwindowsvistastyle.dll
2016-04-29 11:09 - 2016-04-29 11:09 - 001472184 _____ (x264 project) [File not signed] C:\Users\David\AppData\Local\Radvision\Conference Client\8.3.400.72\libx264.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\contactmonkey.com -> hxxps://contactmonkey.com
IE trusted site: HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\openexchangenetworks.com -> hxxps://openexchangenetworks.com
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 09:25 - 2017-03-15 16:47 - 000000826 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Condusiv Technologies\ExpressCache\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;\;C:\Program Files (x86)\Sony\VAIO Startup Setting Tool;c:\Windows\twain_32\mp530;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\NoteBook FanControl\;C:\Program Files (x86)\Common Files\Apple\Internet Services\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3199809883-61864900-496248842-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
If an entry is included in the fixlist, it will be removed.
 
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "AdAwareTray"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "Classic Start Menu"
HKLM\...\StartupApproved\Run32: => "ISBMgr.exe"
HKLM\...\StartupApproved\Run32: => "PMBVolumeWatcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 7.0"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "DBAgent"
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\StartupApproved\StartupFolder: => "Logitech . Product Registration.lnk"
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\StartupApproved\StartupFolder: => "8x8 - Virtual Office.lnk"
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\StartupApproved\StartupFolder: => "EvernoteClipper.lnk"
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\StartupApproved\StartupFolder: => "eFax 4.4.lnk"
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\StartupApproved\StartupFolder: => "Chatter Desktop.lnk"
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\StartupApproved\Run: => "Vidyo Desktop"
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\StartupApproved\Run: => "Cisco JabberVideo"
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_9A83AADA066CCEA6F8C613E0AB5C7E19"
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\StartupApproved\Run: => "Uploader"
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\StartupApproved\Run: => "HP Officejet Pro 8620 (NET)"
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\StartupApproved\Run: => "eFax 4.4"
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\StartupApproved\Run: => "Vidyo Neo"
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\StartupApproved\Run: => "TomTomHOME.exe"
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\StartupApproved\Run: => "8x8 Virtual Office"
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [UDP Query User{920A9238-DD16-4974-8FA5-DC384F22FABC}C:\program files (x86)\8x8 virtual office\8x8 - virtual office\voim\8x8 - virtual office.exe] => (Allow) C:\program files (x86)\8x8 virtual office\8x8 - virtual office\voim\8x8 - virtual office.exe (8x8 Inc.) [File not signed]
FirewallRules: [TCP Query User{F61443F5-7DC2-4861-963F-88BC8E4C31B0}C:\program files (x86)\8x8 virtual office\8x8 - virtual office\voim\8x8 - virtual office.exe] => (Allow) C:\program files (x86)\8x8 virtual office\8x8 - virtual office\voim\8x8 - virtual office.exe (8x8 Inc.) [File not signed]
FirewallRules: [UDP Query User{4FFCC5FA-D587-4DB0-BE39-8C3A5F43FFFF}C:\users\david\appdata\local\microsoft\skypeforbusinessplugin\15.8.20020.400\pluginhost.exe] => (Allow) C:\users\david\appdata\local\microsoft\skypeforbusinessplugin\15.8.20020.400\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{7600E8A5-511A-4830-9580-A2882632162D}C:\users\david\appdata\local\microsoft\skypeforbusinessplugin\15.8.20020.400\pluginhost.exe] => (Allow) C:\users\david\appdata\local\microsoft\skypeforbusinessplugin\15.8.20020.400\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{7EF3BD97-7AAD-4D47-AD8B-FAB7FD94A080}C:\program files (x86)\idrivewindows\cmd_util\idwutil_600.exe] => (Allow) C:\program files (x86)\idrivewindows\cmd_util\idwutil_600.exe (Pro Softnet Corporation -> )
FirewallRules: [TCP Query User{D40FE2EF-E853-4FA9-98CA-1907994D628D}C:\program files (x86)\idrivewindows\cmd_util\idwutil_600.exe] => (Allow) C:\program files (x86)\idrivewindows\cmd_util\idwutil_600.exe (Pro Softnet Corporation -> )
FirewallRules: [{C278736E-B5D7-4DA3-96A7-AC4FD4CA385C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{5B8826FF-94DC-49A1-9062-29416724CEFD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{18935F30-70D6-46FE-975C-BD3EC7C1C89E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{40C91A0E-C782-485D-8386-3B611520598A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{38322BD1-E8A9-45E4-8721-97A8E1DEB389}] => (Allow) LPort=8888
