Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-05-2020 01
Ran by Patricia (administrator) on TOSHIBA (TOSHIBA Satellite C50D-B) (16-05-2020 09:46:34)
Running from C:\Users\Patricia\Desktop
Loaded Profiles: Patricia & _ashbackuppb_
Platform: Windows 10 Home Version 1709 16299.1087 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
() [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
() [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ArcSoft, Inc. -> ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Ashampoo GmbH & Co. KG -> ) C:\Program Files\Ashampoo\Ashampoo Backup Pro 11\bin\backupService-abpb.exe
(Ashampoo GmbH & Co. KG -> ) C:\Program Files\Ashampoo\Ashampoo Backup Pro 11\bin\oxHelper.exe
(AVerMedia TECHNOLOGIES, Inc.) [File not signed] C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe
(AVerMedia) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG TuneUp\TuneupSvc.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG TuneUp\TuneupUI.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Secure VPN\Vpn.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Secure VPN\VpnSvc.exe
(AVG Technologies USA, Inc. -> The OpenVPN Project) C:\Program Files (x86)\AVG\Secure VPN\OpenVPN\openvpn.exe <2>
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\afwServ.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe
(Beiley Software, Inc. -> Beiley Software Inc.) C:\Program Files (x86)\Remind-Me\RemindMe.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\WINDOWS\System32\BtwRSupportService.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Compal Electronics, Inc. -> TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(DTS, Inc. -> ) C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Patricia\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_2.1.18.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
(Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\BackgroundTransferHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\PrintIsolationHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.16299.428_none_1704c21831ffb4a8\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\WINDOWS\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\WINDOWS\System32\atiesrxx.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA CORPORATION -> Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe <2>
(WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(WildTangent Inc -> WildTangent, Inc.) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3873000 2016-06-02] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-10-09] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296008 2013-10-22] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-14] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [180016 2015-06-08] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [Ashampoo Backup PB] => C:\Program Files\Ashampoo\Ashampoo Backup Pro 11\bin\backupClient-abpb.exe [323504 2017-03-28] (Ashampoo GmbH & Co. KG -> )
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [156256 2020-04-28] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-07-19] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2019-10-11] (Corel Corporation -> Corel Corporation)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2013-08-06] (Compal Electronics, Inc. -> TOSHIBA CORPORATION)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft, Inc. -> ArcSoft Inc.)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516976 2015-06-09] (TOSHIBA CORPORATION -> TOSHIBA)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKU\S-1-5-21-1038643954-3680076089-604325707-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-06] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1038643954-3680076089-604325707-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1038643954-3680076089-604325707-1004\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [519680 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> %SystemRoot%\inf\unregmp2.exe /ShowWMP
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\Installer\chrmstp.exe [2020-05-11] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2016-02-17] (Broadcom Corporation -> Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk [2015-07-21]
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk [2015-07-21]
ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVG Secure VPN.lnk [2018-12-28]
ShortcutTarget: AVG Secure VPN.lnk -> C:\Program Files (x86)\AVG\Secure VPN\Vpn.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVG TuneUp.lnk [2019-12-01]
ShortcutTarget: AVG TuneUp.lnk -> C:\Program Files (x86)\AVG\AVG TuneUp\TuneupUI.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2018-11-15]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk [2015-07-10]
ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe (ArcSoft, Inc.) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2019-12-03]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (Corel Corporation -> WinZip Computing)
Startup: C:\Users\Patricia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RemindMe.lnk [2015-04-16]
ShortcutTarget: RemindMe.lnk -> C:\Program Files (x86)\Remind-Me\RemindMe.exe (Beiley Software, Inc. -> Beiley Software Inc.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {21B7B94A-A8E5-4AF9-B47B-93BAD136CEB6} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1692296 2020-04-03] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {2BF3E8FB-6CF1-4EA2-AF06-E49485FE143A} - System32\Tasks\dts_apo_service_task => C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_task.exe [14320 2015-05-27] (DTS, Inc. -> )
Task: {2CAEB363-D167-4428-9C7B-3977E2F8321B} - System32\Tasks\TOSHIBA\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {6DA995AC-C70F-430F-9516-B6E53F39C9FC} - System32\Tasks\TOSHIBA\StartCCC => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
Task: {81443312-1895-44CF-B1F1-E6000C1F6AD7} - System32\Tasks\AVG TuneUp Update => C:\Program Files (x86)\AVG\AVG TuneUp\TUNEUpdate.exe [1706528 2019-12-01] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {82BE1E17-B0FF-4C92-AF71-6F9E78297C68} - System32\Tasks\TOSHIBA\TecoResident => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [180016 2015-06-08] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
Task: {90551A60-1339-4A1D-A8C3-90F170991471} - System32\Tasks\AVG Secure VPN Update => C:\Program Files (x86)\AVG\Secure VPN\VpnUpdate.exe [1426864 2019-08-13] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {92CFB6F4-BD86-410A-BA69-55BD86FFBEA8} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [3373072 2020-04-28] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {96A9B0C7-E7BC-48AD-B80C-6E30DEEBD69D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [570240 2017-02-14] (Apple Inc. -> Apple Inc.)
