Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

I'm infected with something I do believe [SOLVED]

Infected antivirus software

  • This topic is locked This topic is locked

#31
sweetsuzee

sweetsuzee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts

This has been grueling for me.  For starters, I knew nothing about snipping tools and the like and has an awful lot of reading to do just to try and figure it out. Everything I tried failed. I'm used to simple screen shots and pasting.  Also, you failed to mention what, precisely, you wanted so I did a rectangular snip omitting the left column legend since I'm sure you know what that index says.  So, I hope what I did was correct.  Saving it to desktop was another headache for me but I think I finally figured it out.  We'll see.

 

Okay, first things first.  Regarding my concern about sex and porn entries on my computer I saw them in the logs from both the 14th and the 17th.  I remembering wondering what the heck hxxps was although I'm used to https.  Regardless, if you're not seeing them, so be it.  100sexlinks.com was one of them and another was 123fporn.info but that's all I can remember.  Obviously taken care of whatever it was.  

 

Here's the fixlog and I'll attach the screenshot.  I'll assume you want the ADDITION also so I will insert that after the log

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-09-2020
Ran by suesarkis (administrator) on SUESBABY (Hewlett-Packard HP Spectre XT TouchSmart PC) (20-09-2020 20:09:14)
Running from C:\Users\suesarkis\Desktop
Loaded Profiles: suesarkis
Platform: Windows 10 Home Version 1909 18363.1082 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(AOL, Inc -> AOL Inc.) C:\Users\suesarkis\AppData\Local\AOLDesktop\app-11.0.2811\AolDesktop.exe <2>
(AOL, Inc -> AOL) C:\Users\suesarkis\AppData\Local\AOLDesktop\app-11.0.2811\CefSharp.BrowserSubprocess.exe <10>
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Comfort Software Group -> Comfort Software Group) C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe
(Corel Corporation -> Corel Corporation) C:\Program Files (x86)\Corel\WordPerfect Office X9\Programs\wpwin19.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <9>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_972058dc64815bf9\RstMwService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\NisSrv.exe
(N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation) C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.exe
(N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation) C:\Program Files\Copernic\DesktopSearch\Copernic.Plugins.PluginsService.exe
(N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Systems) C:\Program Files\Copernic\DesktopSearch\DesktopSearchOutlookConnector.exe
(PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\CORK.EXE
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [320056 2019-02-28] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [QuickFinder Scheduler] => c:\Program Files (x86)\Corel\WordPerfect Office X9\Programs\QFSCHD190.EXE [247512 2018-05-13] (Corel Corporation -> Corel Corporation)
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\Run: [FreeCT] => C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe [4126624 2016-01-22] (Comfort Software Group -> Comfort Software Group)
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\Run: [AOLDesktop] => C:\Users\suesarkis\AppData\Local\AOLDesktop\AolDesktop.exe [563216 2020-09-08] (AOL, Inc -> AOL Inc.)
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5482544 2020-08-17] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\Run: [Copernic Desktop Search] => C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.exe [635104 2020-03-04] (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation)
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\WINDOWS\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.102\Installer\chrmstp.exe [2020-09-09] (Google LLC -> Google LLC)
Startup: C:\Users\suesarkis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AOL Desktop Launcher.lnk [2020-09-20]
ShortcutTarget: AOL Desktop Launcher.lnk -> C:\Users\suesarkis\AppData\Local\AOLDesktop\AolTrayApp.exe (AOL, Inc -> AOL Inc.)
Startup: C:\Users\suesarkis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyCorkboard.lnk [2017-10-15]
ShortcutTarget: MyCorkboard.lnk -> C:\Program Files (x86)\Corkboard\CORK.EXE (PC Dynamics, Inc.) [File not signed]
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AOL Desktop Launcher.lnk [2019-11-15]
ShortcutTarget: AOL Desktop Launcher.lnk -> C:\Users\suesarkis\AppData\Local\AOLDesktop\AolTrayApp.exe (AOL, Inc -> AOL Inc.)
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {01AEFE23-8B51-4189-9C7B-9F6A3EE580CB} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [39176 2017-10-11] (Microsoft Corporation -> Microsoft)
Task: {0405FE5E-2941-48AF-AE02-56CAE1594428} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_pepper.exe [1453624 2020-03-11] (Adobe Inc. -> Adobe)
Task: {1679F551-60AC-484D-A64D-79A079B5E144} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {185D8A69-4E7C-488D-AE93-83A8460CF2F1} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1283488 2020-09-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {2C455FCF-8A1C-4F05-BD47-24C5E0A0DFF9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764408 2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {2DCAC850-E0C4-43ED-9778-33873572DB4D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1336400 2020-07-08] (Adobe Inc. -> Adobe Inc.)
Task: {30515428-0D06-4844-BAC0-7FADFE6C79C3} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2497800 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {366B36C9-EB22-4CCC-9BBD-BF52B3F13C11} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3583264 2020-06-03] (Corel Corporation -> Corel Corporation)
Task: {3A488821-1ABC-45C9-BC85-00E9BF0E7786} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\suesarkis\Downloads\esetonlinescanner_enu.exe [8149816 2019-09-29] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {48F582DD-B519-49AB-AFF7-1E812641931A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-11] (Adobe Inc. -> Adobe)
Task: {559C1EE8-B918-4FF8-B901-40131935A0E1} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel® Trusted Connect Service -> Intel® Corporation)
Task: {57100AE3-B92D-4FC1-8D7F-8CFB19AA6707} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-01] (Google Inc -> Google Inc.)
Task: {75BF6DE9-4FCA-4BC3-827F-FE7528955A2E} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1844488 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {7803EAFA-C860-4CA5-832E-A0EBB9CD14AF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {82B94AD8-29A8-40ED-A907-224D53D80DFA} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\suesarkis\Downloads\esetonlinescanner_enu.exe [8149816 2019-09-29] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {8FA0207E-0F04-4B48-BD37-B2136C28A95A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-01] (Google Inc -> Google Inc.)
Task: {926D5219-2D77-469E-99DB-3203D2EA83ED} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118120 2020-09-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {9B255169-60AD-44CA-9D0C-9EC3EE97AA0B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764408 2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {A9A555E0-9B0D-4230-B577-05A5E76B8619} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [1967880 2017-10-11] (Microsoft Corporation -> Microsoft)
Task: {B4E4E23A-B57D-4458-9E53-2ED4C42667D6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BBF33665-2444-4F15-A3F4-F7AEC254031D} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2497800 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {C752C1EA-34F5-4579-906B-C60F5065FA31} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118120 2020-09-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {C7AA6333-7B3F-4297-B701-B24279F83894} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DEC2E8AB-AF71-4069-837A-F83ADD0F36EC} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1844488 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 209.18.47.63 209.18.47.61
Tcpip\..\Interfaces\{1b626343-04a6-45cd-b559-9a91b11fb27c}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{dace9ba1-7c81-4972-8e00-a728cdf2e3da}: [DhcpNameServer] 209.18.47.63 209.18.47.61
 
Edge: 
======
DownloadDir: C:\Users\suesarkis\Downloads
Edge Profile: C:\Users\suesarkis\AppData\Local\Microsoft\Edge\User Data\Default [2020-09-18]
Edge DownloadDir: C:\Users\suesarkis\Downloads
 
FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-08-17] (Adobe Inc. -> Adobe Systems Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default [2020-09-20]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxps://us.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=86311457&param1=y6bdVFVIsvuYsgEClQfz8HyFH9tZCHsOZFHNP%2BYwJC2KzKng6DqDwLXGzQuImnSkuMRjGBMJKVXU9IRCVZHYmv03SMviyUpr2foFPnoYkJaB3zfa5tmymI5biZxxjmVTIbN5ffDfL8kCtQrGoxi2kMRzHbkFAtg5EnpK5Hu5iMnnZUYerfkfO61IRimZ47UAtI3vkxx%2FSpXj3joplwZyWJfCIZm2pmJkfO%2F12o7jo58hmN5FO46RpWqsGGdB92u35v50dGIfe8QyECGyKPI9WTZlPjMpXto87EcWfoMMx88%3D"
CHR DefaultSearchKeyword: Default -> google.com_
CHR Extension: (Slides) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Entanglement Web App) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2017-10-08]
CHR Extension: (e-Player) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\agilokibjakdcmghlogojfbjmhbkhgmc [2020-06-08]
CHR Extension: (Docs) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-01]
CHR Extension: (YouTube) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-01]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-09-10]
CHR Extension: (Adobe Acrobat) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-09-16]
CHR Extension: (Sheets) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Google Docs Offline) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-14]
CHR Extension: (Poppit!) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2017-10-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-03]
CHR Profile: C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-09-26]
CHR Profile: C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-09-20]
CHR Extension: (Slides) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-24]
CHR Extension: (Docs) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-24]
CHR Extension: (Google Drive) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-02-24]
CHR Extension: (YouTube) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-02-24]
CHR Extension: (Adobe Acrobat) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-02-24]
CHR Extension: (Sheets) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-24]
CHR Extension: (Google Docs Offline) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-02-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-24]
CHR Extension: (Gmail) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-24]
CHR Extension: (Chrome Media Router) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-29]
CHR Profile: C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\System Profile [2019-09-26]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-07-08] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-11] (Adobe Inc. -> Adobe)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8838528 2020-09-04] (Microsoft Corporation -> Microsoft Corporation)
S3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7185288 2020-09-18] (Malwarebytes Inc -> Malwarebytes)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\NisSrv.exe [2343112 2020-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MsMpEng.exe [128360 2020-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-10-06] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-09-18] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [217592 2020-09-20] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-09-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197280 2020-09-20] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73880 2020-09-20] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-09-18] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [131232 2020-09-20] (Malwarebytes Inc -> Malwarebytes)
S3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2020-09-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [428256 2020-09-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69856 2020-09-11] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-09-20 19:12 - 2020-09-20 19:12 - 000002339 _____ C:\Users\suesarkis\Desktop\AOL Desktop Gold.lnk
2020-09-20 19:08 - 2020-09-20 19:08 - 000073880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-09-20 19:07 - 2020-09-20 19:07 - 000217592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-09-20 19:07 - 2020-09-20 19:07 - 000197280 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-09-20 19:07 - 2020-09-20 19:07 - 000131232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-09-20 18:49 - 2020-09-20 18:49 - 002299392 _____ (Farbar) C:\Users\suesarkis\Desktop\FRST64.exe
2020-09-20 13:03 - 2020-09-20 13:03 - 001327673 _____ C:\Users\suesarkis\Desktop\Dog.mp4
2020-09-20 12:59 - 2020-09-20 13:00 - 005607235 _____ C:\Users\suesarkis\Desktop\So God Made A Dog-20171017-183151       7161.mp4
2020-09-19 22:04 - 2020-09-19 22:04 - 000000965 _____ C:\Users\suesarkis\Desktop\fried potatoes.txt
2020-09-19 19:41 - 2020-09-19 19:41 - 000000041 _____ C:\Users\suesarkis\Desktop\Hallmark.txt
2020-09-19 19:35 - 2020-09-19 19:42 - 000005017 _____ C:\Users\suesarkis\Desktop\Marshmallows.txt
2020-09-18 16:21 - 2020-09-18 16:22 - 000654203 _____ C:\Users\suesarkis\Downloads\company_chngadd.pdf
2020-09-18 16:00 - 2020-09-18 16:00 - 000015453 _____ C:\Users\suesarkis\Downloads\OnlinePaymentSummary.pdf
2020-09-18 16:00 - 2020-09-18 16:00 - 000015453 _____ C:\Users\suesarkis\Downloads\OnlinePaymentSummary (1).pdf
2020-09-18 10:10 - 2020-09-18 10:10 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-09-18 10:10 - 2020-09-18 10:09 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-09-17 16:38 - 2020-09-17 16:38 - 000086710 _____ C:\Users\suesarkis\Desktop\1600369633-5f626fd05f4914-48402097-invoice.pdf
2020-09-17 09:08 - 2020-09-17 09:12 - 000050167 _____ C:\Users\suesarkis\Desktop\Addition.txt
2020-09-17 09:02 - 2020-09-20 20:10 - 000024229 _____ C:\Users\suesarkis\Desktop\FRST.txt
2020-09-16 12:39 - 2020-09-20 13:36 - 000000122 _____ C:\Users\suesarkis\Desktop\for Josefa.txt
2020-09-14 22:20 - 2020-09-14 22:20 - 008414208 _____ C:\Users\suesarkis\Desktop\Engineer's Photo_album (1).pps
2020-09-14 17:07 - 2020-09-14 17:07 - 006026073 _____ C:\Users\suesarkis\Desktop\Permission to Come Aboard.mp4
2020-09-14 10:14 - 2020-09-14 10:14 - 000001907 _____ C:\Users\suesarkis\Desktop\Current steps.txt
2020-09-14 00:39 - 2020-09-14 00:39 - 000002864 _____ C:\Users\suesarkis\Desktop\AdwCleaner log.txt
2020-09-14 00:31 - 2020-09-14 00:31 - 008414384 _____ (Malwarebytes) C:\Users\suesarkis\Desktop\AdwCleaner.exe
2020-09-13 22:48 - 2020-09-13 22:48 - 002040904 _____ (Malwarebytes) C:\Users\suesarkis\Downloads\MBSetup (1).exe
2020-09-13 22:47 - 2020-09-13 22:47 - 002040904 _____ (Malwarebytes) C:\Users\suesarkis\Downloads\MBSetup.exe
2020-09-11 18:46 - 2020-09-11 18:46 - 005503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-09-11 18:46 - 2020-09-11 18:46 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-09-11 18:46 - 2020-09-11 18:46 - 004309504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-09-11 18:46 - 2020-09-11 18:46 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-09-11 18:46 - 2020-09-11 18:46 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-09-11 18:46 - 2020-09-11 18:46 - 000928768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFS.exe
2020-09-11 18:46 - 2020-09-11 18:46 - 000724480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-09-11 18:46 - 2020-09-11 18:46 - 000709632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2020-09-11 18:46 - 2020-09-11 18:46 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFSR.dll
2020-09-11 18:46 - 2020-09-11 18:46 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2020-09-11 18:46 - 2020-09-11 18:46 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMPOSE.dll
2020-09-11 18:46 - 2020-09-11 18:46 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2020-09-11 18:46 - 2020-09-11 18:46 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2020-09-11 18:46 - 2020-09-11 18:46 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOVER.exe
2020-09-11 18:46 - 2020-09-11 18:46 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSUTILITY.dll
2020-09-11 18:46 - 2020-09-11 18:46 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2020-09-11 18:46 - 2020-09-11 18:46 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMPOSERES.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 032928920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 031598936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 025444864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 018032128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 006304256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 005907456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 003525608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 003501568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 002494752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 002422384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2020-09-11 18:45 - 2020-09-11 18:45 - 002315472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 002230240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 002138264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2020-09-11 18:45 - 2020-09-11 18:45 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 001491160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 001272160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 001247744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2020-09-11 18:45 - 2020-09-11 18:45 - 001151808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 001108384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 001099600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 001039872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2020-09-11 18:45 - 2020-09-11 18:45 - 001012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000748384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000744240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2020-09-11 18:45 - 2020-09-11 18:45 - 000738072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2020-09-11 18:45 - 2020-09-11 18:45 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000682752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2020-09-11 18:45 - 2020-09-11 18:45 - 000666288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2020-09-11 18:45 - 2020-09-11 18:45 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000537608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000420168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-09-11 18:45 - 2020-09-11 18:45 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NAPCRYPT.DLL
2020-09-11 18:45 - 2020-09-11 18:45 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 022642176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 019852288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 007761408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 007284736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 005767744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 004859904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 004605952 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 004538368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 002585032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 002259680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 001459200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 001421392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 001397560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 001326592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 001218424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 001138688 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000894032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000783496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000775480 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000675032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000671560 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000593480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000528896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000466352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000422008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000299072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFMCP.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\FileHistory.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000224064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnscmmc.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnscmmc.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000090936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vid.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-09-11 18:44 - 2020-09-11 18:44 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhuxgraphics.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpapi.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiscap.sys
2020-09-11 18:44 - 2020-09-11 18:44 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tar.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NAPCRYPT.DLL
2020-09-11 18:44 - 2020-09-11 18:44 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edpnotify.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tar.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfctrs.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfdisk.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wslapi.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfos.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-09-11 18:44 - 2020-09-11 18:44 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000021304 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
2020-09-11 18:44 - 2020-09-11 18:44 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDKOR.DLL
2020-09-11 18:44 - 2020-09-11 18:44 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106n.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd101.DLL
2020-09-11 18:44 - 2020-09-11 18:44 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3r.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-09-11 18:44 - 2020-09-11 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-09-11 18:44 - 2020-09-11 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-09-11 18:44 - 2020-09-11 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-09-11 18:44 - 2020-09-11 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-09-11 18:44 - 2020-09-11 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-09-11 18:44 - 2020-09-11 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-09-11 18:44 - 2020-09-11 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-09-11 18:44 - 2020-09-11 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-09-11 18:44 - 2020-09-11 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-09-11 18:44 - 2020-09-11 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-09-11 18:44 - 2020-09-11 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-09-11 18:44 - 2020-09-11 18:44 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-09-11 18:43 - 2020-09-11 18:44 - 000553664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 006069360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 005848848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 005041152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 005003832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 003740456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 002799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-09-11 18:43 - 2020-09-11 18:43 - 002774088 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 002576896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 002565120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 002306048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001957552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001750016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001704960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001698816 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001672544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001664696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001653792 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001512960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001369088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001307464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001246208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001141048 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001124864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001054160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 001009200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000892728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2020-09-11 18:43 - 2020-09-11 18:43 - 000867328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000844088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000775768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000768504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-09-11 18:43 - 2020-09-11 18:43 - 000667312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000628400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000600064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000572208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000564480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000544336 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-09-11 18:43 - 2020-09-11 18:43 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-09-11 18:43 - 2020-09-11 18:43 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-09-11 18:43 - 2020-09-11 18:43 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000294728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2020-09-11 18:43 - 2020-09-11 18:43 - 000285056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2020-09-11 18:43 - 2020-09-11 18:43 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-09-11 18:43 - 2020-09-11 18:43 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000165184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000146640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapistub.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapi32.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2020-09-11 18:43 - 2020-09-11 18:43 - 000090944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpnotify.exe
2020-09-11 18:43 - 2020-09-11 18:43 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfctrs.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfdisk.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfos.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-09-11 18:43 - 2020-09-11 18:43 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2020-09-11 18:43 - 2020-09-11 18:43 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidtel.exe
2020-09-11 18:43 - 2020-09-11 18:43 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fixmapi.exe
2020-09-11 18:43 - 2020-09-11 18:43 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDJPN.DLL
2020-09-11 18:43 - 2020-09-11 18:43 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd106.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd106n.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbd101.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2020-09-11 18:43 - 2020-09-11 18:43 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 009926456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 007910152 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 007271232 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 006170624 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 005284328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 004048384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 003805696 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 003727872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 003547136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 003371176 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 003265024 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 002772616 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 002697536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 002483712 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 002260824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 002090280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 002073600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001999968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001930752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001918464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001726264 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001670144 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 001485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001480520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 001399216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001393960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001260752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001170960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000932256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000893104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000858928 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000823752 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000822784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000716304 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000661832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-09-11 18:42 - 2020-09-11 18:42 - 000460192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000372536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000363128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000356160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000260408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000254776 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000213824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000205640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidpolicyconverter.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000146248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 000132408 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000079576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000066872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000063296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000059392 _____ C:\WINDOWS\system32\runexehelper.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000057888 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
2020-09-11 18:42 - 2020-09-11 18:42 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys
2020-09-11 18:42 - 2020-09-11 18:42 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2020-09-11 18:42 - 2020-09-11 18:42 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 007845080 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 007582768 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 006233080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 004005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 003714048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 003136000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 002711552 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 002454904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 002291712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 002060288 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 001942016 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 001784832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 001767424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 001746232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 001499136 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 001182720 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 001182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-09-11 18:41 - 2020-09-11 18:41 - 001008952 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000981320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2020-09-11 18:41 - 2020-09-11 18:41 - 000978232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000944680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000555320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-09-11 18:41 - 2020-09-11 18:41 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000375096 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smbwmiv2.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000273208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000250680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000224072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000208712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000201544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000200008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapistub.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapi32.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000142152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-09-11 18:41 - 2020-09-11 18:41 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-09-11 18:41 - 2020-09-11 18:41 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-09-11 18:41 - 2020-09-11 18:41 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000047008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-09-11 18:41 - 2020-09-11 18:41 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-09-11 18:41 - 2020-09-11 18:41 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-09-11 18:41 - 2020-09-11 18:41 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdiagnostics.dll
2020-09-11 18:41 - 2020-09-11 18:41 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\fixmapi.exe
2020-09-11 18:41 - 2020-09-11 18:41 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2020-09-11 17:59 - 2020-09-11 17:59 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-09-11 17:59 - 2020-09-11 17:59 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-09-11 15:40 - 2020-09-10 16:40 - 000153723 _____ C:\Users\suesarkis\Documents\CDL.pdf
2020-09-11 15:23 - 2020-09-11 15:19 - 000744808 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-09-11 14:18 - 2020-09-11 14:22 - 011108576 _____ (McAfee, LLC) C:\Users\suesarkis\Desktop\MCPR.exe
2020-09-10 21:44 - 2020-09-10 21:44 - 000003372 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2069550446-780284186-1707450264-1001
2020-09-10 21:44 - 2020-09-10 21:44 - 000002375 _____ C:\Users\suesarkis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-09-09 13:51 - 2020-09-09 13:53 - 000002928 _____ C:\Users\suesarkis\Desktop\Geeks instructions.txt
2020-09-09 13:51 - 2020-09-09 13:51 - 000000085 _____ C:\WINDOWS\wininit.ini
2020-09-08 20:01 - 2020-09-08 20:01 - 005977466 _____ C:\Users\suesarkis\Desktop\Jon Voight Do or Die.mp4
2020-09-08 15:37 - 2020-09-08 16:03 - 001094172 _____ C:\WINDOWS\Minidump\090820-44484-01.dmp
2020-09-07 12:35 - 2020-09-07 12:48 - 000064068 _____ C:\Users\suesarkis\Downloads\Addition.txt
2020-09-07 12:11 - 2020-09-07 12:11 - 002297344 _____ (Farbar) C:\Users\suesarkis\Downloads\FRST64 (5).exe
2020-09-07 12:00 - 2020-09-07 12:00 - 002297344 _____ (Farbar) C:\Users\suesarkis\Downloads\FRST64 (4).exe
2020-09-07 12:00 - 2020-09-07 12:00 - 002297344 _____ (Farbar) C:\Users\suesarkis\Downloads\FRST64 (3).exe
2020-09-07 12:00 - 2020-09-07 12:00 - 002297344 _____ (Farbar) C:\Users\suesarkis\Downloads\FRST64 (2).exe
2020-09-07 09:46 - 2020-09-07 23:43 - 000001957 _____ C:\Users\suesarkis\Desktop\Geeks Leads.txt
2020-09-05 09:47 - 2020-09-05 09:47 - 000009346 _____ C:\Users\suesarkis\Documents\2020-9-5 Food Recipients.wpd
2020-09-04 22:30 - 2020-09-04 22:56 - 001124524 _____ C:\WINDOWS\Minidump\090420-41500-01.dmp
2020-09-04 08:35 - 2020-09-04 08:35 - 000000000 ____D C:\WINDOWS\%LOCALAPPDATA%
2020-09-03 01:07 - 2020-09-10 12:35 - 000000788 _____ C:\Users\suesarkis\Desktop\Walkenhorst.txt
2020-09-01 20:51 - 2020-09-01 20:51 - 000000160 _____ C:\Users\suesarkis\Desktop\Dr Lentz.txt
2020-08-31 21:09 - 2020-08-31 21:40 - 001284420 _____ C:\WINDOWS\Minidump\083120-40421-01.dmp
2020-08-31 15:02 - 2020-08-31 15:02 - 000000000 ____D C:\Users\suesarkis\db
2020-08-31 14:59 - 2020-08-31 15:00 - 093753336 _____ (Oath Inc.) C:\Users\suesarkis\Downloads\Install_AOL_Desktop (2).exe
2020-08-31 14:58 - 2020-08-31 15:00 - 000401025 _____ C:\Users\suesarkis\Desktop\AOL Desktop Backup 2020-08-31 14-58.AolSave
2020-08-29 08:56 - 2020-08-29 09:19 - 000681148 _____ C:\WINDOWS\Minidump\082920-44640-01.dmp
2020-08-26 23:48 - 2020-08-26 23:48 - 011519037 _____ C:\Users\suesarkis\Desktop\Cal Mafia.mp4
2020-08-26 13:22 - 2020-09-12 07:29 - 000530360 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-08-26 13:22 - 2020-08-26 13:39 - 001154748 _____ C:\WINDOWS\Minidump\082620-46968-01.dmp
2020-08-26 11:02 - 2020-08-26 11:02 - 000000124 _____ C:\Users\suesarkis\Desktop\Voter Fraud cases.txt
2020-08-22 21:34 - 2020-09-19 10:08 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-08-22 21:34 - 2020-09-10 18:14 - 000905528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2020-08-22 21:34 - 2020-09-10 18:14 - 000436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-09-20 20:10 - 2013-11-20 14:44 - 000000000 ____D C:\FRST
2020-09-20 20:07 - 2019-03-18 21:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-09-20 20:01 - 2019-12-01 15:55 - 000004160 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{B2E84DCE-1944-445C-A875-3E8412E6C94E}
2020-09-20 19:16 - 2019-02-24 13:37 - 000002400 _____ C:\Users\suesarkis\Desktop\Sweetsuzee - Chrome.lnk
2020-09-20 19:12 - 2017-06-01 08:00 - 000000000 ____D C:\Users\suesarkis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aol Inc
2020-09-20 19:08 - 2014-11-23 14:39 - 000000000 __SHD C:\Users\suesarkis\IntelGraphicsProfiles
2020-09-20 19:07 - 2019-12-01 15:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-09-20 19:06 - 2019-03-18 21:37 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2020-09-20 19:04 - 2019-09-26 10:34 - 000003100 _____ C:\Users\suesarkis\Desktop\Fixlog.txt
2020-09-20 18:49 - 2019-09-26 10:33 - 000000000 ____D C:\Users\suesarkis\Desktop\FRST-OlderVersion
2020-09-20 18:27 - 2019-12-01 15:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-09-20 10:25 - 2020-04-04 13:04 - 000000000 ____D C:\Users\suesarkis\AppData\LocalLow\IGDump
2020-09-20 08:09 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-09-19 08:52 - 2019-03-18 21:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-09-19 08:42 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2020-09-18 10:10 - 2020-08-03 08:49 - 000001993 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-09-18 10:10 - 2020-08-03 08:49 - 000001981 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-09-18 10:10 - 2020-08-03 08:49 - 000001981 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-09-18 10:10 - 2019-03-18 21:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-09-18 10:09 - 2020-08-03 08:37 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-09-16 12:24 - 2018-07-06 11:29 - 000000000 ____D C:\Users\suesarkis\AppData\Local\CrashDumps
2020-09-16 08:16 - 2019-12-01 15:23 - 000842668 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-09-16 08:16 - 2019-03-18 21:50 - 000000000 ____D C:\WINDOWS\INF
2020-09-15 23:59 - 2019-12-01 15:09 - 000000000 ____D C:\Users\suesarkis
2020-09-15 14:39 - 2013-04-24 08:40 - 000000000 ____D C:\Users\suesarkis\Documents\POLITICAL
2020-09-14 00:46 - 2013-04-23 16:55 - 000000000 ____D C:\Users\suesarkis\Documents\COMPUTER
2020-09-13 22:22 - 2013-04-23 16:54 - 000000000 ____D C:\Users\suesarkis\Documents\ARTICLES
2020-09-12 07:31 - 2017-12-09 17:00 - 000000000 ___RD C:\Users\suesarkis\3D Objects
2020-09-12 07:31 - 2013-01-14 11:27 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-09-12 00:24 - 2019-03-18 21:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-09-12 00:24 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-09-12 00:24 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-09-12 00:24 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-09-12 00:23 - 2019-03-18 21:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-09-12 00:23 - 2019-03-18 21:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-09-12 00:23 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-09-12 00:23 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-09-12 00:23 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-09-11 23:34 - 2018-05-18 10:21 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-09-11 23:33 - 2019-03-18 21:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-09-11 19:09 - 2017-06-01 12:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-09-11 19:02 - 2019-03-18 21:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-09-11 19:02 - 2017-06-01 11:59 - 129170736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-09-11 18:41 - 2019-12-01 15:07 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-09-11 09:07 - 2017-06-02 16:27 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-09-10 21:44 - 2014-12-28 20:34 - 000000000 ___RD C:\Users\suesarkis\OneDrive
2020-09-10 08:05 - 2020-06-14 07:38 - 000002400 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-09-10 08:05 - 2020-06-14 07:38 - 000002238 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-09-10 08:05 - 2020-06-14 07:38 - 000002238 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-09-09 16:45 - 2017-06-01 07:49 - 000002261 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-09 16:45 - 2017-06-01 07:49 - 000002220 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-09-09 16:45 - 2017-06-01 07:49 - 000002220 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-09-08 15:37 - 2020-03-19 14:42 - 000000000 ____D C:\WINDOWS\Minidump
2020-09-08 14:32 - 2018-04-26 18:20 - 000000000 ____D C:\Users\suesarkis\AppData\Local\AOLDesktop
2020-09-08 14:30 - 2017-06-01 07:59 - 000000000 ____D C:\Users\suesarkis\AppData\Local\SquirrelTemp
2020-09-07 18:42 - 2013-05-23 10:22 - 000000000 ____D C:\Users\suesarkis\Documents\PHONE BOOK
2020-09-07 16:29 - 2013-05-15 11:30 - 000000000 ____D C:\Users\suesarkis\Documents\PASSWORDS
2020-09-07 12:48 - 2013-11-30 18:43 - 000098336 _____ C:\Users\suesarkis\Downloads\FRST.txt
2020-09-06 23:15 - 2017-09-14 23:52 - 000001829 _____ C:\Users\suesarkis\Desktop\GROCERIES.txt
2020-09-05 23:28 - 2017-07-27 16:07 - 000003391 _____ C:\Users\suesarkis\Desktop\email addresses.txt
2020-09-05 14:51 - 2020-01-12 14:45 - 000000118 _____ C:\Users\suesarkis\Desktop\Ernestine.txt
2020-09-04 10:24 - 2013-05-23 10:25 - 000000000 ____D C:\Users\suesarkis\Documents\STOCKS
2020-09-03 23:49 - 2019-12-01 15:09 - 000000000 ____D C:\Users\Administrator
2020-09-01 23:18 - 2020-08-11 06:31 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-09-01 23:18 - 2020-06-14 07:37 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-09-01 23:18 - 2020-06-14 07:37 - 000003184 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-09-01 23:18 - 2020-03-04 12:16 - 000002440 _____ C:\WINDOWS\system32\Tasks\CorelUpdateHelperTaskCore
2020-09-01 23:18 - 2019-12-01 15:55 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-09-01 23:18 - 2019-12-01 15:55 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-09-01 23:18 - 2019-12-01 15:55 - 000003118 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2020-09-01 23:18 - 2019-12-01 15:55 - 000002982 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2020-09-01 23:18 - 2019-12-01 15:55 - 000002896 _____ C:\WINDOWS\system32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe
2020-09-01 23:18 - 2019-12-01 15:55 - 000002856 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2069550446-780284186-1707450264-1004
2020-09-01 23:18 - 2019-12-01 15:55 - 000002602 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2020-09-01 23:18 - 2019-12-01 15:55 - 000002444 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2020-09-01 23:18 - 2019-12-01 15:55 - 000002392 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2020-09-01 23:18 - 2019-12-01 15:55 - 000002388 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_itype_exe
2020-09-01 23:18 - 2019-12-01 15:55 - 000002374 _____ C:\WINDOWS\system32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2020-09-01 23:18 - 2019-12-01 15:55 - 000002370 _____ C:\WINDOWS\system32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2020-09-01 23:18 - 2019-12-01 15:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-09-01 20:58 - 2013-05-23 10:21 - 000000000 ____D C:\Users\suesarkis\Documents\MISC
2020-08-31 15:02 - 2020-06-18 14:09 - 000000000 ____D C:\Users\suesarkis\AppData\Local\AOLDesktopData
2020-08-31 15:01 - 2018-06-09 17:51 - 000000000 ____D C:\Users\suesarkis\AppData\Local\D3DSCache
2020-08-31 10:58 - 2013-05-23 10:15 - 000000000 ____D C:\Users\suesarkis\Documents\Complaints
2020-08-30 17:10 - 2013-05-20 14:48 - 000000000 ____D C:\Users\suesarkis\Documents\JOKES
2020-08-29 21:42 - 2020-05-17 21:52 - 000002968 _____ C:\Users\suesarkis\Desktop\Tenants.txt
2020-08-21 08:42 - 2020-08-20 08:02 - 000000000 ____D C:\found.002
 
==================== Files in the root of some directories ========
 
2015-02-11 19:02 - 2015-02-11 19:02 - 000880208 _____ (Google Inc.) C:\Users\suesarkis\ChromeSetup.exe
2017-11-17 09:38 - 2017-11-17 09:38 - 000000017 _____ () C:\Users\suesarkis\AppData\Local\resmon.resmoncfg
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
 
 
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-09-2020
Ran by suesarkis (20-09-2020 20:13:14)
Running from C:\Users\suesarkis\Desktop
Windows 10 Home Version 1909 18363.1082 (X64) (2019-12-01 22:57:22)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2069550446-780284186-1707450264-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-2069550446-780284186-1707450264-503 - Limited - Disabled)
Guest (S-1-5-21-2069550446-780284186-1707450264-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2069550446-780284186-1707450264-1003 - Limited - Enabled)
suesarkis (S-1-5-21-2069550446-780284186-1707450264-1001 - Administrator - Enabled) => C:\Users\suesarkis
User (S-1-5-21-2069550446-780284186-1707450264-1004 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-2069550446-780284186-1707450264-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.012.20043 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.344 - Adobe)
AOL Desktop Gold (HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\AOLDesktop) (Version: 11.0.2811 - Oath Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Copernic Desktop Search (HKLM\...\{CFC6FE00-2609-4D6D-8209-C232864B9861}) (Version: 7.1.2.13449 - Copernic) Hidden
Copernic Desktop Search (HKLM\...\CopernicDesktopSearch7) (Version: 7.1.2.13449 - Copernic)
Corel Update Manager (HKLM-x32\...\{970F0689-74EE-4847-82DD-37F33D62C6A5}) (Version: 2.13.594 - Corel corporation) Hidden
Digital Coupon Printer (HKLM-x32\...\{2CDD20A5-DFDE-4AC0-97DD-F60B1196BF98}) (Version: 3.50.0.0 - Hopster, Inc. an Inmar company)
Free Alarm Clock (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 4.0.1.0 - Comfort Software Group)
Free Countdown Timer (HKLM-x32\...\{404245D0-E836-4737-9C12-D4D0034540F5}_is1) (Version: 4.0.1.0 - Comfort Software Group)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.102 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HP LaserJet Pro M402-M403 n-dne (HKLM-x32\...\{e2164336-c5d8-4ac9-a53b-125779c4c21b}) (Version: 16.0.17174.675 - Hewlett-Packard)
HPDXP (HKLM-x32\...\{2D0909B2-FA33-4C36-8845-BF930A5A945E}) (Version: 3.0.26.20 - HP) Hidden
HPLJPRoM402M403ndne (HKLM-x32\...\{58532038-B97D-4C9B-9B96-C70D5EA763F4}) (Version: 0.10.0000 - Hewlett-Packard) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{314d4c01-f54b-4125-a71f-1e2722c29050}) (Version: 10.1.1.40 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.11.1193 - Intel Corporation)
Intel® PRO/Wireless Driver (HKLM\...\{66afb482-3029-428f-8283-135d3c272132}) (Version: 19.00.0000.4496 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4885 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.0.3.1080 - Intel Corporation)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{C81FD018-F151-460F-B4F9-0D58039503E2}) (Version: 17.2.4.9002 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{B294CE94-FE0F-4427-910C-180AF9FCFED1}) (Version: 1.0.1.620 - Intel Corporation)
LJDXPHelperUI (HKLM-x32\...\{DEB23FB1-04FF-44AC-98B5-EEB243D65A28}) (Version: 140.069.007 - HP) Hidden
Malwarebytes version 4.2.1.89 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.1.89 - Malwarebytes)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13127.20408 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.51 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 3.2.116.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\OneDriveSetup.exe) (Version: 20.143.0716.0003 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{97238E8A-4919-4A1E-965A-C6C36938F4CE}) (Version: 2.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MyCorkboard Screen Saver (HKLM-x32\...\Corkboard) (Version:  - )
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13127.20164 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13127.20164 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13127.20378 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13127.20164 - Microsoft Corporation) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation)
WordPerfect Office IFilter 32-bit (HKLM-x32\...\{1DF03ECE-6AF4-414E-B118-C316F151A9A2}) (Version: 1.6 - Corel Corporation)
WordPerfect Office IFilter 64-bit (HKLM\...\{1B45B85C-99E8-4523-8FB3-0248B3DECFC8}) (Version: 1.6 - Corel Corporation)
WordPerfect Office X7 - IPM Content HSE (HKLM-x32\...\{8E879C65-6BA7-4108-9A0D-C455A30ECAF6}) (Version: 17.0 - Corel Corporation) Hidden
WordPerfect Office X7 - IPM HSE (HKLM-x32\...\{D55537B5-123F-4CEE-A56C-557582FA285D}) (Version: 17.2 - Corel Corporation) Hidden
WordPerfect Office X9 - Common Files (HKLM-x32\...\{50567D26-6C7E-4A3E-9752-BE23977A6C8D}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Common Files English (HKLM-x32\...\{97D165C7-7B4C-442D-9DC6-FE0240A1C98C}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - IPM Content HSE (HKLM-x32\...\{2C332DEE-CB1A-4C4C-A976-7F6FBBDA08F1}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - IPM HSE (HKLM-x32\...\{EF04AF62-9B04-470E-B2EB-D28EE053D991}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Lightning Files (HKLM-x32\...\{5D00E927-0798-4F5D-83B2-A60AFA4C7B93}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Lightning Files English (HKLM-x32\...\{0705BB45-E2C0-41AF-A24D-BB66FB78F574}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Oxford (HKLM-x32\...\{9B32CB12-C951-417E-8490-EAD6E56D920D}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Presentations Files (HKLM-x32\...\{6C2494D8-AA48-49E8-8449-BCDA8BB7F01C}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Presentations Files English (HKLM-x32\...\{C55FBD71-ACA9-495F-9EBA-EB23A51206D0}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Quattro Pro Files (HKLM-x32\...\{B085C003-6454-4512-A3CB-B873E4F8ABEF}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Quattro Pro Files English (HKLM-x32\...\{941020B9-7483-4FA2-B40B-C56815361DAB}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Redists (HKLM-x32\...\{8092CE83-3E55-499F-B746-06E6825C7381}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Setup Files (HKLM-x32\...\{F5784FBC-42E2-429F-A7CF-34959D995957}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - WordPerfect Files (HKLM-x32\...\{55D49A6A-BCBE-40A4-8A9E-1AEC5F125CAC}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - WordPerfect Files English (HKLM-x32\...\{6052701D-0BA0-4AC9-9E7C-0209E0CB2873}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - WPD format Props x64 (HKLM\...\{32B843EE-A124-4DBE-84D0-BB2AE22FF5C1}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Writing Tools Files (HKLM-x32\...\{116B261F-1198-4F52-B46A-D6C3A70171FA}) (Version: 19.0 -  Corel Corporation) Hidden
WordPerfect Office X9 (HKLM-x32\...\_{F5784FBC-42E2-429F-A7CF-34959D995957}) (Version: 19.0.0.325 - Corel Corporation)
WordPerfect Office X9 (HKLM-x32\...\{60338C41-EFE7-42C2-9442-46AE4FE90CC5}) (Version: 19.0 - Corel Corporation) Hidden
 