FirewallRules: [{1A5A143D-E0C7-4F36-8B87-A974DA91C19F}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{E785B875-8647-4AF5-91BA-E9A576C4563A}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{BD903B7C-523C-4BA6-88CA-7AC6EA36B662}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{CBA8176B-A169-4E7B-A65E-946FE90EEFD2}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [UDP Query User{ABAD6B60-8C89-432A-8914-E14AB67407CA}C:\windows\system32\settingsynchost.exe] => (Allow) C:\windows\system32\settingsynchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{FF860D73-2253-491D-AB54-8DF137A2C5E6}C:\windows\system32\settingsynchost.exe] => (Allow) C:\windows\system32\settingsynchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C1719F7B-A72C-44AE-BCA1-75AE46F30C82}] => (Allow) C:\Program Files (x86)\Cisco\JabberVideo\JabberVideo.exe (Cisco Systems, Inc. -> Cisco)
FirewallRules: [UDP Query User{C8244A9A-9DCB-4501-B4E0-161A1535EC77}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe (Seagate Technology LLC -> Seagate Technology LLC)
FirewallRules: [TCP Query User{ED152216-940D-47F1-BC6E-2842F01274D5}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe (Seagate Technology LLC -> Seagate Technology LLC)
FirewallRules: [UDP Query User{09DAA257-1F5B-4A5E-9FAD-44A67D9530A8}C:\program files (x86)\vidyo\vidyo desktop\vidyodesktop.exe] => (Allow) C:\program files (x86)\vidyo\vidyo desktop\vidyodesktop.exe (Vidyo Inc. -> Vidyo)
FirewallRules: [TCP Query User{C94E4382-2C62-4AC4-AAEE-6BD753BB8CBF}C:\program files (x86)\vidyo\vidyo desktop\vidyodesktop.exe] => (Allow) C:\program files (x86)\vidyo\vidyo desktop\vidyodesktop.exe (Vidyo Inc. -> Vidyo)
FirewallRules: [{55E556BE-0501-4CB4-993C-5BF8B1335324}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0B56ACC9-F69B-43EE-A0DD-321C374707F3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DCC6FCD6-5CAD-4EC2-9FCC-AB1503C5AB8F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EC063AAE-0FB5-41FF-A220-A604BEFE6FD9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B6A218B0-1EF9-491B-B91C-3A406BD0E91F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{565ECBAC-699C-4676-96FF-8DA6624899A8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E52C49FC-6EBD-405E-B12E-5DC359C53585}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{CA7F7449-88A5-414F-9D07-44A148EFEA15}] => (Allow) LPort=5357
FirewallRules: [{C0954C94-8BC6-43A2-A67E-FA7FF94FF151}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{B548CF78-BBC6-457F-A99B-C4DC8D519047}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{0F62AE02-F2AF-41BF-BC67-D10635E0A0E9}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{C899CD62-3B9E-4B03-AA1D-E3A1D7A3F57F}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [UDP Query User{4ECBAC16-12B1-4E8C-BA20-EBD5A4BB5416}C:\program files (x86)\8x8 virtual office\8x8 - virtual office\8x8 - virtual office.exe] => (Allow) C:\program files (x86)\8x8 virtual office\8x8 - virtual office\8x8 - virtual office.exe (8x8, Inc.) [File not signed]
FirewallRules: [TCP Query User{57EF8A95-5529-4007-A997-D565C401CAC7}C:\program files (x86)\8x8 virtual office\8x8 - virtual office\8x8 - virtual office.exe] => (Allow) C:\program files (x86)\8x8 virtual office\8x8 - virtual office\8x8 - virtual office.exe (8x8, Inc.) [File not signed]
FirewallRules: [UDP Query User{58E5ACB7-60EC-412B-B286-4789BF5C0C4D}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{7268D9D4-B22E-4DB5-82DB-C890E35468A8}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1EACFE31-4AA6-4FBF-AA21-5546AA13744C}] => (Allow) LPort=8888
FirewallRules: [UDP Query User{3E9375A9-0F42-418D-B071-C69B20443AB5}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{4E22FD64-DFA2-4BAA-BAA6-BE44BEAC5145}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EFCB8772-EB22-4B36-BEAA-C36E609A5FF0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CF965ED8-ED2B-43DD-B194-F2C577230D64}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BCD355D7-526A-4928-A528-267D14DA1E0B}] => (Allow) C:\Program Files (x86)\Sonos\Sonos.exe (Sonos, Inc. -> Sonos, Inc.)
FirewallRules: [{1E75B0FE-E869-4D03-92A1-178CC52CEA87}] => (Allow) C:\Program Files (x86)\Sonos\Sonos.exe (Sonos, Inc. -> Sonos, Inc.)
FirewallRules: [UDP Query User{4DCBF8AF-51C4-4183-BF69-D009F4C42FB1}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{7A6C31FC-64CE-4AC1-B283-D7EB83BA7ED0}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4C0E758B-93F3-41B4-8A1B-2FA8FDAC5ADA}] => (Allow) LPort=1900
FirewallRules: [{77714075-EB4E-4719-9589-DF5242DEDB6A}] => (Allow) LPort=2869
FirewallRules: [{B7740082-356B-428D-BEF1-96F46F8DE055}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3B728285-A9AE-485A-8C44-5816736F2FED}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe (Nero AG -> Nero AG)
FirewallRules: [{9ADC7A16-238B-4330-94F1-B071456755CC}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe (Nero AG -> Nero AG)
FirewallRules: [{ED3BF404-08ED-4FFA-A8A1-7BC734C7D3F9}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe (Nero AG -> Nero AG)
FirewallRules: [{1DB64E63-7D8D-4166-B738-C9B425840171}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe (Nero AG -> Nero AG)