Task: {A3000F18-42B8-42BA-A8AB-E34A6CDE0CCE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-04-15] (Google Inc -> Google Inc.)
Task: {B5FEB5C2-A112-40B8-B2B8-CB3613EF2BF4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {C3D95CD7-12B9-4D01-8747-D85B89F303BC} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16690424 2016-08-26] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {E45CB5DE-7719-40C7-A8EE-8D73735ABC44} - System32\Tasks\TOSHIBA\TSVU => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516976 2015-06-09] (TOSHIBA CORPORATION -> TOSHIBA)
Task: {EA939703-ABC8-4680-9F41-76DABA420868} - System32\Tasks\TOSHIBA\TosWaitSrv => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-14] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
Task: {ECC9C0D0-D17F-4F9E-AF54-D2B8320C5BB7} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [700040 2014-04-03] (TOSHIBA CORPORATION -> TOSHIBA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\..\Interfaces\{7dcfcdf8-6b55-4126-8d35-6535b5fb2e97}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{ce2293a1-70ad-4a01-9ab3-ca2c2dba5904}: [NameServer] 100.120.168.1
Tcpip\..\Interfaces\{eb75e515-cb5c-43c6-87be-3334218831d0}: [DhcpNameServer] 192.168.0.1
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,192.168.0.12,1]

Internet Explorer:
==================
HKU\S-1-5-21-1038643954-3680076089-604325707-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nine.com.au/
HKU\S-1-5-21-1038643954-3680076089-604325707-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TAJB
SearchScopes: HKU\S-1-5-21-1038643954-3680076089-604325707-1001 -> DefaultScope {D1D7348B-41CC-4ABD-87A7-934403F6B971} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-1038643954-3680076089-604325707-1001 -> {D1D7348B-41CC-4ABD-87A7-934403F6B971} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-1038643954-3680076089-604325707-1001 -> {FBF7A67F-FB8D-482A-A96B-220A5E9BBC21} URL = 
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKU\S-1-5-21-1038643954-3680076089-604325707-1001 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)

Edge: 
======
DownloadDir: C:\Users\Patricia\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-1038643954-3680076089-604325707-1001 -> hxxp://www.9news.com.au/

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.) [File not signed]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2016-04-18] (WildTangent Inc -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-02] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1038643954-3680076089-604325707-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Patricia\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-28] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome: 
=======
CHR Profile: C:\Users\Patricia\AppData\Local\Google\Chrome\User Data\Default [2018-12-28]
CHR Notifications: Default -> hxxps://web.skype.com
CHR StartupUrls: Default -> "hxxp://www.news.ninemsn.com.au/"
CHR Extension: (Google Slides) - C:\Users\Patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-15]
CHR Extension: (Google Docs) - C:\Users\Patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-15]
CHR Extension: (Google Drive) - C:\Users\Patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-15]
CHR Extension: (YouTube) - C:\Users\Patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-15]
CHR Extension: (Google Sheets) - C:\Users\Patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-15]
CHR Extension: (Google Docs Offline) - C:\Users\Patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-20]
CHR Extension: (Gmail) - C:\Users\Patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-15]
CHR Extension: (Chrome Media Router) - C:\Users\Patricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-20]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft, Inc. -> ArcSoft Inc.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [140288 2014-04-23] () [File not signed]
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [264224 2015-09-11] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-04-29] (Apple Inc. -> Apple Inc.)
