I am infected with nasty little gremlins that remember every single item I've ever looked at or purchased whether from Walmart, Amazon, a private company, etc. as every time I open a webpage it takes forever to open since popups are everywhere with pictures of every single item I've looked at or purchased online to the point that it is frightening. However, in the meantime I have a more immediate need in that one of your advisors previously mentioned I should get rid of AVG. I just received a renewal notice from them and I'm wondering what you folks suggest for antivirus, along with all other protections since the automatic renewal is in 4 days. I do have Malwarebytes loaded.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-09-2020
Ran by suesarkis (administrator) on SUESBABY (Hewlett-Packard HP Spectre XT TouchSmart PC) (07-09-2020 12:22:04)
Running from C:\Users\suesarkis\Downloads
Loaded Profiles: suesarkis & User & Administrator
Platform: Windows 10 Home Version 1909 18363.1016 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(AOL, Inc -> AOL Inc.) C:\Users\suesarkis\AppData\Local\AOLDesktop\app-11.0.2793\AolDesktop.exe <2>
(AOL, Inc -> AOL) C:\Users\suesarkis\AppData\Local\AOLDesktop\app-11.0.2793\CefSharp.BrowserSubprocess.exe <12>
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(AVG Netherlands B.V. -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.4.155.333\AVGBrowserCrashHandler.exe
(AVG Netherlands B.V. -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.4.155.333\AVGBrowserCrashHandler64.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\afwServ.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe <2>
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Secure VPN\Vpn.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Secure VPN\VpnSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\TuneUp\TuneupSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\TuneUp\TuneupUI.exe <2>
(Corel Corporation -> Corel Corporation) C:\Program Files (x86)\Corel\WordPerfect Office X9\Programs\wpwin19.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <13>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_972058dc64815bf9\RstMwService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2007.1.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation) C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.exe
(N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation) C:\Program Files\Copernic\DesktopSearch\Copernic.Plugins.PluginsService.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(The CefSharp Authors) [File not signed] C:\Program Files\Copernic\DesktopSearch\CefSharp.BrowserSubprocess.exe <2>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [156808 2020-08-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [320056 2019-02-28] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\AVG\TuneUp\TuneupUI.exe [2609680 2020-07-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKLM-x32\...\Run: [QuickFinder Scheduler] => c:\Program Files (x86)\Corel\WordPerfect Office X9\Programs\QFSCHD190.EXE [247512 2018-05-13] (Corel Corporation -> Corel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\Run: [FreeCT] => C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe [4126624 2016-01-22] (Comfort Software Group -> Comfort Software Group)
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\Run: [AOLDesktop] => C:\Users\suesarkis\AppData\Local\AOLDesktop\AolDesktop.exe [563216 2020-08-24] (AOL, Inc -> AOL Inc.)
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5482544 2020-08-17] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\Run: [Copernic Desktop Search] => C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.exe [635104 2020-03-04] (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation)
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-2069550446-780284186-1707450264-1004\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2069550446-780284186-1707450264-500\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Bomgar_Cleanup_ZD2369190632306] => cmd.exe /C rd /S /Q "C:\ProgramData\bomgar-scc-0x5eebd6d3" & reg.exe delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Bomgar_Cleanup_ZD2369190632306 /f <==== ATTENTION
HKU\S-1-5-18\...\Run: [Bomgar_Cleanup_ZD2438971811832] => cmd.exe /C rd /S /Q "C:\ProgramData\bomgar-scc-0x5eebd6b6" & reg.exe delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Bomgar_Cleanup_ZD2438971811832 /f <==== ATTENTION
HKU\S-1-5-18\...\Run: [Bomgar_Cleanup_ZD236292033243] => cmd.exe /C rd /S /Q "C:\ProgramData\bomgar-scc-0x5f4d6ba8" & reg.exe delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Bomgar_Cleanup_ZD236292033243 /f <==== ATTENTION
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\WINDOWS\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.83\Installer\chrmstp.exe [2020-09-03] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{48F69C39-1356-4A7B-A899-70E3539D4982}] -> C:\Program Files (x86)\AVG\Browser\Application\84.1.5543.137\Installer\chrmstp.exe [2020-08-25] (AVG Technologies USA, LLC -> AVG Technologies)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVG Secure VPN.lnk [2020-04-01]
ShortcutTarget: AVG Secure VPN.lnk -> C:\Program Files (x86)\AVG\Secure VPN\Vpn.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Startup: C:\Users\suesarkis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AOL Desktop Launcher.lnk [2020-09-07]
ShortcutTarget: AOL Desktop Launcher.lnk -> C:\Users\suesarkis\AppData\Local\AOLDesktop\AolTrayApp.exe (AOL, Inc -> AOL Inc.)
Startup: C:\Users\suesarkis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyCorkboard.lnk [2017-10-15]
ShortcutTarget: MyCorkboard.lnk -> C:\Program Files (x86)\Corkboard\CORK.EXE (PC Dynamics, Inc.) [File not signed]
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AOL Desktop Launcher.lnk [2019-11-15]
ShortcutTarget: AOL Desktop Launcher.lnk -> C:\Users\suesarkis\AppData\Local\AOLDesktop\AolTrayApp.exe (AOL, Inc -> AOL Inc.)
BootExecute: autocheck autochk * icarus_rvrt.exe
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01AEFE23-8B51-4189-9C7B-9F6A3EE580CB} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [39176 2017-10-11] (Microsoft Corporation -> Microsoft)
Task: {0405FE5E-2941-48AF-AE02-56CAE1594428} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_pepper.exe [1453624 2020-03-11] (Adobe Inc. -> Adobe)
Task: {085A5A56-2A9C-4B2D-9AF2-44C557059D89} - System32\Tasks\AVG Secure VPN Update => C:\Program Files (x86)\AVG\Secure VPN\VpnUpdate.exe [1067384 2020-07-30] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {15AFEAF8-C948-455B-A0A2-4481BA6AFB43} - System32\Tasks\AVG Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [1959800 2020-08-19] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {185D8A69-4E7C-488D-AE93-83A8460CF2F1} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1312664 2020-08-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {1B85E52C-FE45-4013-89B4-025B9610DC7C} - System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [1959800 2020-08-19] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {2327FDBA-E77C-4DBD-8194-A7794FD85FE4} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1692296 2020-02-28] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {24D159AF-2621-4816-A52D-15EB6935A314} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23819120 2020-08-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {256D31FF-126F-4ECF-91D9-F7D4ACE32013} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [3858056 2020-08-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {2DCAC850-E0C4-43ED-9778-33873572DB4D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1336400 2020-07-08] (Adobe Inc. -> Adobe Inc.)
Task: {30515428-0D06-4844-BAC0-7FADFE6C79C3} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2497800 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {31AE6321-96E8-4C12-B24B-DA824B61A316} - System32\Tasks\AVG\AVG TuneUp Update => C:\Program Files\Common Files\AVG\Icarus\avg-tu\icarus.exe [5151368 2020-07-08] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {366B36C9-EB22-4CCC-9BBD-BF52B3F13C11} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3583264 2020-06-03] (Corel Corporation -> Corel Corporation)
Task: {3A488821-1ABC-45C9-BC85-00E9BF0E7786} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\suesarkis\Downloads\esetonlinescanner_enu.exe [8149816 2019-09-29] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {48F582DD-B519-49AB-AFF7-1E812641931A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-11] (Adobe Inc. -> Adobe)
Task: {539DC07A-69B8-4293-8A86-A46141B01492} - System32\Tasks\AVG\AVG TuneUp Update BugReport => C:\Program Files\AVG\TuneUp\AvBugReport.exe [2812656 2020-07-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {559C1EE8-B918-4FF8-B901-40131935A0E1} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel® Trusted Connect Service -> Intel® Corporation)
Task: {57100AE3-B92D-4FC1-8D7F-8CFB19AA6707} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-01] (Google Inc -> Google Inc.)
Task: {5C917868-F942-4B66-B771-5E38612C276E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [7192192 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {632E7769-C60E-4A67-88BD-0D154557E567} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [165520 2018-07-11] (AVG Netherlands B.V. -> AVG Technologies)
Task: {75BF6DE9-4FCA-4BC3-827F-FE7528955A2E} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1844488 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {82B94AD8-29A8-40ED-A907-224D53D80DFA} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\suesarkis\Downloads\esetonlinescanner_enu.exe [8149816 2019-09-29] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {8A16F885-42CC-43BA-A14D-E4A493001610} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [6944304 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {8FA0207E-0F04-4B48-BD37-B2136C28A95A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-01] (Google Inc -> Google Inc.)