FirewallRules: [{4227F76D-E2C9-4EFD-BC5B-EAFA7D09AA0F}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{CE430392-A6AF-422E-A2C2-6B4C6F0A933A}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{9B6DA55B-E6C8-4CF1-866B-87BBB94B1CE9}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{0BF2F928-3FDE-481D-B4EC-735E72FAE9FE}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{1F863F93-EAD4-4737-8884-4E4581B0005D}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{13C8C517-4FF4-4244-AE72-0167B26C621A}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE (CyberLink Corp. -> CyberLink Corp.) [File not signed]
FirewallRules: [TCP Query User{20F2505E-31E3-4BD9-9FF7-9D2CE0F99544}C:\program files\ditto\ditto.exe] => (Allow) C:\program files\ditto\ditto.exe (Ditto -> ) [File not signed]
FirewallRules: [UDP Query User{A2897BC5-22E8-4EB5-93F5-869DE9328668}C:\program files\ditto\ditto.exe] => (Allow) C:\program files\ditto\ditto.exe (Ditto -> ) [File not signed]
FirewallRules: [{B38EB514-A051-4EF4-8C3C-3E7371D5C8AF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE (CyberLink Corp. -> CyberLink Corp.) [File not signed]
FirewallRules: [TCP Query User{E89EB66F-13CF-4414-A07B-754C24704A13}C:\program files\ditto\ditto.exe] => (Allow) C:\program files\ditto\ditto.exe (Ditto -> ) [File not signed]
FirewallRules: [UDP Query User{1BAD53E1-EA52-462E-8F16-0AA2A644604E}C:\program files\ditto\ditto.exe] => (Allow) C:\program files\ditto\ditto.exe (Ditto -> ) [File not signed]
FirewallRules: [{FA986827-3924-415D-B65A-640A7EF1CE94}] => (Allow) C:\Program Files (x86)\Fiddler2\Fiddler.exe (Eric Lawrence -> Telerik)
FirewallRules: [TCP Query User{528302B6-480C-425D-BBF0-847B3CE0153C}C:\users\david\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\david\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{F53A7E03-662A-42D9-B8B1-49B842D99B9C}C:\users\david\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\david\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{4A5EAFC7-A7A8-441F-990B-7B63BD032D3A}C:\users\david\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\david\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{97A7E31C-0CC5-46B5-9B7F-5C48DB02C518}C:\users\david\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\david\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{D5941DBE-2EE4-40EC-B310-6D0E8F221871}C:\users\david\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\david\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{9A9D31CE-08B6-47E5-9E0D-E50496A0FA74}C:\users\david\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\david\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{36F4F82A-9349-4216-A7D0-7422A9E9AAAD}C:\windows\system32\settingsynchost.exe] => (Allow) C:\windows\system32\settingsynchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{3323197A-CAA6-4F2A-8261-AE9D5BA769EE}C:\windows\system32\settingsynchost.exe] => (Allow) C:\windows\system32\settingsynchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{D87ED45D-B011-4101-B693-184717354754}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7B1CB645-E9C1-4812-BF5A-CCA99F0B5C47}] => (Allow) C:\Users\David\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{7340487D-5539-47A8-9A7C-ECA0A58E8782}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File
FirewallRules: [{AB799433-BC6B-497A-AD96-40B1A80F5A54}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File
FirewallRules: [{B96EEEC9-A28A-4454-AA9A-88E15BFEC5B3}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{52FDA446-79E4-4D7D-8C56-89A54CBC52B3}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{2B2BAB8C-D9EB-46B1-A9BF-8E138B2F9AD1}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\74.0.3729.56\remoting_host.exe (Google LLC -> Google Inc.)
FirewallRules: [{46B8EE26-3935-4060-81BA-CEB963A8A362}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{5BAB2EBD-BAB2-42BE-A619-534E9653F750}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{2AB881C1-6533-4C85-BC9E-A181012E1B52}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{7D64C508-BC4B-4A84-B1CA-F50828ECF8AF}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{640A4BE4-E383-41D8-BE9C-D86E1D4E594E}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{C063CCCC-6480-43F8-BC66-3E84C699A9DA}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{137E5411-95B5-43DF-A73B-0C0692BDEE5E}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D94EB7C3-4740-4684-B6E5-7FA66E4F0819}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{A5391F1A-876C-4793-8C9F-0FAC0507DC8D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{198AEB89-D1DA-4334-92C2-8E91F40FDDA3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{940A9D98-7288-4B12-A57F-C935DFD3C4F0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{630A4718-CC45-4CC7-B331-9314994F7D57}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{35AEB43D-941C-4281-8EE2-E26F747C0A57}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 
==================== Restore Points =========================
 