R2 ashbackuppb; c:\Program Files\Ashampoo\Ashampoo Backup Pro 11\bin\backupService-abpb.exe [31664 2017-03-28] (Ashampoo GmbH & Co. KG -> )
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-03-19] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed]
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [360448 2011-08-19] (AVerMedia) [File not signed]
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [403456 2011-04-01] () [File not signed]
R2 AVerUpdateServer; C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe [167936 2011-10-31] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [345960 2020-04-28] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Firewall; C:\Program Files (x86)\AVG\Antivirus\afwServ.exe [1005744 2020-04-28] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe [5552064 2020-04-28] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe [110608 2020-04-28] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 CleanupPSvc; C:\Program Files (x86)\AVG\AVG TuneUp\TuneupSvc.exe [10301176 2019-07-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R3 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19960 2015-05-27] (DTS, Inc. -> )
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144608 2016-06-02] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [350064 2016-04-18] (WildTangent Inc -> WildTangent)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [397472 2018-03-15] (Canon Inc. -> )
R2 SecureVpn; C:\Program Files (x86)\AVG\Secure VPN\VpnSvc.exe [7451056 2019-08-13] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\NisSrv.exe [3304992 2020-05-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MsMpEng.exe [103376 2020-05-13] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmdAS4; C:\WINDOWS\System32\drivers\AmdAS4.sys [17640 2013-10-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [21653520 2015-09-11] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [686080 2015-09-11] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [36608 2013-12-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [243056 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4251160 2016-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 AVerIT13x; C:\WINDOWS\System32\Drivers\AVerIT13x_x64.sys [198272 2012-12-06] (Microsoft Windows Hardware Compatibility Publisher -> AVerMedia TECHNOLOGIES, Inc.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [206672 2020-04-28] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [234840 2020-04-28] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [179032 2020-04-28] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [61272 2020-04-28] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [16520 2020-04-28] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [43568 2020-04-28] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [175984 2020-04-28] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [501752 2020-05-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [110064 2020-04-28] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [85664 2020-04-28] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [852392 2020-04-28] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [459992 2020-05-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [235768 2020-04-28] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgTap; C:\WINDOWS\System32\drivers\avgTap.sys [54888 2018-09-05] (AVG Technologies CZ, s.r.o. -> The OpenVPN Project)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [317864 2020-04-28] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [610336 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [31832 2016-06-02] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-09] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [54424 2015-07-29] (TOSHIBA CORPORATION -> Toshiba Corporation)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2019-02-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-05-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [394680 2020-05-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64944 2020-05-13] (Microsoft Windows -> Microsoft Corporation)