Task: {945F86E0-CF04-4F2A-BC2A-9165D07A9434} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118616 2020-08-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {9825C3A4-2208-4810-BB34-0E82B5F8CE3B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118616 2020-08-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {A330AAEB-37AA-4A78-86A0-81001483C172} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {A3BA81C8-77D3-4CF3-AEEC-A900AB6792FF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23819120 2020-08-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {A9A555E0-9B0D-4230-B577-05A5E76B8619} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [1967880 2017-10-11] (Microsoft Corporation -> Microsoft)
Task: {B0885ABB-A5DF-4D8A-9340-B64A604EBC38} - System32\Tasks\AdvancedSystemRepairPro-Maintenance-Autorun => C:\Program Files (x86)\Advanced System Repair Pro 1.9.1.0.0\AdvancedSystemRepairPro.exe
Task: {B2A8DC90-58FC-4E6F-A8CF-E058AED0BD75} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [7651984 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {BA66CF97-BF0D-4C4A-8E44-91B8D1F91147} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
Task: {BBF33665-2444-4F15-A3F4-F7AEC254031D} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2497800 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {D7C58521-6404-4F1D-B081-D49AB55C30C4} - System32\Tasks\Microsoft\Windows\AVGAntiTrack\AVGAntiTrackStart => C:\Program Files (x86)\AVG Software\AntiTrack\AVGAntiTrack.exe
Task: {DEC2E8AB-AF71-4069-837A-F83ADD0F36EC} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1844488 2017-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {ECA727E2-B229-46F7-8BE8-13B2B09AACF8} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [165520 2018-07-11] (AVG Netherlands B.V. -> AVG Technologies)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 209.18.47.63 209.18.47.61
Tcpip\..\Interfaces\{1b626343-04a6-45cd-b559-9a91b11fb27c}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a2dfdca2-88d0-4a80-a575-518f72e15f51}: [NameServer] 100.120.216.1
Tcpip\..\Interfaces\{dace9ba1-7c81-4972-8e00-a728cdf2e3da}: [DhcpNameServer] 209.18.47.63 209.18.47.61
Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-02-04] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2020-03-10] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2020-03-10] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-08-09] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
DownloadDir: C:\Users\suesarkis\Downloads
Edge Profile: C:\Users\suesarkis\AppData\Local\Microsoft\Edge\User Data\Default [2020-08-25]
Edge DownloadDir: C:\Users\suesarkis\Downloads
FireFox:
========
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2020-03-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2020-03-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-02-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-08-17] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default [2020-09-07]
CHR DownloadDir: C:\Users\suesarkis\Desktop
CHR Notifications: Default -> hxxps://ecopowerplate.com; hxxps://gop.com; hxxps://helpx.adobe.com; hxxps://ilovemyfreedom.pushcrew.com; hxxps://ktla.com; hxxps://kubrakhademi.org; hxxps://markets.businessinsider.com; hxxps://news.mynewswire.co; hxxps://section-8-apartments.copush.com; hxxps://timesofindia.indiatimes.com; hxxps://townhall.com; hxxps://www.ae.com; hxxps://www.alibaba.com; hxxps://www.allrecipes.com; hxxps://www.aol.com; hxxps://www.att.com; hxxps://www.bettymills.com; hxxps://www.bunsinmyoven.com; hxxps://www.businessinsider.com; hxxps://www.cnet.com; hxxps://www.cousinsmainelobster.com; hxxps://www.dallasnews.com; hxxps://www.ebags.com; hxxps://www.facebook.com; hxxps://www.globalindustrial.com; hxxps://www.health.com; hxxps://www.infowars.com; hxxps://www.inspireuplift.com; hxxps://www.newsbreak.com; hxxps://www.newsmax.com; hxxps://www.reddit.com; hxxps://www.taketwotapas.com; hxxps://www.traveltrivia.com; hxxps://www.triviadaily.com; hxxps://www.triviagenius.com; hxxps://www.washingtontimes.com; hxxps://www.wayfair.com; hxxps://www.westernjournal.com; hxxps://www.westernjournalism.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxps://us.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=86311457¶m1=y6bdVFVIsvuYsgEClQfz8HyFH9tZCHsOZFHNP%2BYwJC2KzKng6DqDwLXGzQuImnSkuMRjGBMJKVXU9IRCVZHYmv03SMviyUpr2foFPnoYkJaB3zfa5tmymI5biZxxjmVTIbN5ffDfL8kCtQrGoxi2kMRzHbkFAtg5EnpK5Hu5iMnnZUYerfkfO61IRimZ47UAtI3vkxx%2FSpXj3joplwZyWJfCIZm2pmJkfO%2F12o7jo58hmN5FO46RpWqsGGdB92u35v50dGIfe8QyECGyKPI9WTZlPjMpXto87EcWfoMMx88%3D"
CHR DefaultSearchKeyword: Default -> google.com_
CHR Extension: (Slides) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Entanglement Web App) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2017-10-08]
CHR Extension: (e-Player) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\agilokibjakdcmghlogojfbjmhbkhgmc [2020-06-08]
CHR Extension: (Docs) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-01]
CHR Extension: (YouTube) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-01]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-08-08]
CHR Extension: (Adobe Acrobat) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-08-05]
CHR Extension: (Sheets) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Google Docs Offline) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-08-13]
CHR Extension: (Poppit!) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2017-10-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-03]
CHR Profile: C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-09-26]
CHR Profile: C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-03-01]
CHR Notifications: Profile 1 -> hxxps://www.allrecipes.com; hxxps://www.att.com; hxxps://www.facebook.com; hxxps://www.pinterest.com; hxxps://www.reddit.com; hxxps://www.washingtontimes.com
CHR Extension: (Slides) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-24]
CHR Extension: (Docs) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-24]
CHR Extension: (Google Drive) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-02-24]
CHR Extension: (YouTube) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-02-24]
CHR Extension: (Adobe Acrobat) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-02-24]
CHR Extension: (Sheets) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-24]
CHR Extension: (Google Docs Offline) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-02-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-24]
CHR Extension: (Gmail) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-24]
CHR Extension: (Chrome Media Router) - C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-29]
CHR Profile: C:\Users\suesarkis\AppData\Local\Google\Chrome\User Data\System Profile [2019-09-26]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-07-08] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-11] (Adobe Inc. -> Adobe)
S2 avg; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [165520 2018-07-11] (AVG Netherlands B.V. -> AVG Technologies)
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [354272 2020-08-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Firewall; C:\Program Files (x86)\AVG\Antivirus\afwServ.exe [1072872 2020-08-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe [7823296 2020-08-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 avgm; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [165520 2018-07-11] (AVG Netherlands B.V. -> AVG Technologies)
S3 AVGSecureBrowserElevationService; C:\Program Files (x86)\AVG\Browser\Application\84.1.5543.137\elevation_service.exe [1071864 2020-08-19] (AVG Technologies USA, LLC -> AVG Technologies)
R2 AvgWscReporter; C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe [110608 2020-08-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 CleanupPSvc; C:\Program Files\AVG\TuneUp\TuneupSvc.exe [12987160 2020-07-13] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10566536 2020-08-05] (Microsoft Corporation -> Microsoft Corporation)
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7138296 2020-08-30] (Malwarebytes Inc -> Malwarebytes)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SecureVpn; C:\Program Files (x86)\AVG\Secure VPN\VpnSvc.exe [6909048 2020-07-30] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-18] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-18] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [205952 2020-08-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [235656 2020-08-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [195720 2020-08-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [61064 2020-08-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [16320 2020-07-21] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [42840 2020-08-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [175264 2020-08-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [515600 2020-08-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [109336 2020-08-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [84912 2020-08-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [851664 2020-08-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [466816 2020-08-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [217392 2020-08-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 avgTap; C:\WINDOWS\System32\drivers\avgTap.sys [54888 2018-09-05] (AVG Technologies CZ, s.r.o. -> The OpenVPN Project)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [323848 2020-08-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-10-06] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-08-30] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [217608 2020-09-04] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-08-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197280 2020-09-07] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73880 2020-09-07] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-09-03] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [131232 2020-09-07] (Malwarebytes Inc -> Malwarebytes)
R1 netfilter2; C:\WINDOWS\System32\drivers\netfilter2.sys [86632 2020-05-24] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider)
S3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46472 2019-03-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [333784 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)
U1 avgbdisk; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-09-07 12:11 - 2020-09-07 12:11 - 002297344 _____ (Farbar) C:\Users\suesarkis\Downloads\FRST64 (5).exe
2020-09-07 12:00 - 2020-09-07 12:00 - 002297344 _____ (Farbar) C:\Users\suesarkis\Downloads\FRST64 (4).exe
2020-09-07 12:00 - 2020-09-07 12:00 - 002297344 _____ (Farbar) C:\Users\suesarkis\Downloads\FRST64 (3).exe
2020-09-07 12:00 - 2020-09-07 12:00 - 002297344 _____ (Farbar) C:\Users\suesarkis\Downloads\FRST64 (2).exe
2020-09-07 09:46 - 2020-09-07 09:46 - 000000258 _____ C:\Users\suesarkis\Desktop\Geeks Leads.txt
2020-09-07 08:52 - 2020-09-07 08:52 - 000002339 _____ C:\Users\suesarkis\Desktop\AOL Desktop Gold.lnk
2020-09-07 08:28 - 2020-09-07 08:28 - 000197280 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-09-07 08:28 - 2020-09-07 08:28 - 000131232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-09-07 08:28 - 2020-09-07 08:28 - 000073880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-09-05 09:47 - 2020-09-05 09:47 - 000009346 _____ C:\Users\suesarkis\Documents\2020-9-5 Food Recipients.wpd
2020-09-04 22:30 - 2020-09-04 22:56 - 001124524 _____ C:\WINDOWS\Minidump\090420-41500-01.dmp
2020-09-04 08:35 - 2020-09-04 08:35 - 000000000 ____D C:\WINDOWS\%LOCALAPPDATA%