01-07-2019 04:08:01 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices =============
 
Name: 
Description: 
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/07/2019 08:05:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1091688
 
Error: (07/07/2019 08:05:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1091688
 
Error: (07/07/2019 08:05:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (07/07/2019 07:47:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1719
 
Error: (07/07/2019 07:47:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1719
 
Error: (07/07/2019 07:47:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (07/07/2019 06:40:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding   16 A.D.7.A.3.8.9.2.1.0.3.B.6.C.8.F.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR DPCVAIOT.local.
 
Error: (07/07/2019 06:40:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.163:5353   18 A.D.7.A.3.8.9.2.1.0.3.B.6.C.8.F.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR DPCVAIOT-2.local.
 
 
System errors:
=============
Error: (07/07/2019 06:44:48 AM) (Source: DCOM) (EventID: 10016) (User: DPCVAIOT)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user DPCVAIOT\David SID (S-1-5-21-3199809883-61864900-496248842-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
 
Error: (07/07/2019 06:44:12 AM) (Source: DCOM) (EventID: 10016) (User: DPCVAIOT)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user DPCVAIOT\David SID (S-1-5-21-3199809883-61864900-496248842-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
 
Error: (07/06/2019 09:38:30 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {F3B4E234-7A68-4E43-B813-E4BA55A065F6} did not register with DCOM within the required timeout.
 
Error: (07/06/2019 09:06:01 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the CDPSvc service.
 
Error: (07/06/2019 04:16:05 AM) (Source: DCOM) (EventID: 10016) (User: DPCVAIOT)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user DPCVAIOT\David SID (S-1-5-21-3199809883-61864900-496248842-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
 
Error: (07/06/2019 04:15:57 AM) (Source: DCOM) (EventID: 10016) (User: DPCVAIOT)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user DPCVAIOT\David SID (S-1-5-21-3199809883-61864900-496248842-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
 
Error: (07/05/2019 11:46:53 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {F3B4E234-7A68-4E43-B813-E4BA55A065F6} did not register with DCOM within the required timeout.
 