S3 btwaudio; \SystemRoot\system32\drivers\btwaudio.sys [X]
S3 btwavdt; \SystemRoot\System32\drivers\btwavdt.sys [X]
S3 btwl2cap; \SystemRoot\system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; \SystemRoot\System32\drivers\btwrchid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-16 09:46 - 2020-05-16 09:48 - 000030427 _____ C:\Users\Patricia\Desktop\FRST.txt
2020-05-16 09:39 - 2020-05-16 09:41 - 000025718 _____ C:\Users\Patricia\Desktop\Fixlog 16th May.txt
2020-05-15 16:13 - 2020-05-15 16:13 - 000000858 _____ C:\Users\Patricia\Desktop\LatencyMon.lnk
2020-05-15 16:13 - 2020-05-15 16:13 - 000000846 _____ C:\Users\Patricia\Desktop\In Depth Latency Tests.lnk
2020-05-15 16:13 - 2020-05-15 16:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LatencyMon
2020-05-15 16:13 - 2020-05-15 16:13 - 000000000 ____D C:\Program Files\LatencyMon
2020-05-15 16:13 - 2015-07-13 11:16 - 000026368 _____ (Resplendence Software Projects Sp.) C:\WINDOWS\system32\Drivers\rspLLL64.sys
2020-05-15 16:09 - 2020-05-15 16:09 - 002323432 _____ (Resplendence Software Projects Sp. ) C:\Users\Patricia\Desktop\LatencyMon.exe
2020-05-15 16:00 - 2020-05-14 17:16 - 002798456 _____ (Sysinternals - www.sysinternals.com) C:\Users\Patricia\Desktop\procexp.exe
2020-05-15 11:06 - 2020-05-16 09:38 - 000000000 ____D C:\Users\Patricia\Desktop\Geekstogo 2
2020-05-14 20:06 - 2020-05-16 09:36 - 000000000 ____D C:\Users\Patricia\Desktop\Geekstogo
2020-05-14 19:50 - 2020-05-14 19:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2020-05-14 19:50 - 2020-05-14 19:50 - 000000000 ____D C:\Program Files\Speccy
2020-05-14 19:35 - 2020-05-14 19:35 - 000012233 _____ C:\junk.txt
2020-05-13 10:17 - 2020-04-28 11:32 - 000337592 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2020-05-12 17:58 - 2020-05-12 17:58 - 000000000 _____ C:\WINDOWS\system32\last.dump
2020-05-12 15:46 - 2020-05-16 09:47 - 000000000 ____D C:\FRST
2020-05-12 15:42 - 2020-05-14 15:44 - 002286080 _____ (Farbar) C:\Users\Patricia\Desktop\FRST64.exe
2020-04-28 11:34 - 2020-05-11 16:16 - 000501752 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetHub.sys
2020-04-28 11:34 - 2020-04-28 11:33 - 000235768 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2020-04-28 11:34 - 2020-04-28 11:33 - 000175984 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2020-04-28 11:25 - 2020-04-28 11:25 - 000000000 ____D C:\Users\Patricia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2020-04-28 11:20 - 2020-04-28 11:35 - 000000000 ____D C:\Users\Patricia\AppData\Roaming\Zoom

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-16 09:42 - 2018-03-01 17:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-05-16 09:42 - 2017-09-29 18:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-05-16 09:42 - 2017-08-20 20:36 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2020-05-16 09:39 - 2018-03-01 17:02 - 000000000 ____D C:\WINDOWS\system32\Tasks\TOSHIBA
2020-05-16 09:38 - 2018-11-08 11:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-05-16 09:38 - 2018-03-01 17:02 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-05-16 09:38 - 2018-03-01 17:02 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-05-16 09:38 - 2018-03-01 17:02 - 000003056 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2020-05-16 09:38 - 2018-03-01 17:02 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1038643954-3680076089-604325707-1001
2020-05-16 09:38 - 2018-03-01 17:02 - 000002748 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1038643954-3680076089-604325707-500
2020-05-16 09:38 - 2018-03-01 17:02 - 000002376 _____ C:\WINDOWS\system32\Tasks\dts_apo_service_task
2020-05-16 09:38 - 2018-03-01 17:02 - 000002278 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2020-05-15 15:50 - 2017-09-29 23:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2020-05-15 15:49 - 2018-03-01 16:22 - 000000000 ____D C:\Users\Patricia\AppData\Local\Packages
2020-05-15 15:49 - 2017-09-29 23:46 - 000000000 ___HD C:\Program Files\WindowsApps
2020-05-15 15:49 - 2017-09-29 23:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-05-15 15:44 - 2019-05-30 09:26 - 000000000 ____D C:\Users\Patricia\AppData\Local\CrashDumps
