Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-09-2021 Ran by Green (07-09-2021 11:05:17) Running from C:\Users\Green\Downloads Windows 10 Home Version 20H2 19042.1110 (X64) (2021-07-10 07:01:55) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= (If an entry is included in the fixlist, it will be removed.) Administrator (S-1-5-21-1248820182-3672890804-4128540518-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1248820182-3672890804-4128540518-503 - Limited - Disabled) Green (S-1-5-21-1248820182-3672890804-4128540518-1001 - Administrator - Enabled) => C:\Users\Green Guest (S-1-5-21-1248820182-3672890804-4128540518-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-1248820182-3672890804-4128540518-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.005.20060 - Adobe Systems Incorporated) Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.154.333 - AVAST Software) Hidden BookWright version 2.1.0 (HKLM-x32\...\{C17978EB-5A2C-40E3-B351-F03A27245BF9}_is1) (Version: 2.1.0 - Blurb, Inc.) Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.2.17.70 - Synaptics Incorporated) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.4.1.16828 - Foxit Software Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 93.0.4577.63 - Google LLC) GoTo Opener (HKLM-x32\...\{2FB988B2-1B56-4E54-BA9B-3F52F4F98E17}) (Version: 1.0.544 - LogMeIn, Inc.) Inkscape 0.92.3 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.92.3.0 - Inkscape project) Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation) Kingsoft PDF to Word SDK (2.0.1) (HKLM\...\{F0915BBA-A86F-4672-807D-30F38DFC2B44}) (Version: 2.0.1 - Zhuhai Kingsoft Office Software Co.,Ltd) Malwarebytes version 4.4.4.126 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.4.126 - Malwarebytes) Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.9060.3 - Waves Audio Ltd.) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 93.0.961.38 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1248820182-3672890804-4128540518-1001\...\OneDriveSetup.exe) (Version: 21.150.0725.0001 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{7B981965-2FBC-433C-B4B3-E183EE97CD29}) (Version: 2.83.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation) Qualcomm WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8142 - Realtek Semiconductor Corp.) Ribbet v1.7.0 (HKLM-x32\...\{802B1CA6-ED60-4EA4-B02D-FEF1603800EE}_is1) (Version: 1.7.0 - Ribbet) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{3800CCFC-4006-4B30-A103-416AF26A885C}) (Version: 2.71.0.0 - Microsoft Corporation) UpdateAssistant (HKLM\...\{F49D6A65-1AB6-4728-9FDA-DB5BAB631CF6}) (Version: 1.23.0.0 - Microsoft Corporation) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN) WPS Office (11.2.0.10265) (HKU\S-1-5-21-1248820182-3672890804-4128540518-1001\...\Kingsoft Office) (Version: 11.2.0.10265 - Kingsoft Corp.) ZoomInfo Contact Contributor (HKU\S-1-5-21-1248820182-3672890804-4128540518-1001\...\ZoomInfo Contact Contributor) (Version: 62 - ) Packages: ========= All Video Player HD -> C:\Program Files\WindowsApps\22450.TotalVideoPlayer_2.0.31.0_x64__0aqw1zw0x2snt [2021-01-29] (韵华软件) Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe [2021-07-10] (Microsoft Corporation) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6 [2021-07-28] (HP Inc.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-07-10] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-07-10] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.4072.0_x64__8wekyb3d8bbwe [2021-07-10] (Microsoft Studios) [MS Ad] Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-04-05] (Microsoft Corporation) Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-23] (Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1248820182-3672890804-4128540518-1001_Classes\CLSID\{28A80003-18FD-411D-B0A3-3C81F618E22B}\InprocServer32 -> C:\Users\Green\AppData\Local\Kingsoft\WPS Office\11.2.0.10265\office6\kwpsmenushellext64.dll (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-12-25] (Foxit Software Incorporated -> Foxit Software Inc.) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-12-25] (Foxit Software Incorporated -> Foxit Software Inc.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers1_S-1-5-21-1248820182-3672890804-4128540518-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\Green\AppData\Local\Kingsoft\WPS Office\11.2.0.10265\office6\kwpsmenushellext64.dll [2021-08-26] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) ContextMenuHandlers4_S-1-5-21-1248820182-3672890804-4128540518-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\Green\AppData\Local\Kingsoft\WPS Office\11.2.0.10265\office6\kwpsmenushellext64.dll [2021-08-26] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\Green\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\letgo-web.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hbkfhekkfmipomaepmpocikpjpgffkop ==================== Loaded Modules (Whitelisted) ============= 2021-08-16 16:08 - 2021-08-16 16:08 - 000092672 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\_ctypes.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 001093632 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\_hashlib.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000027648 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\_multiprocessing.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000046592 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\_socket.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 001412608 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\_ssl.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000071168 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\bz2.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 001665192 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\lib_arpack-.NAOLMBDUCB5HS37DDEMZN5DSFDUEGTBC.gfortran-win32.dll 2021-08-16 16:07 - 2021-08-16 16:07 - 000111875 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\lib_blas_su.5SIDZBJOTYDEVHROQLXNU3SFL52UKCES.gfortran-win32.dll 2021-08-16 16:07 - 2021-08-16 16:07 - 000103938 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\libansari.Q4BAGRNANLWD2YZJOKYPOAUIOLXW2LXK.gfortran-win32.dll 2021-08-16 16:07 - 2021-08-16 16:07 - 001749763 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\libbispeu.KX7AQLB2Z5NFTCADW76YV5UMLBQNDALD.gfortran-win32.dll 2021-08-16 16:07 - 2021-08-16 16:07 - 000853215 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\libblkdta00.G7DFOXPRUYCHKZD36OT33GQ2ORVWO5CC.gfortran-win32.dll 2021-08-16 16:07 - 2021-08-16 16:07 - 000210335 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\libchkder.23IDUBONJEDQJXE3WT2KTJUEFGPJBH5V.gfortran-win32.dll 2021-08-16 16:07 - 2021-08-16 16:07 - 000830326 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\libcobyla2.MZIYBZPTVTYIHRT7JCIZN4FNMM5IPWLD.gfortran-win32.dll 2021-08-16 16:07 - 2021-08-16 16:07 - 000060054 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\libdcsrch.CTD6WPTKUW4MYYPI2KYOJ4427ZGGSXEQ.gfortran-win32.dll 2021-08-16 16:07 - 2021-08-16 16:07 - 000076482 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\libdet.4VQO3BOEG2LIWIGMX5ZYCV4PJP35FD7U.gfortran-win32.dll 2021-08-16 16:07 - 2021-08-16 16:07 - 001752319 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\libdfitpack.NNY5MV75IL2VASF76FBN6G6X7BM7MWXS.gfortran-win32.dll 2021-08-16 16:07 - 2021-08-16 16:07 - 002219046 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\libdgamln.EXHZW7O7OFA5ZY24332CMADP6Z5NX2UF.gfortran-win32.dll 2021-08-16 16:07 - 2021-08-16 16:07 - 000803470 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\libdop853.ZDB77F5S63EPO7WWG3LICXZSBW2LFM2N.gfortran-win32.dll 2021-08-16 16:07 - 2021-08-16 16:07 - 000966024 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\libdqag.MWSTPFMXZZZHBCZ6TPHW6F3HZAJ32GCF.gfortran-win32.dll 2021-08-16 16:07 - 2021-08-16 16:07 - 000282781 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\libgetbreak.5TVRI763Q2TESP6OMV3USZBWB2D4A5G3.gfortran-win32.dll 2021-08-16 16:07 - 2021-08-16 16:07 - 000890549 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\liblbfgsb.DIGGQCC2YKWATHMW4EZGS47NQSG6PSJH.gfortran-win32.dll 2021-08-16 16:07 - 2021-08-16 16:07 - 000145658 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\libmvndst.OJR73I5E7C44HCOJAKJH2SZO3V6MOMVF.gfortran-win32.dll 2021-08-16 16:07 - 2021-08-16 16:07 - 000735109 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\libnnls.GX3LBH56JRQ7JMAOG7UBTDQJYFS6BPRN.gfortran-win32.dll 2021-08-16 16:07 - 2021-08-16 16:07 - 027758826 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\libopenblas.FN5FF57TWHUYLRG54LA6B33EZPHYZZL4.gfortran-win32.dll 2021-08-16 16:07 - 2021-08-16 16:07 - 000196261 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\libslsqp_op.CVAJHOQHKECBN7VLKMGEOZQ54GU3YWV7.gfortran-win32.dll 2021-08-16 16:07 - 2021-08-16 16:07 - 000969301 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\libspecfun.I7OMDT5L33XVQM2MTW5AACQJUBYEOUFN.gfortran-win32.dll 2021-08-16 16:07 - 2021-08-16 16:07 - 001018536 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\libvode.HJI7FWQUEZLBFLZW4SXVUEIHYXVHYOMQ.gfortran-win32.dll 2021-08-16 16:07 - 2021-08-16 16:07 - 000058299 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\libwrap_dum.2SF326B4F6M5554GNXUOMY5R3DTKQYFW.gfortran-win32.dll 2021-08-16 16:07 - 2021-08-16 16:07 - 000143757 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\libwrap_dum.ZR6LJZIT7V4C32YHXQU6YAVN6LOFTZG5.gfortran-win32.dll 2021-08-16 16:07 - 2021-08-16 16:07 - 000105472 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\numpy.core._multiarray_tests.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 001938432 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\numpy.core._multiarray_umath.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000066560 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\numpy.fft.fftpack_lite.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000108544 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\numpy.linalg._umath_linalg.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000012288 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\numpy.linalg.lapack_lite.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000630784 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\numpy.random.mtrand.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 001186304 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas._libs.algos.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000515072 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas._libs.groupby.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000124928 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas._libs.hashing.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000419840 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas._libs.hashtable.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000458240 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas._libs.index.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000030208 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas._libs.indexing.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000184832 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas._libs.internals.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 001576960 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas._libs.interval.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 001735680 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas._libs.join.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000057856 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas._libs.json.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000323584 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas._libs.lib.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000069632 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas._libs.missing.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000150528 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas._libs.ops.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000365568 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas._libs.parsers.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000043520 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas._libs.properties.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000194048 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas._libs.reduction.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000173056 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas._libs.reshape.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000067072 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas._libs.skiplist.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000611328 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas._libs.sparse.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000050688 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas._libs.testing.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000220672 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas._libs.tslib.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000044032 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas._libs.tslibs.ccalendar.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000271360 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas._libs.tslibs.conversion.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000184832 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas._libs.tslibs.fields.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000103424 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas._libs.tslibs.frequencies.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000130560 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas._libs.tslibs.nattype.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000039936 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas._libs.tslibs.np_datetime.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000299520 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas._libs.tslibs.offsets.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000239616 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas._libs.tslibs.parsing.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000328192 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas._libs.tslibs.period.