No, this is not the same computer serviced under this topic. This is my laptop at my office. And the problems are: None of my browser will open except for Avast Secure Browser. Firefox, Google, or Internet Explorer will not open. And in Avast Secure Brower, I cannot type this message. When I type on the keyboard, different letters come out, not the letters I’m typing, and they keep changing. So, the only way I can give you this message is to type it in Word, and cut and paste it in the Reply section. . I have attached the Farbar logs as instructed, the FRST.txt and the Addition.txt. I am now running Rogue Killer and will do the Farbar Service Scanner and get the logs posted as well.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-02-2020
Ran by cruss (administrator) on DESKTOP-RA8BHB0 (Microsoft Corporation Surface Laptop 3) (12-02-2020 09:11:56)
Running from C:\Users\cruss\OneDrive\Desktop\Spyware Utilities
Loaded Profiles: cruss (Available Profiles: cruss)
Platform: Windows 10 Pro Version 1909 18363.628 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook64.Service.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(AVAST Software s.r.o. -> ) C:\Program Files\AVAST Software\Avast\AvastNM.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.5.245.0\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.5.245.0\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Dashlane USA, Inc. -> Dashlane, Inc.) C:\Users\cruss\AppData\Roaming\Dashlane\Dashlane.exe
(Dashlane USA, Inc. -> Dashlane, Inc.) C:\Users\cruss\AppData\Roaming\Dashlane\DashlanePlugin.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\90.4.307\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\90.4.307\QtWebEngineProcess.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\80.0.3987.18\remoting_host.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\80.0.3987.18\remoting_host.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler64.exe
(Informer Technologies, Inc.) [File not signed] C:\Program Files\Software Informer\softinfo.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\esif_uf.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_1cc7b402747a872f\igfxCUIServiceN.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_1cc7b402747a872f\igfxEMN.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_99f3effa9b6e163f\IntelCpHDCPSvc.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\GoToAssist Remote Support Customer\1673\g2ax_comm_customer.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\GoToAssist Remote Support Customer\1673\g2ax_service.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\GoToAssist Remote Support Customer\1673\g2ax_system_customer.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\GoToAssist Remote Support Customer\1673\g2ax_user_customer.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.ACT7\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\cruss\AppData\Local\Microsoft\OneDrive\19.232.1124.0005\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\cruss\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\SurfaceService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\PlacesServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.651_none_5f2896f458eff373\TiWorker.exe
(Microsoft) [File not signed] C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Foundation) C:\Program Files\Mozilla Firefox\crashreporter.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\hdxsstm2.inf_amd64_f027fc76f26abb05\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\hdxsstm2.inf_amd64_f027fc76f26abb05\RtkAudUService64.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Sanford, L.P. -> Sanford, L.P.) C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
(Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\IAS\IntelAudioService.exe
(Sophos Limited -> Sophos Limited) C:\Program Files (x86)\Sophos\Clean\SophosCleanM.exe
(Sophos Limited -> Sophos Limited) C:\Program Files (x86)\Sophos\Health\SophosHealth.exe
(Sophos Limited -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
(Sophos Limited -> Sophos Limited) C:\Program Files\Sophos\Safestore\SophosSafestore64.exe
(Sophos Limited -> Sophos Limited) C:\Program Files\Sophos\Sophos Network Threat Protection\SntpService.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Common Files\Sophos\Web Intelligence\swi_fc.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Endpoint Defense\SEDService.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Endpoint Defense\SSPService.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos File Scanner\SophosFileScanner.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos File Scanner\SophosFileScanner.exe
(Sophos Ltd -> Sophos Limited) C:\Program Files\Sophos\Sophos File Scanner\SophosFS.exe
(Sophos Ltd -> SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(Sophos Ltd -> SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(Swiftpage ACT! LLC -> Swiftpage ACT! LLC) C:\Program Files (x86)\ACT\Act for Windows\Act!.exe
(Swiftpage ACT! LLC) [File not signed] C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook.Service.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
Failed to access process -> firefox.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\windows\System32\DriverStore\FileRepository\hdxsstm2.inf_amd64_f027fc76f26abb05\RtkAudUService64.exe [835872 2019-11-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [6261760 2020-02-04] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Act.Outlook.Service] => C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook.Service.exe [18944 2017-09-24] (Swiftpage ACT! LLC) [File not signed]
HKLM-x32\...\Run: [Act.Outlook64.Service] => C:\Program Files (x86)\ACT\Act for Windows\Act.Outlook64.Service.exe [23552 2017-09-24] () [File not signed]
HKLM-x32\...\Run: [Act! Preloader] => C:\Program Files (x86)\ACT\Act for Windows\Act!.exe [272336 2019-10-01] (Swiftpage ACT! LLC -> Swiftpage ACT! LLC)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKLM-x32\...\Run: [Sophos Home UI] => C:\Program Files (x86)\Sophos\Sophos Home\SophosUI.exe [3630920 2020-01-15] (Sophos Ltd -> Sophos Limited)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\cruss\AppData\Local\Microsoft\Teams\Update.exe [1801840 2019-11-03] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [Dashlane] => C:\Users\cruss\AppData\Roaming\Dashlane\Dashlane.exe [321536 2020-01-21] (Dashlane USA, Inc. -> Dashlane, Inc.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [DashlanePlugin] => C:\Users\cruss\AppData\Roaming\Dashlane\DashlanePlugin.exe [342528 2020-01-21] (Dashlane USA, Inc. -> Dashlane, Inc.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [AvastBrowserAutoLaunch_38E8DBE963846923F5008B0D528FC97A] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2015080 2019-11-04] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [68408 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2019-10-25] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Run: [DymoQuickPrint] => C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe [1866544 2013-03-05] (Sanford, L.P. -> Sanford, L.P.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.100\Installer\chrmstp.exe [2020-02-11] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\77.2.2154.121\Installer\chrmstp.exe [2019-11-27] (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Act! Integration.lnk [2019-11-03]
ShortcutTarget: Act! Integration.lnk -> C:\Program Files (x86)\ACT\Act for Windows\Act!.Integration.exe (Swiftpage ACT! LLC) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 9.lnk [2019-11-11]
ShortcutTarget: Snagit 9.lnk -> C:\Program Files (x86)\TechSmith\Snagit 9\Snagit32.exe (TechSmith Corporation -> TechSmith Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0565D503-41ED-405D-89F6-192A6930C1AA} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-11-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {07666173-3780-4E7D-8088-420A5C8E4109} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-03] (Google Inc -> Google LLC)
Task: {13A54AC0-0053-416B-89CD-E2E2787331A9} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {197B9B27-3278-4BF3-A6BF-C1D9500E52CF} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24568904 2020-02-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {2699BFE8-133C-4FA4-A84E-38F20A0783BE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-03] (Google Inc -> Google LLC)
Task: {2A6199A1-F252-4C33-B4A4-5ECA328726AC} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [67896 2019-10-25] (Apple Inc. -> Apple Inc.)
Task: {2E8ABB52-80C1-4D48-AE5E-B37AB4F1E00A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [6944304 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {33449590-A731-4A17-9083-5EA1A9E0D497} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {368FEC66-27BD-41E3-BC1A-26BEBD11F6F7} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-11-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {47EF54CD-2D97-4406-8841-D4BDFBA251AC} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018616 2020-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {6A591A6D-BCD3-4CB4-8F1D-2D9FE4959393} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6EB23BEE-7260-4989-90B1-C0B301287EE1} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2015080 2019-11-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {7016C51D-5CC0-48AD-8F68-5038CE345B96} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158760 2020-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {7ACE9DAD-8BF7-4079-8594-9C959A60037E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {7DD42DBD-255C-47FC-B854-C045C60E1596} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2046040 2020-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {7E8BE533-885E-4635-BE76-93B3C41A65FA} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018616 2020-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {87BD8628-3366-49F5-ABFE-E10276366CA1} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {8E6006E0-9E25-48F2-94F1-76A28B3DA319} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {93142CA3-3C0A-4BDB-8524-421373C6C6C2} - System32\Tasks\SoftwareInformerService => C:\Program Files\Software Informer\softinfo.exe [1689600 2018-01-31] (Informer Technologies, Inc.) [File not signed]
Task: {96B1C5BA-56E5-4ADD-B2F5-7621E9589006} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158760 2020-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {B39F47C6-C83B-49FD-9DD6-63F2EC5C7E16} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [7192192 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {C23E5BFD-9D64-4709-9493-C8F099A93292} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [7651984 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {CA7A5AF2-42EE-48B3-85F0-0BC677CFD4EB} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2015080 2019-11-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {D6D8A6CE-4C04-44D7-9C6E-6280CB51EB4E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24568904 2020-02-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {F38202F4-04AF-48AD-9D41-659608E42722} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1939fd7b-6712-4265-a4c3-e6b48f2ce4ff}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e5e98d18-3337-4e3d-b67d-43a7156029e8}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 9\DLLx64\SnagitBHO64.dll [2009-10-15] (TechSmith Corporation -> TechSmith Corporation)
BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 9\SnagitBHO.dll [2009-10-15] (TechSmith Corporation -> TechSmith Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Act.UI.InternetExplorer.Plugins.AttachFile.CAttachFile -> {D5233FCD-D258-4903-89B8-FB1568E7413D} -> C:\Program Files (x86)\ACT\Act for Windows\Plugins\Act.UI.InternetExplorer.Plugins.AttachFile.DLL [2017-09-24] (Swiftpage ACT! LLC) [File not signed]
Toolbar: HKLM-x32 - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitIEAddin.dll [2009-10-15] (TechSmith Corporation -> TechSmith Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
DownloadDir: C:\Users\cruss\Downloads
FireFox:
========
FF DefaultProfile: g5xy1w6g.default
FF ProfilePath: C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\g5xy1w6g.default [2019-12-06]
FF Extension: (Avast Online Security) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\g5xy1w6g.default\Extensions\wrc@avast.com.xpi [2019-11-03]
FF ProfilePath: C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release [2020-02-12]
FF Homepage: Mozilla\Firefox\Profiles\kzf4eavb.default-release -> hxxps://www.bing.com/?pc=U528
FF Notifications: Mozilla\Firefox\Profiles\kzf4eavb.default-release -> hxxps://www.loopnet.com
FF HomepageOverride: Mozilla\Firefox\Profiles\kzf4eavb.default-release -> Enabled: {3e06d96e-26f5-4a68-ac64-2b6bc583a35d}
FF Extension: (Facebook Container) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\@contain-facebook.xpi [2019-11-03]
FF Extension: (Cisco Webex Extension) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\ciscowebexstart1@cisco.com.xpi [2019-11-03]
FF Extension: (iCloud Bookmarks) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\firefoxdav@icloud.com.xpi [2019-11-03]
FF Extension: (Dashlane) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\jetpack-extension@dashlane.com.xpi [2020-02-10] [UpdateUrl:hxxps://ws1.dashlane.com/5/binaries/query?logins=&platform=firefox&target=ff_web_extension&format=json&version=]
FF Extension: (Bing Homepage and Search Engine) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\{3e06d96e-26f5-4a68-ac64-2b6bc583a35d}.xpi [2019-11-07] [UpdateUrl:hxxps://browserdefaults.azurewebsites.net/FirefoxExtn/updateextension.json]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\cruss\AppData\Roaming\Mozilla\Firefox\Profiles\kzf4eavb.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-11-03]
FF HKU\S-1-5-21-3941208988-4064051922-1525667148-1001\...\Firefox\Extensions: [{442718d9-475e-452a-b3e1-fb1ee16b8e9f}] - C:\Users\cruss\AppData\Roaming\Dashlane\6.1946.0.26096\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f} => not found
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @dymo.com/DymoLabelFramework -> C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll [2013-03-05] (Sanford, L.P. -> Sanford L.P.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-3941208988-4064051922-1525667148-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\cruss\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2019-11-07] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
Chrome:
=======
CHR Profile: C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default [2020-02-12]
CHR HomePage: Default -> hxxps://my.yahoo.com/?mkg=015
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://ssl.gstatic.com/chromoting/chromoting_logo_512.png
CHR Extension: (Slides) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-03]
CHR Extension: (Docs) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-03]
CHR Extension: (Google Drive) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-11-03]
CHR Extension: (YouTube) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-03]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-11-03]
CHR Extension: (Chrome Remote Desktop) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\efmjfjelnicpmdcmfikempdhlmainjcb [2020-02-07]
CHR Extension: (Dashlane - Password Manager) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2020-01-31]
CHR Extension: (Sheets) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-03]
CHR Extension: (Chrome Remote Desktop) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-11-03]
CHR Extension: (Google Docs Offline) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-09]
CHR Extension: (Chrome Remote Desktop) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2019-11-03]
CHR Extension: (Disconnect) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2019-11-03]
CHR Extension: (Cisco Webex Extension) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2019-11-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-03]
CHR Extension: (Gmail) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-03]
CHR Extension: (Chrome Media Router) - C:\Users\cruss\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-07]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 Act! Scheduler; C:\Program Files (x86)\ACT\Act for Windows\Act.Scheduler.exe [90112 2017-09-24] (Swiftpage ACT! LLC) [File not signed]
R2 ActService; C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe [27648 2017-09-24] (Microsoft) [File not signed]
R2 ActSmartTaskService; C:\Program Files (x86)\ACT\Act for Windows\Act.Server.Host.exe [27648 2017-09-24] (Microsoft) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6259592 2019-12-19] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [417536 2019-12-06] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\77.2.2154.121\elevation_service.exe [1117336 2019-11-04] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\80.0.3987.18\remoting_host.exe [73200 2019-12-17] (Google LLC -> Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11096432 2020-02-09] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-11-03] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-11-03] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\windows\system32\DbxSvc.exe [44552 2020-02-04] (Dropbox, Inc -> Dropbox, Inc.)
R2 DymoPnpService; C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [33072 2013-03-05] (Sanford, L.P. -> Sanford, L.P.)
R2 esifsvc; C:\windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\esif_uf.exe [2141064 2019-06-21] (Intel Corporation -> Intel Corporation)
R2 GoToAssist Remote Support Customer; C:\Program Files (x86)\GoToAssist Remote Support Customer\1673\g2ax_service.exe [609552 2020-02-11] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [4761296 2019-10-29] (Sophos Ltd -> SurfRight B.V.)
R2 igfxCUIService2.0.0.0; C:\windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_1cc7b402747a872f\igfxCUIServiceN.exe [396848 2019-12-23] (Intel® pGFX -> Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_50ab1659f9152c0f\lib\SocketHeciServer.exe [877024 2019-10-11] (Intel® Trust Services -> Intel® Corporation)
S2 Intel® TPM Provisioning Service; C:\windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_50ab1659f9152c0f\lib\TPMProvisioningService.exe [806880 2019-10-11] (Intel® Trust Services -> Intel® Corporation)
R2 IntelAudioService; C:\windows\system32\cAVS\IAS\IntelAudioService.exe [398504 2019-12-09] (Smart Sound Technology -> Intel)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6960640 2019-12-09] (Malwarebytes Inc -> Malwarebytes)
R2 MSSQL$ACT7; C:\Program Files\Microsoft SQL Server\MSSQL12.ACT7\MSSQL\Binn\sqlservr.exe [370368 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
R2 RtkAudioUniversalService; C:\windows\System32\DriverStore\FileRepository\hdxsstm2.inf_amd64_f027fc76f26abb05\RtkAudUService64.exe [835872 2019-11-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [305888 2019-04-18] (Sophos Ltd -> Sophos Limited)
R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [224880 2019-04-18] (Sophos Ltd -> Sophos Limited)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SntpService; C:\Program Files\Sophos\Sophos Network Threat Protection\SntpService.exe [1870264 2018-03-09] (Sophos Limited -> Sophos Limited)
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [1202680 2019-03-05] (Sophos Ltd -> Sophos Limited)
R2 Sophos Clean Service; C:\Program Files (x86)\Sophos\Clean\SophosCleanM.exe [1189704 2018-09-27] (Sophos Limited -> Sophos Limited)
R2 Sophos Endpoint Defense Service; C:\Program Files\Sophos\Endpoint Defense\SEDService.exe [1803816 2019-11-04] (Sophos Ltd -> Sophos Limited)
R2 Sophos File Scanner Service; C:\Program Files\Sophos\Sophos File Scanner\SophosFS.exe [1761064 2019-02-04] (Sophos Ltd -> Sophos Limited)
R2 Sophos Health Service; C:\Program Files (x86)\Sophos\Health\SophosHealth.exe [1816176 2018-10-10] (Sophos Limited -> Sophos Limited)
R2 Sophos MCS Agent; C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe [1344888 2019-05-30] (Sophos Ltd -> Sophos Limited)
R2 Sophos MCS Client; C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe [1830688 2019-05-30] (Sophos Ltd -> Sophos Limited)
R2 Sophos Safestore Service; C:\Program Files\Sophos\Safestore\SophosSafestore64.exe [786688 2018-09-27] (Sophos Limited -> Sophos Limited)
R2 Sophos System Protection Service; C:\Program Files\Sophos\Endpoint Defense\SSPService.exe [13235408 2019-11-04] (Sophos Ltd -> Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [360040 2019-04-18] (Sophos Limited -> Sophos Limited)
S4 SQLAgent$ACT7; C:\Program Files\Microsoft SQL Server\MSSQL12.ACT7\MSSQL\Binn\SQLAGENT.EXE [613056 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
R2 swi_filter; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe [475264 2019-04-18] (Sophos Ltd -> Sophos Limited)
R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3623400 2019-04-18] (Sophos Ltd -> Sophos Limited)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12758528 2019-12-16] (TeamViewer GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleLowerFilter; C:\windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [204824 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [274456 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [209552 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [65120 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\windows\System32\drivers\aswElam.sys [16304 2019-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42736 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [161544 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\windows\System32\drivers\aswNetSec.sys [552848 2019-12-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [110320 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [83792 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [848432 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [460448 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [236024 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [316528 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
S3 AX88772; C:\windows\System32\drivers\ax88772.sys [111616 2019-03-18] (Microsoft Windows -> ASIX Electronics Corp.)
R3 dptf_acpi; C:\windows\System32\DriverStore\FileRepository\dptf_acpi.inf_amd64_5989fd2721678bab\dptf_acpi.sys [77192 2019-06-22] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\dptf_cpu.sys [74120 2019-06-21] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\esif_lf.sys [408456 2019-06-21] (Intel Corporation -> Intel Corporation)
R1 ESProtectionDriver; C:\windows\system32\drivers\mbae64.sys [153312 2020-02-07] (Malwarebytes Corporation -> Malwarebytes)
R1 hmpalert; C:\windows\system32\drivers\hmpalert.sys [513104 2020-02-10] (Sophos Ltd -> SurfRight B.V.)
R3 iaLPSS2_GPIO2; C:\windows\System32\DriverStore\FileRepository\ialpss2_gpio2_icl.inf_amd64_5dfe4459ccf69034\iaLPSS2_GPIO2.sys [127888 2019-05-07] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 iaLPSS2_I2C; C:\windows\System32\DriverStore\FileRepository\ialpss2_i2c_icl.inf_amd64_04e193b8806eca82\iaLPSS2_I2C.sys [197008 2019-05-07] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 iaLPSS2_SPI; C:\windows\System32\DriverStore\FileRepository\ialpss2_spi_icl.inf_amd64_e5b8de383f9a8911\iaLPSS2_SPI.sys [156560 2019-05-07] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 iaLPSS2_UART2; C:\windows\System32\DriverStore\FileRepository\ialpss2_uart2_icl.inf_amd64_2fd93d380196ad59\iaLPSS2_UART2.sys [309648 2019-08-09] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 ibtusb; C:\windows\System32\DriverStore\FileRepository\ibtusb.inf_amd64_542e8c280c98b59f\ibtusb.sys [13916448 2019-07-11] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
R3 igfxn; C:\windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_99f3effa9b6e163f\igdkmdn64.sys [21693488 2019-12-23] (Intel® pGFX -> Intel Corporation)
R3 IntcAudioBus; C:\windows\System32\DriverStore\FileRepository\intcaudiobus.inf_amd64_448c7d2e5e934dfc\IntcAudioBus.sys [290768 2019-12-09] (Smart Sound Technology -> Intel® Corporation)
R3 IntcAzAudAddService; C:\windows\System32\DriverStore\FileRepository\hdxsstm2.inf_amd64_f027fc76f26abb05\RTKVHD64.sys [7068664 2019-11-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 IntcOED; C:\windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_ff28ec604c64d76a\IntcOED.sys [1245648 2019-12-09] (Smart Sound Technology -> Intel® Corporation)
S3 libusb0; C:\windows\system32\DRIVERS\libusb0.sys [52832 2019-06-18] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
R2 MBAMChameleon; C:\windows\System32\Drivers\MbamChameleon.sys [214496 2020-02-07] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\windows\System32\DRIVERS\MbamElam.sys [20936 2019-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\windows\System32\DRIVERS\farflt.sys [226448 2020-02-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\windows\system32\DRIVERS\mbam.sys [73584 2020-02-11] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [248968 2020-02-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\windows\system32\DRIVERS\mwac.sys [119960 2020-02-11] (Malwarebytes Inc -> Malwarebytes)
R3 MEIx64; C:\windows\System32\DriverStore\FileRepository\heci.inf_amd64_db60facf878d7699\x64\TeeDriverW8x64.sys [253840 2019-04-28] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 Netwtw08; C:\windows\System32\drivers\Netwtw08.sys [9142776 2019-08-14] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
S4 RsFx0300; C:\windows\System32\DRIVERS\RsFx0300.sys [247488 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
R3 rtux64w10; C:\windows\System32\drivers\rtux64w10.sys [576288 2019-06-26] (Realtek Semiconductor Corp. -> Realtek Corporation )
R1 SAVOnAccess; C:\windows\System32\DRIVERS\savonaccess.sys [204328 2019-04-18] (Sophos Limited -> Sophos Limited)
S3 sdcfilter; C:\windows\system32\DRIVERS\sdcfilter.sys [38144 2019-04-18] (Sophos Limited -> Sophos Limited)
R1 sntp; C:\windows\system32\DRIVERS\sntp.sys [125832 2018-03-09] (Sophos Limited -> Sophos Limited)
S0 Sophos ELAM; C:\windows\System32\DRIVERS\SophosEL.sys [20400 2019-11-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Sophos Limited)
R0 Sophos Endpoint Defense; C:\windows\System32\DRIVERS\SophosED.sys [930944 2019-11-04] (Sophos Ltd -> Sophos Limited)
S4 SophosBootDriver; C:\windows\system32\DRIVERS\SophosBootDriver.sys [45840 2019-04-18] (Sophos Limited -> Sophos Limited)
R3 SurfaceAcpiNotify; C:\windows\System32\drivers\SurfaceAcpiNotifyDriver.sys [281400 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceBattery; C:\windows\System32\drivers\SurfaceBattery.sys [308024 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceHidMini; C:\windows\System32\drivers\SurfaceHidMiniDriver.sys [272184 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceHotPlug; C:\windows\System32\drivers\SurfaceHotPlug.sys [337720 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceLightSensor; C:\windows\System32\drivers\SurfaceLightSensor.sys [228368 2019-09-26] (Microsoft Corporation -> Microsoft Corporation)
S3 SurfacePen217Integration; C:\windows\System32\drivers\SurfacePen217Integration.sys [35856 2019-08-10] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfacePowerFilter; C:\windows\System32\DriverStore\FileRepository\surfacepowerfilter.inf_amd64_428a666856b52679\SurfacePowerFilter.sys [270136 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfacePowerTrackerCore; C:\windows\System32\drivers\SurfacePowerTrackerCore.sys [265520 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceSerialHubDriver; C:\windows\System32\drivers\SurfaceSerialHubDriver.sys [324624 2019-08-13] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceTconDriver; C:\windows\System32\drivers\SurfaceTconDriver.sys [290616 2019-08-23] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceUcmUcsiHidClient; C:\windows\System32\DriverStore\FileRepository\surfaceucmucsihidclient.inf_amd64_bed226a64c31fdb0\SurfaceUcmUcsiHidClient.sys [202040 2019-08-11] (Microsoft Corporation -> Microsoft Corporation)
R3 SurfaceVirtualFunctionEnum; C:\windows\System32\drivers\SurfaceVirtualFunctionEnum.sys [185360 2019-08-11] (Microsoft Corporation -> Microsoft Corporation)
R1 swi_callout; C:\windows\system32\DRIVERS\swi_callout.sys [47760 2019-04-18] (Sophos Limited -> Sophos Limited)
S3 WdBoot; C:\windows\system32\drivers\wd\WdBoot.sys [46472 2019-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\wd\WdFilter.sys [351968 2019-11-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-03] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-12 09:10 - 2020-01-16 00:07 - 000492544 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2020-02-12 09:10 - 2020-01-15 23:23 - 000390656 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2020-02-12 09:09 - 2020-02-12 09:09 - 000000000 ____D C:\Users\cruss\AppData\LocalLow\IGDump
2020-02-12 09:06 - 2020-02-12 09:06 - 000000000 ___HD C:\OneDriveTemp
2020-02-11 15:20 - 2020-02-11 15:20 - 000248968 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamswissarmy.sys
2020-02-11 15:20 - 2020-02-11 15:20 - 000226448 _____ (Malwarebytes) C:\windows\system32\Drivers\farflt.sys
2020-02-11 15:20 - 2020-02-11 15:20 - 000119960 _____ (Malwarebytes) C:\windows\system32\Drivers\mwac.sys
2020-02-11 15:20 - 2020-02-11 15:20 - 000073584 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2020-02-11 15:14 - 2020-02-11 15:14 - 000001976 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2020-02-11 15:14 - 2020-02-11 15:14 - 000001976 _____ C:\ProgramData\Desktop\HitmanPro.lnk
2020-02-11 15:14 - 2020-02-11 15:14 - 000000000 ____D C:\Program Files\HitmanPro
2020-02-11 15:12 - 2020-02-11 15:18 - 000000000 ____D C:\ProgramData\HitmanPro
2020-02-11 13:26 - 2020-02-11 13:26 - 000000928 _____ C:\Users\cruss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2020-02-11 13:26 - 2020-02-11 13:26 - 000000000 ____D C:\Users\cruss\AppData\Local\ESET
2020-02-11 13:07 - 2020-02-12 09:12 - 000000000 ____D C:\FRST
2020-02-11 12:40 - 2020-02-11 15:17 - 000012872 _____ (SurfRight B.V.) C:\windows\system32\bootdelete.exe
2020-02-11 12:31 - 2018-03-09 17:12 - 000125832 _____ (Sophos Limited) C:\windows\system32\Drivers\sntp.sys
2020-02-11 12:30 - 2019-04-18 08:27 - 000047760 _____ (Sophos Limited) C:\windows\system32\Drivers\swi_callout.sys
2020-02-11 12:30 - 2019-04-18 08:27 - 000044184 _____ (Sophos Limited) C:\windows\system32\SophosBootTasks.exe
2020-02-11 12:29 - 2020-02-11 12:29 - 000000000 ____D C:\Program Files\Common Files\Sophos
2020-02-11 12:29 - 2019-11-04 11:06 - 000930944 _____ (Sophos Limited) C:\windows\system32\Drivers\SophosED.sys
2020-02-11 12:29 - 2019-11-04 11:06 - 000048968 _____ (Sophos Limited) C:\windows\system32\SophosNA.exe
2020-02-11 12:29 - 2019-11-04 11:06 - 000039713 _____ C:\windows\system32\Drivers\SophosED.man
2020-02-11 12:29 - 2019-11-04 11:06 - 000020400 _____ (Sophos Limited) C:\windows\system32\Drivers\SophosEL.sys
2020-02-11 12:25 - 2020-02-11 12:25 - 000000214 _____ C:\Users\cruss\OneDrive\Documents\cc_20200211_122541.reg
2020-02-11 10:45 - 2020-02-11 10:45 - 000001599 _____ C:\Users\cruss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GoToAssist Customer.lnk
2020-02-11 10:45 - 2020-02-11 10:45 - 000000000 ____D C:\Program Files (x86)\GoToAssist Remote Support Customer
2020-02-11 09:50 - 2020-02-11 09:51 - 000004816 _____ C:\Users\cruss\OneDrive\Documents\cc_20200211_095052.reg
2020-02-10 14:44 - 2020-02-11 15:14 - 000057728 _____ C:\windows\system32\Drivers\hitmanpro37.sys
2020-02-10 14:35 - 2020-02-12 09:12 - 000000000 ____D C:\windows\CryptoGuard
2020-02-10 14:35 - 2020-02-10 14:35 - 000513104 _____ (SurfRight B.V.) C:\windows\system32\Drivers\hmpalert.sys
2020-02-10 14:34 - 2020-02-12 09:12 - 000000000 ____D C:\ProgramData\HitmanPro.Alert
2020-02-10 14:34 - 2020-02-11 12:30 - 000000000 ____D C:\windows\SysWOW64\SophosAV
2020-02-10 14:34 - 2020-02-11 12:30 - 000000000 ____D C:\windows\system32\SophosAV
2020-02-10 14:34 - 2020-02-10 14:35 - 000000000 ____D C:\Program Files (x86)\HitmanPro.Alert
2020-02-10 14:34 - 2020-02-10 14:34 - 001215072 _____ (SurfRight B.V.) C:\windows\system32\hmpalert.dll
2020-02-10 14:34 - 2020-02-10 14:34 - 001017184 _____ (SurfRight B.V.) C:\windows\SysWOW64\hmpalert.dll
2020-02-10 14:33 - 2020-02-11 12:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2020-02-10 14:32 - 2020-02-11 12:31 - 000000000 ____D C:\Program Files\Sophos
2020-02-10 14:32 - 2019-04-18 08:27 - 000204328 _____ (Sophos Limited) C:\windows\system32\Drivers\savonaccess.sys
2020-02-10 14:32 - 2019-04-18 08:27 - 000176120 _____ (Sophos Limited) C:\windows\system32\sdccoinstaller.dll
2020-02-10 14:32 - 2019-04-18 08:27 - 000045840 _____ (Sophos Limited) C:\windows\system32\Drivers\SophosBootDriver.sys
2020-02-10 14:32 - 2019-04-18 08:27 - 000038144 _____ (Sophos Limited) C:\windows\system32\Drivers\sdcfilter.sys
2020-02-10 14:29 - 2020-02-11 12:31 - 000000000 ____D C:\ProgramData\Sophos
2020-02-10 14:29 - 2020-02-11 12:30 - 000000000 ____D C:\Program Files (x86)\Sophos
2020-02-10 14:15 - 2020-02-10 14:16 - 000000000 ____D C:\AdwCleaner
2020-02-10 14:15 - 2020-02-10 14:15 - 008356016 _____ (Malwarebytes) C:\Users\cruss\Downloads\adwcleaner_8.0.2.exe
2020-02-07 15:27 - 2020-02-07 15:27 - 000214496 _____ (Malwarebytes) C:\windows\system32\Drivers\MbamChameleon.sys
2020-02-05 15:48 - 2020-02-05 15:48 - 004139319 _____ C:\Users\cruss\Downloads\Walgreens-Family-Dollar-Sublease-280-Broad-St-New-London-CT-06320-1.pdf
2020-02-05 15:23 - 2020-02-05 15:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-02-04 12:22 - 2020-02-04 12:22 - 002003694 _____ C:\Users\cruss\Downloads\Planned-Parenthood-617-Watertown-Ave-Waterbury-CT.pdf
2020-02-04 08:20 - 2020-02-04 08:20 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-stable.sys
2020-02-04 08:20 - 2020-02-04 08:20 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-dev.sys
2020-02-04 08:20 - 2020-02-04 08:20 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-canary.sys
2020-02-04 08:20 - 2020-02-04 08:20 - 000044552 _____ (Dropbox, Inc.) C:\windows\system32\DbxSvc.exe
2020-02-03 17:10 - 2020-01-02 10:05 - 000454656 ____R C:\windows\system32\Drivers\etc\hosts.20200203-171022.backup
2020-02-03 17:05 - 2020-02-03 17:05 - 000008866 _____ C:\Users\cruss\OneDrive\Documents\cc_20200203_170501.reg
2020-01-31 14:32 - 2020-01-31 14:32 - 000000000 ____D C:\Users\cruss\AppData\LocalLow\Intel
2020-01-31 14:31 - 2019-12-23 18:38 - 025076232 _____ (Intel Corporation) C:\windows\system32\mfxplugin64_hw.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 011919368 _____ (Intel Corporation) C:\windows\SysWOW64\mfxplugin32_hw.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 003013640 _____ (Intel Corporation) C:\windows\system32\mfx_mft_mjpgvd_64.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 002439176 _____ (Intel Corporation) C:\windows\SysWOW64\mfx_mft_mjpgvd_32.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 001087280 _____ C:\windows\system32\vulkan-1-999-0-0-0.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 001087280 _____ C:\windows\system32\vulkan-1.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 000944944 _____ C:\windows\SysWOW64\vulkan-1-999-0-0-0.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 000944944 _____ C:\windows\SysWOW64\vulkan-1.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 000862248 _____ C:\windows\system32\vulkaninfo-1-999-0-0-0.exe
2020-01-31 14:31 - 2019-12-23 18:38 - 000862248 _____ C:\windows\system32\vulkaninfo.exe
2020-01-31 14:31 - 2019-12-23 18:38 - 000720432 _____ C:\windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-01-31 14:31 - 2019-12-23 18:38 - 000720432 _____ C:\windows\SysWOW64\vulkaninfo.exe
2020-01-31 14:31 - 2019-12-23 18:38 - 000146952 _____ C:\windows\SysWOW64\libGLESv2.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 000137736 _____ C:\windows\SysWOW64\libEGL.dll
2020-01-31 14:31 - 2019-12-23 18:38 - 000126472 _____ (Khronos Group) C:\windows\sys