2020-05-15 15:39 - 2020-01-14 11:04 - 000320680 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-05-15 15:38 - 2015-10-24 15:51 - 000000000 ____D C:\ProgramData\Avg
2020-05-15 15:34 - 2015-03-14 10:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2020-05-15 15:24 - 2016-04-27 16:20 - 000000000 ____D C:\WINDOWS\ShellNew
2020-05-15 15:14 - 2018-03-01 16:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-05-15 13:05 - 2017-09-29 23:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-05-15 11:28 - 2017-09-29 23:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-05-13 10:57 - 2015-03-15 20:18 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-05-13 10:46 - 2015-03-15 20:18 - 120636720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-05-13 10:20 - 2017-12-01 14:11 - 000002096 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Internet Security.lnk
2020-05-13 10:20 - 2017-12-01 14:11 - 000002084 _____ C:\Users\Public\Desktop\AVG Internet Security.lnk
2020-05-13 10:19 - 2019-05-08 16:38 - 000000000 ____D C:\WINDOWS\Panther
2020-05-13 10:17 - 2017-09-29 23:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-05-13 10:13 - 2015-04-18 11:27 - 000000000 ____D C:\Users\Patricia\AppData\Local\ElevatedDiagnostics
2020-05-13 09:57 - 2018-11-13 19:58 - 000000000 ____D C:\ProgramData\CanonIJPLM
2020-05-13 09:55 - 2018-07-24 11:18 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-05-13 09:46 - 2018-07-21 16:53 - 000744808 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-05-12 17:54 - 2018-03-01 16:20 - 000000000 ____D C:\Users\_ashbackuppb_
2020-05-12 16:18 - 2017-09-29 23:46 - 000000000 ____D C:\WINDOWS\rescache
2020-05-12 15:30 - 2017-09-29 23:44 - 000000000 ____D C:\WINDOWS\INF
2020-05-12 10:06 - 2016-04-14 12:37 - 000007630 _____ C:\Users\Patricia\AppData\Local\Resmon.ResmonCfg
2020-05-11 16:34 - 2018-03-01 16:20 - 000000000 ____D C:\Users\Patricia
2020-05-11 16:33 - 2016-04-15 09:58 - 000002344 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-11 16:33 - 2016-04-15 09:58 - 000002303 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-05-11 16:18 - 2016-07-29 11:43 - 000002423 _____ C:\Users\Patricia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-05-11 16:18 - 2015-03-13 16:08 - 000000000 __RDO C:\Users\Patricia\OneDrive
2020-05-11 16:15 - 2018-08-02 14:20 - 000459992 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2020-05-11 15:07 - 2019-10-19 02:06 - 000000000 ____D C:\Windows10Upgrade
2020-05-11 14:48 - 2019-12-01 11:27 - 000004246 _____ C:\WINDOWS\system32\Tasks\AVG TuneUp Update
2020-05-11 14:48 - 2018-12-28 14:15 - 000004260 _____ C:\WINDOWS\system32\Tasks\AVG Secure VPN Update
2020-04-28 11:33 - 2018-11-13 17:06 - 000043568 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2020-04-28 11:33 - 2018-08-02 14:20 - 000317864 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2020-04-28 11:33 - 2018-08-02 14:20 - 000110064 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2020-04-28 11:33 - 2018-08-02 14:20 - 000085664 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2020-04-28 11:33 - 2018-07-14 09:18 - 000016520 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgElam.sys
2020-04-28 11:32 - 2018-08-02 14:20 - 000852392 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2020-04-28 11:32 - 2018-08-02 14:20 - 000206672 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2020-04-28 11:31 - 2019-01-10 08:57 - 000234840 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2020-04-28 11:31 - 2019-01-10 08:57 - 000179032 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2020-04-28 11:31 - 2019-01-10 08:57 - 000061272 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2020-04-28 11:17 - 2018-03-01 16:52 - 001119922 _____ C:\WINDOWS\system32\PerfStringBackup.INI

==================== Files in the root of some directories ========

2016-01-09 09:41 - 2016-01-09 09:41 - 000000000 _____ () C:\Users\Patricia\AppData\Roaming\Microsoft\78B6.tmp
2016-04-14 12:37 - 2020-05-12 10:06 - 000007630 _____ () C:\Users\Patricia\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-05-12 15:59
==================== End of FRST.txt ========================