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000192000 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas._libs.tslibs.resolution.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000274432 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas._libs.tslibs.strptime.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000338432 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas._libs.tslibs.timedeltas.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000357376 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas._libs.tslibs.timestamps.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000160256 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas._libs.tslibs.timezones.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000477696 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas._libs.window.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000152064 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas._libs.writers.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000053760 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas.io.msgpack._packer.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000065536 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas.io.msgpack._unpacker.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000008704 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pandas.util._move.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 000397824 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pythoncom27.dll 2021-08-16 16:08 - 2021-08-16 16:08 - 000110592 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\pywintypes27.dll 2021-08-16 16:08 - 2021-08-16 16:08 - 000047616 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy._lib._ccallback_c.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000028160 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy._lib.messagestream.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000032768 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.integrate._dop.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000016896 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.integrate._odepack.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000024576 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.integrate._quadpack.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000028160 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.integrate.lsoda.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000035840 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.integrate.vode.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000184320 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.interpolate._bspl.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000028672 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.interpolate._fitpack.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000224768 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.interpolate._ppoly.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000115200 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.interpolate.dfitpack.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000234496 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.interpolate.interpnd.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000027648 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.io.matlab.mio_utils.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000137728 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.io.matlab.mio5_utils.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000081408 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.io.matlab.streams.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000221184 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.linalg._decomp_update.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000497664 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.linalg._fblas.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 001120256 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.linalg._flapack.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000036864 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.linalg._flinalg.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000163840 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.linalg._solve_toeplitz.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000174592 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.linalg.cython_blas.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000545792 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.linalg.cython_lapack.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000024576 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.optimize._cobyla.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000126464 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.optimize._group_columns.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000026624 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.optimize._lbfgsb.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000105984 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.optimize._lsq.givens_elimination.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000023040 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.optimize._minpack.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000021504 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.optimize._nnls.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000030208 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.optimize._slsqp.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000232448 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.optimize._trlib._trlib.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000010752 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.optimize._zeros.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000025088 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.optimize.minpack2.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000035840 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.optimize.moduleTNC.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000322048 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.sparse._csparsetools.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 002079232 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.sparse._sparsetools.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000131072 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.sparse.csgraph._min_spanning_tree.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000218112 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.sparse.csgraph._reordering.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000186880 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.sparse.csgraph._shortest_path.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000119296 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.sparse.csgraph._tools.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000116736 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.sparse.csgraph._traversal.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000261632 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.sparse.linalg.dsolve._superlu.