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2020-01-21] (Autodesk Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-05-27] (HP Inc.)
Keeper - Password Manager & Secure File Storage -> C:\Program Files\WindowsApps\KeeperSecurityInc.Keeper_14.0.33.0_x64__kejf07qmg0jnm [2020-01-21] (Keeper Security Inc)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-22] (Microsoft Studios) [MS Ad]
Microsoft Ultimate Word Games -> C:\Program Files\WindowsApps\Microsoft.Studios.Wordament_3.6.10070.0_x64__8wekyb3d8bbwe [2020-01-21] (Microsoft Studios) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-23] (Microsoft Corporation)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-06-11] (Adobe Systems Incorporated)
RICOH Driver Utility -> C:\Program Files\WindowsApps\3EA2211E.RICOHDriverUtility_4.6.0.0_x86__fxme7667cy4q4 [2020-02-14] (Ricoh Company, Ltd.)
Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35054.0.0_x64__807d65c4rvak2 [2020-03-13] (Synaptics Incorporated)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2020-01-21] (Twitter Inc.)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2069550446-780284186-1707450264-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel® pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-02-25] () [File not signed] [File is in use]
ContextMenuHandlers1: [CopernicFileShellContextMenuExtension] -> {fad66f81-4ada-3a28-a8d3-97f227e9abc4} => C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.ShellContextMenu.dll [2020-03-04] (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation)
ContextMenuHandlers2: [CopernicFolderShellContextMenuExtension] -> {c29b51af-17b7-3bf8-a3c1-93920128ef65} => C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.ShellContextMenu.dll [2020-03-04] (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation)
ContextMenuHandlers2-x32: [QuickFinderMenu] -> {0c5824b1-555e-4799-b8be-97b08362623b} => c:\Program Files (x86)\Corel\WordPerfect Office X9\Programs\PFSE190.DLL [2018-05-13] (Corel Corporation -> Corel Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-08-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-02-25] () [File not signed] [File is in use]
ContextMenuHandlers4: [CopernicFolderShellContextMenuExtension] -> {c29b51af-17b7-3bf8-a3c1-93920128ef65} => C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.ShellContextMenu.dll [2020-03-04] (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation)
ContextMenuHandlers4-x32: [QuickFinderMenu] -> {0c5824b1-555e-4799-b8be-97b08362623b} => c:\Program Files (x86)\Corel\WordPerfect Office X9\Programs\PFSE190.DLL [2018-05-13] (Corel Corporation -> Corel Corporation)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-01] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [CopernicFolderShellContextMenuExtension] -> {c29b51af-17b7-3bf8-a3c1-93920128ef65} => C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.ShellContextMenu.dll [2020-03-04] (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-08-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-01] (Piriform Ltd -> Piriform Ltd)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\suesarkis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyCorkboard Screen Saver\Special Offers.lnk -> hxxp://www.mycorkboard.com/SpecialOffers.as
Shortcut: C:\Users\suesarkis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyCorkboard Screen Saver\Visit MyCorkboard.com.lnk -> hxxp://www.mycorkboard.com
ShortcutWithArgument: C:\Users\suesarkis\Desktop\Sweetsuzee - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
 
==================== Loaded Modules (Whitelisted) =============
 
2009-09-16 19:44 - 2009-09-16 19:44 - 000153088 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hptcpmib.dll
2009-09-16 19:45 - 2009-09-16 19:45 - 000331264 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\HpTcpMon.dll
2009-09-16 12:44 - 2009-09-16 12:44 - 000132096 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hpzjrd01.dll
2019-02-25 14:15 - 2019-02-25 14:15 - 000126976 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll
1998-06-08 12:06 - 1998-06-08 12:06 - 000914432 _____ (LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\LEAD51N.dll
2009-09-16 19:45 - 2009-09-16 19:45 - 000317440 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\HPTcpMUI.dll
2020-04-09 07:31 - 2020-04-09 07:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\AppvIsvSubsystems32.dll
2020-04-09 07:31 - 2020-04-09 07:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
2002-10-10 21:47 - 2002-10-10 21:47 - 000081920 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\Animate.dll
2002-10-10 21:45 - 2017-10-15 21:50 - 000139264 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\cork.dll
2002-10-10 21:47 - 2002-10-10 21:47 - 000061440 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\CALENDAR.CBL
2002-10-10 21:47 - 2002-10-10 21:47 - 000065536 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\CLOCKS.CBL
2002-10-10 21:47 - 2002-10-10 21:47 - 000032768 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\DECOR.CBL
2002-10-10 21:47 - 2002-10-10 21:47 - 000032768 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\DIALER.CBL
2002-10-10 21:47 - 2002-10-10 21:47 - 000032768 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\GENGIZMO.CBL
2002-10-10 21:47 - 2002-10-10 21:47 - 000057344 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\GIZMOS.CBL
2002-10-10 21:47 - 2002-10-10 21:47 - 000036864 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\NAMEPLT.CBL
2002-10-10 21:47 - 2002-10-10 21:47 - 000036864 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\PICTURES.CBL
2002-10-10 21:47 - 2002-10-10 21:47 - 000049152 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\STKYNOTE.CBL
2002-10-10 21:47 - 2002-10-10 21:47 - 000057344 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\TODOLIST.CBL
2002-10-10 21:47 - 2002-10-10 21:47 - 000077824 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\public.dll
2020-04-29 19:48 - 2014-12-22 14:54 - 000110207 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\FreeCountdownTimer\bass.dll
2020-04-29 19:48 - 2014-11-28 15:54 - 000021772 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\FreeCountdownTimer\bassflac.dll
2020-04-29 19:48 - 2014-10-20 15:08 - 000017733 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\FreeCountdownTimer\basswma.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-09-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-09-11] (Microsoft Corporation -> Microsoft Corporation)
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\123simsen.com -> www.123simsen.com
 
There are 7863 more sites.
 
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2017-06-01 07:47 - 2020-02-29 16:05 - 000450599 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
 
There are 15459 more lines.
 
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;c:\Program Files\Intel\WiFi\bin\;c:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 209.18.47.63 - 209.18.47.61
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\StartupFolder: => "AOL OnePoint.lnk"
HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKLM\...\StartupApproved\Run32: => "Digital Coupon Print Driver"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\StartupApproved\Run: => "Copernic Desktop Search - Home"
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\StartupApproved\Run: => "Embedded Callback - remotesupport.aol.com"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{644E8E3F-A22B-438C-9991-E79FCE7AEE80}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6FA02D24-8C66-4400-9D74-DB957DF26456}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{26A6A246-CD82-4BA1-A8FA-DF8EFF017DAF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FD5CA861-AF5A-4745-B6CF-8C9972039858}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{691BB49A-75DB-48CB-AE42-979AB3D5E7A5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{171D7A6E-D088-4CC2-A349-679171E9DA0F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{362CD2AD-DD29-4461-B961-06AFF91EC639}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2849DD0E-4B2C-41D6-8F6C-270D8B695EA8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{351E634D-B39D-4303-89E9-108F28D4CFCA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{56DFA6EE-B223-48DA-AE2D-7B6FB7B42EA2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AFF96C6E-87ED-48B0-9140-E9FBF107C4DD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{20476A79-F171-41B9-8A9F-AC2AA3C5D0D3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BCAFC238-F073-46A9-989F-09EC7909000D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3121FCA4-0227-4705-83A9-FEA5E7D75193}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{835B0B78-5478-41AD-B336-95A81D30AFAD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9244B37B-4BD6-4502-A28A-566F4B89C988}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3CD4EA73-50E6-4ED3-821B-42EDFC036842}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8C95CD6D-AA8F-4418-9B6F-50058C112E3E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{88388D18-1D93-4892-BC4C-04008E4A7C45}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D6CD4C8C-7F69-4F51-988A-13EF795379E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C7D888F4-5E25-419A-AA35-A65EF831CEFD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E35B656B-CE90-4FB8-8F13-EFED49EA09BE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A415169A-3696-4674-9C2A-69E130772B05}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FFB02FD5-DDE7-40E8-8139-2DF0883E6689}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D2BB0580-314A-47EE-B439-D281FA70A33C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5061C8D4-DBED-4796-8760-442AEF3C4F10}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8DDDB957-5175-421C-B86B-5F7B90E5A2AC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F0D862E8-9DE5-4B32-B102-2EF907BEC393}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AD31E2C6-F3EB-4453-BCFE-B9241D7770E2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4DA0C036-3986-4D21-BEC2-7E7A5866CB21}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1F967218-F25E-454F-89E0-D0A8A7E7A35B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{54C4B7BB-0E96-490E-8C45-FC7C2B7D7FB8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{18296F8A-B57F-48C7-95AB-0E1F218B7D43}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E3D6C282-FF9F-41BC-AAF3-43BC982D8687}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6B48C52A-F93C-4C86-BD6B-A080A06AC8FC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F09221EE-7648-42C5-B166-DBCE3A859307}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5E44700D-544F-421A-9275-0E13366A81B4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CCF1E509-4E11-407A-912A-28D1EB193B88}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{54C20567-1CA6-4DCB-84E3-91E28531BC4A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EC585C8D-30EA-49C5-994B-CDC871132BD3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0DE47B94-519F-42C0-8D1F-70FD43447FD1}] => (Allow) C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.exe (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation)
FirewallRules: [TCP Query User{EFCDA0CA-A386-47D5-B29D-15CDAE4CCFE3}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2793\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2793\cefsharp.browsersubprocess.exe (AOL, Inc -> AOL)
FirewallRules: [UDP Query User{C4F5DBC4-7E72-4E7E-8627-4258EB62D1AD}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2793\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2793\cefsharp.browsersubprocess.exe (AOL, Inc -> AOL)
FirewallRules: [{301EA605-51E0-4F86-AA0C-18AC031A1205}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{51EE5A0C-9731-41CF-ACA7-5B026C36C348}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe (AOL, Inc -> AOL)
FirewallRules: [UDP Query User{D0C7915A-5D29-42E9-868A-4C74099A400A}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe (AOL, Inc -> AOL)
FirewallRules: [{0B29D4C1-F05F-48D6-9476-0A84C896EA60}] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe (AOL, Inc -> AOL)
FirewallRules: [{75A80072-DFC0-4B3D-AAF2-B73AA24CE619}] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe (AOL, Inc -> AOL)
FirewallRules: [{DD87381C-BFB7-48EE-B29C-992B77A970DD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1680976F-30E9-4F69-B406-49EEE183B5E3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5B9086FA-2F70-4AAD-B776-17995E9FB380}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B76CD90B-46F2-4381-81CB-01E0CF788D65}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1E989EEF-F355-4248-8D67-25B781DC44E7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3F1E08D7-584F-4B1F-AE05-5E9AA8D5C393}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.142.622.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9FD677AD-B8E8-4065-8E27-4F35CF983652}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.142.622.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E21A23C0-14AC-4610-8A2E-1BDF4A13FE0E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.142.622.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{329B1F42-B50B-49C0-AEE4-6223EDE51F81}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.142.622.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{81AB04F2-5C0A-4494-B48F-E0DF64F594AA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.142.622.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{03FE470E-530A-4340-88BE-294D1ECC4925}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.142.622.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6C3466DA-0FD4-4DD0-89DE-4450E483D2E9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.142.622.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B9FA33F4-4398-4EA4-AEEB-D176149D699A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.142.622.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
 
==================== Restore Points =========================
 
17-09-2020 11:44:42 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (09/20/2020 07:46:08 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2628,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (09/20/2020 07:24:13 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5760,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (09/20/2020 07:13:55 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: SUESBABY)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
 
Error: (09/20/2020 07:13:51 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: SUESBABY)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
 
Error: (09/20/2020 07:05:41 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.
 
Error: (09/20/2020 07:05:41 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
Error: (09/20/2020 07:05:40 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.
 
Error: (09/20/2020 07:05:40 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
 
 
System errors:
=============
Error: (09/20/2020 07:39:20 PM) (Source: DCOM) (EventID: 10010) (User: SUESBABY)
Description: The server Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
 
Error: (09/20/2020 07:38:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Intel® Security Assist service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (09/20/2020 07:38:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Intel® Security Assist service to connect.
 
Error: (09/20/2020 07:13:08 PM) (Source: DCOM) (EventID: 10010) (User: SUESBABY)
Description: The server Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
 
Error: (09/20/2020 07:09:50 PM) (Source: DCOM) (EventID: 10010) (User: SUESBABY)
Description: The server Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
 
Error: (09/20/2020 07:08:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (09/20/2020 07:08:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
 
Error: (09/20/2020 07:06:03 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\WINDOWS\System32\IWMSSvc.dll
 
 
Windows Defender:
===================================
Date: 2020-09-19 22:59:49.606
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {A9BF53E6-3BDA-44CD-A180-D7DDBBECE052}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-09-18 15:36:04.025
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {DA24F48F-C0A3-4B36-84AF-900C3D42605E}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-09-16 08:41:05.356
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {6517FC06-FC07-4A5E-A308-8C81F2B44D8B}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-09-14 09:17:14.574
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {FDB1AEDA-28BA-4D15-9835-62CC38CEFCC8}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-08-26 13:53:04.539
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {A83EF79B-1C54-40BA-8CEC-30976EF5DDC7}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-09-11 15:11:24.446
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80004005
Error description: Unspecified error 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
 
Date: 2020-09-11 15:11:24.446
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80004005
Error description: Unspecified error 
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
 
Date: 2020-08-26 13:59:15.172
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.253.717.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.15500.2
Error code: 0x80070645
Error description: This action is only valid for products that are currently installed. 
 
Date: 2020-08-26 13:59:15.172
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.253.717.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.15500.2
Error code: 0x80070645
Error description: This action is only valid for products that are currently installed. 
 
Date: 2020-08-26 13:59:15.171
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.253.717.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.15500.2
Error code: 0x80070645
Error description: This action is only valid for products that are currently installed. 
 
CodeIntegrity:
===================================
 
Date: 2020-09-14 00:18:47.378
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-09-14 00:18:45.766
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-09-14 00:18:23.875
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-09-14 00:18:23.873
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-09-09 13:38:16.128
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-09-09 13:38:10.228
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-09-09 13:33:57.053
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.
 
Date: 2020-09-09 13:18:28.263
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.
 
==================== Memory info =========================== 
 
BIOS: Insyde F.04 11/10/2012
Motherboard: Hewlett-Packard 1886
Processor: Intel® Core™ i7-3517U CPU @ 1.90GHz
Percentage of memory in use: 58%
Total physical RAM: 8088.28 MB
Available physical RAM: 3376.86 MB
Total Virtual: 16280.28 MB
Available Virtual: 10952.53 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:444.93 GB) (Free:348.49 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:19.19 GB) (Free:2.34 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (OD3.0 SSD) (Removable) (Total:117.53 GB) (Free:46.67 GB) FAT32
 
\\?\Volume{a4e7abf3-f886-47bb-96ff-bc698ba7c3ae}\ (WINRE) (Fixed) (Total:0.39 GB) (Free:0.14 GB) NTFS
\\?\Volume{6f3b996f-1ccc-4000-95d7-0bd109594337}\ () (Fixed) (Total:0.87 GB) (Free:0.24 GB) NTFS
\\?\Volume{01376181-7b57-4385-8f74-5719a12592e7}\ () (Fixed) (Total:0.25 GB) (Free:0.15 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: F893BEDB)
 
Partition: GPT.
 
==========================================================
Disk: 1 (Size: 8 GB) (Disk ID: 65103047)
 
Partition: GPT.
 
==========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 117.6 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=117.6 GB) - (Type=0C)
 
==================== End of Addition.txt =======================
 
 
As far as how the computer is working, well, that's debatable. I'm still getting popups all over the place but not necessarily in Windows.  My basic browser is Chrome but my emails all come in on AOL software and that's where I used to get tons of popups, I think.  However, I have to go start opening files only because I haven't done much for a week or so.  I do know, however, that if I attempt to copy an entire article from a link in AOL, it takes me forever to clean up the page since so many popup ads attach.  I don't suppose you know anything bout OL Gold Desktop.  LOL 
 
Take your time with this as I will be back and forth to the hospital for the next few days.

Attached Thumbnails

  • snipped screenshot.PNG

  • 0

Advertisements


#32
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 2,524 posts

Hi, Sue.

I hope you are feeling better.

As I already told you, if you saw those links in the logs, it is because because they are blocked as unsafe sites by an A/V software, specifically Spybot - Search & Destroy you had previously installed. There is nothing to worry about those.

As for the screenshot, I just provided that link in case you had difficulties with taking screenshots. I'm glad you haven't and you can get screenshots with the way you want.

 

I would like one more screenshot of the popups you receive. Please, take the whole screen, not just a part of it.

What I would also like you to do, is to run the fix I posted here. Instead of pressing "Scan," click the "Fix" button instead. Please, read the instructions here (step 2), one by one, and run the fix. When the fix is complete, post the resulting fixlog.txt in your reply.

P.S. No, I live in Europe and AOL is not offered here. :)


  • 0

#33
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 2,524 posts

Hi, Sue.

 

How are you doing? Is everything OK?