2020-09-04 08:23 - 2020-09-04 08:23 - 000217608 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-09-03 19:38 - 2020-09-03 19:38 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-09-03 01:07 - 2020-09-05 23:28 - 000000943 _____ C:\Users\suesarkis\Desktop\Walkenhorst.txt
2020-09-01 20:51 - 2020-09-01 20:51 - 000000160 _____ C:\Users\suesarkis\Desktop\Dr Lentz.txt
2020-08-31 21:09 - 2020-08-31 21:40 - 001284420 _____ C:\WINDOWS\Minidump\083120-40421-01.dmp
2020-08-31 15:02 - 2020-08-31 15:02 - 000000000 ____D C:\Users\suesarkis\db
2020-08-31 14:59 - 2020-08-31 15:00 - 093753336 _____ (Oath Inc.) C:\Users\suesarkis\Downloads\Install_AOL_Desktop (2).exe
2020-08-31 14:58 - 2020-08-31 15:00 - 000401025 _____ C:\Users\suesarkis\Desktop\AOL Desktop Backup 2020-08-31 14-58.AolSave
2020-08-30 19:32 - 2020-08-30 19:31 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-08-29 08:56 - 2020-08-29 09:19 - 000681148 _____ C:\WINDOWS\Minidump\082920-44640-01.dmp
2020-08-26 23:48 - 2020-08-26 23:48 - 011519037 _____ C:\Users\suesarkis\Desktop\Cal Mafia.mp4
2020-08-26 13:22 - 2020-08-26 13:39 - 001154748 _____ C:\WINDOWS\Minidump\082620-46968-01.dmp
2020-08-26 13:22 - 2020-08-26 13:23 - 000530360 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-08-26 11:02 - 2020-08-26 11:02 - 000000124 _____ C:\Users\suesarkis\Desktop\Voter Fraud cases.txt
2020-08-25 22:17 - 2020-08-25 22:17 - 000001402 _____ C:\Users\suesarkis\Desktop\Incontinence underwear.txt
2020-08-22 21:34 - 2020-08-22 21:34 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-08-22 21:34 - 2020-08-10 10:38 - 000436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2020-08-22 21:34 - 2020-08-10 10:37 - 000905528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2020-08-21 00:39 - 2020-08-21 00:52 - 000000551 _____ C:\Users\suesarkis\Desktop\Amazon gift cards.txt
2020-08-20 11:49 - 2020-08-20 11:49 - 000002144 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-08-20 08:02 - 2020-08-21 08:42 - 000000000 ____D C:\found.002
2020-08-19 19:09 - 2020-09-01 23:18 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2069550446-780284186-1707450264-1001
2020-08-19 19:09 - 2020-08-19 19:09 - 000002375 _____ C:\Users\suesarkis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-08-17 11:49 - 2020-08-17 11:49 - 000011368 _____ C:\Users\suesarkis\Documents\Food Bank List entire.wpd
2020-08-17 10:44 - 2020-08-17 10:44 - 000006549 _____ C:\Users\suesarkis\Documents\Dora Tate food recipients numberless.wpd
2020-08-13 19:03 - 2020-08-13 19:03 - 000779316 _____ C:\Users\suesarkis\Desktop\WAD_Virtual_updated.pdf
2020-08-13 14:42 - 2020-08-13 14:42 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-08-13 14:42 - 2020-08-13 14:42 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-08-13 14:42 - 2020-08-13 14:42 - 000724480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-08-13 14:42 - 2020-08-13 14:42 - 000709120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2020-08-13 14:42 - 2020-08-13 14:42 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2020-08-13 14:42 - 2020-08-13 14:42 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2020-08-13 14:42 - 2020-08-13 14:42 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2020-08-13 14:42 - 2020-08-13 14:42 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrahc.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 019852288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 018032128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 006294528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 005904896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 005013504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 004611072 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 004129408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 003637760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 003516416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 002950808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-08-13 14:41 - 2020-08-13 14:41 - 002588688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2020-08-13 14:41 - 2020-08-13 14:41 - 002422384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2020-08-13 14:41 - 2020-08-13 14:41 - 002259192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2020-08-13 14:41 - 2020-08-13 14:41 - 002138280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2020-08-13 14:41 - 2020-08-13 14:41 - 001870200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 001836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 001418832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 000971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2020-08-13 14:41 - 2020-08-13 14:41 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2020-08-13 14:41 - 2020-08-13 14:41 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 000738064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2020-08-13 14:41 - 2020-08-13 14:41 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 000666280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2020-08-13 14:41 - 2020-08-13 14:41 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 000359496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2020-08-13 14:41 - 2020-08-13 14:41 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 000343408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2020-08-13 14:41 - 2020-08-13 14:41 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapisrv.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapisrv.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\net1.exe
2020-08-13 14:41 - 2020-08-13 14:41 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-08-13 14:41 - 2020-08-13 14:41 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-08-13 14:41 - 2020-08-13 14:41 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2020-08-13 14:40 - 2020-08-13 14:41 - 007270912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 025903104 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 022642688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 007758848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 006074552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 005946368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 005849872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 005767224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 005003824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 004859904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 003743056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 002799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-08-13 14:40 - 2020-08-13 14:40 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-08-13 14:40 - 2020-08-13 14:40 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 002583496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 002576896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 002022400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 001740800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 001672544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 001669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 001564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 001420320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-08-13 14:40 - 2020-08-13 14:40 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 001282872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-08-13 14:40 - 2020-08-13 14:40 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-08-13 14:40 - 2020-08-13 14:40 - 001197056 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-08-13 14:40 - 2020-08-13 14:40 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 001009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000995840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000897648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000894032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000875520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-08-13 14:40 - 2020-08-13 14:40 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000775480 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-08-13 14:40 - 2020-08-13 14:40 - 000718336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000690536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000675040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-08-13 14:40 - 2020-08-13 14:40 - 000675024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000671040 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000593480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000568128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000564488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000431104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\DispBroker.Desktop.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000379704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-08-13 14:40 - 2020-08-13 14:40 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000273744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47Langs.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-08-13 14:40 - 2020-08-13 14:40 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\net1.exe
2020-08-13 14:40 - 2020-08-13 14:40 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000165176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Winlangdb.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000133256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47mrm.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000124512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\globinputhost.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000090936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000089328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguageProfileCallback.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-08-13 14:40 - 2020-08-13 14:40 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acwow64.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Drivers\afunix.sys
2020-08-13 14:40 - 2020-08-13 14:40 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2020-08-13 14:40 - 2020-08-13 14:40 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2020-08-13 14:40 - 2020-08-13 14:40 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2020-08-13 14:40 - 2020-08-13 14:40 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-08-13 14:40 - 2020-08-13 14:40 - 000000357 _____ C:\WINDOWS\system32\DrtmAuthKeyDelegate_From_20190529_To_20200303.bin
2020-08-13 14:40 - 2020-08-13 14:40 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth1KeyDelegate.bin