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000108544 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.sparse.linalg.eigen.arpack._arpack.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000091648 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.sparse.linalg.isolve._iterative.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000042496 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.spatial._distance_wrap.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000122368 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.spatial._hausdorff.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000122368 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.spatial._voronoi.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000345088 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.spatial.ckdtree.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000645632 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.spatial.qhull.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000022016 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.special._comb.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000050688 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.special._ellip_harm_2.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000653312 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.special._ufuncs.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000098304 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.special._ufuncs_cxx.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000077312 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.special.specfun.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000266240 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.stats._stats.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000026624 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.stats.mvn.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000022016 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\scipy.stats.statlib.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000010240 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\select.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000011264 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\sklearn.__check_build._check_build.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000156160 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\sklearn.ensemble._gradient_boosting.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000072704 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\sklearn.metrics.cluster.expected_mutual_info_fast.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000159232 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\sklearn.metrics.pairwise_fast.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000334848 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\sklearn.neighbors.ball_tree.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000211968 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\sklearn.neighbors.dist_metrics.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000335360 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\sklearn.neighbors.kd_tree.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000091648 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\sklearn.neighbors.quad_tree.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000017408 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\sklearn.neighbors.typedefs.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000077824 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\sklearn.tree._criterion.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000091136 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\sklearn.tree._splitter.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000160768 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\sklearn.tree._tree.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000060416 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\sklearn.tree._utils.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000039936 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\sklearn.utils._logistic_sigmoid.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000071168 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\sklearn.utils._random.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000016384 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\sklearn.utils.lgamma.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000065536 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\sklearn.utils.murmurhash.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000409088 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\sklearn.utils.sparsefuncs_fast.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000687104 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\unicodedata.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000100864 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\win32api.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000049152 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\win32evtlog.pyd 2021-08-16 16:08 - 2021-08-16 16:08 - 000167936 _____ () [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\win32gui.pyd 2021-08-16 16:07 - 2021-08-16 16:07 - 002648064 _____ (Python Software Foundation) [File not signed] C:\Users\Green\AppData\Local\ZoomInfoCEUtility\2214\python27.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2017-09-29 09:46 - 2019-02-27 20:04 - 000000854 _____ C:\WINDOWS\system32\drivers\etc\hosts 2020-02-06 20:49 - 2021-08-13 11:44 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1248820182-3672890804-4128540518-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Green\Pictures\Saved Pictures\TRAVEL\Scotland\northern-ireland-view.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{821F13A9-1FA7-43E2-A16E-73FC25984057}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{0A233514-771E-4FBF-A273-9676A489E7A1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{7A6BFFEA-A615-4FD7-AE3C-1B6C01340884}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{39BB723C-C88D-4D68-97E0-1032EC9A1C88}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{C14B5620-27A9-4AC5-AE4B-0AEBD17BD890}] => (Allow) C:\Users\Green\AppData\Local\Kingsoft\WPS Office\10.2.0.7646\office6\wpscloudsvr.exe => No File FirewallRules: [{1430A736-3155-4C95-9CD5-997D3BFB2F65}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe => No File FirewallRules: [{1F8BE3D2-1530-4707-9D06-F574D365BE5F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe => No File FirewallRules: [{CE1A4EF6-26FF-4DC2-B3B1-094B3106FF57}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe => No File FirewallRules: [{E0C169E7-4F10-430F-9497-DB2EC6509B93}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe => No File FirewallRules: [{A2FC895E-355C-404C-B9D4-C5CCE6C0FA67}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Restore Points ========================= 20-08-2021 11:22:10 Scheduled Checkpoint 28-08-2021 10:35:50 Removed Kingsoft PDF to Word SDK (2.0.1) 04-09-2021 19:06:34 Windows Modules Installer ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (09/07/2021 09:23:45 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: GameBar.exe, version: 5.521.3093.0, time stamp: 0x6047c0e0 Faulting module name: KERNELBASE.dll, version: 10.0.19041.1110, time stamp: 0x4809adf2 Exception code: 0xc0000409 Fault offset: 0x000000000010bd3e Faulting process id: 0x4344 Faulting application start time: 0x01d7a3eb7abb91ba Faulting application path: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.521.3093.0_x64__8wekyb3d8bbwe\GameBar.