  • 0

#34
sweetsuzee

sweetsuzee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts

I tried to paste a screenshot and received an error message which said - "You are not allowed to use that image extension on this community.".  By the way, the popup ads seem to be happening only in AOL and they are Google ads.  I know that because when I make them disappear they say they are Google ads.  LOL  Anyway, I followed the instructions to the T, at least I thought I did regarding the next step and when all was said and done, the file was not where it was supposed to be.  However, I have Copernic Desktop Search which I live by, and I was able to find it.  Anything next?

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 23-09-2020
Ran by suesarkis (28-09-2020 15:20:11) Run:4
Running from C:\Users\suesarkis\Desktop
Loaded Profiles: suesarkis
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxps://us.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=86311457&param1=y6bdVFVIsvuYsgEClQfz8HyFH9tZCHsOZFHNP%2BYwJC2KzKng6DqDwLXGzQuImnSkuMRjGBMJKVXU9IRCVZHYmv03SMviyUpr2foFPnoYkJaB3zfa5tmymI5biZxxjmVTIbN5ffDfL8kCtQrGoxi2kMRzHbkFAtg5EnpK5Hu5iMnnZUYerfkfO61IRimZ47UAtI3vkxx%2FSpXj3joplwZyWJfCIZm2pmJkfO%2F12o7jo58hmN5FO46RpWqsGGdB92u35v50dGIfe8QyECGyKPI9WTZlPjMpXto87EcWfoMMx88%3D"
C:\Program Files (x86)\LMIR0838B001.tmp_r.bat
C:\Program Files (x86)\LMIR0B414001.tmp.bat
C:\Program Files (x86)\LMIR0B414001.tmp_r.bat
C:\Users\suesarkis\AppData\Local\LMIR09622001.tmp_r.bat
C:\Users\suesarkis\AppData\Local\LMIR0B406001.tmp.bat
C:\Users\suesarkis\AppData\Local\LMIR0B406001.tmp_r.bat
C:\Users\suesarkis\AppData\Local\[email protected]!-147561942927653119494-32.tmp
C:\Users\suesarkis\AppData\Local\[email protected]!-147561942927653119494-64.tmp
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
C:\Program Files\TrueKey
EmptyTemp:

*****************

Restore point was successfully created.
Processes closed successfully.
"Chrome StartupUrls" => removed successfully
"C:\Program Files (x86)\LMIR0838B001.tmp_r.bat" => not found
"C:\Program Files (x86)\LMIR0B414001.tmp.bat" => not found
"C:\Program Files (x86)\LMIR0B414001.tmp_r.bat" => not found
"C:\Users\suesarkis\AppData\Local\LMIR09622001.tmp_r.bat" => not found
"C:\Users\suesarkis\AppData\Local\LMIR0B406001.tmp.bat" => not found
"C:\Users\suesarkis\AppData\Local\LMIR0B406001.tmp_r.bat" => not found
"C:\Users\suesarkis\AppData\Local\[email protected]!-147561942927653119494-32.tmp" => not found
"C:\Users\suesarkis\AppData\Local\[email protected]!-147561942927653119494-64.tmp" => not found
HKLM\System\CurrentControlSet\Control\Lsa\\"Notification Packages"="scecli" => value restored successfully
"C:\Program Files\TrueKey" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 67974945 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 10441809 B
Edge => 0 B
Chrome => 562083518 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 19496 B
suesarkis => 21441556 B
User => 21441556 B
Administrator => 21441556 B

RecycleBin => 78424537 B
EmptyTemp: => 757 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 15:23:39 ====


  • 0

#35
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 2,524 posts
Hi, Sue.
 
I'm glad you are back. I hope you are feeling better. :)
 
Your computer has no sign of malware. The advertisements you are getting are part of the AOL Gold you use. I have selected this information for you, from their site:
 

1. AOL webmail is a free email service that is made possible by marketing ads.
2. To read email without distractions, you can temporarily hide ads and give ad feedback. Permanently remove ads by purchasing an Ad-Free AOL Mail subscription.
3. Paid ads are advertisements that promote products or services unrelated to AOL. With Ad-Free AOL Mail, youll no longer see these paid ads, but you may see promotions for AOL products and brands. We want to ensure you receive our latest product news and info.
4. At this time, Ad-Free AOL Mail is only available when checking email on the web from your computer. If you access AOL Mail using the AOL Desktop software or your mobile device, you will continue to see paid advertising.

 
So, if you continue use AOL, these ads will continue to appear.
 
Do you have any other issues/concerns regarding this computer?
 
 
  • 0

#36
sweetsuzee

sweetsuzee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts

Yes, I have other issues.  The last screenshot that I sent you was ads, etc. that were in Google Chrome's browser.  Secondly, I do not use the free AOL website service.  I pay a monthly fee and have the ad free service, allegedly.  The AOL Gold Desktop software is loaded onto my computer.  However, I do get Google ads over there as indicated in the previous screenshot.  Again, another catastrophe in my life as my daughter died 2 days ago and I have grandchildren coming in from all over.  The funeral is Monday and I have my hands a little tied about time.  I will respond as quickly as possible, however.   


  • 0

#37
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 2,524 posts
My sincere condolences to you and your family, Sue. I an very sorry to hear this.

Please, take your time. In any case, I can wait.

Just a couple of comments/questions:

AOL indicates:
Paid ads are advertisements that promote products or services unrelated to AOL. With Ad-Free AOL Mail, youll no longer see these paid ads, but you may see promotions for AOL products and brands. We want to ensure you receive our latest product news and info

Can you use the method you used before to take and attach here the ads screenshot?
Here is the article I sent to you about how we can take screenshots. Use method 2. Save the screenshot on your Desktop and attach it in your next reply.
  • 0

#38
sweetsuzee

sweetsuzee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts

So glad to hear from you. I'm sitting here actually typing via AOL which is unusual for me as I am so used to doing everything except emails in Chrome. However, the minute I go to Google all heck will break loose whereby I will receive all these pop-up notices from Norton AND McAfee about all of these viruses found. However, I neither have Norton nor McAfee active.  However, the popups have revealed, I do believe, that I'm infected with pointcaptchaspot dot com.  Question - just prior to this happening I was going to contact tech support at AOL as I believe my software has been messed up.  Very, very slow to do anything and getting worse.  This has been going on for quite a while and I just procrastinated due to so many other major occurrences in my life and then this happened.  Would it be better for me to handle AOL's issues first?  Please advise.  Oh, by the way.  When all of this nonsense started about the viruses I came to realize that I didn't have any AV installed, not even Windows Defender.  I scanned with my Malwarebytes and the ADW but still was concerned because the popups said VIRUS.  Although you don't like AVG I did download it 2 or 3 days ago just to run a complete scan which I did. It didn't find anything. I got the free version so we can remove it when ready. However, what AV program do you think I should use?  I truly trust your opinion.  And I will thank you in advance for your courteous and conscientious handling of my issues.


  • 0

#39
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 2,524 posts

Hi, Sue!
 
I was very happy to hear from you that you want to continue with this computer's issues.
 
Since it's been a long time, I would like to see fresh FRST logs. Then, I will be able to tell you more.
 

  • Download Farbar Recovery Scan Tool and save it to your desktop. If your antivirus software detects the tool as malicious, it’s safe to allow FRST to run. It is a false-positive detection.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click the FRST icon to run the tool. When the tool opens click Yes to disclaimer.
  • Press Scan button and wait for a while.
  • The scanner will produced two logs on your Desktop: FRST.txt and Addition.txt.
  • Please copy and paste the content of these two logs in your next reply (or attach/upload).

  • 0

#40
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 2,524 posts

Hi, Sue.

 

Are you still with me?


  • 0

Advertisements


#41
sweetsuzee

sweetsuzee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts

Of course I'm still with you. Just being interfered with by everything possible.  Okay, before I post the logs I want to give you an update.  I was able to get rid of that God awful pointcaptchaspot dot com by myself, I do believe.  By the way, when I tried numerous times to download the FRST from the link, it kept wanting to force me to download "Content Verifier by Securify".  I am sick and tired of being told what to do by download programs where they do not give a full explanation so I refused.  Then it dawned on me that I previously downloaded so I launched and it updated itself.  I've had outside techs in my computer.  To be honest, when I trust them I really like that as it is less stress for me.  I had both Corel and AOL people in.  The Corel tech removed the AVG for me.  Can you explain why the Malwarebytes did not catch the invader that I had whereby I kept getting warnings from both McAfee and Norton about all of these viruses I have. I believed they were BS since neither was installed on my computer to the best of my knowledge.   I will wait for your reply although I realize it will take yyou some time.  Don't pressure yourself.  

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-01-2021
Ran by suesarkis (administrator) on SUESBABY (Hewlett-Packard HP Spectre XT TouchSmart PC) (31-01-2021 14:01:45)
Running from C:\Users\suesarkis\Desktop\FRST-OlderVersion
Loaded Profiles: suesarkis
Platform: Windows 10 Home Version 2004 19041.746 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(AOL, Inc -> AOL Inc.) C:\Users\suesarkis\AppData\Local\AOLDesktop\app-11.0.3046\AolDesktop.exe <2>
(AOL, Inc -> AOL) C:\Users\suesarkis\AppData\Local\AOLDesktop\app-11.0.3046\CefSharp.BrowserSubprocess.exe <7>
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(AVG Technologies USA, LLC -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\AVGBrowserCrashHandler.exe
(AVG Technologies USA, LLC -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\AVGBrowserCrashHandler64.exe
(Comfort Software Group -> Comfort Software Group) C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <16>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_972058dc64815bf9\RstMwService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2011.11613.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation) C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.exe
(N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation) C:\Program Files\Copernic\DesktopSearch\Copernic.Plugins.PluginsService.exe
(N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Systems) C:\Program Files\Copernic\DesktopSearch\DesktopSearchOutlookConnector.exe
(PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\CORK.EXE
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [320056 2019-02-28] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [QuickFinder Scheduler] => c:\Program Files (x86)\Corel\WordPerfect Office X9\Programs\QFSCHD190.EXE [247512 2018-05-13] (Corel Corporation -> Corel Corporation)
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\Run: [FreeCT] => C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe [4126624 2016-01-22] (Comfort Software Group -> Comfort Software Group)
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\Run: [AOLDesktop] => C:\Users\suesarkis\AppData\Local\AOLDesktop\AolDesktop.exe [562824 2021-01-27] (AOL, Inc -> AOL Inc.)
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5491248 2020-12-07] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\Run: [Copernic Desktop Search] => C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.exe [637664 2021-01-13] (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation)
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\WINDOWS\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{48F69C39-1356-4A7B-A899-70E3539D4982}] -> C:\Program Files (x86)\AVG\Browser\Application\87.1.7589.143\Installer\chrmstp.exe [2021-01-28] (AVG Technologies USA, LLC -> AVG Technologies)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.104\Installer\chrmstp.exe [2021-01-26] (Google LLC -> Google LLC)
Startup: C:\Users\suesarkis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AOL Desktop Launcher.lnk [2021-01-31]
ShortcutTarget: AOL Desktop Launcher.lnk -> C:\Users\suesarkis\AppData\Local\AOLDesktop\AolTrayApp.exe (AOL, Inc -> AOL Inc.)
Startup: C:\Users\suesarkis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyCorkboard.lnk [2017-10-15]
ShortcutTarget: MyCorkboard.lnk -> C:\Program Files (x86)\Corkboard\CORK.EXE (PC Dynamics, Inc.) [File not signed]
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AOL Desktop Launcher.lnk [2019-11-15]
ShortcutTarget: AOL Desktop Launcher.lnk -> C:\Users\suesarkis\AppData\Local\AOLDesktop\AolTrayApp.exe (AOL, Inc -> AOL Inc.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {01AEFE23-8B51-4189-9C7B-9F6A3EE580CB} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [39176 2017-10-11] (Microsoft Corporation -> Microsoft)
Task: {02CF96ED-65EB-4602-A22C-8797556B71E9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0405FE5E-2941-48AF-AE02-56CAE1594428} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_pepper.exe [1453624 2020-03-11] (Adobe Inc. -> Adobe)
Task: {0DB128CC-B7C6-4983-AA5A-D375FF95FCAA} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23062920 2021-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {185D8A69-4E7C-488D-AE93-83A8460CF2F1} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1161112 2021-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {30515428-0D06-4844-BAC0-7FADFE6C79C3} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2497800 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {366B36C9-EB22-4CCC-9BBD-BF52B3F13C11} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3583264 2020-06-03] (Corel Corporation -> Corel Corporation)
Task: {3A488821-1ABC-45C9-BC85-00E9BF0E7786} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\suesarkis\Downloads\esetonlinescanner_enu.exe [8149816 2019-09-29] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {3EB8A6CF-7AA7-4003-B819-B9D7FC22E4B2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23062920 2021-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\Antivirus Emergency Update" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\CorelUpdateHelperTask-626B1ACC6903E10800B8D653EB5DD4E1" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\CorelUpdateHelperTaskCore" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\EOSv3 Scheduler onLogOn" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\EOSv3 Scheduler onTime" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\Intel PTT EK Recertification" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore1d6b415f8d6031f" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\Microsoft_Hardware_Launch_ipoint_exe" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\Microsoft_Hardware_Launch_itype_exe" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\Microsoft_Hardware_Launch_mousekeyboardcenter_exe" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\Microsoft_MKC_Logon_Task_ceip.exe" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(17): schtasks.exe -> /Change /TN "\Microsoft_MKC_Logon_Task_ipoint.exe" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(18): schtasks.exe -> /Change /TN "\Microsoft_MKC_Logon_Task_itype.exe" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(19): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-2069550446-780284186-1707450264-1001" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(20): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-2069550446-780284186-1707450264-1004" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(21): schtasks.exe -> /Change /TN "\User_Feed_Synchronization-{B2E84DCE-1944-445C-A875-3E8412E6C94E}" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(22): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {48F582DD-B519-49AB-AFF7-1E812641931A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-11] (Adobe Inc. -> Adobe)
Task: {4A6C7A6B-4E09-4CE8-B50F-D1B071634F74} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2021-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {559C1EE8-B918-4FF8-B901-40131935A0E1} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel® Trusted Connect Service -> Intel® Corporation)
Task: {57100AE3-B92D-4FC1-8D7F-8CFB19AA6707} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-01] (Google Inc -> Google Inc.)
Task: {5A5ED2DA-B956-47C2-B06A-6D08266D1327} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {698FCF01-2764-40E8-98E2-08321D8BBCC4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2021-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {7306BD7A-B760-4546-942A-8AB2A23C5B7D} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2021-01-24] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {75BF6DE9-4FCA-4BC3-827F-FE7528955A2E} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1844488 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {7E5F8248-9F5A-4C70-A029-59D3D39660D3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8095D559-4D1F-483F-9DE1-09B1CEBE569C} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2021-01-24] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {82B94AD8-29A8-40ED-A907-224D53D80DFA} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\suesarkis\Downloads\esetonlinescanner_enu.exe [8149816 2019-09-29] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {8FA0207E-0F04-4B48-BD37-B2136C28A95A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-01] (Google Inc -> Google Inc.)
Task: {999BB248-92B0-4558-9F0D-DE2AB197BE06} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9CC69702-A2A3-42C7-AAE6-9199F525DCC9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {A9A555E0-9B0D-4230-B577-05A5E76B8619} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [1967880 2017-10-11] (Microsoft Corporation -> Microsoft)
Task: {BBF33665-2444-4F15-A3F4-F7AEC254031D} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2497800 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {D03DB914-2545-4B80-AEE9-909A293195C9} - System32\Tasks\CorelUpdateHelperTask-626B1ACC6903E10800B8D653EB5DD4E1 => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3583264 2020-06-03] (Corel Corporation -> Corel Corporation)
Task: {D8E77B2A-9F91-46C1-B678-6E07E2E6EF95} - System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [2177968 2021-01-08] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {D9BFCC21-B1D4-4E8D-BECD-FECAD3147E91} - System32\Tasks\AVG Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [2177968 2021-01-08] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {DEC2E8AB-AF71-4069-837A-F83ADD0F36EC} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1844488 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 209.18.47.63 209.18.47.61
Tcpip\..\Interfaces\{1b626343-04a6-45cd-b559-9a91b11fb27c}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{dace9ba1-7c81-4972-8e00-a728cdf2e3da}: [DhcpNameServer] 209.18.47.63 209.18.47.61
 
Edge: 
=======
DownloadDir: C:\Users\suesarkis\Downloads
Edge Profile: C:\Users\suesarkis\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-07]
Edge DownloadDir: C:\Users\suesarkis\Downloads
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
 
FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=3 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\npAvgBrowserUpdate3.dll [2021-01-24] (AVG Technologies USA, LLC -> AVG Technologies)
FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=9 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1066.0\npAvgBrowserUpdate3.dll [2021-01-24] (AVG Technologies USA, LLC -> AVG Technologies)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default [2021-01-31]
CHR Notifications: Default -> hxxps://gab.com; hxxps://www.dailynews.com; hxxps://www.facebook.com; hxxps://www.reddit.com
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxps://us.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=86311457&param1=y6bdVFVIsvuYsgEClQfz8HyFH9tZCHsOZFHNP%2BYwJC2KzKng6DqDwLXGzQuImnSkuMRjGBMJKVXU9IRCVZHYmv03SMviyUpr2foFPnoYkJaB3zfa5tmymI5biZxxjmVTIbN5ffDfL8kCtQrGoxi2kMRzHbkFAtg5EnpK5Hu5iMnnZUYerfkfO61IRimZ47UAtI3vkxx%2FSpXj3joplwZyWJfCIZm2pmJkfO%2F12o7jo58hmN5FO46RpWqsGGdB92u35v50dGIfe8QyECGyKPI9WTZlPjMpXto87EcWfoMMx88%3D"
CHR Extension: (Slides) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Entanglement Web App) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2017-10-08]
CHR Extension: (e-Player) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\agilokibjakdcmghlogojfbjmhbkhgmc [2020-06-08]
CHR Extension: (Docs) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (YouTube) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-01]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-01-28]
CHR Extension: (Adobe Acrobat) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-12-16]
CHR Extension: (Sheets) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Google Docs Offline) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-16]
CHR Extension: (Poppit!) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2017-10-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-28]
CHR Extension: (Gmail) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-25]
CHR Profile: C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-09-26]
CHR Profile: C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-09-20]
CHR Extension: (Slides) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-24]
CHR Extension: (Docs) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-24]
CHR Extension: (Google Drive) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-02-24]
CHR Extension: (YouTube) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-02-24]
CHR Extension: (Adobe Acrobat) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-02-24]
CHR Extension: (Sheets) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-24]
CHR Extension: (Google Docs Offline) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-02-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-24]
CHR Extension: (Gmail) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-24]
CHR Extension: (Chrome Media Router) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-29]
CHR Profile: C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\System Profile [2019-09-26]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-11] (Adobe Inc. -> Adobe)
S2 avg; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2021-01-24] (AVG Technologies USA, LLC -> AVG Technologies)
S3 avgm; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2021-01-24] (AVG Technologies USA, LLC -> AVG Technologies)
S3 AVGSecureBrowserElevationService; C:\Program Files (x86)\AVG\Browser\Application\87.1.7589.143\elevation_service.exe [1408872 2021-01-08] (AVG Technologies USA, LLC -> AVG Technologies)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8960384 2021-01-19] (Microsoft Corporation -> Microsoft Corporation)
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-13] (Malwarebytes Inc -> Malwarebytes)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-03] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-12-13] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2021-01-24] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197792 2021-01-30] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-01-30] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-01-24] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [141472 2021-01-30] (Malwarebytes Inc -> Malwarebytes)
S3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-03] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-01-31 13:40 - 2021-01-31 13:40 - 002297856 _____ (Farbar) C:\Users\suesarkis\Downloads\FRST64 (9).exe
2021-01-31 13:40 - 2021-01-31 13:40 - 002297856 _____ (Farbar) C:\Users\suesarkis\Downloads\FRST64 (8).exe
2021-01-31 13:40 - 2021-01-31 13:40 - 002297856 _____ (Farbar) C:\Users\suesarkis\Downloads\FRST64 (7).exe
2021-01-31 13:39 - 2021-01-31 13:40 - 002297856 _____ (Farbar) C:\Users\suesarkis\Downloads\FRST64 (6).exe
2021-01-31 08:37 - 2021-01-31 08:37 - 000002343 _____ C:\Users\suesarkis\Desktop\AOL Desktop Gold.lnk
2021-01-30 11:33 - 2021-01-30 11:33 - 000001808 _____ C:\Users\suesarkis\Documents\My name is Sue.wpd
2021-01-30 11:32 - 2021-01-30 11:32 - 000197792 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-01-30 11:32 - 2021-01-30 11:32 - 000141472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-01-30 11:32 - 2021-01-30 11:32 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-01-30 11:31 - 2021-01-30 11:31 - 000001826 _____ C:\Users\suesarkis\Documents\Now is the time for all good men.wpd
2021-01-30 11:03 - 2021-01-30 11:34 - 000000000 ____D C:\Program Files (x86)\ZohoMeeting
2021-01-30 11:03 - 2021-01-30 11:03 - 000000000 ____D C:\Users\suesarkis\AppData\Local\ZohoMeeting
2021-01-30 11:03 - 2021-01-30 11:03 - 000000000 ____D C:\ProgramData\ZohoMeeting
2021-01-30 11:01 - 2021-01-30 11:01 - 001074680 _____ (ZOHO Corporation) C:\Users\suesarkis\Desktop\ZA_Connect.exe
2021-01-29 20:44 - 2021-01-29 20:44 - 013713616 _____ C:\Users\suesarkis\Desktop\Best car commercial - ever.mp4
2021-01-29 15:29 - 2021-01-29 15:29 - 011133602 _____ C:\Users\suesarkis\Desktop\VID-20201222-WA0000.mp4
2021-01-28 21:10 - 2021-01-28 21:11 - 013064999 _____ C:\Users\suesarkis\Desktop\Happy dogs.mp4
2021-01-28 13:40 - 2021-01-28 13:59 - 001229004 _____ C:\WINDOWS\Minidump\012821-48953-01.dmp
2021-01-28 13:39 - 2021-01-30 11:18 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-28 09:46 - 2021-01-28 09:46 - 015318043 _____ C:\Users\suesarkis\Desktop\band.mp4
2021-01-27 21:08 - 2021-01-29 23:43 - 000000451 _____ C:\Users\suesarkis\Desktop\Robin re Violet.txt
2021-01-27 20:49 - 2021-01-27 20:49 - 000643899 _____ C:\Users\suesarkis\Desktop\Magic022.mp4
2021-01-27 20:09 - 2021-01-27 20:09 - 012876869 _____ C:\Users\suesarkis\Desktop\Alan Jackson.mp4
2021-01-27 17:51 - 2021-01-27 17:51 - 000000853 _____ C:\Users\suesarkis\Desktop\EBT Renewal confirmation.txt
2021-01-27 14:13 - 2021-01-27 14:13 - 000000000 ____D C:\Users\suesarkis\AppData\Local\AOLDesktop
2021-01-27 14:12 - 2021-01-27 14:12 - 101201912 _____ (Oath Inc.) C:\Users\suesarkis\Downloads\Install_AOL_Desktop (3).exe
2021-01-27 12:40 - 2021-01-27 12:56 - 001088668 _____ C:\WINDOWS\Minidump\012721-50656-01.dmp
2021-01-27 11:06 - 2021-01-27 11:10 - 000000591 _____ C:\Users\suesarkis\Desktop\Viruses infected.txt
2021-01-26 16:41 - 2021-01-26 16:41 - 008457584 _____ (Malwarebytes) C:\Users\suesarkis\Desktop\adwcleaner_8.0.9.1.exe
2021-01-26 14:32 - 2021-01-26 14:47 - 001100452 _____ C:\WINDOWS\Minidump\012621-43328-01.dmp
2021-01-25 15:39 - 2021-01-25 15:39 - 000001168 _____ C:\Users\suesarkis\Desktop\corel access.txt
2021-01-25 14:07 - 2021-01-25 14:07 - 000001894 _____ C:\Users\suesarkis\Desktop\animal shelter.txt
2021-01-25 09:31 - 2021-01-25 09:31 - 007676173 _____ C:\Users\suesarkis\Desktop\getfvid_136139723_419601515951858_1545362181564842898_n.mp4
2021-01-24 22:25 - 2021-01-24 22:25 - 000259344 _____ (AVG Technologies CZ, s.r.o.) C:\Users\suesarkis\Downloads\avg_antivirus_free_setup (1).exe
2021-01-24 22:06 - 2021-01-28 14:00 - 000000000 ____D C:\WINDOWS\Minidump
2021-01-24 22:06 - 2021-01-24 22:23 - 001245468 _____ C:\WINDOWS\Minidump\012421-78953-01.dmp
2021-01-24 21:13 - 2021-01-28 08:02 - 000002379 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Secure Browser.lnk
2021-01-24 21:13 - 2021-01-28 08:02 - 000002344 _____ C:\Users\Public\Desktop\AVG Secure Browser.lnk
2021-01-24 21:13 - 2021-01-28 08:02 - 000002344 _____ C:\ProgramData\Desktop\AVG Secure Browser.lnk
2021-01-24 21:13 - 2021-01-24 21:13 - 000003826 _____ C:\WINDOWS\system32\Tasks\AVG Secure Browser Heartbeat Task (Hourly)
2021-01-24 21:13 - 2021-01-24 21:13 - 000003242 _____ C:\WINDOWS\system32\Tasks\AVG Secure Browser Heartbeat Task (Logon)
2021-01-24 21:13 - 2021-01-24 21:13 - 000000000 ____D C:\Users\suesarkis\AppData\Local\AVG
2021-01-24 21:11 - 2021-01-24 21:11 - 000003414 _____ C:\WINDOWS\system32\Tasks\AVGUpdateTaskMachineUA
2021-01-24 21:11 - 2021-01-24 21:11 - 000003290 _____ C:\WINDOWS\system32\Tasks\AVGUpdateTaskMachineCore
2021-01-24 21:11 - 2021-01-24 21:11 - 000000000 ____D C:\Program Files (x86)\AVG
2021-01-24 20:58 - 2021-01-30 11:18 - 000000000 ____D C:\ProgramData\AVG
2021-01-24 20:57 - 2021-01-24 20:57 - 000259344 _____ (AVG Technologies CZ, s.r.o.) C:\Users\suesarkis\Downloads\avg_antivirus_free_setup.exe
2021-01-24 20:26 - 2021-01-24 20:26 - 000000393 _____ C:\Users\suesarkis\Desktop\Covid appts.txt
2021-01-24 13:12 - 2021-01-24 13:12 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-01-24 13:12 - 2021-01-24 13:12 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-01-23 17:54 - 2021-01-23 23:31 - 000001254 _____ C:\Users\suesarkis\Desktop\Vaccination info.txt
2021-01-23 12:41 - 2021-01-23 12:41 - 014031514 _____ C:\Users\suesarkis\Desktop\Mother Nature Speaks.MP4
2021-01-20 09:23 - 2021-01-20 09:23 - 017839141 _____ C:\Users\suesarkis\Desktop\TRUMP VCTORY-2021-01-14.mov
2021-01-19 09:07 - 2021-01-19 09:07 - 000002182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Copernic Desktop Search.lnk
2021-01-19 09:07 - 2021-01-19 09:07 - 000002170 _____ C:\Users\Public\Desktop\Copernic Desktop Search.lnk
2021-01-19 09:07 - 2021-01-19 09:07 - 000002170 _____ C:\ProgramData\Desktop\Copernic Desktop Search.lnk
2021-01-19 09:06 - 2021-01-19 09:06 - 000000000 ____D C:\Program Files\Copernic
2021-01-16 22:34 - 2021-01-16 22:34 - 000000289 _____ C:\Users\suesarkis\Desktop\NOISE.txt
2021-01-15 11:34 - 2021-01-15 11:34 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-15 11:33 - 2021-01-15 11:33 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-15 11:33 - 2021-01-15 11:33 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-15 11:33 - 2021-01-15 11:33 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-15 11:33 - 2021-01-15 11:33 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-15 11:33 - 2021-01-15 11:33 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-15 11:33 - 2021-01-15 11:33 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-15 11:33 - 2021-01-15 11:33 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-15 11:33 - 2021-01-15 11:33 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-15 11:33 - 2021-01-15 11:33 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-15 11:32 - 2021-01-15 11:32 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-15 11:31 - 2021-01-15 11:31 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-15 11:31 - 2021-01-15 11:31 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-15 11:30 - 2021-01-15 11:30 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-15 11:30 - 2021-01-15 11:30 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-15 11:30 - 2021-01-15 11:30 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-15 11:30 - 2021-01-15 11:30 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-15 11:29 - 2021-01-15 11:29 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-15 11:29 - 2021-01-15 11:29 - 000010894 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-01-15 11:28 - 2021-01-15 11:28 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-15 11:27 - 2021-01-15 11:27 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-15 11:27 - 2021-01-15 11:27 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-01-15 11:27 - 2021-01-15 11:27 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-15 11:26 - 2021-01-15 11:26 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-15 11:26 - 2021-01-15 11:26 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-15 11:26 - 2021-01-15 11:26 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-15 11:26 - 2021-01-15 11:26 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-15 11:24 - 2021-01-15 11:24 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-15 11:24 - 2021-01-15 11:24 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-15 11:23 - 2021-01-15 11:23 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-15 11:23 - 2021-01-15 11:23 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-15 11:23 - 2021-01-15 11:23 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-01-15 11:22 - 2021-01-15 11:22 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-15 11:22 - 2021-01-15 11:22 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-01-15 11:22 - 2021-01-15 11:22 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-15 11:20 - 2021-01-15 11:20 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-15 11:20 - 2021-01-15 11:20 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-15 11:20 - 2021-01-15 11:20 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-15 11:20 - 2021-01-15 11:20 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-15 11:20 - 2021-01-15 11:20 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-13 23:36 - 2021-01-13 23:36 - 000000779 _____ C:\Users\suesarkis\Desktop\City Hall.txt
2021-01-09 11:54 - 2021-01-09 23:39 - 000003071 _____ C:\Users\suesarkis\Desktop\names.txt
2021-01-06 09:50 - 2021-01-06 09:50 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-01-31 14:08 - 2019-12-07 01:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-31 14:03 - 2013-11-20 13:44 - 000000000 ____D C:\FRST
2021-01-31 14:01 - 2019-09-26 09:33 - 000000000 ____D C:\Users\suesarkis\Desktop\FRST-OlderVersion
2021-01-31 13:56 - 2020-11-06 00:53 - 000004160 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{B2E84DCE-1944-445C-A875-3E8412E6C94E}
2021-01-31 11:34 - 2020-11-06 00:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-31 10:40 - 2020-04-04 12:04 - 000000000 ____D C:\Users\suesarkis\AppData\LocalLow\IGDump
2021-01-31 09:07 - 2020-11-06 00:24 - 000842414 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-31 09:07 - 2019-12-07 01:13 - 000000000 ____D C:\WINDOWS\INF
2021-01-31 08:37 - 2017-06-01 07:00 - 000000000 ____D C:\Users\suesarkis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aol Inc
2021-01-31 07:16 - 2014-11-23 13:39 - 000000000 __SHD C:\Users\suesarkis\IntelGraphicsProfiles
2021-01-30 11:34 - 2019-12-07 01:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-30 11:34 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-30 11:33 - 2020-06-14 06:38 - 000002423 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-30 11:33 - 2020-06-14 06:38 - 000002261 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-01-30 11:33 - 2020-06-14 06:38 - 000002261 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-01-30 11:19 - 2020-12-16 10:37 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2069550446-780284186-1707450264-1001
2021-01-30 11:19 - 2020-11-06 00:53 - 000002896 _____ C:\WINDOWS\system32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe
2021-01-30 11:19 - 2020-11-06 00:53 - 000002856 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2069550446-780284186-1707450264-1004
2021-01-30 11:19 - 2020-11-06 00:53 - 000002444 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2021-01-30 11:19 - 2020-11-06 00:53 - 000002388 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_itype_exe
2021-01-30 11:19 - 2020-11-06 00:53 - 000002374 _____ C:\WINDOWS\system32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2021-01-30 11:19 - 2020-11-06 00:53 - 000002370 _____ C:\WINDOWS\system32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2021-01-30 11:18 - 2020-12-03 09:48 - 000002474 _____ C:\WINDOWS\system32\Tasks\CorelUpdateHelperTask-626B1ACC6903E10800B8D653EB5DD4E1
2021-01-30 11:18 - 2020-11-27 19:28 - 000003214 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b415f8d6031f
2021-01-30 11:18 - 2020-11-24 12:13 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-01-30 11:18 - 2020-11-06 00:53 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-30 11:18 - 2020-11-06 00:53 - 000003346 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-01-30 11:18 - 2020-11-06 00:53 - 000003184 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-01-30 11:18 - 2020-11-06 00:53 - 000003122 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-01-30 11:18 - 2020-11-06 00:53 - 000003118 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2021-01-30 11:18 - 2020-11-06 00:53 - 000002982 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2021-01-30 11:18 - 2020-11-06 00:53 - 000002602 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2021-01-30 11:18 - 2020-11-06 00:53 - 000002440 _____ C:\WINDOWS\system32\Tasks\CorelUpdateHelperTaskCore
2021-01-30 11:18 - 2020-11-06 00:53 - 000002392 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2021-01-30 11:18 - 2020-11-06 00:53 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-30 11:18 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-01-30 11:17 - 2019-12-07 01:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-01-29 00:15 - 2020-11-06 00:11 - 000000000 ____D C:\Users\suesarkis
2021-01-28 22:05 - 2017-07-27 15:07 - 000002318 _____ C:\Users\suesarkis\Desktop\email addresses.txt
2021-01-28 13:58 - 2020-11-06 00:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-01-28 08:25 - 2019-12-07 01:50 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2021-01-27 20:01 - 2020-09-16 11:39 - 000001216 _____ C:\Users\suesarkis\Desktop\for Josefa.txt
2021-01-27 18:00 - 2019-09-17 13:48 - 000000865 _____ C:\Users\suesarkis\Desktop\my computer problems.txt
2021-01-27 14:13 - 2020-06-18 13:09 - 000000000 ____D C:\Users\suesarkis\AppData\Local\AOLDesktopData
2021-01-27 14:13 - 2017-06-01 06:59 - 000000000 ____D C:\Users\suesarkis\AppData\Local\SquirrelTemp
2021-01-26 14:46 - 2017-06-01 06:49 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-26 14:46 - 2017-06-01 06:49 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-01-26 14:46 - 2017-06-01 06:49 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-01-25 23:38 - 2013-11-30 13:45 - 000000000 ____D C:\Users\suesarkis\Desktop\mbar
2021-01-25 15:19 - 2018-07-06 10:29 - 000000000 ____D C:\Users\suesarkis\AppData\Local\CrashDumps
2021-01-25 15:13 - 2017-06-02 15:27 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-01-24 21:47 - 2019-12-07 01:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-01-23 07:48 - 2020-08-22 20:34 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-01-21 20:52 - 2020-09-11 14:23 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-01-15 23:39 - 2020-11-06 00:01 - 000530360 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-15 23:30 - 2019-12-07 01:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-15 23:30 - 2019-12-07 01:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-15 23:30 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-15 23:30 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-15 23:30 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-15 23:30 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-15 23:30 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-15 23:30 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-15 23:29 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-15 23:28 - 2019-12-07 01:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-15 23:28 - 2019-12-07 01:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-15 23:28 - 2019-12-07 01:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-15 23:28 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-15 23:28 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-15 23:28 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-15 23:28 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-15 23:28 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-15 23:28 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-15 23:28 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-15 23:28 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-15 23:28 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-15 23:26 - 2019-12-07 01:52 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-15 23:26 - 2019-12-07 01:52 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-15 23:26 - 2019-12-07 01:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-15 23:26 - 2019-12-07 01:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-01-15 23:26 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-15 23:26 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-15 23:26 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-15 23:26 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\IME
2021-01-15 23:26 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-15 23:26 - 2019-12-07 01:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-15 16:37 - 2013-04-23 15:57 - 000000000 ____D C:\Users\suesarkis\Documents\PERSONAL
2021-01-15 11:47 - 2019-12-07 01:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-15 11:19 - 2020-11-06 00:08 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-15 10:12 - 2017-06-01 11:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-15 10:03 - 2017-06-01 10:59 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-14 22:10 - 2013-04-23 15:54 - 000000000 ____D C:\Users\suesarkis\Documents\ARTICLES
2021-01-14 22:01 - 2013-04-24 07:40 - 000000000 ____D C:\Users\suesarkis\Documents\POLITICAL
2021-01-14 15:23 - 2013-05-15 10:30 - 000000000 ____D C:\Users\suesarkis\Documents\PASSWORDS
2021-01-12 14:50 - 2013-05-20 13:48 - 000000000 ____D C:\Users\suesarkis\Documents\JOKES
2021-01-11 00:18 - 2020-10-03 20:49 - 000000283 _____ C:\Users\suesarkis\Desktop\Things to Do.txt
2021-01-09 23:40 - 2020-01-12 13:45 - 000000045 _____ C:\Users\suesarkis\Desktop\Ernestine.txt
2021-01-08 09:37 - 2020-06-10 09:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-01-06 14:06 - 2019-05-30 22:03 - 000000367 _____ C:\Users\suesarkis\Desktop\Dr Hossain.txt
2021-01-04 15:08 - 2013-04-23 15:55 - 000000000 ____D C:\Users\suesarkis\Documents\COMPUTER
2021-01-02 17:25 - 2018-10-27 15:11 - 000000977 _____ C:\Users\suesarkis\Desktop\Trader Joes.txt
2021-01-01 11:22 - 2013-05-23 09:10 - 000000000 ____D C:\Users\suesarkis\Documents\Cases
2021-01-01 11:00 - 2013-05-23 09:24 - 000000000 ____D C:\Users\suesarkis\Documents\RECIPES
 
==================== Files in the root of some directories ========
 
2015-02-11 18:02 - 2015-02-11 18:02 - 000880208 _____ (Google Inc.) C:\Users\suesarkis\ChromeSetup.exe
2017-11-17 08:38 - 2017-11-17 08:38 - 000000017 _____ () C:\Users\suesarkis\AppData\Local\resmon.resmoncfg
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
 
 
 