Error: (07/05/2019 11:08:22 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
 
Windows Defender:
===================================
Date: 2019-06-25 14:31:04.051
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {35DCE4CF-4FE5-44E6-B186-7AD6F8728C7D}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2019-06-17 11:56:32.483
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {030171A2-BC90-49C6-AA08-AAFB2447700D}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2019-06-17 11:26:45.599
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {A31A3620-A7D7-45C6-AA42-D3261B60D956}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2019-06-17 11:19:56.441
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {9350D863-C1EA-4215-B1D4-4D00A675BF1A}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2019-06-17 10:35:23.112
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {F6BB843C-9C61-4066-A96F-F2A568720712}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2019-06-26 09:48:53.628
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.295.1506.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16000.6
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
 
Date: 2019-06-17 10:47:24.097
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.295.730.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16000.6
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
 
Date: 2019-06-16 05:12:52.252
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.295.730.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16000.6
Error code: 0x80240022
Error description: The program can't check for definition updates. 
 
Date: 2019-06-16 05:12:52.138
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.295.730.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16000.6
Error code: 0x80240022
Error description: The program can't check for definition updates. 
 
CodeIntegrity:
===================================
 
Date: 2019-07-04 10:44:43.335
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2019-07-04 10:44:42.106
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2019-07-04 10:44:39.472
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2019-07-04 10:39:53.388
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2019-07-04 10:39:53.356
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2019-07-04 10:39:52.725
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2019-07-04 10:39:52.349
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2019-07-04 10:39:49.359
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
==================== Memory info =========================== 
 
BIOS: Insyde Corp. R1110D4 03/13/2012
Motherboard: Sony Corporation VAIO
Processor: Intel® Core™ i7-3537U CPU @ 2.00GHz
Percentage of memory in use: 56%
Total physical RAM: 8071.27 MB
Available physical RAM: 3536.1 MB
Total Virtual: 11199.73 MB
Available Virtual: 2836.02 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:899.01 GB) (Free:165.56 GB) NTFS
Drive g: (Google Drive File Stream) (Fixed) (Total:50 GB) (Free:16.66 GB) FAT32
 
\\?\Volume{cd3e6907-5b85-49a6-b8af-e29b858bd56b}\ (Windows RE tools) (Fixed) (Total:1.44 GB) (Free:0.71 GB) NTFS
\\?\Volume{aef4bb76-8209-4226-ace4-3af1c9955c2a}\ (Recovery) (Fixed) (Total:30.09 GB) (Free:5.38 GB) NTFS
\\?\Volume{950fa24c-75fb-49c0-988b-34f3017ca532}\ () (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E8BB3B2C)
 
Partition: GPT.
 
========================================================
Disk: 1 (Size: 22.4 GB) (Disk ID: 1B3F2FF6)
 
Partition: GPT.
 
==================== End of Addition.txt ============================


#14 Juliet

Juliet

    SuperHelper

  • Retired Classroom Teacher
  • 7,317 posts
  • Interests:Boo!....
  • MVP

Posted 07 July 2019 - 07:30 PM

For the computer we just finished up on:
  • Please download DelFix or from Here and save the file to your Desktop.
  • Double-click DelFix.exe to run the programme.
  • Place a checkmark next to the following items:
  • Activate UAC
  • Remove disinfection tools
  • Click the Run button.
  • -- This will remove the specialized tools we used to disinfect your system.
    Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete
    ).
************************************


For the second computer:

Start Farbar Recovery Scan Tool with Administrator privileges
(Right click on the FRST icon and select Run as administrator)

highlight on the text below and select Copy.
beginning with Start:: and finishing with End::
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Highlight the entire content of the quote box below and select Copy.

 

Start::
CloseProcesses:
CreateRestorePoint:
Task: {027D5B1B-75CA-454E-8DEA-EE0D1008F814} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {2E35066F-432A-4550-B795-51E00D8EDFBF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {3F95F05C-DD1D-40D4-922E-4B450A05E7FF} - System32\Tasks\0 => c:\program files\internet explorer\iexplore.exe <==== ATTENTION
Task: {4522FFA1-DE84-4F90-AEF5-E20B2CAB6DDE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {457CA86F-D651-4CD4-ADCF-37C99567F3CF} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {5526799D-B59B-43A2-AA3F-AC5FA8A02E77} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {560BCCE1-EB4E-4C53-B1C9-34FF396C2A99} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS
Task: {566D396C-F5FA-4449-8626-AD527D7ACB2C} - \GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3199809883-61864900-496248842-1001 -> No File <==== ATTENTION
Task: {6382090F-B455-4ABE-AB38-34B9790B16CC} - \Safer-Networking\Spybot - Search and Destroy\Refresh immunization -> No File <==== ATTENTION
Task: {63A17FCD-7D1A-471C-9052-B8909DEA8494} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {6F343C24-FB91-423A-95C4-809FF0645920} - \Safer-Networking\Spybot - Search and Destroy\Check for updates -> No File <==== ATTENTION
Task: {72C2F7B5-3F22-4BB1-B3CC-0F924CFD9D02} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {9D085884-1E28-4C59-83AC-07673614A63D} - \WPD\SqmUpload_S-1-5-21-3199809883-61864900-496248842-1001 -> No File <==== ATTENTION
Task: {AB3DBC1C-141E-42D1-B1A5-D3E77F481CE0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {AD606FD3-BE04-43FC-A8AF-36A6A896A5D5} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {B5321100-B659-4174-AF66-0242E13263E1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {CC9397AF-2402-4B4F-9FF3-C74E1FC2D516} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {DE53CBA3-0FA2-4023-B5BC-7D202D3ADF83} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {E8823C03-4639-4A5E-A141-B6C2615C84F5} - \Safer-Networking\Spybot - Search and Destroy\Scan the system -> No File <==== ATTENTION
Task: {FFAFE67E-7417-4FDD-BA5A-48DC2A7D94B5} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-3199809883-61864900-496248842-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> No File
Toolbar: HKU\S-1-5-21-3199809883-61864900-496248842-1001 -> No Name - {B24BA06E-FB7B-4757-95C2-DC01125F750E} - No File
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon => not found
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon => not found
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-05-26] <==== ATTENTION
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security Suite\Engine\22.6.0.142\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security Suite\Engine\22.6.0.142\Exts\Chrome.crx <not found>
S3 cpuz140; \??\C:\Users\David\AppData\Local\Temp\cpuz140\cpuz140_x64.sys [X] <==== ATTENTION
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\ChromeHTML: -> <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\David\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\David\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{9EE0C242-8973-456D-B382-0752476703FD}\InprocServer32 -> C:\Program Files\Google\Drive File Stream\27.1.49.1806\drivefsext.dll => No File
CustomCLSID: HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\David\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\David\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ShortcutWithArgument: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Zoom.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=hmbjbjdpkobdjplfobhljndfdfdipjhg
C:\Windows\Temp\*.*
End::



Start FRST (FRST64) with Administrator privileges
Press the Fix button. FRST will process the lines copied above from the clipboard.
When finished, a log file Fixlog.txt will pop up and saved in the same location the tool was ran from.

Please copy and paste its contents in your next reply.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

zcMPezJ.pngAdwCleaner - Fix Mode
  • Download AdwCleaner and move it to your Desktop
  • Right-click on AdwCleaner.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Accept the EULA (I accept), then click on Scan
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Clean & Repair button. This will kill all the active processes
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply
  • ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`

    RQKuhw1.pngRogueKiller
    • Download the right version of RogueKiller for your Windows version (32 or 64-bit)
    • Once done, move the executable file to your Desktop, right-click on it and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
    • Click on the Start Scan button in the right panel, which will bring you to another tab, and click on it again (this time it'll be in the bottom right corner)
    • Wait for the scan to complete
    • On completion, the results will be displayed
    • Check every single entry (threat found), and click on the Remove Selected button
    • On completion, the results will be displayed. Click on the Open Report button in the bottom left corner, followed by the Open TXT button (also in the bottom left corner)
    • This will open the report in Notepad. Copy/paste its content in your next reply
    created by Aura

    Please post these 3 logs when finished.

Sometimes the angels fly close enough to you that you can hear the flutter of their wings...


MS - MVP Consumer Security 2009 - 2016, WI-MVP 2016-17
Antivirus Scanners Online Scanners Firewalls Slow Computer??

#15 dpculbertson

dpculbertson

    New Member

  • Authentic Member
  • Pip
  • 16 posts

Posted 08 July 2019 - 04:33 AM

Hi Juliet,

 

Thank you.  Below is the fixlog.txt file contents.

 

Regards,

David

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 3-07-2019
Ran by David (08-07-2019 05:59:15) Run:1
Running from C:\Users\David\Desktop
Loaded Profiles: David (Available Profiles: David)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
Task: {027D5B1B-75CA-454E-8DEA-EE0D1008F814} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {2E35066F-432A-4550-B795-51E00D8EDFBF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {3F95F05C-DD1D-40D4-922E-4B450A05E7FF} - System32\Tasks\0 => c:\program files\internet explorer\iexplore.exe <==== ATTENTION
Task: {4522FFA1-DE84-4F90-AEF5-E20B2CAB6DDE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {457CA86F-D651-4CD4-ADCF-37C99567F3CF} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {5526799D-B59B-43A2-AA3F-AC5FA8A02E77} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {560BCCE1-EB4E-4C53-B1C9-34FF396C2A99} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS
Task: {566D396C-F5FA-4449-8626-AD527D7ACB2C} - \GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3199809883-61864900-496248842-1001 -> No File <==== ATTENTION
Task: {6382090F-B455-4ABE-AB38-34B9790B16CC} - \Safer-Networking\Spybot - Search and Destroy\Refresh immunization -> No File <==== ATTENTION
Task: {63A17FCD-7D1A-471C-9052-B8909DEA8494} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {6F343C24-FB91-423A-95C4-809FF0645920} - \Safer-Networking\Spybot - Search and Destroy\Check for updates -> No File <==== ATTENTION
Task: {72C2F7B5-3F22-4BB1-B3CC-0F924CFD9D02} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {9D085884-1E28-4C59-83AC-07673614A63D} - \WPD\SqmUpload_S-1-5-21-3199809883-61864900-496248842-1001 -> No File <==== ATTENTION
Task: {AB3DBC1C-141E-42D1-B1A5-D3E77F481CE0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {AD606FD3-BE04-43FC-A8AF-36A6A896A5D5} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {B5321100-B659-4174-AF66-0242E13263E1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {CC9397AF-2402-4B4F-9FF3-C74E1FC2D516} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {DE53CBA3-0FA2-4023-B5BC-7D202D3ADF83} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {E8823C03-4639-4A5E-A141-B6C2615C84F5} - \Safer-Networking\Spybot - Search and Destroy\Scan the system -> No File <==== ATTENTION
Task: {FFAFE67E-7417-4FDD-BA5A-48DC2A7D94B5} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-3199809883-61864900-496248842-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> No File
Toolbar: HKU\S-1-5-21-3199809883-61864900-496248842-1001 -> No Name - {B24BA06E-FB7B-4757-95C2-DC01125F750E} - No File
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon => not found
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon => not found
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-05-26] <==== ATTENTION
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security Suite\Engine\22.6.0.142\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security Suite\Engine\22.6.0.142\Exts\Chrome.crx <not found>
S3 cpuz140; \??\C:\Users\David\AppData\Local\Temp\cpuz140\cpuz140_x64.sys [X] <==== ATTENTION
HKU\S-1-5-21-3199809883-61864900-496248842-1001\...\ChromeHTML: -> <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\David\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\David\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{9EE0C242-8973-456D-B382-0752476703FD}\InprocServer32 -> C:\Program Files\Google\Drive File Stream\27.1.49.1806\drivefsext.dll => No File
CustomCLSID: HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\David\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\David\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ShortcutWithArgument: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Zoom.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=hmbjbjdpkobdjplfobhljndfdfdipjhg
C:\Windows\Temp\*.*
 
*****************
 
Processes closed successfully.
Restore point was successfully created.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{027D5B1B-75CA-454E-8DEA-EE0D1008F814}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{027D5B1B-75CA-454E-8DEA-EE0D1008F814}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2E35066F-432A-4550-B795-51E00D8EDFBF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E35066F-432A-4550-B795-51E00D8EDFBF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3F95F05C-DD1D-40D4-922E-4B450A05E7FF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F95F05C-DD1D-40D4-922E-4B450A05E7FF}" => removed successfully
C:\WINDOWS\System32\Tasks\0 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4522FFA1-DE84-4F90-AEF5-E20B2CAB6DDE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4522FFA1-DE84-4F90-AEF5-E20B2CAB6DDE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{457CA86F-D651-4CD4-ADCF-37C99567F3CF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{457CA86F-D651-4CD4-ADCF-37C99567F3CF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5526799D-B59B-43A2-AA3F-AC5FA8A02E77}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5526799D-B59B-43A2-AA3F-AC5FA8A02E77}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{560BCCE1-EB4E-4C53-B1C9-34FF396C2A99}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{560BCCE1-EB4E-4C53-B1C9-34FF396C2A99}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\RemovalTools\MRT_HB" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{566D396C-F5FA-4449-8626-AD527D7ACB2C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{566D396C-F5FA-4449-8626-AD527D7ACB2C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3199809883-61864900-496248842-1001" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6382090F-B455-4ABE-AB38-34B9790B16CC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6382090F-B455-4ABE-AB38-34B9790B16CC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Refresh immunization" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{63A17FCD-7D1A-471C-9052-B8909DEA8494}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63A17FCD-7D1A-471C-9052-B8909DEA8494}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6F343C24-FB91-423A-95C4-809FF0645920}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F343C24-FB91-423A-95C4-809FF0645920}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Check for updates" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{72C2F7B5-3F22-4BB1-B3CC-0F924CFD9D02}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72C2F7B5-3F22-4BB1-B3CC-0F924CFD9D02}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9D085884-1E28-4C59-83AC-07673614A63D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D085884-1E28-4C59-83AC-07673614A63D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-3199809883-61864900-496248842-1001" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AB3DBC1C-141E-42D1-B1A5-D3E77F481CE0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB3DBC1C-141E-42D1-B1A5-D3E77F481CE0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AD606FD3-BE04-43FC-A8AF-36A6A896A5D5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AD606FD3-BE04-43FC-A8AF-36A6A896A5D5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B5321100-B659-4174-AF66-0242E13263E1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B5321100-B659-4174-AF66-0242E13263E1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CC9397AF-2402-4B4F-9FF3-C74E1FC2D516}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC9397AF-2402-4B4F-9FF3-C74E1FC2D516}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DE53CBA3-0FA2-4023-B5BC-7D202D3ADF83}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE53CBA3-0FA2-4023-B5BC-7D202D3ADF83}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E8823C03-4639-4A5E-A141-B6C2615C84F5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E8823C03-4639-4A5E-A141-B6C2615C84F5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Scan the system" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FFAFE67E-7417-4FDD-BA5A-48DC2A7D94B5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FFAFE67E-7417-4FDD-BA5A-48DC2A7D94B5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKU\S-1-5-21-3199809883-61864900-496248842-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} => removed successfully
"HKU\S-1-5-21-3199809883-61864900-496248842-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{B24BA06E-FB7B-4757-95C2-DC01125F750E}" => removed successfully
HKLM\Software\Classes\CLSID\{B24BA06E-FB7B-4757-95C2-DC01125F750E} => not found
"HKLM\Software\Mozilla\Firefox\Extensions\\{C1A2A613-35F1-4FCF-B27F-2840527B6556}" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{C1A2A613-35F1-4FCF-B27F-2840527B6556}" => removed successfully
C:\Program Files (x86)\mozilla firefox\firefox.cfg => moved successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe => removed successfully
HKLM\System\CurrentControlSet\Services\cpuz140 => removed successfully
cpuz140 => service removed successfully
HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\ChromeHTML => removed successfully
HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9} => removed successfully
HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8} => removed successfully
HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{9EE0C242-8973-456D-B382-0752476703FD} => removed successfully
HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD} => removed successfully
HKU\S-1-5-21-3199809883-61864900-496248842-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay => removed successfully
HKLM\Software\Classes\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk => Shortcut argument removed successfully
C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Zoom.lnk => Shortcut argument removed successfully
 
=========== "C:\Windows\Temp\*.*" ==========
 
C:\Windows\Temp\GoogleDFSSetup_190701151003_8696.log => moved successfully
C:\Windows\Temp\HighPerformancePlan.log => moved successfully
C:\Windows\Temp\MpCmdRun.log => moved successfully
C:\Windows\Temp\MpSigStub.log => moved successfully
C:\Windows\Temp\PowerPlan.log => moved successfully
C:\Windows\Temp\UsoStoreFile.xml => moved successfully
 
========= End -> "C:\Windows\Temp\*.*" ========
 
 
 
The system needed a reboot.
 
==== End of Fixlog 06:03:14 ====

Related Topics




Also tagged with one or more of these keywords: Win7, slow, cpu 100%

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users