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report Id: 16723553-510e-4f07-b99a-88579b9c9aea Faulting package full name: Microsoft.XboxGamingOverlay_5.521.3093.0_x64__8wekyb3d8bbwe Faulting package-relative application ID: App Error: (09/06/2021 08:45:52 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program HP.Smart.exe version 129.1.234.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 3aa4 Start Time: 01d7a3818e9e577e Termination Time: 4294967295 Application Path: C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6\HP.Smart.exe Report Id: 1efbfef2-6fd6-4b1e-a431-81a8ef285b14 Faulting package full name: AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6 Faulting package-relative application ID: AD2F1837.HPPrinterControl Hang type: Activation Error: (09/06/2021 08:44:32 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program HP.Smart.exe version 129.1.234.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 4088 Start Time: 01d7a3815f38cf85 Termination Time: 4294967295 Application Path: C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6\HP.Smart.exe Report Id: 7277b467-ae83-4498-8a70-cc4656b111b8 Faulting package full name: AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6 Faulting package-relative application ID: AD2F1837.HPPrinterControl Hang type: Activation Error: (09/06/2021 08:32:29 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program HP.Smart.exe version 129.1.234.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 15e8 Start Time: 01d7a37faf8d7a27 Termination Time: 4294967295 Application Path: C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6\HP.Smart.exe Report Id: fb873bc2-0ce6-4ea2-895e-69b0644fa142 Faulting package full name: AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6 Faulting package-relative application ID: AD2F1837.HPPrinterControl Hang type: Activation Error: (09/06/2021 10:14:27 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program Microsoft.Photos.exe version 2020.20120.4004.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 369c Start Time: 01d7a329216fb200 Termination Time: 4294967295 Application Path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe Report Id: 7aada7ff-1f62-4079-a137-c71fbf1165be Faulting package full name: Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe Faulting package-relative application ID: App Hang type: Navigation Error: (09/04/2021 06:13:55 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program SystemSettings.exe version 10.0.19041.1081 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 25d4 Start Time: 01d7a1d9a17ec732 Termination Time: 4294967295 Application Path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe Report Id: 22d9c28a-cab6-4ac4-88da-8bd575fcd6b5 Faulting package full name: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel Hang type: Cross-process Error: (09/04/2021 04:03:11 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Microsoft.Photos.exe, version: 2020.20120.4004.0, time stamp: 0x5fcaab3d Faulting module name: KERNELBASE.dll, version: 10.0.19041.1110, time stamp: 0x4809adf2 Exception code: 0xc000027b Fault offset: 0x000000000010bd3e Faulting process id: 0x6fc Faulting application start time: 0x01d7a1c6e53458fd Faulting application path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report Id: 997a571e-7aed-4909-962d-e14c52a5fe32 Faulting package full name: Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe Faulting package-relative application ID: App Error: (09/04/2021 01:03:50 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Microsoft.Photos.exe, version: 2020.20120.4004.0, time stamp: 0x5fcaab3d Faulting module name: ucrtbase.dll, version: 10.0.19041.789, time stamp: 0x2bd748bf Exception code: 0xc0000409 Fault offset: 0x0000000000071208 Faulting process id: 0x23d4 Faulting application start time: 0x01d7a1aa9513a32d Faulting application path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe Faulting module path: C:\WINDOWS\System32\ucrtbase.dll Report Id: 68907679-2b86-446f-9d02-8df55f92fa07 Faulting package full name: Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe Faulting package-relative application ID: App System errors: ============= Error: (09/07/2021 09:27:46 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-CD17OTC) Description: The server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout. Error: (09/07/2021 09:23:40 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-CD17OTC) Description: The server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout. Error: (09/07/2021 09:22:09 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: Synaptics - Mouse - 9/19/2018 12:00:00 AM - 19.2.17.70. Error: (09/06/2021 11:18:12 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: Synaptics - Mouse - 9/19/2018 12:00:00 AM - 19.2.17.70. Error: (09/06/2021 07:55:38 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-CD17OTC) Description: The server microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout. Error: (09/06/2021 07:55:05 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY) Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013. Error: (09/06/2021 04:10:32 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: Synaptics - Mouse - 9/19/2018 12:00:00 AM - 19.2.17.70. Error: (09/06/2021 10:09:09 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-CD17OTC) Description: The server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout. Windows Defender: ================ Date: 2021-09-06 11:18:53 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2021-09-06 10:44:25 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2021-09-04 13:15:16 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2021-09-02 12:29:29 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2021-09-01 11:53:14 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan  ==================== Memory info =========================== BIOS: Dell Inc. 4.4.0 03/06/2018 Motherboard: Dell Inc. 00NY55 Processor: Intel(R) Celeron(R) CPU N3050 @ 1.60GHz Percentage of memory in use: 83% Total physical RAM: 4007.55 MB Available physical RAM: 651.64 MB Total Virtual: 12126.26 MB Available Virtual: 7404.96 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:464.6 GB) (Free:368.88 GB) NTFS \\?\Volume{03588cfd-7b06-4652-9c53-bdb73e97c495}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS \\?\Volume{98cdcd14-6492-4e20-967e-7e70ce942f84}\ () (Fixed) (Total:0.56 GB) (Free:0.1 GB) NTFS \\?\Volume{dcb012ea-4a74-4aa1-8daf-65a8e696ef3b}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 6CB7AD03) Partition: GPT. ==================== End of Addition.txt =======================