And the additional --
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2021
Ran by suesarkis (31-01-2021 14:13:37)
Running from C:\Users\suesarkis\Desktop\FRST-OlderVersion
Windows 10 Home Version 2004 19041.746 (X64) (2020-11-06 08:57:22)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2069550446-780284186-1707450264-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-2069550446-780284186-1707450264-503 - Limited - Disabled)
Guest (S-1-5-21-2069550446-780284186-1707450264-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2069550446-780284186-1707450264-1003 - Limited - Enabled)
suesarkis (S-1-5-21-2069550446-780284186-1707450264-1001 - Administrator - Enabled) => C:\Users\suesarkis
User (S-1-5-21-2069550446-780284186-1707450264-1004 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-2069550446-780284186-1707450264-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.344 - Adobe)
AOL Desktop Gold (HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\AOLDesktop) (Version: 11.0.3046 - Oath Inc.)
AVG Secure Browser (HKLM-x32\...\AVG Secure Browser) (Version: 87.1.7589.143 - AVG Technologies)
AVG Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1066.0 - AVG Technologies) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Copernic Desktop Search (HKLM\...\{48538395-25A0-4918-A25E-C6B1A8C5D19A}) (Version: 7.1.3.13796 - Copernic) Hidden
Copernic Desktop Search (HKLM\...\CopernicDesktopSearch7) (Version: 7.1.3.13796 - Copernic)
Corel Update Manager (HKLM-x32\...\{970F0689-74EE-4847-82DD-37F33D62C6A5}) (Version: 2.13.594 - Corel corporation) Hidden
Digital Coupon Printer (HKLM-x32\...\{2CDD20A5-DFDE-4AC0-97DD-F60B1196BF98}) (Version: 3.50.0.0 - Hopster, Inc. an Inmar company)
Free Alarm Clock (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 4.0.1.0 - Comfort Software Group)
Free Countdown Timer (HKLM-x32\...\{404245D0-E836-4737-9C12-D4D0034540F5}_is1) (Version: 4.0.1.0 - Comfort Software Group)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.104 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
HP LaserJet Pro M402-M403 n-dne (HKLM-x32\...\{e2164336-c5d8-4ac9-a53b-125779c4c21b}) (Version: 16.0.17174.675 - Hewlett-Packard)
HPDXP (HKLM-x32\...\{2D0909B2-FA33-4C36-8845-BF930A5A945E}) (Version: 3.0.26.20 - HP) Hidden
HPLJPRoM402M403ndne (HKLM-x32\...\{58532038-B97D-4C9B-9B96-C70D5EA763F4}) (Version: 0.10.0000 - Hewlett-Packard) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{314d4c01-f54b-4125-a71f-1e2722c29050}) (Version: 10.1.1.40 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.11.1193 - Intel Corporation)
Intel® PRO/Wireless Driver (HKLM\...\{66afb482-3029-428f-8283-135d3c272132}) (Version: 19.00.0000.4496 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4885 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.0.3.1080 - Intel Corporation)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{C81FD018-F151-460F-B4F9-0D58039503E2}) (Version: 17.2.4.9002 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{B294CE94-FE0F-4427-910C-180AF9FCFED1}) (Version: 1.0.1.620 - Intel Corporation)
LJDXPHelperUI (HKLM-x32\...\{DEB23FB1-04FF-44AC-98B5-EEB243D65A28}) (Version: 140.069.007 - HP) Hidden
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13530.20440 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.56 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 3.2.116.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{143E35D3-F0A4-4E90-96C9-B1B72F11343A}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MyCorkboard Screen Saver (HKLM-x32\...\Corkboard) (Version:  - )
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation)
WordPerfect Office IFilter 32-bit (HKLM-x32\...\{1DF03ECE-6AF4-414E-B118-C316F151A9A2}) (Version: 1.6 - Corel Corporation)
WordPerfect Office IFilter 64-bit (HKLM\...\{1B45B85C-99E8-4523-8FB3-0248B3DECFC8}) (Version: 1.6 - Corel Corporation)
WordPerfect Office X7 - IPM Content HSE (HKLM-x32\...\{8E879C65-6BA7-4108-9A0D-C455A30ECAF6}) (Version: 17.0 - Corel Corporation) Hidden
WordPerfect Office X7 - IPM HSE (HKLM-x32\...\{D55537B5-123F-4CEE-A56C-557582FA285D}) (Version: 17.2 - Corel Corporation) Hidden
WordPerfect Office X9 - Common Files (HKLM-x32\...\{50567D26-6C7E-4A3E-9752-BE23977A6C8D}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Common Files English (HKLM-x32\...\{97D165C7-7B4C-442D-9DC6-FE0240A1C98C}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - IPM Content HSE (HKLM-x32\...\{2C332DEE-CB1A-4C4C-A976-7F6FBBDA08F1}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - IPM HSE (HKLM-x32\...\{EF04AF62-9B04-470E-B2EB-D28EE053D991}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Lightning Files (HKLM-x32\...\{5D00E927-0798-4F5D-83B2-A60AFA4C7B93}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Lightning Files English (HKLM-x32\...\{0705BB45-E2C0-41AF-A24D-BB66FB78F574}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Oxford (HKLM-x32\...\{9B32CB12-C951-417E-8490-EAD6E56D920D}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Presentations Files (HKLM-x32\...\{6C2494D8-AA48-49E8-8449-BCDA8BB7F01C}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Presentations Files English (HKLM-x32\...\{C55FBD71-ACA9-495F-9EBA-EB23A51206D0}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Quattro Pro Files (HKLM-x32\...\{B085C003-6454-4512-A3CB-B873E4F8ABEF}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Quattro Pro Files English (HKLM-x32\...\{941020B9-7483-4FA2-B40B-C56815361DAB}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Redists (HKLM-x32\...\{8092CE83-3E55-499F-B746-06E6825C7381}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Setup Files (HKLM-x32\...\{F5784FBC-42E2-429F-A7CF-34959D995957}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - WordPerfect Files (HKLM-x32\...\{55D49A6A-BCBE-40A4-8A9E-1AEC5F125CAC}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - WordPerfect Files English (HKLM-x32\...\{6052701D-0BA0-4AC9-9E7C-0209E0CB2873}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - WPD format Props x64 (HKLM\...\{32B843EE-A124-4DBE-84D0-BB2AE22FF5C1}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Writing Tools Files (HKLM-x32\...\{116B261F-1198-4F52-B46A-D6C3A70171FA}) (Version: 19.0 -  Corel Corporation) Hidden
WordPerfect Office X9 (HKLM-x32\...\_{F5784FBC-42E2-429F-A7CF-34959D995957}) (Version: 19.0.0.325 - Corel Corporation)
WordPerfect Office X9 (HKLM-x32\...\{60338C41-EFE7-42C2-9442-46AE4FE90CC5}) (Version: 19.0 - Corel Corporation) Hidden
 
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2020-01-21] (Autodesk Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_122.1.778.0_x64__v10z8vjag6ke6 [2020-12-19] (HP Inc.)
Keeper - Password Manager & Secure File Storage -> C:\Program Files\WindowsApps\KeeperSecurityInc.Keeper_14.0.33.0_x64__kejf07qmg0jnm [2021-01-08] (Keeper Security Inc)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.8.12113.0_x64__8wekyb3d8bbwe [2021-01-06] (Microsoft Studios) [MS Ad]
Microsoft Ultimate Word Games -> C:\Program Files\WindowsApps\Microsoft.Studios.Wordament_3.8.904.0_x64__8wekyb3d8bbwe [2020-09-26] (Microsoft Studios) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-23] (Microsoft Corporation)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-06-11] (Adobe Systems Incorporated)
RICOH Driver Utility -> C:\Program Files\WindowsApps\3EA2211E.RICOHDriverUtility_4.6.0.0_x86__fxme7667cy4q4 [2020-02-14] (Ricoh Company, Ltd.)
Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35054.0.0_x64__807d65c4rvak2 [2020-03-13] (Synaptics Incorporated)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2020-01-21] (Twitter Inc.)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2069550446-780284186-1707450264-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel® pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-02-25] () [File not signed] [File is in use]
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [CopernicFileShellContextMenuExtension] -> {fa48e239-c1fe-34b1-9eaa-fa3f4eae7fd9} => C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.ShellContextMenu.dll [2021-01-13] (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation)
ContextMenuHandlers2: [CopernicFolderShellContextMenuExtension] -> {59c2f46a-b34c-3376-98a6-294ad325348c} => C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.ShellContextMenu.dll [2021-01-13] (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation)
ContextMenuHandlers2-x32: [QuickFinderMenu] -> {0c5824b1-555e-4799-b8be-97b08362623b} => c:\Program Files (x86)\Corel\WordPerfect Office X9\Programs\PFSE190.DLL [2018-05-13] (Corel Corporation -> Corel Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-08-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-02-25] () [File not signed] [File is in use]
ContextMenuHandlers4: [CopernicFolderShellContextMenuExtension] -> {59c2f46a-b34c-3376-98a6-294ad325348c} => C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.ShellContextMenu.dll [2021-01-13] (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation)
ContextMenuHandlers4-x32: [QuickFinderMenu] -> {0c5824b1-555e-4799-b8be-97b08362623b} => c:\Program Files (x86)\Corel\WordPerfect Office X9\Programs\PFSE190.DLL [2018-05-13] (Corel Corporation -> Corel Corporation)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-01] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [CopernicFolderShellContextMenuExtension] -> {59c2f46a-b34c-3376-98a6-294ad325348c} => C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.ShellContextMenu.dll [2021-01-13] (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-08-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-01] (Piriform Ltd -> Piriform Ltd)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\suesarkis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyCorkboard Screen Saver\Special Offers.lnk -> hxxp://www.mycorkboard.com/SpecialOffers.as
Shortcut: C:\Users\suesarkis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyCorkboard Screen Saver\Visit MyCorkboard.com.lnk -> hxxp://www.mycorkboard.com
ShortcutWithArgument: C:\Users\suesarkis\Desktop\Sweetsuzee - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
 
==================== Loaded Modules (Whitelisted) =============
 
2009-09-16 18:44 - 2009-09-16 18:44 - 000153088 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hptcpmib.dll
2009-09-16 18:45 - 2009-09-16 18:45 - 000331264 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\HpTcpMon.dll
2009-09-16 11:44 - 2009-09-16 11:44 - 000132096 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hpzjrd01.dll
2019-02-25 13:15 - 2019-02-25 13:15 - 000126976 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll
1998-06-08 11:06 - 1998-06-08 11:06 - 000914432 _____ (LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\LEAD51N.dll
2009-09-16 18:45 - 2009-09-16 18:45 - 000317440 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\HPTcpMUI.dll
2020-04-09 06:31 - 2020-04-09 06:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\AppvIsvSubsystems32.dll
2020-04-09 06:31 - 2020-04-09 06:31 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
2002-10-10 20:47 - 2002-10-10 20:47 - 000081920 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\Animate.dll
2002-10-10 20:45 - 2017-10-15 20:50 - 000139264 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\cork.dll
2002-10-10 20:47 - 2002-10-10 20:47 - 000061440 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\CALENDAR.CBL
2002-10-10 20:47 - 2002-10-10 20:47 - 000065536 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\CLOCKS.CBL
2002-10-10 20:47 - 2002-10-10 20:47 - 000032768 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\DECOR.CBL
2002-10-10 20:47 - 2002-10-10 20:47 - 000032768 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\DIALER.CBL
2002-10-10 20:47 - 2002-10-10 20:47 - 000032768 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\GENGIZMO.CBL
2002-10-10 20:47 - 2002-10-10 20:47 - 000057344 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\GIZMOS.CBL
2002-10-10 20:47 - 2002-10-10 20:47 - 000036864 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\NAMEPLT.CBL
2002-10-10 20:47 - 2002-10-10 20:47 - 000036864 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\PICTURES.CBL
2002-10-10 20:47 - 2002-10-10 20:47 - 000049152 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\STKYNOTE.CBL
2002-10-10 20:47 - 2002-10-10 20:47 - 000057344 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\objects\TODOLIST.CBL
2002-10-10 20:47 - 2002-10-10 20:47 - 000077824 _____ (PC Dynamics, Inc.) [File not signed] C:\Program Files (x86)\Corkboard\public.dll
2020-04-29 18:48 - 2014-12-22 13:54 - 000110207 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\FreeCountdownTimer\bass.dll
2020-04-29 18:48 - 2014-11-28 14:54 - 000021772 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\FreeCountdownTimer\bassflac.dll
2020-04-29 18:48 - 2014-10-20 14:08 - 000017733 _____ (Un4seen Developments) [File not signed] C:\Program Files (x86)\FreeCountdownTimer\basswma.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-01-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-08] (Microsoft Corporation -> Microsoft Corporation)
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\123simsen.com -> www.123simsen.com
 
There are 7863 more sites.
 
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2017-06-01 06:47 - 2020-02-29 15:05 - 000450599 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
 
There are 15459 more lines.
 
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;c:\Program Files\Intel\WiFi\bin\;c:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 209.18.47.63 - 209.18.47.61
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\StartupFolder: => "AOL OnePoint.lnk"
HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKLM\...\StartupApproved\Run32: => "Digital Coupon Print Driver"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\StartupApproved\Run: => "Copernic Desktop Search - Home"
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\StartupApproved\Run: => "Embedded Callback - remotesupport.aol.com"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [UDP Query User{A4D93170-7F9E-4A1B-AFE7-DA96048BABC3}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2914\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2914\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{79678398-C279-41FB-926D-F9DDF9AE82F9}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2914\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2914\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{7DA38228-6EB2-4A14-9789-99065DF1BD9B}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2899\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2899\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{D5973C5B-8B83-4E76-92EE-7A96E7B615A9}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2899\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2899\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{A9ADEE01-3C28-464B-B8C6-BDA8CC1B89DE}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2881\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2881\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{BD0A37CF-26E9-4DFB-A2EB-9A60E65EF39E}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2881\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2881\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{CC3EF4A2-A5E8-4047-AEC6-9C9F1508C673}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2878\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2878\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{6E279FF8-A472-41D3-971F-3329DD90ABE5}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2878\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2878\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{830590BB-0AE0-4DD8-916A-85F88FFB4401}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2847\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2847\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{6E774E6B-EC01-4E68-B148-CACE30A30FAC}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2847\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2847\cefsharp.browsersubprocess.exe => No File
FirewallRules: [{75A80072-DFC0-4B3D-AAF2-B73AA24CE619}] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe => No File
FirewallRules: [{0B29D4C1-F05F-48D6-9476-0A84C896EA60}] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{D0C7915A-5D29-42E9-868A-4C74099A400A}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{51EE5A0C-9731-41CF-ACA7-5B026C36C348}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{C4F5DBC4-7E72-4E7E-8627-4258EB62D1AD}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2793\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2793\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{EFCDA0CA-A386-47D5-B29D-15CDAE4CCFE3}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2793\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2793\cefsharp.browsersubprocess.exe => No File
FirewallRules: [{EC585C8D-30EA-49C5-994B-CDC871132BD3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{54C20567-1CA6-4DCB-84E3-91E28531BC4A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CCF1E509-4E11-407A-912A-28D1EB193B88}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5E44700D-544F-421A-9275-0E13366A81B4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F09221EE-7648-42C5-B166-DBCE3A859307}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6B48C52A-F93C-4C86-BD6B-A080A06AC8FC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E3D6C282-FF9F-41BC-AAF3-43BC982D8687}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{18296F8A-B57F-48C7-95AB-0E1F218B7D43}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{54C4B7BB-0E96-490E-8C45-FC7C2B7D7FB8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1F967218-F25E-454F-89E0-D0A8A7E7A35B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4DA0C036-3986-4D21-BEC2-7E7A5866CB21}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AD31E2C6-F3EB-4453-BCFE-B9241D7770E2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F0D862E8-9DE5-4B32-B102-2EF907BEC393}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8DDDB957-5175-421C-B86B-5F7B90E5A2AC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5061C8D4-DBED-4796-8760-442AEF3C4F10}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D2BB0580-314A-47EE-B439-D281FA70A33C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FFB02FD5-DDE7-40E8-8139-2DF0883E6689}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A415169A-3696-4674-9C2A-69E130772B05}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E35B656B-CE90-4FB8-8F13-EFED49EA09BE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C7D888F4-5E25-419A-AA35-A65EF831CEFD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D6CD4C8C-7F69-4F51-988A-13EF795379E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{88388D18-1D93-4892-BC4C-04008E4A7C45}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8C95CD6D-AA8F-4418-9B6F-50058C112E3E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3CD4EA73-50E6-4ED3-821B-42EDFC036842}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9244B37B-4BD6-4502-A28A-566F4B89C988}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{835B0B78-5478-41AD-B336-95A81D30AFAD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3121FCA4-0227-4705-83A9-FEA5E7D75193}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BCAFC238-F073-46A9-989F-09EC7909000D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{20476A79-F171-41B9-8A9F-AC2AA3C5D0D3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AFF96C6E-87ED-48B0-9140-E9FBF107C4DD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{56DFA6EE-B223-48DA-AE2D-7B6FB7B42EA2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{351E634D-B39D-4303-89E9-108F28D4CFCA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2849DD0E-4B2C-41D6-8F6C-270D8B695EA8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{362CD2AD-DD29-4461-B961-06AFF91EC639}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{171D7A6E-D088-4CC2-A349-679171E9DA0F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{691BB49A-75DB-48CB-AE42-979AB3D5E7A5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FD5CA861-AF5A-4745-B6CF-8C9972039858}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{26A6A246-CD82-4BA1-A8FA-DF8EFF017DAF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6FA02D24-8C66-4400-9D74-DB957DF26456}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{644E8E3F-A22B-438C-9991-E79FCE7AEE80}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{9739C430-0632-4DDD-918A-519FC3162622}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2926\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2926\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{59957B85-875C-4B18-8791-E8C4CB8AB231}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2926\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2926\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{3A1ED450-CA13-41A2-9B8F-D6E85E23BDD8}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2951\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2951\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{B79D9B62-5D12-4A8B-901A-BF410BAB6296}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2951\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2951\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{FD57CA3E-2620-41CB-A605-8102268FB655}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2974\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2974\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{D53DB13B-D19F-4683-BC24-0E705570102E}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2974\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2974\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{2B13BFD5-36CB-4D3F-A7D0-1C150B9AEA59}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2978\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2978\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{ED0E2D3A-135C-4551-95EC-F29AE1760C65}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2978\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2978\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{BC8937C7-B21D-4287-AE4B-BB71FAD74F7C}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2984\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2984\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{FDB6DDA6-3CEF-49B8-A44B-8C385709BA9A}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2984\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2984\cefsharp.browsersubprocess.exe => No File
FirewallRules: [{1FC27A18-DC02-43F5-A913-2C74470E1059}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CBDCB73B-8712-4465-B8C9-D0DF19ABD5CB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6CA6FB58-F9B2-41C7-B283-AA3FDBE867FD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{54279728-0DC4-4ABA-BC69-BB85B77D7AD4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EAD4798D-8088-4A0E-8A0A-2A5E4271EEA2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EE23F723-5921-48CE-9A6A-99CBE3DB38E3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6F9754DC-1ADA-4E55-94E0-9DB9FCCE3473}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0E9CC780-9BBA-40B8-A0A6-C2AED7DE6A67}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{C3307FBF-5112-4BC9-95AA-80E68ECC186B}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3001\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3001\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{BBD5B632-D2CE-4052-B8C1-C6B443AD7AE7}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3001\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3001\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{68CEE6B2-5B54-4C56-B94D-18D45F732787}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3012\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3012\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{675B91F2-7559-4782-9C2C-FE66FA8D4488}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3012\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3012\cefsharp.browsersubprocess.exe => No File
FirewallRules: [{E3D664C8-D059-4D3D-91FB-C93BDD220DFF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{A0F4240C-5C48-45B7-8A20-155DF3A8CE57}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3037\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3037\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{10488879-A184-43FB-9661-835112256E75}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3037\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3037\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{C8DF2352-D8A8-48E9-9D8F-A5794A93CEDB}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3043\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3043\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{021097E0-33E1-4719-9049-2554520D79EE}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3043\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3043\cefsharp.browsersubprocess.exe => No File
FirewallRules: [{E2549CF1-703D-43F5-B00F-71916C57897C}] => (Allow) C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.exe (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation)
FirewallRules: [TCP Query User{DD9BDDB8-4384-4B79-9D85-02BA1FF1DAFD}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3046\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3046\cefsharp.browsersubprocess.exe (AOL, Inc -> AOL)
FirewallRules: [UDP Query User{E476A462-A344-4C2E-B7A0-191197F22687}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3046\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3046\cefsharp.browsersubprocess.exe (AOL, Inc -> AOL)
FirewallRules: [{663C979A-D669-4C1B-B7A5-A33B9374FA7F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E86DDBED-8B86-404B-B039-F50CD0D2BF3F}] => (Allow) C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe (AVG Technologies USA, LLC -> AVG Technologies)
 
==================== Restore Points =========================
 
26-01-2021 19:32:00 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (01/31/2021 01:13:20 PM) (Source: Microsoft-Windows-Spell-Checking) (EventID: 31) (User: SUESBABY)
Description: Failed to update 2 user custom wordlist: -2147024864. Spell checking will remain available, but this user wordlist will not be updated.
 