2020-08-13 14:40 - 2020-08-13 14:40 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-08-13 14:40 - 2020-08-13 14:40 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-08-13 14:40 - 2020-08-13 14:40 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-08-13 14:40 - 2020-08-13 14:40 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-08-13 14:40 - 2020-08-13 14:40 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-08-13 14:40 - 2020-08-13 14:40 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-08-13 14:40 - 2020-08-13 14:40 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-08-13 14:40 - 2020-08-13 14:40 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-08-13 14:40 - 2020-08-13 14:40 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-08-13 14:40 - 2020-08-13 14:40 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-08-13 14:40 - 2020-08-13 14:40 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-08-13 14:40 - 2020-08-13 14:40 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-08-13 14:39 - 2020-08-13 14:40 - 014820352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 009932088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-08-13 14:39 - 2020-08-13 14:39 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 006436864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 005111296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 003974376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-08-13 14:39 - 2020-08-13 14:39 - 003806208 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 003368616 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-08-13 14:39 - 2020-08-13 14:39 - 002766952 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 002737664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 002698048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-08-13 14:39 - 2020-08-13 14:39 - 002307584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 002085632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 001665024 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 001654312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 001482568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-08-13 14:39 - 2020-08-13 14:39 - 001406464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 001393960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 001101312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000888352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000867840 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000823744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-08-13 14:39 - 2020-08-13 14:39 - 000822800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000702976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000673088 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-08-13 14:39 - 2020-08-13 14:39 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-08-13 14:39 - 2020-08-13 14:39 - 000463168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-08-13 14:39 - 2020-08-13 14:39 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HrtfApo.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000220984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-08-13 14:39 - 2020-08-13 14:39 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-08-13 14:39 - 2020-08-13 14:39 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000132408 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpkinstall.exe
2020-08-13 14:39 - 2020-08-13 14:39 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmRes.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-08-13 14:39 - 2020-08-13 14:39 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afunix.sys
2020-08-13 14:39 - 2020-08-13 14:39 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2020-08-13 14:39 - 2020-08-13 14:39 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2020-08-13 14:39 - 2020-08-13 14:39 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-08-13 14:39 - 2020-08-13 14:39 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-08-13 14:39 - 2020-08-13 14:39 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 007915864 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 007583272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 007270728 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 005283776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-08-13 14:38 - 2020-08-13 14:38 - 004005376 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 003727872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-08-13 14:38 - 2020-08-13 14:38 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 002717696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-08-13 14:38 - 2020-08-13 14:38 - 002552120 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 002471936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 002260312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 001756592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-08-13 14:38 - 2020-08-13 14:38 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 001660536 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 001512848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-08-13 14:38 - 2020-08-13 14:38 - 001366144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-08-13 14:38 - 2020-08-13 14:38 - 001338368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 001182248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-08-13 14:38 - 2020-08-13 14:38 - 001123344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 000917800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-08-13 14:38 - 2020-08-13 14:38 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 000716312 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-08-13 14:38 - 2020-08-13 14:38 - 000548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 000522688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-08-13 14:38 - 2020-08-13 14:38 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-08-13 14:38 - 2020-08-13 14:38 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 000369304 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Winlangdb.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 000186472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47mrm.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 000152416 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\globinputhost.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2020-08-13 14:38 - 2020-08-13 14:38 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-08-13 14:38 - 2020-08-13 14:38 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguageProfileCallback.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-08-13 14:38 - 2020-08-13 14:38 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbservicetrigger.dll
2020-08-13 14:37 - 2020-08-13 14:37 - 017792512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-08-13 14:37 - 2020-08-13 14:37 - 007850784 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-08-13 14:37 - 2020-08-13 14:37 - 007297536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-08-13 14:37 - 2020-08-13 14:37 - 004625184 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-08-13 14:37 - 2020-08-13 14:37 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2020-08-13 14:37 - 2020-08-13 14:37 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-08-13 14:37 - 2020-08-13 14:37 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-08-13 14:37 - 2020-08-13 14:37 - 003141632 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2020-08-13 14:37 - 2020-08-13 14:37 - 002808832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2020-08-13 14:37 - 2020-08-13 14:37 - 002523136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-08-13 14:37 - 2020-08-13 14:37 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-08-13 14:37 - 2020-08-13 14:37 - 002136064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-08-13 14:37 - 2020-08-13 14:37 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-08-13 14:37 - 2020-08-13 14:37 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-08-13 14:37 - 2020-08-13 14:37 - 001182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-08-13 14:37 - 2020-08-13 14:37 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-08-13 14:37 - 2020-08-13 14:37 - 001127424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-08-13 14:37 - 2020-08-13 14:37 - 001072128 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-08-13 14:37 - 2020-08-13 14:37 - 001059328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2020-08-13 14:37 - 2020-08-13 14:37 - 001055232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2020-08-13 14:37 - 2020-08-13 14:37 - 000937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2020-08-13 14:37 - 2020-08-13 14:37 - 000875424 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-08-13 14:37 - 2020-08-13 14:37 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2020-08-13 14:37 - 2020-08-13 14:37 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\HrtfApo.dll
2020-08-13 14:37 - 2020-08-13 14:37 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageOverlayServer.dll
2020-08-13 14:37 - 2020-08-13 14:37 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-08-13 14:37 - 2020-08-13 14:37 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2020-08-13 14:37 - 2020-08-13 14:37 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2020-08-13 14:37 - 2020-08-13 14:37 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2020-08-13 14:37 - 2020-08-13 14:37 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
2020-08-13 14:37 - 2020-08-13 14:37 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-08-13 14:37 - 2020-08-13 14:37 - 000201544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2020-08-13 14:37 - 2020-08-13 14:37 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBAUDIO.sys
2020-08-13 14:37 - 2020-08-13 14:37 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2020-08-13 14:37 - 2020-08-13 14:37 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2020-08-13 14:37 - 2020-08-13 14:37 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-08-13 14:37 - 2020-08-13 14:37 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmRes.dll
2020-08-13 14:37 - 2020-08-13 14:37 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2020-08-13 14:37 - 2020-08-13 14:37 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2020-08-13 14:37 - 2020-08-13 14:37 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2020-08-13 14:37 - 2020-08-13 14:37 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2020-08-13 14:37 - 2020-08-13 14:37 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-08-13 14:37 - 2020-08-13 14:37 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2020-08-13 13:44 - 2020-08-13 13:45 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-08-13 13:44 - 2020-08-13 13:45 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-08-12 10:43 - 2020-08-12 10:44 - 000000035 _____ C:\END
2020-08-12 10:43 - 2020-05-24 23:30 - 000086632 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\system32\Drivers\netfilter2.sys
2020-08-12 10:13 - 2020-08-12 10:13 - 000000000 ____D C:\ProgramData\UpdShl
2020-08-12 10:11 - 2020-08-12 10:13 - 000000000 _RSHD C:\ProgramData\Key-Base
2020-08-12 10:11 - 2020-08-12 10:11 - 000000000 ____D C:\ProgramData\{02B25B49-3E3B-7060-C715-B31FF3DAB738}
2020-08-12 10:10 - 2020-08-12 10:37 - 000002079 _____ C:\Users\suesarkis\Desktop\AVG AntiTrack.lnk
2020-08-12 10:09 - 2020-08-12 10:43 - 000000000 ____D C:\Users\suesarkis\AppData\Local\AVGAntiTrack
2020-08-12 10:07 - 2020-08-12 10:10 - 000000000 ____D C:\Users\suesarkis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVG AntiTrack
2020-08-12 10:06 - 2020-08-12 10:07 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2020-08-12 10:06 - 2020-08-12 10:06 - 000000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2020-08-12 10:02 - 2020-08-12 10:04 - 140139360 _____ (AVG Software) C:\Users\suesarkis\Desktop\avg_antitrack_setup.exe
2020-08-11 15:28 - 2020-08-11 15:42 - 002998407 _____ C:\Users\suesarkis\Desktop\White Peacock121.mp4
2020-08-11 06:31 - 2020-09-01 23:18 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-08-11 06:22 - 2020-09-04 08:35 - 000004278 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2020-08-11 06:22 - 2020-08-11 06:22 - 000323848 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2020-08-11 06:22 - 2020-08-11 06:21 - 000336520 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2020-08-11 06:21 - 2020-08-11 06:21 - 000851664 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2020-08-11 06:21 - 2020-08-11 06:21 - 000515600 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetHub.sys
