Jump to content


Photo

Unstable computer


  • Please log in to reply
4 replies to this topic

#1 housema

housema

    Advanced Member

  • Full Member
  • PipPipPip
  • 139 posts

Posted 02 December 2019 - 07:59 PM

Hello,

It's been a while since I posted.   I would like to start saying I'm sorry to hear about the site being under financial distress.  I hope more members will donate so you can continue providing professional help with their computer issues.  I made a donation today it wasn't a lot but hopefully it helps.  With that said my computer has been erratic lately. It's slow and freezes on me often, especially when I'm surfing the web.  Having difficulty downloading programs also.   Please advise,  Thank you.  Here are my scans

 

Please  note that Malwarebyte has a new version and does not provide all the tools that are specified in your "before you post instructions.""  there's no rootkit check 

 

Malwarebytes
www.malwarebytes.com
 
-Log Details-
Scan Date: 12/2/19
Scan Time: 8:46 PM
Log File: b58dde14-156e-11ea-928b-f46d0490ac87.json
 
-Software Information-
Version: 4.0.4.49
Components Version: 1.0.764
Update Package Version: 1.0.15658
License: Trial
 
-System Information-
OS: Windows 10 (Build 17763.864)
CPU: x64
File System: NTFS
User: OFFICE-PC\linda
 
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 359447
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 10 min, 6 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
 
-Scan Details-
Process: 0
(No malicious items detected)
 
Module: 0
(No malicious items detected)
 
Registry Key: 0
(No malicious items detected)
 
Registry Value: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Data Stream: 0
(No malicious items detected)
 
Folder: 0
(No malicious items detected)
 
File: 0
(No malicious items detected)
 
Physical Sector: 0
(No malicious items detected)
 
WMI: 0
(No malicious items detected)
 

 

 

 

 

 

Result of Security Analysis by Rocket Grannie (x86) Updated: 18th, October 2019
Running from:C:\Users\linda\Desktop (11:57:43 - 12/02/2019)
***---------------------------------------------------------***
Microsoft Windows 10 Pro X64
UAC is Enabled
Internet Explorer 11
Default Browser: Google Chrome
***------------Antivirus - Antispyware - Firewall-----------***
Trend Micro Maximum Security (Disabled - up to Date)
Windows Defender (Disabled - up to Date)
Spybot - Search and Destroy (Disabled - Not up to Date)
Windows Defender (Disabled - up to Date)
Trend Micro Maximum Security (Disabled - up to Date)
Windows Firewall (Enabled)
No other Firewall Installed
***-------Security Programs - Browsers - Miscellaneous------***
Adobe Flash Player NPAPI (32.0.0.293)
Adobe Acrobat Reader DC (19.021.20056)
CCleaner (5.61)
Google Chrome (78.0.3904.108)
Malwarebytes (4.0.4.49)
Microsoft Silverlight (5.1.50918.0)
Mozilla Firefox (70.0.1)
Pale Moon (28.6.1)
Spybot - Search & Destroy (2.7.64.0)
SpywareBlaster (5.5.0)
Windows Live Essentials (16.4.3528.0331) ==> is no longer supported
 
***----------------Analysis Complete-------------------------***
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-12-2019
Ran by linda (administrator) on OFFICE-PC (02-12-2019 12:13:03)
Running from C:\Users\linda\Desktop
Loaded Profiles: linda (Available Profiles: linda & DefaultAppPool)
Platform: Windows 10 Pro Version 1809 17763.864 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogRx.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intuit, Inc. -> Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Kaspersky Lab -> Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11911.1001.9.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\snmp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\Realtek\819xP Wireless LAN Utility\RtWLan.exe
(Realtek) [File not signed] C:\Program Files (x86)\Realtek\819xP Wireless LAN Utility\RtlService.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\chromeextension\NativeMessageHost\ToolbarNativeMsgHost.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
(Well Known Media Ltd -> ) C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9197568 2017-01-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [PwmConsole.exe] => C:\Program Files\Trend Micro\TMIDS\PwmConsole.exe [2047216 2015-06-29] (Trend Micro, Inc. -> Trend Micro Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [246112 2019-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1246368 2019-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [6260544 2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3581952 2017-04-05] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [35648 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [17600 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFProHook] => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe [641864 2013-03-20] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKLM-x32\...\Run: [M17A] => C:\WINDOWS\twain_32\Brimm17a\Common\TwDsUiLaunch.exe [77312 2017-05-10] (Microsoft Windows Hardware Compatibility Publisher -> )
HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-06-15] (Kaspersky Lab -> Kaspersky Lab ZAO)
HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-10-19] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-10-19] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-10-19] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe [10566352 2015-09-02] (Well Known Media Ltd -> )
HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.)
HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2017-10-19] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-15] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-3023927834-737669077-2965008529-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [151552 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-11-27] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
Startup: C:\Users\linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2018-08-06]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2018-08-30]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {02A411DE-C658-4C80-9D73-B5A0D86763A6} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [6944304 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {09826FCA-27AD-40EC-B470-BF3DF47D2F5C} - System32\Tasks\{D111D56E-978F-4528-80E6-391E3CFCF292} => C:\Program Files (x86)\SlimBrowser\sbframe.exe [4510528 2017-10-11] (FlashPeak Inc. -> FlashPeak Inc.)
Task: {14631472-94AF-4ED1-A33A-4D53BE3EB4AA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-15] (Piriform Software Ltd -> Piriform Ltd)
Task: {1523CC87-0A89-45B6-A8CC-567241482AD4} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2211024 2014-03-19] (Microsoft Corporation -> Microsoft)
Task: {183CB342-62BD-49B3-A5AD-810E49119615} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {212599B1-1C85-4FB8-B1FF-C89D5572FDB1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [7651984 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {240A4A7B-DD9C-4B32-9813-C8D258B36DA5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [7192192 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {2478EB6A-EEFE-43B9-9F76-96FA72452C83} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [67896 2017-10-19] (Apple Inc. -> Apple Inc.)
Task: {2AAD68AE-4C5F-4A5E-BB9F-4A05556892EA} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {2AFFC901-C791-485C-89B2-1FD13769EF65} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1487568 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {2CB09070-C0E0-44E7-84F5-3A64A7EC1084} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_293_Plugin.exe [1457720 2019-11-13] (Adobe Inc. -> Adobe)
Task: {2D0237AF-C194-4C27-9DBB-FE4A9761A6A1} - System32\Tasks\{52FF0B8C-85A6-48C0-9003-9F5AFFB0DAAE} => C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE [15794792 2019-07-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {2E778071-E964-4067-9D6F-149D43D44D92} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {2F8C5FD4-2952-46B5-B74D-5BDB5236F2D4} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2FD8CE17-A146-4C46-B9B6-6D551F553487} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {3476A4CA-411F-4430-99D5-7ABDF48E220A} - System32\Tasks\{29C4A4D8-97E6-4483-8162-01139FF87B2E} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {393CF7FE-E6C9-4FB1-88C4-BAEEA32E9087} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [979024 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {470BD81B-4067-44D5-80AB-22D3F0650CEC} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4E31BAD0-B25F-497D-BA51-B6525E20EF8C} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {55042098-EF5F-4233-9299-9CBE379DD5BC} - System32\Tasks\{991F1586-B70A-4D22-89EB-92AFD28D3C5E} => C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE [15794792 2019-07-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {57CA693C-0644-4F21-803F-590111F171FB} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-14] (Dropbox, Inc -> Dropbox, Inc.)
Task: {5951F19F-ABFF-45F2-B5B6-B56CD3E6BEBA} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-15] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {603DE783-32BD-4B26-9A03-843B8BEEF66D} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {6105C577-5F1F-4DE8-B7E0-CAAFC2AE2D53} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {62226037-49EA-4F15-BD46-055A8C4CEFEF} - System32\Tasks\{5CF1A5EC-E8FB-46DC-AF13-46A36D4E06D3} => C:\Windows\system32\pcalua.exe -a "D:\WINDOWS98SE DRIVER\DVR-II-WIN98SE.exe" -d "D:\WINDOWS98SE DRIVER"
Task: {693EECFE-FDEF-4B9D-8D3D-F537BDD19CAD} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {6AAEDDC3-CB63-4E18-A391-15F0616B485B} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {6CACB67D-F106-4B7C-8FC0-7AEB727D3025} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-27] (Google Inc -> Google LLC)
Task: {6F7EDEE3-EAE4-4BB5-A5F2-B6AAAED25D98} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-27] (Google Inc -> Google LLC)
Task: {797E2437-5A80-4BBF-A97F-ACE4A6651E44} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [979024 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {820955A2-369A-4C52-8802-9E06663FA6DB} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1487568 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {8B44BC34-944A-4347-8795-C91A11692584} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2118352 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {9106FCBE-A2F0-42B6-B986-D4B517690072} - System32\Tasks\{FD66D8F8-32E8-420E-88E5-002001BFA10F} => C:\Program Files (x86)\SlimBrowser\sbframe.exe [4510528 2017-10-11] (FlashPeak Inc. -> FlashPeak Inc.)
Task: {98B9E223-6ECC-48E9-9EB2-1C7537EC1C0F} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {98FFE96D-42E9-4338-81B2-41C0022C30D7} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9D8FF85C-5513-4470-A02F-17A6BE9AD81D} - System32\Tasks\{EAF53645-5F3A-4C57-8D60-F5459680B13E} => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
Task: {AB6727CB-53DA-4FFD-B9CA-B0763460695C} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel® Software Asset Manager -> Intel Corporation)
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B301B083-512C-42D2-965B-6BD541D2704D} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel® Software Asset Manager -> Intel Corporation)
Task: {B6F66695-B2B4-49F2-9F1F-90AA9E5D2C37} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B925A23E-C23B-4410-9CC7-62DDA2328A71} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-11-13] (Adobe Inc. -> Adobe)
Task: {C30AB0E7-409F-46A1-9397-A00BFD34F0F3} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {CBD42AC2-BCC1-4880-8093-EEF56B8DC974} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {CE00280D-094F-4EA8-9D4C-650BF0AA0833} - System32\Tasks\{3DEB3272-AF80-4D10-818E-08FA1A7487AB} => C:\Program Files (x86)\SlimBrowser\sbframe.exe [4510528 2017-10-11] (FlashPeak Inc. -> FlashPeak Inc.)
Task: {D2222EA2-4E39-4C58-AF94-4F282FA9D5DD} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {DADC4484-5651-4FED-9A35-7A402314A789} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DCCCB5AD-6765-4806-978C-3460B8AE5C4D} - System32\Tasks\{3EB4F00D-600F-494E-A7DE-95D98FDF7046} => C:\Program Files (x86)\SlimBrowser\sbframe.exe [4510528 2017-10-11] (FlashPeak Inc. -> FlashPeak Inc.)
Task: {E24D1B5B-C6BA-46AF-B666-8E95FD61DFB2} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-14] (Dropbox, Inc -> Dropbox, Inc.)
Task: {E4443EB1-B322-4AF6-8B13-C522AB502ABC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {E6E1C586-06F2-42E2-8F86-150F8048DFA9} - System32\Tasks\{528748A9-8911-4C8F-B738-FD6E89F1B65E} => C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE [15794792 2019-07-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {EABA37E2-BC91-43AB-B656-D2369AFD74A8} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {ECCA3C6C-2C5B-4B56-9C8A-8A9B692F0DA9} - System32\Tasks\AirSupport Update => C:\Program Files\Trend Micro\AirSupport\Update.exe [4342416 2019-09-08] (Trend Micro, Inc. -> Trend Micro Inc.)
Task: {EDD2BCE5-C325-4836-BDAB-8596B14D7955} - System32\Tasks\{6DB3ACA1-3D08-4FC3-9C37-20128910E4E5} => C:\Program Files (x86)\SlimBrowser\sbframe.exe [4510528 2017-10-11] (FlashPeak Inc. -> FlashPeak Inc.)
Task: {F1ACFC03-B82F-4F2C-B878-C2834C491662} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {F357D1A2-D156-441F-A103-E6252148EA3F} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {F7304BF7-80DC-4921-BD9E-75937AA31793} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2118352 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {FC603551-7705-4E12-90F3-C9706031CF5B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2177d60a-d747-4caf-a503-b15856871b1e}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6de5cecf-6c0e-45fd-b79f-13413a023ff9}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{c393a88d-d0ed-43c0-9f33-c49f4715c39b}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3023927834-737669077-2965008529-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKU\S-1-5-21-3023927834-737669077-2965008529-1001 -> {7797F01D-60FE-FEAB-DBB6-B4B57792FCE2} URL = hxxp://www.bing.com/search?q={searchTerms}&pc=ZUGO&form=ZGAIDF
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation -> Microsoft Corporation.)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2019-08-20] (Microsoft Corporation -> Microsoft Corporation)
BHO: Trend Micro Password Manager BHO -> {3F019D1C-7EAA-4F25-A765-FBA635BD0AFF} -> C:\Program Files\Trend Micro\TMIDS\PwmIEBHO64.dll [2015-06-29] (Trend Micro, Inc. -> Trend Micro Inc.)
BHO: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2019-10-10] (Trend Micro, Inc. -> Trend Micro Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2019-10-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation -> Microsoft Corporation.)
BHO-x32: Trend Micro Password Manager BHO -> {3F019D1C-7EAA-4F25-A765-FBA635BD0AFF} -> C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll [2015-06-29] (Trend Micro, Inc. -> Trend Micro Inc.)
BHO-x32: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2019-10-10] (Trend Micro, Inc. -> Trend Micro Inc.)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation -> Zeon Corporation)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation -> Microsoft Corporation.)
Toolbar: HKLM - Trend Micro Password Manager ToolBar - {9B4B91FC-EC4D-4018-9575-96FA5A3C03C5} - C:\Program Files\Trend Micro\TMIDS\PwmIEBHO64.dll [2015-06-29] (Trend Micro, Inc. -> Trend Micro Inc.)
Toolbar: HKLM - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2019-10-10] (Trend Micro, Inc. -> Trend Micro Inc.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation -> Microsoft Corporation.)
Toolbar: HKLM-x32 - Trend Micro Password Manager ToolBar - {9B4B91FC-EC4D-4018-9575-96FA5A3C03C5} - C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll [2015-06-29] (Trend Micro, Inc. -> Trend Micro Inc.)
Toolbar: HKLM-x32 - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2019-10-10] (Trend Micro, Inc. -> Trend Micro Inc.)
DPF: HKLM-x32 {0742B9EF-8C83-41CA-BFBA-830A59E23533} hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {BEA7310D-06C4-4339-A784-DC3804819809} hxxp://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
DPF: HKLM-x32 {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} 
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} hxxps://secure.logmein.com/activex/RACtrl.cab?rnd=1643671464
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll [2019-10-10] (Trend Micro, Inc. -> Trend Micro Inc.)
Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2019-10-10] (Trend Micro, Inc. -> Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll [2019-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll [2019-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
 
FireFox:
========
FF DefaultProfile: q9ishe5a.default
FF DefaultProfile: bxz8gbn7.default
FF ProfilePath: C:\Users\linda\AppData\Roaming\Mozilla\Firefox\Profiles\q9ishe5a.default [2019-09-15]
FF ProfilePath: C:\Users\linda\AppData\Roaming\Mozilla\Firefox\Profiles\jfwvv1ax.default-release [2019-12-02]
FF ProfilePath: C:\Users\linda\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\bxz8gbn7.default [2019-12-02]
FF Extension: (Adblock Latitude) - C:\Users\linda\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\bxz8gbn7.default\Extensions\adblocklatitude@addons.palemoon.org.xpi [2018-04-11] [Legacy] [not signed]
FF Extension: (Flashblock) - C:\Users\linda\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\bxz8gbn7.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2018-01-02] [Legacy]
FF HKLM\...\Firefox\Extensions: [fftmtoolbar@trendmicro.com] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\fftmtoolbar@trendmicro.com.xpi
FF Extension: (Trend Micro Toolbar) - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\fftmtoolbar@trendmicro.com.xpi [2019-10-10]
FF HKLM-x32\...\Firefox\Extensions: [fftmtoolbar@trendmicro.com] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\fftmtoolbar@trendmicro.com.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_293.dll [2019-11-13] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\Windows\system32\npDeployJava1.dll [2013-09-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_293.dll [2019-11-13] (Adobe Inc. -> )
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) [File not signed]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-06-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-12-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2012-12-03] (Visan Industries -> RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-27] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-27] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-10-11] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll [2011-07-15] (Zeon Corporation -> Zeon Corporation)
FF Plugin HKU\S-1-5-21-3023927834-737669077-2965008529-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\linda\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2018-01-04] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF Plugin HKU\S-1-5-21-3023927834-737669077-2965008529-1001: tdameritrade.com/thinkorswim -> C:\Program Files\thinkorswim\npthinkorswim.dll [2019-10-23] (TD Ameritrade -> TD Ameritrade)
FF Plugin HKU\S-1-5-21-3023927834-737669077-2965008529-1001: tdameritrade.com/tossc -> C:\Program Files\thinkorswim\nptossc.dll [2019-10-23] (TD Ameritrade -> TD Ameritrade)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Notifications: Default -> hxxps://codfuel.com; hxxps://www.facebook.com
CHR Profile: C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default [2019-12-02]
CHR Extension: (Docs) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-16]
CHR Extension: (YouTube) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Honey) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2019-11-27]
CHR Extension: (Google Search) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Savings Button: Deals + Cash Back) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlmebkoiahbppacaicbgncnjhbpdfkcc [2019-10-23]
CHR Extension: (Adobe Acrobat) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-09-30]
CHR Extension: (Google Docs Offline) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]
CHR Extension: (Piggy - Automatic Coupons & Cash Back) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfapbcheiepjppjbnkphkmegjlipojba [2019-11-27]
CHR Extension: (Savings Button: Deals + Cash Back) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmhdchlgkaelnphlklcdddpigfiblbhb [2018-10-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Trend Micro Toolbar) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2019-12-02]
CHR Extension: (CouponCabin Sidekick - Coupons & Cash Back) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcihjlbjjghnbohanlafcldoddloecfo [2019-11-19]
CHR Extension: (Gmail) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-15]
CHR Extension: (Chrome Media Router) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-28]
CHR Profile: C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-09-16]
CHR Extension: (Slides) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-28]
CHR Extension: (Docs) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-28]
CHR Extension: (Google Drive) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-09-28]
CHR Extension: (YouTube) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-28]
CHR Extension: (Adobe Acrobat) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-09-28]
CHR Extension: (Sheets) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-28]
CHR Extension: (Google Docs Offline) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-28]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-09-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-28]
CHR Extension: (Trend Micro Toolbar) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2018-09-28]
CHR Extension: (Gmail) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-09-28]
CHR Extension: (Chrome Media Router) - C:\Users\linda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-28]
CHR Profile: C:\Users\linda\AppData\Local\Google\Chrome\User Data\System Profile [2019-11-18]
CHR HKU\S-1-5-21-3023927834-737669077-2965008529-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-3023927834-737669077-2965008529-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
CHR HKLM-x32\...\Chrome\Extension: [ohhcpmplhhiiaoiddkfboafbhiknefdf]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 Amsp; C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [384032 2019-07-28] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc. -> Apple Inc.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058256 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-14] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-14] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
S3 Intel® SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel® Software Asset Manager -> Intel Corporation)
R2 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-06-15] (Kaspersky Lab -> Kaspersky Lab ZAO)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2019-12-02] (Malwarebytes Inc -> Malwarebytes)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77336 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1127584 2019-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 PwmSvc; C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe [333856 2015-06-29] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 RealtekPCIE; C:\Program Files (x86)\Realtek\819xP Wireless LAN Utility\RtlService.exe [45056 2010-01-21] (Realtek) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5378320 2019-10-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SNMP; C:\WINDOWS\System32\snmp.exe [53248 2019-05-05] (Microsoft Windows -> Microsoft Corporation)
S3 TmWscSvc; C:\Program Files\Trend Micro\Titanium\TmWscSvc\TmWscSvc.exe [404752 2019-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-11-27] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-11-27] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [216544 2019-12-02] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-12-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [278344 2019-12-02] (Malwarebytes Inc -> Malwarebytes)
R0 mv61xx; C:\WINDOWS\System32\drivers\mv61xx.sys [179752 2010-10-06] (Marvell Semiconductor -> Marvell Semiconductor, Inc.)
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security S.L. -> Panda Security, S.L.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [898296 2016-01-13] (Realtek Semiconductor Corp -> Realtek )
R3 rtl819xp; C:\WINDOWS\System32\drivers\rtl819xp.sys [620032 2018-09-15] (Microsoft Windows -> Realtek Semiconductor Corporation )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 TMEBC; C:\WINDOWS\System32\DRIVERS\TMEBC64.sys [74760 2019-06-04] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 tmeevw; C:\WINDOWS\system32\DRIVERS\tmeevw.sys [147672 2017-05-10] (Trend Micro, Inc. -> Trend Micro Inc.)
S0 tmel; C:\WINDOWS\System32\DRIVERS\tmel.sys [37552 2019-06-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Trend Micro Inc.)
R1 tmeyes; C:\WINDOWS\system32\DRIVERS\tmeyes.sys [679712 2019-07-12] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 tmnciesc; C:\WINDOWS\system32\DRIVERS\tmnciesc.sys [562296 2018-03-07] (Trend Micro, Inc. -> Trend Micro Inc.)
R1 tmumh; C:\WINDOWS\system32\DRIVERS\TMUMH.sys [157448 2019-09-22] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 tmusa; C:\WINDOWS\system32\DRIVERS\tmusa.sys [137776 2019-05-03] (Trend Micro, Inc. -> Trend Micro Inc.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-11-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [351968 2019-11-27] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-27] (Microsoft Windows -> Microsoft Corporation)
U2 TMAgent; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-12-02 12:13 - 2019-12-02 12:14 - 000050712 _____ C:\Users\linda\Desktop\FRST.txt
2019-12-02 12:12 - 2019-12-02 12:12 - 002263040 _____ (Farbar) C:\Users\linda\Desktop\FRST64.exe
2019-12-02 11:57 - 2019-12-02 11:57 - 000001178 _____ C:\Users\linda\Desktop\SALog.txt
2019-12-02 11:56 - 2019-12-02 11:56 - 000899584 _____ C:\Users\linda\Desktop\RGSA.exe
2019-12-02 11:28 - 2019-12-02 11:28 - 000000000 ____D C:\Users\linda\AppData\Local\cache
2019-12-02 11:27 - 2019-12-02 11:27 - 000278344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-12-02 11:27 - 2019-12-02 11:27 - 000216544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-12-02 11:27 - 2019-12-02 11:27 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-12-02 11:27 - 2019-12-02 11:27 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-12-02 11:27 - 2019-12-02 11:27 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-12-02 11:27 - 2019-12-02 11:27 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2019-12-02 11:27 - 2019-12-02 11:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-12-02 11:27 - 2019-12-02 11:27 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-12-02 11:26 - 2019-12-02 11:26 - 001883976 _____ (Malwarebytes) C:\Users\linda\Desktop\MBSetup.exe
2019-11-27 12:27 - 2019-11-27 12:27 - 422873384 _____ (SOURCENEXT CORPORATION) C:\Users\linda\Downloads\Y17C_C1_ULWT_PP-inst-D3.EXE
2019-11-27 11:55 - 2019-11-27 11:55 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-11-27 11:55 - 2019-11-27 11:55 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-11-27 11:55 - 2019-11-27 11:55 - 000002373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-27 11:55 - 2019-11-27 11:55 - 000002332 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-11-27 11:55 - 2019-11-27 11:55 - 000002332 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-11-27 11:54 - 2019-11-27 11:55 - 001397304 _____ (Google LLC) C:\Users\linda\Downloads\ChromeSetup.exe
2019-11-27 01:08 - 2019-11-27 01:08 - 000000000 ____D C:\Users\linda\AppData\Local\ElevatedDiagnostics
2019-11-25 22:33 - 2019-11-25 22:33 - 000056320 _____ C:\Users\linda\Downloads\Simmons.Sakk_Wedding Mailing_List_Template_VS (09.30.2019)v2.xls
2019-11-20 08:17 - 2019-11-24 11:57 - 000010701 _____ C:\Users\linda\Documents\Gabriella wedding list.xlsx
2019-11-17 15:38 - 2019-09-16 14:24 - 000454382 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20191117-153833.backup
2019-11-17 14:36 - 2019-11-17 14:36 - 000001460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2019-11-17 14:36 - 2019-11-17 14:36 - 000001448 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2019-11-17 14:36 - 2019-11-17 14:36 - 000001448 _____ C:\ProgramData\Desktop\Spybot-S&D Start Center.lnk
2019-11-17 14:36 - 2019-11-17 14:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2019-11-17 14:36 - 2018-02-06 19:04 - 000032168 _____ (Safer-Networking Ltd.) C:\WINDOWS\system32\sdnclean64.exe
2019-11-17 13:11 - 2019-11-17 13:11 - 069910960 _____ (Safer-Networking Ltd. ) C:\Users\linda\Downloads\spybotsd-2.7.64.0.exe
2019-11-15 21:02 - 2019-11-15 21:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-11-14 07:19 - 2019-11-14 07:19 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2019-11-14 07:19 - 2019-11-14 07:19 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2019-11-14 07:19 - 2019-11-14 07:19 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2019-11-14 07:19 - 2019-11-14 07:19 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2019-11-13 15:06 - 2019-11-14 09:23 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-11-12 13:27 - 2019-11-12 13:27 - 023455232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 019014144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 012960256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 012258816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 011724288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 009941504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 007872000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 006934016 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 006547896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 006318328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 006065152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 005770240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 005608336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 005436696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 004873216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 004661760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 003906560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 003872336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-11-12 13:27 - 2019-11-12 13:27 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 003656792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 003624448 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 003496448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 002918200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-11-12 13:27 - 2019-11-12 13:27 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 002699976 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 002698752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 002628112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-11-12 13:27 - 2019-11-12 13:27 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 002348544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 002072176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 001994976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 001918792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 001677808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 001674480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 001668752 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 001465472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 001291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 001267240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-11-12 13:27 - 2019-11-12 13:27 - 001200920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 001180248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 001024712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\assignedaccessmanagersvc.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-11-12 13:27 - 2019-11-12 13:27 - 000872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000808960 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000808272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-11-12 13:27 - 2019-11-12 13:27 - 000782968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000661264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-11-12 13:27 - 2019-11-12 13:27 - 000642560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessManager.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000588816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2019-11-12 13:27 - 2019-11-12 13:27 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\csc.sys
2019-11-12 13:27 - 2019-11-12 13:27 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000542320 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000535080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-11-12 13:27 - 2019-11-12 13:27 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000486400 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000481280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000474936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-11-12 13:27 - 2019-11-12 13:27 - 000473832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000435512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2019-11-12 13:27 - 2019-11-12 13:27 - 000428032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000427832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2019-11-12 13:27 - 2019-11-12 13:27 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2019-11-12 13:27 - 2019-11-12 13:27 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-11-12 13:27 - 2019-11-12 13:27 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-11-12 13:27 - 2019-11-12 13:27 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000263360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000262152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-11-12 13:27 - 2019-11-12 13:27 - 000249856 _____ (Gracenote, Inc.) C:\WINDOWS\SysWOW64\gnsdk_fp.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-11-12 13:27 - 2019-11-12 13:27 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-11-12 13:27 - 2019-11-12 13:27 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComposableShellProxyStub.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prntvpt.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000112168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2019-11-12 13:27 - 2019-11-12 13:27 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2019-11-12 13:27 - 2019-11-12 13:27 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2019-11-12 13:27 - 2019-11-12 13:27 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usp10.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usp10.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2019-11-12 13:27 - 2019-11-12 13:27 - 000047616 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\compact.exe
2019-11-12 13:27 - 2019-11-12 13:27 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compact.exe
2019-11-12 13:27 - 2019-11-12 13:27 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000023768 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsi.dll
2019-11-12 13:27 - 2019-11-12 13:27 - 000020144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nsi.dll
2019-11-12 13:26 - 2019-11-12 13:27 - 000086744 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2019-11-12 13:26 - 2019-11-12 13:26 - 022137120 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 009667896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-11-12 13:26 - 2019-11-12 13:26 - 007700696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 007656072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 005575168 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 005573232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AI.MachineLearning.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 004413936 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-11-12 13:26 - 2019-11-12 13:26 - 004303872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 004049920 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 003637760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-11-12 13:26 - 2019-11-12 13:26 - 003576832 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 003387392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 003363640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-11-12 13:26 - 2019-11-12 13:26 - 003333632 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 003082752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 002871824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-11-12 13:26 - 2019-11-12 13:26 - 002848768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 002707968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-11-12 13:26 - 2019-11-12 13:26 - 002645504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 002421248 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-11-12 13:26 - 2019-11-12 13:26 - 002192384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 002109960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 002050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 001966096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-11-12 13:26 - 2019-11-12 13:26 - 001933408 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 001929728 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 001904128 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 001751432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 001726480 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 001702600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-11-12 13:26 - 2019-11-12 13:26 - 001668784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 001666440 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 001644544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 001608192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 001538560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2019-11-12 13:26 - 2019-11-12 13:26 - 001486472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 001473296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-11-12 13:26 - 2019-11-12 13:26 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 001346216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-11-12 13:26 - 2019-11-12 13:26 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 001294792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 001262592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 001258512 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-11-12 13:26 - 2019-11-12 13:26 - 001183504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-11-12 13:26 - 2019-11-12 13:26 - 001054712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-11-12 13:26 - 2019-11-12 13:26 - 001054224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-11-12 13:26 - 2019-11-12 13:26 - 001050112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-11-12 13:26 - 2019-11-12 13:26 - 001049608 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-11-12 13:26 - 2019-11-12 13:26 - 001022464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000888560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000862008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-11-12 13:26 - 2019-11-12 13:26 - 000856424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000811536 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000807424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-11-12 13:26 - 2019-11-12 13:26 - 000801792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000775768 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2019-11-12 13:26 - 2019-11-12 13:26 - 000773208 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000750592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000747536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000741688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000667664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-11-12 13:26 - 2019-11-12 13:26 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000652088 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-11-12 13:26 - 2019-11-12 13:26 - 000638480 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000604344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-11-12 13:26 - 2019-11-12 13:26 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000591160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-11-12 13:26 - 2019-11-12 13:26 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000553784 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-11-12 13:26 - 2019-11-12 13:26 - 000536320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000520208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2019-11-12 13:26 - 2019-11-12 13:26 - 000514600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000509968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-11-12 13:26 - 2019-11-12 13:26 - 000505640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000465416 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000462352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000450632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000445752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-11-12 13:26 - 2019-11-12 13:26 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-11-12 13:26 - 2019-11-12 13:26 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000415760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-11-12 13:26 - 2019-11-12 13:26 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000389408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000385848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000367104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000324624 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-11-12 13:26 - 2019-11-12 13:26 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000213304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-11-12 13:26 - 2019-11-12 13:26 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-11-12 13:26 - 2019-11-12 13:26 - 000198968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-11-12 13:26 - 2019-11-12 13:26 - 000198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000193336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-11-12 13:26 - 2019-11-12 13:26 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-11-12 13:26 - 2019-11-12 13:26 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000160272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pacer.sys
2019-11-12 13:26 - 2019-11-12 13:26 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000152896 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000141736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-11-12 13:26 - 2019-11-12 13:26 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2019-11-12 13:26 - 2019-11-12 13:26 - 000120352 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2019-11-12 13:26 - 2019-11-12 13:26 - 000118480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinHvPlatform.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000090632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000087080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2019-11-12 13:26 - 2019-11-12 13:26 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000086840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2019-11-12 13:26 - 2019-11-12 13:26 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-11-12 13:26 - 2019-11-12 13:26 - 000080400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-11-12 13:26 - 2019-11-12 13:26 - 000071696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000061480 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000036368 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-11-12 13:26 - 2019-11-12 13:26 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-11-12 13:26 - 2019-11-12 13:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-11-12 13:26 - 2019-11-12 13:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-11-12 13:26 - 2019-11-12 13:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-11-12 13:26 - 2019-11-12 13:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-11-12 13:26 - 2019-11-12 13:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-11-12 13:26 - 2019-11-12 13:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-11-12 13:26 - 2019-11-12 13:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-11-12 13:26 - 2019-11-12 13:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-12-02 12:14 - 2014-11-21 09:40 - 000000000 ____D C:\FRST
2019-12-02 12:11 - 2018-09-15 02:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-02 11:27 - 2018-12-14 13:11 - 000000000 ____D C:\Program Files\Malwarebytes
2019-12-02 11:27 - 2018-09-15 02:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-12-02 09:12 - 2016-12-01 23:29 - 000000000 ___RD C:\Users\linda\iCloudDrive
2019-12-01 22:17 - 2019-05-05 07:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-01 18:22 - 2018-09-15 01:09 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-12-01 18:18 - 2019-05-05 08:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-01 18:18 - 2016-07-24 09:42 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2019-12-01 18:17 - 2018-09-15 01:09 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2019-12-01 12:35 - 2018-05-23 23:30 - 000000000 ____D C:\Program Files (x86)\PowerENGAGE
2019-12-01 12:33 - 2018-05-22 19:57 - 000002213 _____ C:\Users\Public\Desktop\Brother Creative Center.lnk
2019-12-01 12:33 - 2018-05-22 19:57 - 000002213 _____ C:\ProgramData\Desktop\Brother Creative Center.lnk
2019-12-01 12:32 - 2018-09-15 02:31 - 000000000 ____D C:\WINDOWS\INF
2019-12-01 12:17 - 2019-05-05 08:23 - 000972156 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-11-30 11:45 - 2019-04-04 12:53 - 000000000 ____D C:\Users\linda\Documents\VINCENT-VERONICA
2019-11-29 09:04 - 2018-09-15 02:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-11-29 09:04 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-11-27 12:46 - 2015-05-09 20:03 - 000000010 _____ C:\Users\linda\AppData\Local\sponge.last.runtime.cache
2019-11-27 11:56 - 2019-08-28 08:18 - 000000000 ____D C:\Users\linda\AppData\LocalLow\Mozilla
2019-11-27 11:55 - 2011-05-01 01:43 - 000000000 ____D C:\Program Files (x86)\Google
2019-11-27 11:35 - 2019-05-05 08:47 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3023927834-737669077-2965008529-1001
2019-11-27 11:35 - 2019-05-05 08:09 - 000002402 _____ C:\Users\linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-11-27 11:35 - 2016-07-24 09:43 - 000000000 ___RD C:\Users\linda\OneDrive
2019-11-27 11:25 - 2019-05-05 08:09 - 000000000 ____D C:\Users\linda
2019-11-27 11:21 - 2019-05-05 08:08 - 000000000 ____D C:\Users\DefaultAppPool
2019-11-27 11:21 - 2016-10-01 19:53 - 000000000 ____D C:\Users\linda\AppData\Local\ConnectedDevicesPlatform
2019-11-27 11:21 - 2011-05-01 01:26 - 000000000 ____D C:\ProgramData\Trend Micro
2019-11-27 11:02 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\registration
2019-11-27 03:02 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-11-27 01:31 - 2018-06-21 09:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-11-20 08:18 - 2014-12-30 16:35 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-11-18 19:55 - 2011-05-08 07:42 - 000000000 ____D C:\ProgramData\TEMP
2019-11-18 19:55 - 2011-05-08 07:42 - 000000000 ____D C:\Program Files (x86)\SpywareBlaster
2019-11-17 14:36 - 2016-07-24 09:43 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2019-11-15 21:03 - 2015-10-10 16:33 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-11-14 09:37 - 2015-04-27 23:50 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-11-14 09:23 - 2019-08-28 08:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-11-14 09:15 - 2018-01-06 21:10 - 000000000 ____D C:\Users\linda\AppData\Local\PlaceholderTileLogoFolder
2019-11-13 23:41 - 2019-05-05 08:47 - 000004576 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-11-13 23:40 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-11-13 23:40 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-11-13 23:03 - 2017-12-19 10:53 - 000000000 ____D C:\Users\linda\AppData\Local\Packages
2019-11-13 15:08 - 2019-08-28 08:18 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-11-13 09:47 - 2017-07-12 10:00 - 000000000 ___RD C:\Users\linda\3D Objects
2019-11-13 09:47 - 2016-04-27 01:42 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-11-13 09:44 - 2019-05-05 07:57 - 000459888 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-11-13 00:15 - 2018-09-15 02:33 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-11-13 00:15 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-11-13 00:15 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-11-13 00:15 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-11-13 00:15 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-11-13 00:15 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-11-13 00:15 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-11-13 00:15 - 2018-09-15 01:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-11-12 13:45 - 2013-07-14 02:37 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-11-12 13:33 - 2011-04-27 10:25 - 128443096 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-11-12 13:30 - 2018-09-15 02:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-11-12 13:26 - 2009-10-23 05:20 - 000408802 __RSH C:\bootmgr
2019-11-12 11:31 - 2019-10-04 11:04 - 000262431 _____ C:\Users\linda\Desktop\2018 SCHEDULE .xlsx
2019-11-11 22:46 - 2012-02-02 17:53 - 000041244 __RSH C:\ProgramData\ntuser.pol
2019-11-06 17:33 - 2012-08-25 23:52 - 000000000 ____D C:\Users\linda\AppData\Roaming\SlimBrowser
2019-11-05 23:46 - 2019-05-05 08:47 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
 
==================== Files in the root of some directories ========
 
2013-03-25 08:20 - 2013-03-25 08:39 - 000080923 _____ () C:\Users\linda\AppData\Local\ars.cache
2013-03-25 08:20 - 2013-03-25 08:39 - 000996706 _____ () C:\Users\linda\AppData\Local\census.cache
2012-12-30 11:15 - 2013-03-25 08:35 - 000000036 _____ () C:\Users\linda\AppData\Local\housecall.guid.cache
2015-05-09 20:03 - 2019-11-27 12:46 - 000000010 _____ () C:\Users\linda\AppData\Local\sponge.last.runtime.cache
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-12-2019
Ran by linda (02-12-2019 12:15:01)
Running from C:\Users\linda\Desktop
Windows 10 Pro Version 1809 17763.864 (X64) (2019-05-05 13:49:27)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3023927834-737669077-2965008529-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3023927834-737669077-2965008529-503 - Limited - Disabled)
Guest (S-1-5-21-3023927834-737669077-2965008529-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3023927834-737669077-2965008529-1004 - Limited - Enabled)
linda (S-1-5-21-3023927834-737669077-2965008529-1001 - Administrator - Enabled) => C:\Users\linda
WDAGUtilityAccount (S-1-5-21-3023927834-737669077-2965008529-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Trend Micro Maximum Security (Disabled - Up to date) {AFEE279F-FAE7-BAEE-3A88-4BF7277B8551}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Trend Micro Maximum Security (Disabled - Up to date) {148FC67B-DCDD-B560-0038-70855CFCCFEC}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.021.20056 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.89 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.293 - Adobe)
Apple Application Support (32-bit) (HKLM-x32\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.4.5.0 - Asmedia Technology)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BrLauncher (HKLM-x32\...\{EF7AC07F-8DC8-4446-918B-3FD544496894}) (Version: 2.0.10.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{0BAF6C40-0B74-4331-8EAA-06ECF6445182}) (Version: 3.0.0.10 - Brother Industries, Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{80e3f154-59fa-491e-911b-98caf1c71120}) (Version: 3.0.0.10 - Brother Industries, Ltd.)
Brother MFL-Pro Suite MFC-L2700DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 0.0.20.0 - Brother Industries, Ltd.)
Brother PCFax Driver (HKLM-x32\...\{56BA05BD-7A67-4EF8-85A7-8C6528AEE2AC}) (Version: 1.4.0.0 - Brother Industries Ltd.) Hidden
Brother Port Driver (HKLM-x32\...\{76627C3B-4CE9-498A-B587-02063E190005}) (Version: 1.0.1.1 - Brother Industries Ltd.) Hidden
Brother PowerENGAGE (HKLM-x32\...\{05421625-9BA9-482B-ACF2-794221A06F4E}) (Version: 1.0.23 - Aviata, Inc.)
Brother Printer Driver (HKLM-x32\...\{00B68BA3-39B0-47CF-850C-BD92253C3D1A}) (Version: 1.3.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{BECAE854-AD40-4351-87F8-998C34EFE54A}) (Version: 1.0.13.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{85B3C0BD-7326-4860-9471-A5D97A1F7D59}) (Version: 1.0.19.0 - Brother Industries Ltd.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CleanUp! (HKLM-x32\...\CleanUp!) (Version:  - )
ControlCenter4 (HKLM-x32\...\{9091B952-8719-49C3-9CC7-6E20EC61081F}) (Version: 4.6.6.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
Core Temp version 0.99.7 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 0.99.7 - Arthur Liberman)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 85.4.155 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.241.1 - Dropbox, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version:  - FileHippo.com)
FlashPeak SlimBrowser (HKLM-x32\...\SlimBrowser) (Version: 8.00.005 - FlashPeak Inc.)
FlashPeak Slimjet (HKLM-x32\...\Slimjet) (Version: 9.0.7.0 - FlashPeak Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.108 - Google LLC)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{FF99A618-BCA5-4658-B9FF-CCF57C177610}) (Version: 7.1.0.34 - Apple Inc.)
Intel® Computing Improvement Program (HKLM\...\{D40D4164-EEDB-4F0F-85C6-2058A9E34CC7}) (Version: 2.4.04370 - Intel Corporation)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kaspersky Security Scan (HKLM-x32\...\{D1282694-0693-41A8-ABC1-6D1FFC1F65C4}) (Version: 12.0.1.881 - Kaspersky Lab) Hidden
Kaspersky Security Scan (HKLM-x32\...\InstallWIX_{D1282694-0693-41A8-ABC1-6D1FFC1F65C4}) (Version: 12.0.1.881 - Kaspersky Lab)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Marketsplash Shortcuts (HKLM-x32\...\{16FCDD97-AE09-476B-88CD-261D852BD34C}) (Version: 1.0.1.7 - Hewlett-Packard)
marvell 61xx (HKLM-x32\...\mv61xxDriver) (Version: 1.2.0.7600 - Marvell)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft OneNote 2013 - en-us (HKLM\...\OneNoteFreeRetail - en-us) (Version: 15.0.5189.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 70.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 70.0.1 (x64 en-US)) (Version: 70.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.0.2 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Network Play System (Patching) (HKLM-x32\...\Network Play System (Patching)) (Version:  - )
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
Nuance PaperPort 14 (HKLM-x32\...\{6CC9391F-D441-4D2E-9ECC-1F7084C733ED}) (Version: 14.5.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer SE (HKLM-x32\...\{7BAC9170-359D-4EAD-B6E4-238A14940C11}) (Version: 7.20.3230 - Nuance Communications, Inc.)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5189.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5189.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.5189.1000 - Microsoft Corporation) Hidden
Pale Moon 28.6.1 (x64 en-US) (HKLM\...\Pale Moon 28.6.1 (x64 en-US)) (Version: 28.6.1 - Moonchild Productions)
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.1.10 - Panda Security)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PC-FAXReceive (HKLM-x32\...\{DE8708D3-A79A-46ED-BCB4-3B2F01321704}) (Version: 1.7.5.0 - Brother Insutries Ltd.) Hidden
PCFaxTx (HKLM-x32\...\{03BF5A21-6363-410C-B3BE-0946B0012704}) (Version: 3.7.3.1 - Brother Industries Ltd.) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PowerENGAGE (HKLM-x32\...\{BFE5C68B-E6D4-4421-9ACF-2B8C4BC2D2A1}) (Version: 3.2.13 - Aviata, Inc.) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{4FC4433D-E687-43D5-B8A8-88D40F5AD8B4}) (Version: 1.00.0148 - REALTEK Semiconductor Corp.)
RemoteSetup (HKLM-x32\...\{B14AD0FC-6ED6-4596-B379-24DC590855AC}) (Version: 3.9.3.1 - Brother Industries Ltd.) Hidden
Revo Uninstaller 1.93 (HKLM-x32\...\Revo Uninstaller) (Version: 1.93 - VS Revo Group)
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version:  - ) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
SoftwareUpdateNotification (HKLM-x32\...\{C2430580-570A-48D4-BF61-FA55E35BD052}) (Version: 1.0.8.0 - Brother Insutries Ltd.) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.)
SpywareBlaster 5.5 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.5.0 - BrightFort LLC)
StatusMonitor (HKLM-x32\...\{40578A7A-6E36-457F-A4F0-45BC37EB61FD}) (Version: 1.20.1.0 - Brother Insutries Ltd.) Hidden
thinkorswim (HKLM\...\9968-4488-2169-7623) (Version: desktop - thinkorswim, Inc)
Trend Micro DirectPass (HKLM\...\{F059D68A-2911-4ea7-BA2B-3FBF2DD9D1CB}) (Version: 1.9.0.1094 - Trend Micro Inc.) Hidden
Trend Micro Maximum Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 16.0 - Trend Micro Inc.)
Trend Micro Password Manager (HKLM\...\{3075404F-5657-4f31-A064-FEF98661BDD4}) (Version: 1.9.1189 - Trend Micro Inc.)
Trend Micro Troubleshooting Tool (HKLM\...\{4B83469E-CE4F-45D0-BC34-CCB7BF194477}) (Version: 6.0 - Trend Micro Inc.)
TurboTax 2016 (HKLM-x32\...\TurboTax 2016) (Version: 2016.0 - Intuit, Inc)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
VCRT for DirectPass x64 (HKLM\...\{92124FFB-5113-4D64-A6BA-7D6D362A6265}) (Version: 1.0.0.1000 - Trend Micro, Inc.) Hidden
VCRT for DirectPass x64 (HKLM\...\{E9EC941D-16E5-46FD-AB44-928ED7839CCC}) (Version: 1.0.0.1000 - Trend Micro, Inc.) Hidden
VCRT for DirectPass x86 (HKLM-x32\...\{44334193-827E-47B4-AB2A-E49F2A102E21}) (Version: 1.0.0.1000 - Trend Micro, Inc.) Hidden
VCRT for DirectPass x86 (HKLM-x32\...\{FD45B178-B1C1-4D2A-B8C8-CD7B4F687F1C}) (Version: 1.0.0.1000 - Trend Micro, Inc.) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\ZoomUMX) (Version: 4.1 - Zoom Video Communications, Inc.)
 
Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.3.4.0_x86__kgqvnymyfvs32 [2019-11-27] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.151.300.0_x86__kgqvnymyfvs32 [2019-11-27] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_4.5.1.2_x86__h6adky7gbf63m [2019-11-27] (Gameloft.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.623.0_x64__v10z8vjag6ke6 [2019-11-27] (HP Inc.)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20276.0_x64__8wekyb3d8bbwe [2019-11-27] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-11-27] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-11-27] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.33.13094.0_x64__8wekyb3d8bbwe [2019-11-27] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.11052.0_x64__8wekyb3d8bbwe [2019-11-27] (Microsoft Studios) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.31.11905.0_x64__8wekyb3d8bbwe [2019-11-27] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x64__8wekyb3d8bbwe [2019-11-27] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.33.13253.0_x64__8wekyb3d8bbwe [2019-11-27] (Microsoft Corporation) [MS Ad]
PDF Reader - View, Edit, Annotate by Xodo -> C:\Program Files\WindowsApps\5E8FC25E.XODODOCS_4.2.4.0_x64__3v3sf0k6w2rec [2019-11-27] (Xodo Technologies Inc.)
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-11-27] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-27] (Microsoft Corporation)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2019-11-27] (Twitter Inc.)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2019-11-27] (Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3023927834-737669077-2965008529-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\linda\Dropbox [2014-06-20 11:16]
ShellIconOverlayIdentifiers: [    FSOverlayIcon] -> {C0829D19-E5A0-44F5-B56E-D15030C53BB9} => C:\Program Files\Trend Micro\Titanium\plugin\TmOverlayIcon.dll [2019-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-10-19] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [{48F45200-91E6-11CE-8A4F-0080C81A28D4}] -> {48F45200-91E6-11CE-8A4F-0080C81A28D4} => C:\Program Files\Trend Micro\UniClient\UiFrmwrk\tmdshell.dll [2019-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-02] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-02] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [{48F45200-91E6-11CE-8A4F-0080C81A28D4}] -> {48F45200-91E6-11CE-8A4F-0080C81A28D4} => C:\Program Files\Trend Micro\UniClient\UiFrmwrk\tmdshell.dll [2019-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [442368 2004-08-17] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [442368 2004-08-17] (On2.com) [File not signed]
 