Error: (01/31/2021 01:13:19 PM) (Source: Microsoft-Windows-Spell-Checking) (EventID: 31) (User: SUESBABY)
Description: Failed to update 1 user custom wordlist: -2147024864. Spell checking will remain available, but this user wordlist will not be updated.
 
Error: (01/31/2021 11:13:36 AM) (Source: Microsoft-Windows-Spell-Checking) (EventID: 31) (User: SUESBABY)
Description: Failed to update 3 user custom wordlist: -2147024864. Spell checking will remain available, but this user wordlist will not be updated.
 
Error: (01/31/2021 11:13:36 AM) (Source: Microsoft-Windows-Spell-Checking) (EventID: 31) (User: SUESBABY)
Description: Failed to update 2 user custom wordlist: -2147024864. Spell checking will remain available, but this user wordlist will not be updated.
 
Error: (01/31/2021 10:13:25 AM) (Source: Microsoft-Windows-Spell-Checking) (EventID: 31) (User: SUESBABY)
Description: Failed to update 3 user custom wordlist: -2147024864. Spell checking will remain available, but this user wordlist will not be updated.
 
Error: (01/31/2021 10:13:24 AM) (Source: Microsoft-Windows-Spell-Checking) (EventID: 31) (User: SUESBABY)
Description: Failed to update 2 user custom wordlist: -2147024864. Spell checking will remain available, but this user wordlist will not be updated.
 
Error: (01/31/2021 10:13:24 AM) (Source: Microsoft-Windows-Spell-Checking) (EventID: 31) (User: SUESBABY)
Description: Failed to update 1 user custom wordlist: -2147024864. Spell checking will remain available, but this user wordlist will not be updated.
 
Error: (01/31/2021 07:19:57 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: SUESBABY)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
 
 
System errors:
=============
Error: (01/30/2021 11:25:19 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel® Management and Security Application Local Management Service service hung on starting.
 
Error: (01/30/2021 11:16:43 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Zoho Assist-Remote Support service did not shut down properly after receiving a preshutdown control.
 
Error: (01/29/2021 07:21:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Malwarebytes Service service terminated unexpectedly.  It has done this 4 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
 
Error: (01/29/2021 12:42:28 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: Hewlett-Packard - USB - 4/8/2019 12:00:00 AM - 1.0.0.237.
 
Error: (01/29/2021 12:42:23 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: Hewlett-Packard - USB - 4/8/2019 12:00:00 AM - 1.0.0.237.
 
Error: (01/29/2021 12:42:09 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246007: Hewlett-Packard - USB - 4/8/2019 12:00:00 AM - 1.0.0.237.
 
Error: (01/29/2021 12:42:07 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246007: Hewlett-Packard - USB - 4/8/2019 12:00:00 AM - 1.0.0.237.
 
Error: (01/28/2021 11:29:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Malwarebytes Service service terminated unexpectedly.  It has done this 3 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
 
 
Windows Defender:
===================================
Date: 2021-01-23 22:04:13.7980000Z
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {C2B91AF3-D12A-47EE-A3E7-4B19B38A916A}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-01-21 23:31:56.8330000Z
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {55875A25-EF75-432D-A130-02F239948380}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-01-20 21:20:41.4330000Z
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {A16348A1-909F-4635-8D30-4920D2EB21BC}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-01-19 21:38:13.9740000Z
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {FBD12FC0-047A-4350-AB24-7CAA47463517}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-01-19 08:50:37.5110000Z
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {B8CA1A51-354B-4228-BECF-146DFE99503D}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-01-13 08:42:39.0240000Z
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.329.2075.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17700.4
Error code: 0x80240022
Error description: The program can't check for definition updates. 
 
Date: 2021-01-13 08:42:38.9180000Z
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.329.2075.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17700.4
Error code: 0x80240022
Error description: The program can't check for definition updates. 
 
CodeIntegrity:
===================================
 
Date: 2021-01-30 11:11:25.2340000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
 
Date: 2021-01-30 11:10:06.2960000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
 
Date: 2021-01-30 11:10:06.2710000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
 
Date: 2021-01-30 11:10:06.2400000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
 
Date: 2021-01-30 11:10:06.2030000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
 
Date: 2021-01-30 11:10:06.1850000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
 
Date: 2021-01-30 11:10:05.5090000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
 
Date: 2021-01-30 10:51:30.5380000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
 
==================== Memory info =========================== 
 
BIOS: Insyde F.04 11/10/2012
Motherboard: Hewlett-Packard 1886
Processor: Intel® Core™ i7-3517U CPU @ 1.90GHz
Percentage of memory in use: 78%
Total physical RAM: 8088.28 MB
Available physical RAM: 1740.64 MB
Total Virtual: 16280.28 MB
Available Virtual: 8739.66 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:444.93 GB) (Free:342.14 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:19.19 GB) (Free:2.34 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (OD3.0 SSD) (Removable) (Total:117.53 GB) (Free:46.45 GB) FAT32
 
\\?\Volume{a4e7abf3-f886-47bb-96ff-bc698ba7c3ae}\ (WINRE) (Fixed) (Total:0.39 GB) (Free:0.14 GB) NTFS
\\?\Volume{6f3b996f-1ccc-4000-95d7-0bd109594337}\ () (Fixed) (Total:0.87 GB) (Free:0.26 GB) NTFS
\\?\Volume{01376181-7b57-4385-8f74-5719a12592e7}\ () (Fixed) (Total:0.25 GB) (Free:0.15 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: F893BEDB)
 
Partition: GPT.
 
==========================================================
Disk: 1 (Size: 8 GB) (Disk ID: 65103047)
 
Partition: GPT.
 
==========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 117.6 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=117.6 GB) - (Type=0C)
 
==================== End of Addition.txt =======================

  • 0

#42
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 2,524 posts
Hi, Sue.

Thank you for the logs. I will review them tomorrow (my time).

Meanwhile, please do not do/download/install anything unless I ask you to do so. Also, no remote assistance by anyone, while you are getting assistance by me. Otherwise I can’t help you.
  • 0

#43
sweetsuzee

sweetsuzee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts

You are most welcome and thank you for the help.  I do have a question I must ask.  When you say not to download and/or install are we talking about software or anything?  I have tons of friends and relatives who are always sending me photos, jokes, videos, etc. as attached docs which I usually download to the desktop and usually erase them when finished.  I hole on to them if I plan on sharing them at a later time and then I'll erase them.  I have a fever so I am going to bed right after my 9 pm meds so I'll look for your response tomorrow.  Again, thank you.


  • 0

#44
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 2,524 posts

Hi, Sue!
 
I really hope you are feeling much better today.
 
By do not download anything, I mean programs (e.g. AVG). Also it's not good when more than one helper at a time is dealing with a computer's issues. In other words, I'm asking you to let me (and only me) do whatever I want with your computer these days, until we finish here. I will tell you if you have to ask for help from AOL regarding their products. Deal?  :laughing:
 
I have work for you now and I hope you are ready. :cheers:
 
1. Uninstall AVG and Adobe Flash Player
 
You do not need AVG, since you have Windows Defender. As for the Adobe Flash Player, it reached its end of life by the end of 2020, meaning that no security updates anymore. Letting it installed consists a risk for your security.

  • Press the Windows Key + R.
  • Type appwiz.cpl in the Run box and click OK.
  • The Add/Remove Programs list will open. Locate the following program on the list:
Adobe Flash Player 32 PPAPI
  • Select the above program and click Uninstall.
  • Restart the computer.
  • Repeat the same procedure for AVG Secure Browser.
  • Restart.
  • After restarting the computer, please download and run AVG Clear to completely uninstall AVG. Follow the instructions here.

 

2. FRST fix

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

  • Please select the entire contents of the code box below, from the "Start::" line to "End::", including both lines. Right-click and select "Copy ". No need to paste anything to anywhere.
Start::
CreateRestorePoint:
CloseProcesses:
AVG Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1066.0 - AVG Technologies) Hidden
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
FirewallRules: [UDP Query User{A4D93170-7F9E-4A1B-AFE7-DA96048BABC3}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2914\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2914\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{79678398-C279-41FB-926D-F9DDF9AE82F9}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2914\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2914\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{7DA38228-6EB2-4A14-9789-99065DF1BD9B}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2899\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2899\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{D5973C5B-8B83-4E76-92EE-7A96E7B615A9}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2899\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2899\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{A9ADEE01-3C28-464B-B8C6-BDA8CC1B89DE}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2881\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2881\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{BD0A37CF-26E9-4DFB-A2EB-9A60E65EF39E}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2881\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2881\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{CC3EF4A2-A5E8-4047-AEC6-9C9F1508C673}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2878\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2878\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{6E279FF8-A472-41D3-971F-3329DD90ABE5}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2878\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2878\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{830590BB-0AE0-4DD8-916A-85F88FFB4401}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2847\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2847\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{6E774E6B-EC01-4E68-B148-CACE30A30FAC}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2847\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2847\cefsharp.browsersubprocess.exe => No File
FirewallRules: [{75A80072-DFC0-4B3D-AAF2-B73AA24CE619}] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe => No File
FirewallRules: [{0B29D4C1-F05F-48D6-9476-0A84C896EA60}] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{D0C7915A-5D29-42E9-868A-4C74099A400A}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{51EE5A0C-9731-41CF-ACA7-5B026C36C348}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{C4F5DBC4-7E72-4E7E-8627-4258EB62D1AD}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2793\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2793\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{EFCDA0CA-A386-47D5-B29D-15CDAE4CCFE3}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2793\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2793\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{9739C430-0632-4DDD-918A-519FC3162622}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2926\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2926\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{59957B85-875C-4B18-8791-E8C4CB8AB231}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2926\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2926\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{3A1ED450-CA13-41A2-9B8F-D6E85E23BDD8}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2951\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2951\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{B79D9B62-5D12-4A8B-901A-BF410BAB6296}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2951\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2951\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{FD57CA3E-2620-41CB-A605-8102268FB655}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2974\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2974\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{D53DB13B-D19F-4683-BC24-0E705570102E}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2974\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2974\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{2B13BFD5-36CB-4D3F-A7D0-1C150B9AEA59}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2978\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2978\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{ED0E2D3A-135C-4551-95EC-F29AE1760C65}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2978\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2978\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{BC8937C7-B21D-4287-AE4B-BB71FAD74F7C}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2984\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2984\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{FDB6DDA6-3CEF-49B8-A44B-8C385709BA9A}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2984\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2984\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{C3307FBF-5112-4BC9-95AA-80E68ECC186B}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3001\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3001\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{BBD5B632-D2CE-4052-B8C1-C6B443AD7AE7}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3001\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3001\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{68CEE6B2-5B54-4C56-B94D-18D45F732787}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3012\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3012\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{675B91F2-7559-4782-9C2C-FE66FA8D4488}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3012\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3012\cefsharp.browsersubprocess.exe => No File
FirewallRules: [{E3D664C8-D059-4D3D-91FB-C93BDD220DFF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{A0F4240C-5C48-45B7-8A20-155DF3A8CE57}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3037\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3037\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{10488879-A184-43FB-9661-835112256E75}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3037\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3037\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{C8DF2352-D8A8-48E9-9D8F-A5794A93CEDB}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3043\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3043\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{021097E0-33E1-4719-9049-2554520D79EE}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3043\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3043\cefsharp.browsersubprocess.exe => No File
FirewallRules: [{E86DDBED-8B86-404B-B039-F50CD0D2BF3F}] => (Allow) C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe (AVG Technologies USA, LLC -> AVG Technologies)
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\StartupApproved\Run: => "Embedded Callback - remotesupport.aol.com"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{48F69C39-1356-4A7B-A899-70E3539D4982}] -> C:\Program Files (x86)\AVG\Browser\Application\87.1.7589.143\Installer\chrmstp.exe [2021-01-28] (AVG Technologies USA, LLC -> AVG Technologies)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {0405FE5E-2941-48AF-AE02-56CAE1594428} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_pepper.exe [1453624 2020-03-11] (Adobe Inc. -> Adobe)
Task: {3A488821-1ABC-45C9-BC85-00E9BF0E7786} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\suesarkis\Downloads\esetonlinescanner_enu.exe [8149816 2019-09-29] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\Antivirus Emergency Update" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\CorelUpdateHelperTask-626B1ACC6903E10800B8D653EB5DD4E1" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\CorelUpdateHelperTaskCore" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\EOSv3 Scheduler onLogOn" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\EOSv3 Scheduler onTime" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\Intel PTT EK Recertification" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore1d6b415f8d6031f" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\Microsoft_Hardware_Launch_ipoint_exe" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\Microsoft_Hardware_Launch_itype_exe" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\Microsoft_Hardware_Launch_mousekeyboardcenter_exe" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\Microsoft_MKC_Logon_Task_ceip.exe" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(17): schtasks.exe -> /Change /TN "\Microsoft_MKC_Logon_Task_ipoint.exe" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(18): schtasks.exe -> /Change /TN "\Microsoft_MKC_Logon_Task_itype.exe" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(19): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-2069550446-780284186-1707450264-1001" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(20): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-2069550446-780284186-1707450264-1004" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(21): schtasks.exe -> /Change /TN "\User_Feed_Synchronization-{B2E84DCE-1944-445C-A875-3E8412E6C94E}" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(22): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {48F582DD-B519-49AB-AFF7-1E812641931A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-11] (Adobe Inc. -> Adobe)
Task: {7306BD7A-B760-4546-942A-8AB2A23C5B7D} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2021-01-24] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {8095D559-4D1F-483F-9DE1-09B1CEBE569C} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2021-01-24] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {82B94AD8-29A8-40ED-A907-224D53D80DFA} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\suesarkis\Downloads\esetonlinescanner_enu.exe [8149816 2019-09-29] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {D8E77B2A-9F91-46C1-B678-6E07E2E6EF95} - System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [2177968 2021-01-08] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {D9BFCC21-B1D4-4E8D-BECD-FECAD3147E91} - System32\Tasks\AVG Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [2177968 2021-01-08] (AVG Technologies USA, LLC -> AVG Technologies)
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxps://us.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=86311457&param1=y6bdVFVIsvuYsgEClQfz8HyFH9tZCHsOZFHNP%2BYwJC2KzKng6DqDwLXGzQuImnSkuMRjGBMJKVXU9IRCVZHYmv03SMviyUpr2foFPnoYkJaB3zfa5tmymI5biZxxjmVTIbN5ffDfL8kCtQrGoxi2kMRzHbkFAtg5EnpK5Hu5iMnnZUYerfkfO61IRimZ47UAtI3vkxx%2FSpXj3joplwZyWJfCIZm2pmJkfO%2F12o7jo58hmN5FO46RpWqsGGdB92u35v50dGIfe8QyECGyKPI9WTZlPjMpXto87EcWfoMMx88%3D"
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-11] (Adobe Inc. -> Adobe)
S2 avg; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2021-01-24] (AVG Technologies USA, LLC -> AVG Technologies)
S3 avgm; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2021-01-24] (AVG Technologies USA, LLC -> AVG Technologies)
S3 AVGSecureBrowserElevationService; C:\Program Files (x86)\AVG\Browser\Application\87.1.7589.143\elevation_service.exe [1408872 2021-01-08] (AVG Technologies USA, LLC -> AVG Technologies)
C:\Program Files (x86)\ZohoMeeting
C:\Users\suesarkis\AppData\Local\ZohoMeeting
C:\ProgramData\ZohoMeeting
C:\Users\suesarkis\Desktop\ZA_Connect.exe
C:\Users\suesarkis\Downloads\avg_antivirus_free_setup (1).exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Secure Browser.lnk
C:\Users\Public\Desktop\AVG Secure Browser.lnk
C:\ProgramData\Desktop\AVG Secure Browser.lnk
C:\WINDOWS\system32\Tasks\AVG Secure Browser Heartbeat Task (Hourly)
C:\WINDOWS\system32\Tasks\AVG Secure Browser Heartbeat Task (Logon)
C:\Users\suesarkis\AppData\Local\AVG
C:\WINDOWS\system32\Tasks\AVGUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\AVGUpdateTaskMachineCore
C:\Program Files (x86)\AVG
C:\ProgramData\AVG
C:\Users\suesarkis\Downloads\avg_antivirus_free_setup.exe
C:\WINDOWS\SysWOW64\Macromed
EmptyTemp:
End::
  • Please right-click on FRST64 on your Desktop, to run it as administrator. When the tool opens, click "yes" to the disclaimer.
  • Press the Fix button once and wait.
  • FRST will process fixlist.txt
  • When finished, it will produce a log fixlog.txt on your Desktop.
  • Please post the log in your next reply.