2020-08-11 06:21 - 2020-08-11 06:21 - 000466816 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2020-08-11 06:21 - 2020-08-11 06:21 - 000235656 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2020-08-11 06:21 - 2020-08-11 06:21 - 000217392 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2020-08-11 06:21 - 2020-08-11 06:21 - 000205952 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2020-08-11 06:21 - 2020-08-11 06:21 - 000195720 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2020-08-11 06:21 - 2020-08-11 06:21 - 000175264 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2020-08-11 06:21 - 2020-08-11 06:21 - 000109336 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2020-08-11 06:21 - 2020-08-11 06:21 - 000084912 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2020-08-11 06:21 - 2020-08-11 06:21 - 000061064 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2020-08-11 06:21 - 2020-08-11 06:21 - 000042840 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2020-08-08 10:11 - 2020-08-08 17:26 - 000009117 _____ C:\Users\suesarkis\Documents\Working Food Recipients 8-8-2020.wpd
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-09-07 12:30 - 2019-03-18 21:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-09-07 12:25 - 2013-11-30 18:43 - 000037026 _____ C:\Users\suesarkis\Downloads\FRST.txt
2020-09-07 12:23 - 2013-11-20 14:44 - 000000000 ____D C:\FRST
2020-09-07 11:52 - 2019-09-26 10:33 - 000000000 ____D C:\Users\suesarkis\Desktop\FRST-OlderVersion
2020-09-07 11:45 - 2019-12-01 15:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-09-07 11:43 - 2020-04-04 13:04 - 000000000 ____D C:\Users\suesarkis\AppData\LocalLow\IGDump
2020-09-07 11:10 - 2019-12-01 15:55 - 000004160 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{B2E84DCE-1944-445C-A875-3E8412E6C94E}
2020-09-07 08:52 - 2017-06-01 08:00 - 000000000 ____D C:\Users\suesarkis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aol Inc
2020-09-07 08:36 - 2017-07-13 21:14 - 000000000 ____D C:\ProgramData\Avg
2020-09-07 08:28 - 2014-11-23 14:39 - 000000000 __SHD C:\Users\suesarkis\IntelGraphicsProfiles
2020-09-07 08:26 - 2017-10-12 15:17 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2020-09-07 08:25 - 2019-12-01 15:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-09-06 23:32 - 2019-03-18 21:37 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2020-09-06 23:15 - 2017-09-14 23:52 - 000001829 _____ C:\Users\suesarkis\Desktop\GROCERIES.txt
2020-09-05 23:28 - 2017-07-27 16:07 - 000003391 _____ C:\Users\suesarkis\Desktop\email addresses.txt
2020-09-05 16:22 - 2019-03-18 21:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-09-05 16:22 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-09-05 14:51 - 2020-01-12 14:45 - 000000118 _____ C:\Users\suesarkis\Desktop\Ernestine.txt
2020-09-05 09:03 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2020-09-04 23:29 - 2019-12-01 15:09 - 000000000 ____D C:\Users\suesarkis
2020-09-04 22:30 - 2020-03-19 14:42 - 000000000 ____D C:\WINDOWS\Minidump
2020-09-04 10:50 - 2018-07-06 11:29 - 000000000 ____D C:\Users\suesarkis\AppData\Local\CrashDumps
2020-09-04 10:24 - 2013-05-23 10:25 - 000000000 ____D C:\Users\suesarkis\Documents\STOCKS
2020-09-03 23:49 - 2019-12-01 15:09 - 000000000 ____D C:\Users\Administrator
2020-09-03 13:02 - 2017-06-01 07:49 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-03 13:02 - 2017-06-01 07:49 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-09-03 13:02 - 2017-06-01 07:49 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-09-02 15:48 - 2013-05-23 10:22 - 000000000 ____D C:\Users\suesarkis\Documents\PHONE BOOK
2020-09-02 08:45 - 2017-07-14 18:34 - 000000264 _____ C:\Users\suesarkis\Desktop\for Jim.txt
2020-09-01 23:18 - 2020-06-14 07:37 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-09-01 23:18 - 2020-06-14 07:37 - 000003184 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-09-01 23:18 - 2020-03-04 12:16 - 000002440 _____ C:\WINDOWS\system32\Tasks\CorelUpdateHelperTaskCore
2020-09-01 23:18 - 2019-12-01 15:55 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-09-01 23:18 - 2019-12-01 15:55 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-09-01 23:18 - 2019-12-01 15:55 - 000003118 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2020-09-01 23:18 - 2019-12-01 15:55 - 000002982 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2020-09-01 23:18 - 2019-12-01 15:55 - 000002896 _____ C:\WINDOWS\system32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe
2020-09-01 23:18 - 2019-12-01 15:55 - 000002856 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2069550446-780284186-1707450264-1004
2020-09-01 23:18 - 2019-12-01 15:55 - 000002602 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2020-09-01 23:18 - 2019-12-01 15:55 - 000002444 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2020-09-01 23:18 - 2019-12-01 15:55 - 000002392 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2020-09-01 23:18 - 2019-12-01 15:55 - 000002388 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_itype_exe
2020-09-01 23:18 - 2019-12-01 15:55 - 000002374 _____ C:\WINDOWS\system32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2020-09-01 23:18 - 2019-12-01 15:55 - 000002370 _____ C:\WINDOWS\system32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2020-09-01 23:18 - 2019-12-01 15:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-09-01 20:58 - 2013-05-23 10:21 - 000000000 ____D C:\Users\suesarkis\Documents\MISC
2020-09-01 08:28 - 2020-06-14 07:38 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-09-01 08:28 - 2020-06-14 07:38 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-09-01 08:28 - 2020-06-14 07:38 - 000002278 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-08-31 15:02 - 2020-06-18 14:09 - 000000000 ____D C:\Users\suesarkis\AppData\Local\AOLDesktopData
2020-08-31 15:01 - 2018-06-09 17:51 - 000000000 ____D C:\Users\suesarkis\AppData\Local\D3DSCache
2020-08-31 10:58 - 2013-05-23 10:15 - 000000000 ____D C:\Users\suesarkis\Documents\Complaints
2020-08-30 19:32 - 2020-08-03 08:49 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-08-30 19:32 - 2020-08-03 08:49 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-08-30 19:32 - 2020-08-03 08:49 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-08-30 19:32 - 2019-03-18 21:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-08-30 19:31 - 2020-08-03 08:37 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-08-30 17:10 - 2013-05-20 14:48 - 000000000 ____D C:\Users\suesarkis\Documents\JOKES
2020-08-29 21:42 - 2020-05-17 21:52 - 000002968 _____ C:\Users\suesarkis\Desktop\Tenants.txt
2020-08-28 18:19 - 2017-06-02 16:27 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-08-26 16:18 - 2019-03-18 21:50 - 000000000 ____D C:\WINDOWS\INF
2020-08-25 08:47 - 2018-07-11 07:52 - 000002377 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Secure Browser.lnk
2020-08-25 08:47 - 2018-07-11 07:52 - 000002342 _____ C:\Users\Public\Desktop\AVG Secure Browser.lnk
2020-08-25 08:47 - 2018-07-11 07:52 - 000002342 _____ C:\ProgramData\Desktop\AVG Secure Browser.lnk
2020-08-24 15:03 - 2018-04-26 18:20 - 000000000 ____D C:\Users\suesarkis\AppData\Local\AOLDesktop
2020-08-24 15:01 - 2017-06-01 07:59 - 000000000 ____D C:\Users\suesarkis\AppData\Local\SquirrelTemp
2020-08-19 19:09 - 2014-12-28 20:34 - 000000000 ___RD C:\Users\suesarkis\OneDrive
2020-08-16 18:50 - 2013-04-24 08:40 - 000000000 ____D C:\Users\suesarkis\Documents\POLITICAL
2020-08-15 08:33 - 2019-12-01 15:23 - 000842668 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-08-14 20:03 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-08-14 08:23 - 2013-01-14 11:27 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-08-14 08:22 - 2017-12-09 17:00 - 000000000 ___RD C:\Users\suesarkis\3D Objects
2020-08-13 22:11 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-08-13 22:11 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-08-13 22:11 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-08-13 22:11 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-08-13 22:11 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\setup
2020-08-13 22:11 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-08-13 22:11 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-08-13 22:11 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-08-13 22:11 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-08-13 22:11 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-08-13 22:11 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-08-13 22:11 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-08-13 22:11 - 2019-03-18 21:37 - 000000000 ____D C:\WINDOWS\servicing
2020-08-13 14:57 - 2019-03-18 21:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-08-12 10:05 - 2017-06-02 22:27 - 000000000 ____D C:\ProgramData\Package Cache
2020-08-12 09:58 - 2017-10-12 13:15 - 000000000 ____D C:\Program Files (x86)\AVG
2020-08-08 17:12 - 2016-10-11 10:27 - 000000000 ____D C:\Users\suesarkis\Documents\RELIGION
==================== Files in the root of some directories ========
2015-02-11 19:02 - 2015-02-11 19:02 - 000880208 _____ (Google Inc.) C:\Users\suesarkis\ChromeSetup.exe
2019-12-01 10:41 - 2019-12-01 10:41 - 000000538 _____ () C:\Program Files (x86)\LMIR0838B001.tmp_r.bat
2019-12-01 13:57 - 2019-12-01 13:57 - 000000738 _____ () C:\Program Files (x86)\LMIR0B414001.tmp.bat
2019-12-01 13:57 - 2019-12-01 13:57 - 000000538 _____ () C:\Program Files (x86)\LMIR0B414001.tmp_r.bat
2019-12-01 13:51 - 2019-12-01 13:51 - 000000556 _____ () C:\Users\suesarkis\AppData\Local\LMIR09622001.tmp_r.bat
2019-12-01 14:18 - 2019-12-01 14:18 - 000000756 _____ () C:\Users\suesarkis\AppData\Local\LMIR0B406001.tmp.bat
2019-12-01 14:18 - 2019-12-01 14:18 - 000000556 _____ () C:\Users\suesarkis\AppData\Local\LMIR0B406001.tmp_r.bat
2017-11-17 09:38 - 2017-11-17 09:38 - 000000017 _____ () C:\Users\suesarkis\AppData\Local\resmon.resmoncfg
2017-10-15 07:43 - 2017-07-28 14:57 - 000105744 _____ (Bomgar) C:\Users\suesarkis\AppData\Local\Z@H!-147561942927653119494-32.tmp
2017-10-15 07:43 - 2017-07-28 14:57 - 000123152 _____ (Bomgar) C:\Users\suesarkis\AppData\Local\Z@H!-147561942927653119494-64.tmp
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-09-2020
Ran by suesarkis (07-09-2020 12:35:16)
Running from C:\Users\suesarkis\Downloads
Windows 10 Home Version 1909 18363.1016 (X64) (2019-12-01 22:57:22)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2069550446-780284186-1707450264-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-2069550446-780284186-1707450264-503 - Limited - Disabled)
Guest (S-1-5-21-2069550446-780284186-1707450264-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2069550446-780284186-1707450264-1003 - Limited - Enabled)
suesarkis (S-1-5-21-2069550446-780284186-1707450264-1001 - Administrator - Enabled) => C:\Users\suesarkis
User (S-1-5-21-2069550446-780284186-1707450264-1004 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-2069550446-780284186-1707450264-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Spybot - Search and Destroy (Enabled - Out of date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}
FW: AVG Antivirus (Enabled) {2092F4DC-EC63-3680-C854-E2DACF7E736A}
FW: AVG Antivirus (Enabled) {77FCDD80-5C3B-5549-57A4-B1A62BD5FB8F}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.012.20043 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.344 - Adobe)
AOL Desktop Gold (HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\AOLDesktop) (Version: 11.0.2793 - Oath Inc.)
AOL Desktop Gold (HKU\S-1-5-21-2069550446-780284186-1707450264-1004\...\AOLDesktop) (Version: 11.0.1268 - Oath Inc.)
AVG AntiTrack (HKLM-x32\...\AVGAntiTrack) (Version: 2.1.0.62 - AVG Technologies)
AVG Internet Security (HKLM-x32\...\AVG Antivirus) (Version: 20.6.3135 - AVG Technologies)
AVG Secure Browser (HKLM-x32\...\AVG Secure Browser) (Version: 84.1.5543.137 - AVG Technologies)
AVG Secure VPN (HKLM\...\{078F51FA-D92F-419A-9E69-08BC59265F7E}_is1) (Version: 1.10.765 - AVG)
AVG TuneUp (HKLM\...\AVG TuneUp) (Version: 20.1.1997.256 - AVG)
AVG Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.155.333 - AVG Technologies) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Copernic Desktop Search (HKLM\...\{CFC6FE00-2609-4D6D-8209-C232864B9861}) (Version: 7.1.2.13449 - Copernic) Hidden
Copernic Desktop Search (HKLM\...\CopernicDesktopSearch7) (Version: 7.1.2.13449 - Copernic)
Corel Update Manager (HKLM-x32\...\{970F0689-74EE-4847-82DD-37F33D62C6A5}) (Version: 2.13.594 - Corel corporation) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Digital Coupon Printer (HKLM-x32\...\{2CDD20A5-DFDE-4AC0-97DD-F60B1196BF98}) (Version: 3.50.0.0 - Hopster, Inc. an Inmar company)
Free Alarm Clock (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 4.0.1.0 - Comfort Software Group)
Free Countdown Timer (HKLM-x32\...\{404245D0-E836-4737-9C12-D4D0034540F5}_is1) (Version: 4.0.1.0 - Comfort Software Group)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.83 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HP LaserJet Pro M402-M403 n-dne (HKLM-x32\...\{e2164336-c5d8-4ac9-a53b-125779c4c21b}) (Version: 16.0.17174.675 - Hewlett-Packard)
HPDXP (HKLM-x32\...\{2D0909B2-FA33-4C36-8845-BF930A5A945E}) (Version: 3.0.26.20 - HP) Hidden
HPLJPRoM402M403ndne (HKLM-x32\...\{58532038-B97D-4C9B-9B96-C70D5EA763F4}) (Version: 0.10.0000 - Hewlett-Packard) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{314d4c01-f54b-4125-a71f-1e2722c29050}) (Version: 10.1.1.40 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.11.1193 - Intel Corporation)
Intel® PRO/Wireless Driver (HKLM\...\{66afb482-3029-428f-8283-135d3c272132}) (Version: 19.00.0000.4496 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4885 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.0.3.1080 - Intel Corporation)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{C81FD018-F151-460F-B4F9-0D58039503E2}) (Version: 17.2.4.9002 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{B294CE94-FE0F-4427-910C-180AF9FCFED1}) (Version: 1.0.1.620 - Intel Corporation)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
LJDXPHelperUI (HKLM-x32\...\{DEB23FB1-04FF-44AC-98B5-EEB243D65A28}) (Version: 140.069.007 - HP) Hidden
Malwarebytes version 4.2.0.82 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.0.82 - Malwarebytes)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13029.20344 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.44 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 3.2.116.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\OneDriveSetup.exe) (Version: 20.134.0705.0008 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2069550446-780284186-1707450264-1004\...\OneDriveSetup.exe) (Version: 17.3.6943.0625 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{406C9ADB-1325-4FD0-9D13-C119CFF64E0A}) (Version: 2.65.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MyCorkboard Screen Saver (HKLM-x32\...\Corkboard) (Version: - )
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13029.20200 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13029.20200 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13029.20344 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13029.20200 - Microsoft Corporation) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation)
WordPerfect Office IFilter 32-bit (HKLM-x32\...\{1DF03ECE-6AF4-414E-B118-C316F151A9A2}) (Version: 1.6 - Corel Corporation)
WordPerfect Office IFilter 64-bit (HKLM\...\{1B45B85C-99E8-4523-8FB3-0248B3DECFC8}) (Version: 1.6 - Corel Corporation)
WordPerfect Office X7 - IPM Content HSE (HKLM-x32\...\{8E879C65-6BA7-4108-9A0D-C455A30ECAF6}) (Version: 17.0 - Corel Corporation) Hidden
WordPerfect Office X7 - IPM HSE (HKLM-x32\...\{D55537B5-123F-4CEE-A56C-557582FA285D}) (Version: 17.2 - Corel Corporation) Hidden
WordPerfect Office X9 - Common Files (HKLM-x32\...\{50567D26-6C7E-4A3E-9752-BE23977A6C8D}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Common Files English (HKLM-x32\...\{97D165C7-7B4C-442D-9DC6-FE0240A1C98C}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - IPM Content HSE (HKLM-x32\...\{2C332DEE-CB1A-4C4C-A976-7F6FBBDA08F1}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - IPM HSE (HKLM-x32\...\{EF04AF62-9B04-470E-B2EB-D28EE053D991}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Lightning Files (HKLM-x32\...\{5D00E927-0798-4F5D-83B2-A60AFA4C7B93}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Lightning Files English (HKLM-x32\...\{0705BB45-E2C0-41AF-A24D-BB66FB78F574}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Oxford (HKLM-x32\...\{9B32CB12-C951-417E-8490-EAD6E56D920D}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Presentations Files (HKLM-x32\...\{6C2494D8-AA48-49E8-8449-BCDA8BB7F01C}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Presentations Files English (HKLM-x32\...\{C55FBD71-ACA9-495F-9EBA-EB23A51206D0}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Quattro Pro Files (HKLM-x32\...\{B085C003-6454-4512-A3CB-B873E4F8ABEF}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Quattro Pro Files English (HKLM-x32\...\{941020B9-7483-4FA2-B40B-C56815361DAB}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Redists (HKLM-x32\...\{8092CE83-3E55-499F-B746-06E6825C7381}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Setup Files (HKLM-x32\...\{F5784FBC-42E2-429F-A7CF-34959D995957}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - WordPerfect Files (HKLM-x32\...\{55D49A6A-BCBE-40A4-8A9E-1AEC5F125CAC}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - WordPerfect Files English (HKLM-x32\...\{6052701D-0BA0-4AC9-9E7C-0209E0CB2873}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - WPD format Props x64 (HKLM\...\{32B843EE-A124-4DBE-84D0-BB2AE22FF5C1}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 - Writing Tools Files (HKLM-x32\...\{116B261F-1198-4F52-B46A-D6C3A70171FA}) (Version: 19.0 - Corel Corporation) Hidden
WordPerfect Office X9 (HKLM-x32\...\_{F5784FBC-42E2-429F-A7CF-34959D995957}) (Version: 19.0.0.325 - Corel Corporation)
WordPerfect Office X9 (HKLM-x32\...\{60338C41-EFE7-42C2-9442-46AE4FE90CC5}) (Version: 19.0 - Corel Corporation) Hidden
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2020-01-21] (Autodesk Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-05-27] (HP Inc.)
Keeper - Password Manager & Secure File Storage -> C:\Program Files\WindowsApps\KeeperSecurityInc.Keeper_14.0.33.0_x64__kejf07qmg0jnm [2020-01-21] (Keeper Security Inc)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-22] (Microsoft Studios) [MS Ad]
Microsoft Ultimate Word Games -> C:\Program Files\WindowsApps\Microsoft.Studios.Wordament_3.6.10070.0_x64__8wekyb3d8bbwe [2020-01-21] (Microsoft Studios) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-23] (Microsoft Corporation)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-06-11] (Adobe Systems Incorporated)
RICOH Driver Utility -> C:\Program Files\WindowsApps\3EA2211E.RICOHDriverUtility_4.6.0.0_x86__fxme7667cy4q4 [2020-02-14] (Ricoh Company, Ltd.)
Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35054.0.0_x64__807d65c4rvak2 [2020-03-13] (Synaptics Incorporated)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2020-01-21] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2069550446-780284186-1707450264-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel® pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-02-25] () [File not signed]
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2020-08-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [CopernicFileShellContextMenuExtension] -> {fad66f81-4ada-3a28-a8d3-97f227e9abc4} => C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.ShellContextMenu.dll [2020-03-04] (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers2: [CopernicFolderShellContextMenuExtension] -> {c29b51af-17b7-3bf8-a3c1-93920128ef65} => C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.ShellContextMenu.dll [2020-03-04] (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation)
ContextMenuHandlers2-x32: [QuickFinderMenu] -> {0c5824b1-555e-4799-b8be-97b08362623b} => c:\Program Files (x86)\Corel\WordPerfect Office X9\Programs\PFSE190.DLL [2018-05-13] (Corel Corporation -> Corel Corporation)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-08-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-02-25] () [File not signed]
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [CopernicFolderShellContextMenuExtension] -> {c29b51af-17b7-3bf8-a3c1-93920128ef65} => C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.ShellContextMenu.dll [2020-03-04] (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4-x32: [QuickFinderMenu] -> {0c5824b1-555e-4799-b8be-97b08362623b} => c:\Program Files (x86)\Corel\WordPerfect Office X9\Programs\PFSE190.DLL [2018-05-13] (Corel Corporation -> Corel Corporation)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-01] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [CopernicFolderShellContextMenuExtension] -> {c29b51af-17b7-3bf8-a3c1-93920128ef65} => C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.ShellContextMenu.dll [2020-03-04] (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2020-08-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-08-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-01] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers2_.DEFAULT: [FileLocatorPro] -> {1ED0F018-76B9-4DB9-9C06-CA0F3088F04F} => -> No File
ContextMenuHandlers4_.DEFAULT: [FileLocatorPro] -> {1ED0F018-76B9-4DB9-9C06-CA0F3088F04F} => -> No File
ContextMenuHandlers5_.DEFAULT: [FileLocatorPro] -> {1ED0F018-76B9-4DB9-9C06-CA0F3088F04F} => -> No File
ContextMenuHandlers6_.DEFAULT: [FileLocatorPro] -> {1ED0F018-76B9-4DB9-9C06-CA0F3088F04F} => -> No File
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\suesarkis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyCorkboard Screen Saver\Special Offers.lnk -> hxxp://www.mycorkboard.com/SpecialOffers.as
Shortcut: C:\Users\suesarkis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyCorkboard Screen Saver\Visit MyCorkboard.com.lnk -> hxxp://www.mycorkboard.com
ShortcutWithArgument: C:\Users\suesarkis\Desktop\Sweetsuzee - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
==================== Loaded Modules (Whitelisted) =============
2019-11-03 02:45 - 2019-11-03 02:45 - 001225216 _____ () [File not signed] C:\Program Files\Copernic\DesktopSearch\CefSharp.BrowserSubprocess.Core.dll
2019-11-03 02:45 - 2019-11-03 02:45 - 001869312 _____ () [File not signed] C:\Program Files\Copernic\DesktopSearch\CefSharp.Core.dll
2019-07-27 08:57 - 2019-07-27 08:57 - 112718336 _____ () [File not signed] C:\Program Files\Copernic\DesktopSearch\libcef.dll
2009-09-16 19:44 - 2009-09-16 19:44 - 000153088 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hptcpmib.dll
2009-09-16 19:45 - 2009-09-16 19:45 - 000331264 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\HpTcpMon.dll
2009-09-16 12:44 - 2009-09-16 12:44 - 000132096 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hpzjrd01.dll
2019-02-25 14:15 - 2019-02-25 14:15 - 000126976 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll
2009-09-16 19:45 - 2009-09-16 19:45 - 000317440 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\HPTcpMUI.dll
2019-07-27 08:57 - 2019-07-27 08:57 - 000869376 _____ (The Chromium Authors) [File not signed] C:\Program Files\Copernic\DesktopSearch\chrome_elf.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\123simsen.com -> www.123simsen.com
There are 7863 more sites.
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1004\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1004\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1004\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1004\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1004\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1004\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1004\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1004\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1004\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1004\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1004\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1004\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1004\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1004\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1004\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1004\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1004\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1004\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1004\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-1004\...\123simsen.com -> www.123simsen.com
There are 7863 more sites.
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-500\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-500\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-500\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-500\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-500\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-500\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-500\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-500\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-500\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-500\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-500\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-500\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-500\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-500\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-500\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-500\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-500\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-500\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-500\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2069550446-780284186-1707450264-500\...\123simsen.com -> www.123simsen.com
There are 7863 more sites.
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-06-01 07:47 - 2020-02-29 16:05 - 000450599 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
There are 15459 more lines.
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;c:\Program Files\Intel\WiFi\bin\;c:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-2069550446-780284186-1707450264-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-2069550446-780284186-1707450264-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 209.18.47.63 - 209.18.47.61
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\StartupFolder: => "AOL OnePoint.lnk"
HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Digital Coupon Print Driver"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\StartupApproved\StartupFolder: => "AOL Desktop Launcher.lnk"
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\StartupApproved\StartupFolder: => "MyCorkboard.lnk"
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\StartupApproved\Run: => "Copernic Desktop Search - Home"
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\StartupApproved\Run: => "Embedded Callback - remotesupport.aol.com"
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\StartupApproved\Run: => "FreeAC"
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\StartupApproved\Run: => "FreeCT"
HKU\S-1-5-21-2069550446-780284186-1707450264-1001\...\StartupApproved\Run: => "AOLDesktop"
HKU\S-1-5-21-2069550446-780284186-1707450264-1004\...\StartupApproved\StartupFolder: => "AOL Desktop Launcher.lnk"
HKU\S-1-5-21-2069550446-780284186-1707450264-1004\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2069550446-780284186-1707450264-1004\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-2069550446-780284186-1707450264-500\...\StartupApproved\Run: => "OneDriveSetup"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{644E8E3F-A22B-438C-9991-E79FCE7AEE80}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6FA02D24-8C66-4400-9D74-DB957DF26456}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{26A6A246-CD82-4BA1-A8FA-DF8EFF017DAF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FD5CA861-AF5A-4745-B6CF-8C9972039858}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{691BB49A-75DB-48CB-AE42-979AB3D5E7A5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{171D7A6E-D088-4CC2-A349-679171E9DA0F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{362CD2AD-DD29-4461-B961-06AFF91EC639}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2849DD0E-4B2C-41D6-8F6C-270D8B695EA8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{351E634D-B39D-4303-89E9-108F28D4CFCA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{56DFA6EE-B223-48DA-AE2D-7B6FB7B42EA2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AFF96C6E-87ED-48B0-9140-E9FBF107C4DD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{20476A79-F171-41B9-8A9F-AC2AA3C5D0D3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BCAFC238-F073-46A9-989F-09EC7909000D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3121FCA4-0227-4705-83A9-FEA5E7D75193}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{835B0B78-5478-41AD-B336-95A81D30AFAD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9244B37B-4BD6-4502-A28A-566F4B89C988}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3CD4EA73-50E6-4ED3-821B-42EDFC036842}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8C95CD6D-AA8F-4418-9B6F-50058C112E3E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{88388D18-1D93-4892-BC4C-04008E4A7C45}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D6CD4C8C-7F69-4F51-988A-13EF795379E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C7D888F4-5E25-419A-AA35-A65EF831CEFD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E35B656B-CE90-4FB8-8F13-EFED49EA09BE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A415169A-3696-4674-9C2A-69E130772B05}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FFB02FD5-DDE7-40E8-8139-2DF0883E6689}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D2BB0580-314A-47EE-B439-D281FA70A33C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5061C8D4-DBED-4796-8760-442AEF3C4F10}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8DDDB957-5175-421C-B86B-5F7B90E5A2AC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F0D862E8-9DE5-4B32-B102-2EF907BEC393}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AD31E2C6-F3EB-4453-BCFE-B9241D7770E2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4DA0C036-3986-4D21-BEC2-7E7A5866CB21}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1F967218-F25E-454F-89E0-D0A8A7E7A35B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{54C4B7BB-0E96-490E-8C45-FC7C2B7D7FB8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{18296F8A-B57F-48C7-95AB-0E1F218B7D43}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E3D6C282-FF9F-41BC-AAF3-43BC982D8687}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6B48C52A-F93C-4C86-BD6B-A080A06AC8FC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F09221EE-7648-42C5-B166-DBCE3A859307}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5E44700D-544F-421A-9275-0E13366A81B4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CCF1E509-4E11-407A-912A-28D1EB193B88}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{54C20567-1CA6-4DCB-84E3-91E28531BC4A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EC585C8D-30EA-49C5-994B-CDC871132BD3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{F9AF2762-4334-4687-BF0D-77BF0B03E8CF}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2643\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2643\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{34798627-A975-441B-B281-E8AA0015473F}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2643\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2643\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{7A5484C7-E126-486A-A83D-AA35BD6DEFA1}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2664\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2664\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{6EED88CA-2AFE-4B7C-8729-D55D4B1BDA9C}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2664\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2664\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{93B0CC9B-5194-43B5-9135-3C944AB5E55D}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2690\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2690\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{C0978A63-9B6B-4132-AFE8-45D3061E40CF}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2690\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2690\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{287A1AC2-C261-4096-B923-B712F5B287E1}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2706\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2706\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{E0FE3271-C6C4-48D5-84D1-8D3101A60ADB}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2706\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2706\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{4DC9DC3E-1F8A-4702-9F9F-034668F3F4F6}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2709\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2709\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{60E196CD-2BA2-4ADD-8EDD-9514118C9CCC}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2709\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2709\cefsharp.browsersubprocess.exe => No File
FirewallRules: [TCP Query User{AD13F1CC-2C57-4016-AB73-7A2C964DDBA6}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2725\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2725\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{5849A25F-9F8C-4803-8AD9-BA8C9CCF9ED1}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2725\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2725\cefsharp.browsersubprocess.exe => No File
FirewallRules: [{0DE47B94-519F-42C0-8D1F-70FD43447FD1}] => (Allow) C:\Program Files\Copernic\DesktopSearch\Copernic.DesktopSearch.exe (N. Harris Computer Corporation -> Copernic, a division of N. Harris Computer Corporation)
FirewallRules: [TCP Query User{7093B2BC-D81B-4A88-8491-1D9E9E74FBB8}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2738\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2738\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{9CFF8D2A-5771-4F7F-90C1-5A785E705078}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2738\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2738\cefsharp.browsersubprocess.exe => No File
FirewallRules: [{0465935A-48A2-4394-9C58-239FC8F41820}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{51BC37A2-EFC6-4E76-AD5B-981860A1D7AD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B7BE7EC3-26C1-4DC8-AE90-2108C240B75B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E1D4E3B8-CE06-4DD1-8985-CE867AB0A314}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{886D9901-F86F-465A-93A7-234ED9FF916B}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2745\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2745\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{7A872F75-0DAE-4033-984F-80A9E5D28EC9}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2745\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2745\cefsharp.browsersubprocess.exe => No File
FirewallRules: [{2D16B19C-B78D-45B0-8ED3-D22B487672B7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{0AFBC62C-62C7-4A69-A315-1B86D89801BC}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2760\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2760\cefsharp.browsersubprocess.exe => No File
FirewallRules: [UDP Query User{22115C3F-4926-4277-9040-3D16E6A99CA6}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2760\cefsharp.browsersubprocess.exe] => (Block) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2760\cefsharp.browsersubprocess.exe => No File
FirewallRules: [{6190C3AF-F761-43FF-959D-061A5B507267}] => (Allow) C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe (AVG Technologies USA, LLC -> AVG Technologies)
FirewallRules: [TCP Query User{EFCDA0CA-A386-47D5-B29D-15CDAE4CCFE3}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2793\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2793\cefsharp.browsersubprocess.exe (AOL, Inc -> AOL)
FirewallRules: [UDP Query User{C4F5DBC4-7E72-4E7E-8627-4258EB62D1AD}C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2793\cefsharp.browsersubprocess.exe] => (Allow) C:\users\suesarkis\appdata\local\aoldesktop\app-11.0.2793\cefsharp.browsersubprocess.exe (AOL, Inc -> AOL)
FirewallRules: [{21AA5FFB-8D6B-497B-BE5D-B983AC3852AB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{51E7428C-BC24-41F2-8988-9B8A743F29C3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.141.634.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{09F718A5-955B-43DF-9FA3-5033C197381B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.141.634.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0E4D34AF-8378-49E3-8D6D-F5F5727DA697}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.141.634.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{60A929F7-F9A7-43A6-ABE4-CC5F82AF1596}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.141.634.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F0445FBF-940B-4122-B483-36CB108A5D18}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.141.634.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5F7754D6-A8EF-4FDE-8609-4D02B8288904}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.141.634.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9435FF40-5608-484D-AA27-3D69D7047711}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.141.634.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D1137A56-28A1-4537-A367-870995379059}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.141.634.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
03-09-2020 10:35:18 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
Name: AVG TAP Adapter v3
Description: AVG TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: avgTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (09/07/2020 12:01:26 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13756,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/07/2020 11:46:42 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15148,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/07/2020 11:12:51 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10228,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/07/2020 10:46:41 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10800,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/07/2020 10:29:57 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8036,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/07/2020 09:46:46 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14104,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/07/2020 09:07:38 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2248,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (09/07/2020 09:02:01 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3384,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
System errors:
=============
Error: (09/07/2020 08:56:32 AM) (Source: DCOM) (EventID: 10010) (User: SUESBABY)
Description: The server Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
Error: (09/07/2020 08:48:58 AM) (Source: DCOM) (EventID: 10010) (User: SUESBABY)
Description: The server Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
Error: (09/07/2020 08:33:32 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The System Guard Runtime Monitor Broker service hung on starting.
Error: (09/07/2020 08:31:29 AM) (Source: DCOM) (EventID: 10010) (User: SUESBABY)
Description: The server Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
Error: (09/07/2020 08:31:25 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The File History Service service hung on starting.
Error: (09/07/2020 08:30:35 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1053" attempting to start the service avg with arguments "/comsvc" in order to run the server:
{82C85EAA-7C94-4702-AA75-DF39403AE358}
Error: (09/07/2020 08:30:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Software Protection service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (09/07/2020 08:30:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The %1!s! Update Service (avg) service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Windows Defender:
===================================
Date: 2020-08-26 13:53:04.539
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {A83EF79B-1C54-40BA-8CEC-30976EF5DDC7}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-08-22 15:03:15.285
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {699C7A99-8BB5-4F93-BB2C-194CDBCAA81D}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-08-22 08:39:53.027
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {C7992FFE-4358-42A9-A902-0DF9369F879A}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-08-21 08:43:59.752
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {BFD15A39-521A-4FFF-87D0-7CFCCBCC5C97}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-08-19 16:50:26.379
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {629EF395-681D-4CA1-A324-BE0EF177FF5A}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-08-26 13:59:15.172
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.253.717.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80070645
Error description: This action is only valid for products that are currently installed.
Date: 2020-08-26 13:59:15.172
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.253.717.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80070645
Error description: This action is only valid for products that are currently installed.
Date: 2020-08-26 13:59:15.171
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.253.717.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80070645
Error description: This action is only valid for products that are currently installed.
Date: 2020-08-26 13:38:50.344
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.253.717.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80070645
Error description: This action is only valid for products that are currently installed.
Date: 2020-08-26 13:38:50.344
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.253.717.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15500.2
Error code: 0x80070645
Error description: This action is only valid for products that are currently installed.
CodeIntegrity:
===================================
Date: 2020-09-07 12:46:50.348
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-07 12:46:50.333
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-07 12:46:49.512
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-07 12:46:49.494
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-07 12:46:41.039
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-07 12:46:40.861
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-07 12:46:30.571
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-07 12:46:30.529
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Insyde F.04 11/10/2012
Motherboard: Hewlett-Packard 1886
Processor: Intel® Core i7-3517U CPU @ 1.90GHz
Percentage of memory in use: 72%
Total physical RAM: 8088.28 MB
Available physical RAM: 2227.82 MB
Total Virtual: 9880.28 MB
Available Virtual: 2495.19 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:444.93 GB) (Free:339.07 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:19.19 GB) (Free:2.34 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (OD3.0 SSD) (Removable) (Total:117.53 GB) (Free:48.03 GB) FAT32
\\?\Volume{a4e7abf3-f886-47bb-96ff-bc698ba7c3ae}\ (WINRE) (Fixed) (Total:0.39 GB) (Free:0.14 GB) NTFS
\\?\Volume{6f3b996f-1ccc-4000-95d7-0bd109594337}\ () (Fixed) (Total:0.87 GB) (Free:0.24 GB) NTFS
\\?\Volume{01376181-7b57-4385-8f74-5719a12592e7}\ () (Fixed) (Total:0.25 GB) (Free:0.15 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: F893BEDB)
Partition: GPT.
==========================================================
Disk: 1 (Size: 8 GB) (Disk ID: 65103047)
Partition: GPT.
==========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 117.6 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=117.6 GB) - (Type=0C)
==================== End of Addition.txt =======================