==================== Shortcuts & WMI ========================
 
==================== Loaded Modules (Whitelisted) =============
 
2018-05-22 19:55 - 2017-12-22 11:53 - 000122880 _____ ( ) [File not signed] C:\Program Files (x86)\Browny02\brlmw03a.dll
2018-05-22 19:54 - 2009-02-27 15:38 - 000139264 ____R () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2018-05-22 19:55 - 2017-12-22 11:53 - 000025299 _____ () [File not signed] C:\Program Files (x86)\Browny02\brlm03a.dll
2017-03-22 16:21 - 2018-01-18 14:39 - 000519168 _____ () [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll
2016-10-04 13:25 - 2018-01-18 14:39 - 001720832 _____ () [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2018-05-22 19:55 - 2017-11-07 18:55 - 000137728 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2017-01-27 14:39 - 2017-08-18 10:23 - 000087552 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2017-01-27 14:39 - 2017-08-18 10:23 - 017974784 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2017-01-27 14:33 - 2017-11-07 19:04 - 000087040 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcLUsa.dll
2017-04-05 08:53 - 2017-11-07 18:55 - 000440832 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\Track.dll
2011-04-27 10:23 - 2009-12-09 23:20 - 000126976 _____ () [File not signed] C:\Program Files (x86)\Realtek\819xP Wireless LAN Utility\EnumDevLib.dll
2017-04-04 18:48 - 2005-04-21 23:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2011-04-27 14:06 - 2011-02-01 14:57 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\xerces-c_2_7.dll
2012-12-05 11:29 - 2012-12-05 11:29 - 004883456 _____ (BCGSoft Ltd) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\BCGCBPRO1100u100.dll
2017-04-04 18:48 - 2013-03-08 01:44 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2011-04-27 14:06 - 2011-02-01 14:53 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusStrings.dll
2014-06-15 23:42 - 2014-06-15 23:42 - 000121312 _____ (Kaspersky Lab -> Kaspersky Lab ZAO) [File not signed] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\prtransp.ppl
2014-06-15 23:40 - 2014-06-15 23:40 - 000383456 _____ (Kaspersky Lab -> Kaspersky Lab ZAO) [File not signed] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\stat.ppl
2015-01-03 12:53 - 2015-01-03 12:53 - 000187904 _____ (Kaspersky Lab ZAO) [File not signed] C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\kavsys.kdl.ba76be53c8245ddbd0e2864e74f8f638
2015-01-03 12:53 - 2015-01-03 12:53 - 000273920 _____ (Kaspersky Lab ZAO) [File not signed] C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\kjim.kdl.4d87815dc55a0ea5f712a61bb640573a
2015-01-03 12:53 - 2015-01-03 12:53 - 001662976 _____ (Kaspersky Lab ZAO) [File not signed] C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\klavemu.kdl.6e86633e63e607038cfa66d3f88c5d60
2015-01-03 12:53 - 2015-01-03 12:53 - 000369152 _____ (Kaspersky Lab ZAO) [File not signed] C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\pbs.kdl.855e976d16841a9bbaa528a886998eee
2015-01-03 12:53 - 2015-01-03 12:53 - 000458752 _____ (Kaspersky Lab ZAO) [File not signed] C:\ProgramData\Kaspersky Lab\KSS2\DataRoot\Bases\Cache\qscan.kdl.6f421f0667a2208fb2f4dc2a03912f82
2011-04-27 10:23 - 2010-02-22 17:22 - 000430080 _____ (Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\Realtek\819xP Wireless LAN Utility\RtlLib.dll
2011-04-27 10:23 - 2009-01-21 13:33 - 000200704 _____ (Realtek) [File not signed] C:\Program Files (x86)\Realtek\819xP Wireless LAN Utility\IpLib.dll
2011-04-27 10:23 - 2010-01-27 13:09 - 000036864 _____ (Realtek) [File not signed] C:\Program Files (x86)\Realtek\819xP Wireless LAN Utility\RtlICS.dll
2011-04-27 10:23 - 2010-02-02 17:08 - 000233472 _____ (Realtek) [File not signed] C:\Program Files (x86)\Realtek\819xP Wireless LAN Utility\RtlIhvOid.dll
2011-04-27 10:23 - 2006-07-05 08:45 - 001069056 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Realtek\819xP Wireless LAN Utility\LIBEAY32.dll
2015-08-13 06:57 - 2015-06-29 04:49 - 003117568 _____ (Trend Micro Inc.) [File not signed] C:\Program Files\Trend Micro\TMIDS\CorridorService.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [125]
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
 
There are 7943 more sites.
 
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\1-2005-search.com -> www.1-2005-search.com
 
There are 12764 more sites.
 
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2019-11-17 15:38 - 000454382 ____R C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 www.123fporn.info
127.0.0.1 123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
 
There are 15619 more lines.
 
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\QuickTime\QTSystem\;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3023927834-737669077-2965008529-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\linda\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
MSCONFIG\startupfolder: C:^Users^linda^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DING!.lnk.disabled => C:\Windows\pss\DING!.lnk.disabled.Startup
MSCONFIG\startupfolder: C:^Users^linda^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^linda^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2010 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupfolder: C:^Users^linda^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk.disabled => C:\Windows\pss\OneNote 2010 Screen Clipper and Launcher.lnk.disabled.Startup
MSCONFIG\startupfolder: C:^Users^linda^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Send to OneNote.lnk => C:\Windows\pss\Send to OneNote.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
MSCONFIG\startupreg: Google+ Auto Backup => "C:\Users\linda\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
MSCONFIG\startupreg: GoogleChromeAutoLaunch_C6C77B47E5A15FA8F3D7B065ED1827CE => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: iCloudDrive => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "ISUSPM"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "IndexSearch"
HKLM\...\StartupApproved\Run32: => "PaperPort PTD"
HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\StartupApproved\StartupFolder: => "OneNote 2010 Screen Clipper and Launcher.lnk"
HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\StartupApproved\Run: => "KSS"
HKU\S-1-5-21-3023927834-737669077-2965008529-1001\...\StartupApproved\Run: => "ISUSPM"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe No File
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe No File
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe No File
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe No File
FirewallRules: [{86FCC1A3-5AC3-4BE4-B433-55A8747A7447}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{0D5BB5EB-4D8B-4039-9799-E2E82257C837}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{91BE82CC-91A9-43BD-B8BF-FAB4B7FECAC1}] => (Allow) C:\Program Files\Pale Moon\palemoon.exe (Mark Straver -> Moonchild Productions)
FirewallRules: [{2AF4A899-710D-4FC6-A9ED-59EF2203193B}] => (Allow) C:\Program Files\Pale Moon\palemoon.exe (Mark Straver -> Moonchild Productions)
FirewallRules: [{9BB6BBD8-C34B-4EFB-A15D-11BE94E730C5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9518310B-0E66-4C99-9137-96EEBA3744DF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5B9387C4-3298-4E56-A928-FEE055AB0E2D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{F7E04A56-D89A-444E-9CBF-115D403932CC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 
==================== Restore Points =========================
 
20-11-2019 15:21:04 Scheduled Checkpoint
27-11-2019 10:54:09 Restore Operation
 
==================== Faulty Device Manager Devices ============
 
Name: USB Mass Storage Device
Description: USB Mass Storage Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Compatible USB storage device
Service: USBSTOR
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (12/01/2019 04:56:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program MicrosoftEdge.exe version 11.0.17763.831 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 2e48
 
Start Time: 01d5a891f966195e
 
Termination Time: 4294967295
 
Application Path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
 
Report Id: e1adb49b-9f90-49ef-baab-3599c4e43a67
 
Faulting package full name: Microsoft.MicrosoftEdge_44.17763.831.0_neutral__8wekyb3d8bbwe
 
Faulting package-relative application ID: MicrosoftEdge
 
Hang type: Quiesce
 
Error: (12/01/2019 04:53:05 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1000) (User: NT AUTHORITY)
Description: Access to performance data was denied to user "SYSTEM" (value from GetUserName() for the running thread) as attempted from module "C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe" (value from GetModuleFileName() for the binary that issued the query).
 
Error: (12/01/2019 12:35:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TwDsUi.exe, version: 5.6.74.1, time stamp: 0x5912d708
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0640a808
Faulting process id: 0x3a50
Faulting application start time: 0x01d5a86da618c5b4
Faulting application path: C:\WINDOWS\Twain_32\Brimm17a\Common\TwDsUi.exe
Faulting module path: unknown
Report Id: 61703774-47bd-41a9-bc03-7311c72dff6d
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (12/01/2019 12:35:03 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: TwDsUi.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
   at TwDsUi.Views.MainWindow.window_Closing(System.Object, System.ComponentModel.CancelEventArgs)
   at System.Windows.Window.OnClosing(System.ComponentModel.CancelEventArgs)
   at System.Windows.Window.InternalClose(Boolean, Boolean)
   at System.Windows.Window.Close()
   at TwDsUiSample.RecvPipeData+<>c.<CloseMainDialogProcess>b__8_0()
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunDispatcher(System.Object)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run(System.Windows.Window)
   at TwDsUi.App.Main()
 
Error: (12/01/2019 12:18:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SearchUI.exe version 10.0.17763.719 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 2210
 
Start Time: 01d5a86ac7b98d2b
 
Termination Time: 4294967295
 
Application Path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
 
Report Id: e2115e19-92bc-468e-bd07-e66db2531b96
 
Faulting package full name: Microsoft.Windows.Cortana_1.11.6.17763_neutral_neutral_cw5n1h2txyewy
 
Faulting package-relative application ID: CortanaUI
 
Hang type: Quiesce
 
Error: (12/01/2019 01:01:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: bad_module_info, version: 0.0.0.0, time stamp: 0x00000000
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0688a3c8
Faulting process id: 0x39a0
Faulting application start time: 0x01d5a80cb0e8b503
Faulting application path: bad_module_info
Faulting module path: unknown
Report Id: c8b83bf6-ed99-4061-b44a-d479fd9ed0a0
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (12/01/2019 01:00:59 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: TwDsUi.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
   at TwDsUi.Views.MainWindow.window_Closing(System.Object, System.ComponentModel.CancelEventArgs)
   at System.Windows.Window.OnClosing(System.ComponentModel.CancelEventArgs)
   at System.Windows.Window.InternalClose(Boolean, Boolean)
   at System.Windows.Window.Close()
   at TwDsUiSample.RecvPipeData+<>c.<CloseMainDialogProcess>b__8_0()
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunDispatcher(System.Object)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run(System.Windows.Window)
   at TwDsUi.App.Main()
 
Error: (12/01/2019 12:53:47 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2019/12/01 00:53:47.528]: [00010796]: OpenDevice is failed
 
 
System errors:
=============
Error: (12/02/2019 11:32:59 AM) (Source: DCOM) (EventID: 10016) (User: OFFICE-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user OFFICE-PC\linda SID (S-1-5-21-3023927834-737669077-2965008529-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/02/2019 11:02:57 AM) (Source: DCOM) (EventID: 10016) (User: OFFICE-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user OFFICE-PC\linda SID (S-1-5-21-3023927834-737669077-2965008529-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/02/2019 10:19:51 AM) (Source: DCOM) (EventID: 10016) (User: OFFICE-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user OFFICE-PC\linda SID (S-1-5-21-3023927834-737669077-2965008529-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/02/2019 10:16:59 AM) (Source: DCOM) (EventID: 10016) (User: OFFICE-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user OFFICE-PC\linda SID (S-1-5-21-3023927834-737669077-2965008529-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/02/2019 09:39:25 AM) (Source: DCOM) (EventID: 10016) (User: OFFICE-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user OFFICE-PC\linda SID (S-1-5-21-3023927834-737669077-2965008529-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/02/2019 09:13:49 AM) (Source: DCOM) (EventID: 10016) (User: OFFICE-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user OFFICE-PC\linda SID (S-1-5-21-3023927834-737669077-2965008529-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/01/2019 10:18:28 PM) (Source: DCOM) (EventID: 10010) (User: OFFICE-PC)
Description: The server {D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48} did not register with DCOM within the required timeout.
 
Error: (12/01/2019 10:18:28 PM) (Source: DCOM) (EventID: 10010) (User: OFFICE-PC)
Description: The server {D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48} did not register with DCOM within the required timeout.
 
 
Windows Defender:
===================================
Date: 2019-11-27 11:29:34.277
Description: 
Windows Defender Antivirus has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted: Current
Error Code: 0x80070003
Error description: The system cannot find the path specified. 
Signature version: 0.0.0.0;0.0.0.0
Engine version: 0.0.0.0
 
Date: 2019-09-06 11:13:41.576
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 1.301.623.0
Previous Signature Version: 1.295.507.0
Update Source: User
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version: 1.1.16300.1
Previous Engine Version: 1.1.16300.1
Error code: 0x80004004
Error description: Operation aborted 
 
Date: 2019-09-06 11:13:41.576
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 1.301.623.0
Previous Signature Version: 1.295.507.0
Update Source: User
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 1.1.16300.1
Previous Engine Version: 1.1.16300.1
Error code: 0x80004004
Error description: Operation aborted 
 
Date: 2019-06-11 12:06:36.599
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 1.295.502.0
Previous Signature Version: 1.293.2133.0
Update Source: User
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version: 1.1.16000.6
Previous Engine Version: 1.1.16000.6
Error code: 0x80509004
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support. 
 
Date: 2019-06-11 12:06:36.599
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 1.295.502.0
Previous Signature Version: 1.293.2133.0
Update Source: User
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 1.1.16000.6
Previous Engine Version: 1.1.16000.6
Error code: 0x80509004
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support. 
 
CodeIntegrity:
===================================
 
Date: 2019-12-02 11:43:44.467
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume1\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2019-12-02 11:43:44.463
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume1\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2019-12-02 09:11:13.434
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Trend Micro\Titanium\TmWscSvc\WSCHandler.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2019-12-02 09:11:13.425
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Trend Micro\Titanium\TmWscSvc\WSCHandler.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2019-12-02 09:11:13.326
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Trend Micro\Titanium\TmWscSvc\WSCHandler.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2019-12-02 09:11:13.317
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Trend Micro\Titanium\TmWscSvc\WSCHandler.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2019-12-01 18:22:53.612
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Trend Micro\Titanium\TmWscSvc\WSCHandler.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2019-12-01 18:22:53.528
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Trend Micro\Titanium\TmWscSvc\WSCHandler.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. 3703 05/03/2013
Motherboard: ASUSTeK Computer INC. P8H67-M EVO
Processor: Intel® Core™ i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 37%
Total physical RAM: 16281.15 MB
Available physical RAM: 10151.43 MB
Total Virtual: 32665.15 MB
Available Virtual: 25869.74 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.07 GB) (Free:657.18 GB) NTFS ==>[drive with boot components (obtained from BCD)]
 
\\?\Volume{2bd2c32a-0000-0000-0000-b0c4e8000000}\ () (Fixed) (Total:0.44 GB) (Free:0.04 GB) NTFS
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=931.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=449 MB) - (Type=27)
 
==================== End of Addition.txt =======================
 
 
 
 
 


#2 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,281 posts

Posted 03 December 2019 - 07:20 AM

Hello, Welcome to SpywareInfoForum.
I'm nasdaq and will be helping you.
 
If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===
 
Your logs are clean of malware.
 
Malwarebytes identified some PUM (Potentially Unwanted Program).
PUP: Detect
PUM: Detect
I suggest you Download and run this program.
 
Your call if you want to d.Delete the programs reported.
 
---
 
All your Security programs are disabled.
 
However you are also using Kaspersky which is running.
 
Malwarebytes and Kaspersky my becausing the delay you are talking about.
 
Navigare to this page and read and follow the instructions.
 
Restart the computer when completed.
 
Let me know if the problem persists.
 
p.s.
Thank you for your support.

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#3 housema

housema

    Advanced Member

  • Full Member
  • PipPipPip
  • 139 posts

Posted 03 December 2019 - 09:38 AM

Hello Nasdaq

 

Thank you for getting back to me.   Few questions:   

 

""I suggest you Download and run this program.":

 

Which program are you referring to?

 

I accidentally downloaded the free trial Malwarebyte program, so it's running real time protection, for 14 days.  I downloaded yesterday,   I had to uninstall Malwarebyte during the installation of new Trend Micro Protection few months ago.

 

 Kaspersky is a scan I rarely run, I will be deleting, it's been discontinued.  I do have Trend Micro security protection though.

 

""All your Security programs are disabled.""

 

Please elaborate on that.

 

Thank you.



#4 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,281 posts

Posted 04 December 2019 - 06:46 AM

Hi,
 
Sorry, the program I want you to download and run is
 
Please download AdwCleaner by Malwarebytes your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the LogFile button and the report will open in Notepad.
  • IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
  • If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleanerCx.txt (x is a number).
  • ===
     
    Bitdefender does not let go easy.
    Download and run their uninstaller tool from this site.
    This will remove all traces of the program.
     
    Restart the computer when the removal is completed.
    -----
     
    Trouble with Malwarebytes and TrendMicro?
     
    Navigare to this page and read and follow the instructions.
     
    Restart the computer when completed.
     
    Keep me posted.
     
    p.s.
    Reported by the Addition.txt log.
     
    AV: Trend Micro Maximum Security (Disabled - Up to date) {AFEE279F-FAE7-BAEE-3A88-4BF7277B8551}
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Spybot - Search and Destroy (Disabled - Out of date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Trend Micro Maximum Security (Disabled - Up to date) {148FC67B-DCDD-B560-0038-70855CFCCFEC}

    nasdaq

    Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
    [ Housecall online virus scan ] [ Bitdefender online virus scan ]
    [ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

    My help is free, but if we have helped you in anyway,please considerDonating ,
    see this topic for details.
    We need members like you.

    ========
    Shouldn't water be worth more than diamonds?
    Adam Smith Glasgow, 1760

    #5 nasdaq

    nasdaq

      Forum Deity

    • Global Moderator
    • PipPipPipPipPip
    • 49,281 posts

    Posted Yesterday, 06:26 AM

    Hi,

    Are you still with me?


    nasdaq

    Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
    [ Housecall online virus scan ] [ Bitdefender online virus scan ]
    [ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

    My help is free, but if we have helped you in anyway,please considerDonating ,
    see this topic for details.
    We need members like you.

    ========
    Shouldn't water be worth more than diamonds?
    Adam Smith Glasgow, 1760




    Member of UNITE
    Support SpywareInfo Forum - click the button