 

In your next reply please post:

 

The fixlog.txt


  • 0

#45
sweetsuzee

sweetsuzee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 55 posts

Before inserting the text I need you to understand that I am loyal to you as my fixer.  The issues with both AOL and Corel were software issues that I needed to correct to be able to communicate with you.  My OL gold desktop was not bringing in any email whereas if I logged in via another browser, my mail was there.  That was an AOL internal matter.  With Corel I could neither open any files or save any files once created and that's where all of my correspondence, etc. stays.  I was able to fix the "read only" issue I was able to correct it based on the directions they sent but the woman in India's instructions not only made no sense, they were too confusing. I contacted corporate and they agreed. They asked if I'd mind to have one of their head techs come into my computer and fix it and I said sure.  We set 11 a.m. [PT] as the contact time and all was well.  P, you're my savior.  LOL 

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 27-01-2021
Ran by suesarkis (01-02-2021 12:33:41) Run:5
Running from C:\Users\suesarkis\Desktop
Loaded Profiles: suesarkis
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
AVG Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1066.0 - AVG Technologies) Hidden
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
FirewallRules: [UDP Query User{A4D93170-7F9E-4A1B-AFE7-DA96048BABC3}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2914\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2914\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{79678398-C279-41FB-926D-F9DDF9AE82F9}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2914\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2914\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{7DA38228-6EB2-4A14-9789-99065DF1BD9B}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2899\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2899\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{D5973C5B-8B83-4E76-92EE-7A96E7B615A9}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2899\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2899\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{A9ADEE01-3C28-464B-B8C6-BDA8CC1B89DE}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2881\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2881\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{BD0A37CF-26E9-4DFB-A2EB-9A60E65EF39E}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2881\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2881\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{CC3EF4A2-A5E8-4047-AEC6-9C9F1508C673}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2878\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2878\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{6E279FF8-A472-41D3-971F-3329DD90ABE5}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2878\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2878\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{830590BB-0AE0-4DD8-916A-85F88FFB4401}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2847\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2847\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{6E774E6B-EC01-4E68-B148-CACE30A30FAC}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2847\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2847\cefsharp.browsersubprocess.exe => No File
FirewallRules: [{75A80072-DFC0-4B3D-AAF2-B73AA24CE619}] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe => No File
FirewallRules: [{0B29D4C1-F05F-48D6-9476-0A84C896EA60}] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{D0C7915A-5D29-42E9-868A-4C74099A400A}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{51EE5A0C-9731-41CF-ACA7-5B026C36C348}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{C4F5DBC4-7E72-4E7E-8627-4258EB62D1AD}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2793\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2793\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{EFCDA0CA-A386-47D5-B29D-15CDAE4CCFE3}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2793\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2793\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{9739C430-0632-4DDD-918A-519FC3162622}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2926\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2926\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{59957B85-875C-4B18-8791-E8C4CB8AB231}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2926\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2926\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{3A1ED450-CA13-41A2-9B8F-D6E85E23BDD8}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2951\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2951\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{B79D9B62-5D12-4A8B-901A-BF410BAB6296}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2951\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2951\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{FD57CA3E-2620-41CB-A605-8102268FB655}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2974\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2974\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{D53DB13B-D19F-4683-BC24-0E705570102E}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2974\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2974\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{2B13BFD5-36CB-4D3F-A7D0-1C150B9AEA59}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2978\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2978\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{ED0E2D3A-135C-4551-95EC-F29AE1760C65}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2978\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2978\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{BC8937C7-B21D-4287-AE4B-BB71FAD74F7C}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2984\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2984\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{FDB6DDA6-3CEF-49B8-A44B-8C385709BA9A}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2984\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2984\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{C3307FBF-5112-4BC9-95AA-80E68ECC186B}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3001\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3001\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{BBD5B632-D2CE-4052-B8C1-C6B443AD7AE7}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3001\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3001\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{68CEE6B2-5B54-4C56-B94D-18D45F732787}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3012\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3012\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{675B91F2-7559-4782-9C2C-FE66FA8D4488}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3012\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3012\cefsharp.browsersubprocess.exe => No File
FirewallRules: [{E3D664C8-D059-4D3D-91FB-C93BDD220DFF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{A0F4240C-5C48-45B7-8A20-155DF3A8CE57}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3037\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3037\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{10488879-A184-43FB-9661-835112256E75}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3037\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3037\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{C8DF2352-D8A8-48E9-9D8F-A5794A93CEDB}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3043\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3043\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{021097E0-33E1-4719-9049-2554520D79EE}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3043\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3043\cefsharp.browsersubprocess.exe => No File
FirewallRules: [{E86DDBED-8B86-404B-B039-F50CD0D2BF3F}] => (Allow) C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe (AVG Technologies USA, LLC -> AVG Technologies)
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\StartupApproved\Run: => "Embedded Callback - remotesupport.aol.com"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{48F69C39-1356-4A7B-A899-70E3539D4982}] -> C:\Program Files (x86)\AVG\Browser\Application\87.1.7589.143\Installer\chrmstp.exe [2021-01-28] (AVG Technologies USA, LLC -> AVG Technologies)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {0405FE5E-2941-48AF-AE02-56CAE1594428} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_pepper.exe [1453624 2020-03-11] (Adobe Inc. -> Adobe)
Task: {3A488821-1ABC-45C9-BC85-00E9BF0E7786} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\suesarkis\Downloads\esetonlinescanner_enu.exe [8149816 2019-09-29] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\Antivirus Emergency Update" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\CorelUpdateHelperTask-626B1ACC6903E10800B8D653EB5DD4E1" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\CorelUpdateHelperTaskCore" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\EOSv3 Scheduler onLogOn" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\EOSv3 Scheduler onTime" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\Intel PTT EK Recertification" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore1d6b415f8d6031f" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\Microsoft_Hardware_Launch_ipoint_exe" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\Microsoft_Hardware_Launch_itype_exe" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\Microsoft_Hardware_Launch_mousekeyboardcenter_exe" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\Microsoft_MKC_Logon_Task_ceip.exe" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(17): schtasks.exe -> /Change /TN "\Microsoft_MKC_Logon_Task_ipoint.exe" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(18): schtasks.exe -> /Change /TN "\Microsoft_MKC_Logon_Task_itype.exe" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(19): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-2069550446-780284186-1707450264-1001" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(20): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-2069550446-780284186-1707450264-1004" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(21): schtasks.exe -> /Change /TN "\User_Feed_Synchronization-{B2E84DCE-1944-445C-A875-3E8412E6C94E}" /ENABLE
Task: {405CCBCE-512A-40B9-865A-AEB7CB5753B1} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(22): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {48F582DD-B519-49AB-AFF7-1E812641931A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-11] (Adobe Inc. -> Adobe)
Task: {7306BD7A-B760-4546-942A-8AB2A23C5B7D} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2021-01-24] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {8095D559-4D1F-483F-9DE1-09B1CEBE569C} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2021-01-24] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {82B94AD8-29A8-40ED-A907-224D53D80DFA} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\suesarkis\Downloads\esetonlinescanner_enu.exe [8149816 2019-09-29] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {D8E77B2A-9F91-46C1-B678-6E07E2E6EF95} - System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [2177968 2021-01-08] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {D9BFCC21-B1D4-4E8D-BECD-FECAD3147E91} - System32\Tasks\AVG Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [2177968 2021-01-08] (AVG Technologies USA, LLC -> AVG Technologies)
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxps://us.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=86311457&param1=y6bdVFVIsvuYsgEClQfz8HyFH9tZCHsOZFHNP%2BYwJC2KzKng6DqDwLXGzQuImnSkuMRjGBMJKVXU9IRCVZHYmv03SMviyUpr2foFPnoYkJaB3zfa5tmymI5biZxxjmVTIbN5ffDfL8kCtQrGoxi2kMRzHbkFAtg5EnpK5Hu5iMnnZUYerfkfO61IRimZ47UAtI3vkxx%2FSpXj3joplwZyWJfCIZm2pmJkfO%2F12o7jo58hmN5FO46RpWqsGGdB92u35v50dGIfe8QyECGyKPI9WTZlPjMpXto87EcWfoMMx88%3D"
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-11] (Adobe Inc. -> Adobe)
S2 avg; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2021-01-24] (AVG Technologies USA, LLC -> AVG Technologies)
S3 avgm; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [201984 2021-01-24] (AVG Technologies USA, LLC -> AVG Technologies)
S3 AVGSecureBrowserElevationService; C:\Program Files (x86)\AVG\Browser\Application\87.1.7589.143\elevation_service.exe [1408872 2021-01-08] (AVG Technologies USA, LLC -> AVG Technologies)
C:\Program Files (x86)\ZohoMeeting
C:\Users\suesarkis\AppData\Local\ZohoMeeting
C:\ProgramData\ZohoMeeting
C:\Users\suesarkis\Desktop\ZA_Connect.exe
C:\Users\suesarkis\Downloads\avg_antivirus_free_setup (1).exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Secure Browser.lnk
C:\Users\Public\Desktop\AVG Secure Browser.lnk
C:\ProgramData\Desktop\AVG Secure Browser.lnk
C:\WINDOWS\system32\Tasks\AVG Secure Browser Heartbeat Task (Hourly)
C:\WINDOWS\system32\Tasks\AVG Secure Browser Heartbeat Task (Logon)
C:\Users\suesarkis\AppData\Local\AVG
C:\WINDOWS\system32\Tasks\AVGUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\AVGUpdateTaskMachineCore
C:\Program Files (x86)\AVG
C:\ProgramData\AVG
C:\Users\suesarkis\Downloads\avg_antivirus_free_setup.exe
C:\WINDOWS\SysWOW64\Macromed
EmptyTemp:
 
*****************
 
Restore point was successfully created.
Processes closed successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}\\SystemComponent" => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A4D93170-7F9E-4A1B-AFE7-DA96048BABC3}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2914\cefsharp.browsersubprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{79678398-C279-41FB-926D-F9DDF9AE82F9}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2914\cefsharp.browsersubprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7DA38228-6EB2-4A14-9789-99065DF1BD9B}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2899\cefsharp.browsersubprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D5973C5B-8B83-4E76-92EE-7A96E7B615A9}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2899\cefsharp.browsersubprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A9ADEE01-3C28-464B-B8C6-BDA8CC1B89DE}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2881\cefsharp.browsersubprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{BD0A37CF-26E9-4DFB-A2EB-9A60E65EF39E}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2881\cefsharp.browsersubprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CC3EF4A2-A5E8-4047-AEC6-9C9F1508C673}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2878\cefsharp.browsersubprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6E279FF8-A472-41D3-971F-3329DD90ABE5}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2878\cefsharp.browsersubprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{830590BB-0AE0-4DD8-916A-85F88FFB4401}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2847\cefsharp.browsersubprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6E774E6B-EC01-4E68-B148-CACE30A30FAC}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2847\cefsharp.browsersubprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{75A80072-DFC0-4B3D-AAF2-B73AA24CE619}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0B29D4C1-F05F-48D6-9476-0A84C896EA60}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D0C7915A-5D29-42E9-868A-4C74099A400A}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{51EE5A0C-9731-41CF-ACA7-5B026C36C348}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2811\cefsharp.browsersubprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C4F5DBC4-7E72-4E7E-8627-4258EB62D1AD}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2793\cefsharp.browsersubprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{EFCDA0CA-A386-47D5-B29D-15CDAE4CCFE3}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2793\cefsharp.browsersubprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9739C430-0632-4DDD-918A-519FC3162622}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2926\cefsharp.browsersubprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{59957B85-875C-4B18-8791-E8C4CB8AB231}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2926\cefsharp.browsersubprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3A1ED450-CA13-41A2-9B8F-D6E85E23BDD8}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2951\cefsharp.browsersubprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B79D9B62-5D12-4A8B-901A-BF410BAB6296}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2951\cefsharp.browsersubprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FD57CA3E-2620-41CB-A605-8102268FB655}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2974\cefsharp.browsersubprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D53DB13B-D19F-4683-BC24-0E705570102E}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2974\cefsharp.browsersubprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2B13BFD5-36CB-4D3F-A7D0-1C150B9AEA59}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2978\cefsharp.browsersubprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{ED0E2D3A-135C-4551-95EC-F29AE1760C65}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2978\cefsharp.browsersubprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{BC8937C7-B21D-4287-AE4B-BB71FAD74F7C}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2984\cefsharp.browsersubprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FDB6DDA6-3CEF-49B8-A44B-8C385709BA9A}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2984\cefsharp.browsersubprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C3307FBF-5112-4BC9-95AA-80E68ECC186B}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3001\cefsharp.browsersubprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BBD5B632-D2CE-4052-B8C1-C6B443AD7AE7}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3001\cefsharp.browsersubprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{68CEE6B2-5B54-4C56-B94D-18D45F732787}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3012\cefsharp.browsersubprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{675B91F2-7559-4782-9C2C-FE66FA8D4488}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3012\cefsharp.browsersubprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E3D664C8-D059-4D3D-91FB-C93BDD220DFF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A0F4240C-5C48-45B7-8A20-155DF3A8CE57}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3037\cefsharp.browsersubprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{10488879-A184-43FB-9661-835112256E75}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3037\cefsharp.browsersubprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C8DF2352-D8A8-48E9-9D8F-A5794A93CEDB}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3043\cefsharp.browsersubprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{021097E0-33E1-4719-9049-2554520D79EE}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.3043\cefsharp.browsersubprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E86DDBED-8B86-404B-B039-F50CD0D2BF3F}" => not found
"HKU\S-1-5-21-2069550446-780284186-1707450264-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Embedded Callback - remotesupport.aol.com" => removed successfully
"HKU\S-1-5-21-2069550446-780284186-1707450264-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Embedded Callback - remotesupport.aol.com" => not found
HKLM\Software\Microsoft\Active Setup\Installed Components\{48F69C39-1356-4A7B-A899-70E3539D4982} => not found
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0405FE5E-2941-48AF-AE02-56CAE1594428}" => not found
"C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player PPAPI Notifier" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3A488821-1ABC-45C9-BC85-00E9BF0E7786}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A488821-1ABC-45C9-BC85-00E9BF0E7786}" => removed successfully
C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onLogOn => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onLogOn" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{405CCBCE-512A-40B9-865A-AEB7CB5753B1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{405CCBCE-512A-40B9-865A-AEB7CB5753B1}" => removed successfully
C:\WINDOWS\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{405CCBCE-512A-40B9-865A-AEB7CB5753B1}" => not found
"C:\WINDOWS\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{405CCBCE-512A-40B9-865A-AEB7CB5753B1}" => not found
"C:\WINDOWS\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{405CCBCE-512A-40B9-865A-AEB7CB5753B1}" => not found
"C:\WINDOWS\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{405CCBCE-512A-40B9-865A-AEB7CB5753B1}" => not found
"C:\WINDOWS\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{405CCBCE-512A-40B9-865A-AEB7CB5753B1}" => not found
"C:\WINDOWS\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{405CCBCE-512A-40B9-865A-AEB7CB5753B1}" => not found
"C:\WINDOWS\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{405CCBCE-512A-40B9-865A-AEB7CB5753B1}" => not found
"C:\WINDOWS\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{405CCBCE-512A-40B9-865A-AEB7CB5753B1}" => not found
"C:\WINDOWS\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{405CCBCE-512A-40B9-865A-AEB7CB5753B1}" => not found
"C:\WINDOWS\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{405CCBCE-512A-40B9-865A-AEB7CB5753B1}" => not found
"C:\WINDOWS\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{405CCBCE-512A-40B9-865A-AEB7CB5753B1}" => not found
"C:\WINDOWS\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{405CCBCE-512A-40B9-865A-AEB7CB5753B1}" => not found
"C:\WINDOWS\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{405CCBCE-512A-40B9-865A-AEB7CB5753B1}" => not found
"C:\WINDOWS\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{405CCBCE-512A-40B9-865A-AEB7CB5753B1}" => not found
"C:\WINDOWS\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{405CCBCE-512A-40B9-865A-AEB7CB5753B1}" => not found
"C:\WINDOWS\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{405CCBCE-512A-40B9-865A-AEB7CB5753B1}" => not found
"C:\WINDOWS\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{405CCBCE-512A-40B9-865A-AEB7CB5753B1}" => not found
"C:\WINDOWS\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{405CCBCE-512A-40B9-865A-AEB7CB5753B1}" => not found
"C:\WINDOWS\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{405CCBCE-512A-40B9-865A-AEB7CB5753B1}" => not found
"C:\WINDOWS\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{405CCBCE-512A-40B9-865A-AEB7CB5753B1}" => not found
"C:\WINDOWS\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{405CCBCE-512A-40B9-865A-AEB7CB5753B1}" => not found
"C:\WINDOWS\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48F582DD-B519-49AB-AFF7-1E812641931A}" => not found
"C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7306BD7A-B760-4546-942A-8AB2A23C5B7D}" => not found
"C:\WINDOWS\System32\Tasks\AVGUpdateTaskMachineCore" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVGUpdateTaskMachineCore" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8095D559-4D1F-483F-9DE1-09B1CEBE569C}" => not found
"C:\WINDOWS\System32\Tasks\AVGUpdateTaskMachineUA" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVGUpdateTaskMachineUA" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{82B94AD8-29A8-40ED-A907-224D53D80DFA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82B94AD8-29A8-40ED-A907-224D53D80DFA}" => removed successfully
C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onTime => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D8E77B2A-9F91-46C1-B678-6E07E2E6EF95}" => not found
"C:\WINDOWS\System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly)" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG Secure Browser Heartbeat Task (Hourly)" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D9BFCC21-B1D4-4E8D-BECD-FECAD3147E91}" => not found
"C:\WINDOWS\System32\Tasks\AVG Secure Browser Heartbeat Task (Logon)" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG Secure Browser Heartbeat Task (Logon)" => not found
"Chrome StartupUrls" => removed successfully
AdobeFlashPlayerUpdateSvc => service not found.
avg => service not found.
avgm => service not found.
AVGSecureBrowserElevationService => service not found.
C:\Program Files (x86)\ZohoMeeting => moved successfully
C:\Users\suesarkis\AppData\Local\ZohoMeeting => moved successfully
C:\ProgramData\ZohoMeeting => moved successfully
C:\Users\suesarkis\Desktop\ZA_Connect.exe => moved successfully
C:\Users\suesarkis\Downloads\avg_antivirus_free_setup (1).exe => moved successfully
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Secure Browser.lnk" => not found
"C:\Users\Public\Desktop\AVG Secure Browser.lnk" => not found
"C:\ProgramData\Desktop\AVG Secure Browser.lnk" => not found
"C:\WINDOWS\system32\Tasks\AVG Secure Browser Heartbeat Task (Hourly)" => not found
"C:\WINDOWS\system32\Tasks\AVG Secure Browser Heartbeat Task (Logon)" => not found
"C:\Users\suesarkis\AppData\Local\AVG" => not found
"C:\WINDOWS\system32\Tasks\AVGUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\AVGUpdateTaskMachineCore" => not found
"C:\Program Files (x86)\AVG" => not found
"C:\ProgramData\AVG" => not found
C:\Users\suesarkis\Downloads\avg_antivirus_free_setup.exe => moved successfully
C:\WINDOWS\SysWOW64\Macromed => moved successfully
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 314335112 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 1142599086 B
Edge => 0 B
Chrome => 811353901 B
Firefox => 0 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 36316 B
NetworkService => 287270 B
suesarkis => 332295813 B
User => 332295813 B
Administrator => 332295813 B
 
RecycleBin => 1125003024 B
EmptyTemp: => 4.1 GB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 

==== End of Fixlog 12:49:31 ==== 


  • 0






Similar Topics


Also tagged with one or more of these keywords: Infected, antivirus software

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP