Go Back   Cyber Tech Help Support Forums > Operating Systems > Windows 10

Notices

Reply
 
Topic Tools
  #1  
Old June 17th, 2019, 05:49 AM
Jerry56 Jerry56 is offline
Senior Member
 
Join Date: Jul 2007
Posts: 1,048
Thumbs up Window 10 Freezes

I am running windows 10 , when on the internet using Firefox or Microsoft edge it freezes every now and again, I am not sure if it is windows 10 or the browser that is freezing.
Reply With Quote


  #2  
Old June 17th, 2019, 05:01 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 51,807
Howdy Jerry56,

A couple of questions first.

Do you use wired or wireless internet connection?

Are you using a third-party antivirus software, other than Windows Defender? And if so, is the subscription current and it is not expired?

Is this a laptop or a desktop?

And in case we need to uninstall your network adapter, and it won't reinstall on reboot like it should, what is the make and model of this computer?
Reply With Quote
  #3  
Old June 17th, 2019, 06:03 PM
Jerry56 Jerry56 is offline
Senior Member
 
Join Date: Jul 2007
Posts: 1,048
Thumbs up

1) The computer is Dell Optiplex 755
2)Is wired internet
3)The Antivirus is Window Defender
4) Its a Desktop
Reply With Quote
  #4  
Old June 18th, 2019, 12:32 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 51,807
Lost my Internet yesterday.

Since I am one of the malware removal folks here, I admit I feel blind unless I can see a scan log of the situation there, so I would like you to post a log. If I do see malware however I will be moving this thread to the Malware Removal forum.


For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to the desktop.
For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to the desktop.

Please run it and click Scan, post back with the 2 logfiles.

Use extra posts here as needed.
Reply With Quote
  #5  
Old June 18th, 2019, 06:31 PM
Jerry56 Jerry56 is offline
Senior Member
 
Join Date: Jul 2007
Posts: 1,048
Thumbs up

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-06-2019
Ran by George (18-06-2019 13:25:25)
Running from C:\Users\George\Desktop
Windows 10 Pro Version 1809 17763.557 (X64) (2019-01-26 19:38:05)
Boot Mode: Normal
================================================== ========


==================== Accounts: =============================

Administrator (S-1-5-21-96959487-344117887-1461987557-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-96959487-344117887-1461987557-503 - Limited - Disabled)
George (S-1-5-21-96959487-344117887-1461987557-1001 - Administrator - Enabled) => C:\Users\George
Guest (S-1-5-21-96959487-344117887-1461987557-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-96959487-344117887-1461987557-1002 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-96959487-344117887-1461987557-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

123 Free Solitaire v11.0 (HKLM-x32\...\123 Free Solitaire_is1) (Version: - TreeCardGames)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.207 - Adobe)
ANT Drivers Installer x64 (HKLM\...\{0CBB03D2-96F9-4FC7-B6CE-2ECE00DBCD6C}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.)
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.58 - Piriform)
Dell System Detect (HKU\S-1-5-21-96959487-344117887-1461987557-1001\...\58d94f3ce2c27db0) (Version: 7.6.0.17 - Dell)
Elevated Installer (HKLM-x32\...\{24CF582B-6F19-4FDC-B2A3-3D65BE0EC014}) (Version: 6.14.2.0 - Garmin Ltd or its subsidiaries) Hidden
Epic Games Launcher (HKLM-x32\...\{5F95C9CC-2614-4C5E-B1FC-43029FD7FD6B}) (Version: 1.1.149.0 - Epic Games, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Garmin Express (HKLM-x32\...\{55393e38-f208-4047-be38-a67001e2832a}) (Version: 6.14.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{81F0B055-699D-4D7E-B680-E01A80FD70C3}) (Version: 6.14.2.0 - Garmin Ltd or its subsidiaries) Hidden
GlassWire 1.0 (remove only) (HKLM-x32\...\GlassWire 1.0) (Version: 1.0.69 - SecureMix LLC)
Google Chrome (HKLM-x32\...\{D486950F-500E-358B-9CC4-16104753329E}) (Version: 74.0.3729.169 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP Officejet 6600 Basic Device Software (HKLM\...\{B407F586-D027-45C3-9109-CC2943E839FA}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6600 Help (HKLM-x32\...\{2FA81482-5570-4CF0-9A10-D61D2F164916}) (Version: 140.0.2.2 - Hewlett Packard)
HP Officejet 6600 Product Improvement Study (HKLM\...\{9DD732B9-9B16-4F28-8E21-4AB5E40AF7DE}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Support Assistant (HKLM-x32\...\{4AAC4B07-77EF-4BCF-88DC-D24E4DE683E8}) (Version: 8.7.50.3 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{930B5F2B-8DB9-42F4-90E4-5D3DC30541C3}) (Version: 12.10.49.21 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft Encarta Encyclopedia Standard 2005 (HKLM-x32\...\{05410044-64A6-4248-A026-9745C1E9E159}) (Version: 2005 - Microsoft Corporation)
Microsoft Money 2005 (HKLM-x32\...\Money2005b) (Version: 14 - Microsoft)
Microsoft OneDrive (HKU\S-1-5-21-96959487-344117887-1461987557-1001\...\OneDriveSetup.exe) (Version: 19.086.0502.0006 - Microsoft Corporation)
Microsoft Picture It! Premium 10 (HKLM-x32\...\PictureItPrem_v10) (Version: 10.0.0612 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Streets and Trips 2005 (HKLM-x32\...\{67E4EE98-59F4-4210-89A6-A20AF5BEC689}) (Version: 12.00.07.1200 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Word 2002 (HKLM-x32\...\{911B0409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}) (Version: 08.04.0623 - Microsoft Corporation)
Microsoft Works 2005 Setup Launcher (HKLM-x32\...\Works2005Setup) (Version: - )
Microsoft Works Suite Add-in for Microsoft Word (HKLM-x32\...\{CB54ABA8-D67F-47AD-A76C-2631BADA9FE5}) (Version: 8.0.0.0000 - Microsoft Corporation)
Mozilla Firefox 67.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 67.0.2 (x64 en-US)) (Version: 67.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero PhotoShow Express (HKLM-x32\...\Nero PhotoShow Express) (Version: 3.0 - Simple Star, Inc.)
OpenOffice 4.1.0 (HKLM-x32\...\{C87EF11D-36E9-479D-9898-7541EA1E8A6A}) (Version: 4.10.9764 - Apache Software Foundation)
Real Mahjong (HKLM-x32\...\Real Mahjong_is1) (Version: - My Real Games Ltd)
RealDownloader (HKLM-x32\...\{E688C481-12B8-4553-8435-B05A282FBAA5}) (Version: 18.1.14.202 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM-x32\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.14 - RealNetworks)
RealUpgrade 1.1 (HKLM-x32\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 2.0.4 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.4 - VS Revo Group, Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.0 - SAMSUNG Electronics Co., Ltd.)
Shockwave (HKLM-x32\...\Shockwave) (Version: - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
UpdateService (HKLM-x32\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
vc2012_redist (HKLM-x32\...\{9402AEF2-5981-4097-8BE2-6501DAC4DBFD}) (Version: 1.0.0.0 - Realnetworks) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46 ) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2 ) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Works Upgrade (HKLM-x32\...\{DE1AF137-C455-494A-A817-EFE44BCCFDEE}) (Version: 8.0.0.0000 - Microsoft Corporation) Hidden
Yahtzee 1.1.6 (HKLM-x32\...\Yahtzee_is1) (Version: - )

Packages:
=========
Bubble Shooter. -> C:\Program Files\WindowsApps\TreeCardGames.43784B0E1CEBD_1.0. 1.0_x64__n666hb6ddc5jp [2018-07-03] (TreeCardGames) [MS Ad]
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_95.1.5 31.0_x64__v10z8vjag6ke6 [2019-03-19] (HP Inc.)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsa pps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-05-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript _10.1805.2.0_x64__8wekyb3d8bbwe [2018-07-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript _10.1805.2.0_x86__8wekyb3d8bbwe [2018-07-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.18 11.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.18 11.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.30.10924.0_ x64__8wekyb3d8bbwe [2019-04-03] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireColl ection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-16] (Microsoft Studios) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.29.10701 .0_x64__8wekyb3d8bbwe [2019-03-22] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.28.3242.0 _x64__8wekyb3d8bbwe [2018-12-14] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351 .0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Mai n_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-11-25] (Microsoft Corporation)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.1 3291.0_x64__8wekyb3d8bbwe [2015-11-13] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2011-04-19] (Igor Pavlov) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => c:\program files (x86)\real\realplayer\RPDS\Bin64\rpcontextmenu.dll [2018-11-20] (RealNetworks, Inc. -> RealNetworks, Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2011-04-19] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Fi lter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

Shortcut: C:\Users\George\AppData\Roaming\Microsoft\Windows\ Network Shortcuts\My Web Sites on MSN\target.lnk -> hxxp://www.msnusers.co

==================== Loaded Modules (Whitelisted) ==============

2011-04-19 01:35 - 2011-04-19 01:35 - 000088064 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2003-11-21 17:45 - 2003-11-21 17:45 - 000348160 ____R (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\microsoft shared\Works Shared\MSVCR71.dll
2004-06-23 20:23 - 2004-06-23 20:23 - 000015360 _____ (Microsoft® Corporation) [File not signed] C:\Program Files (x86)\Common Files\microsoft shared\Works Shared\WkCalRem.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\George\Downloads\IMG_3453.JPG:SummaryInf ormation [0]
AlternateDataStreams: C:\Users\George\Downloads\IMG_3453.JPG:Updt_Summa ryInformation [151]
AlternateDataStreams: C:\Users\George\Downloads\IMG_3455.JPG:SummaryInf ormation [0]
AlternateDataStreams: C:\Users\George\Downloads\IMG_3455.JPG:Updt_Summa ryInformation [151]
AlternateDataStreams: C:\Users\George\Downloads\IMG_3461.JPG:SummaryInf ormation [0]
AlternateDataStreams: C:\Users\George\Downloads\IMG_3461.JPG:Updt_Summa ryInformation [151]
AlternateDataStreams: C:\Users\George\Downloads\IMG_3465.JPG:SummaryInf ormation [0]
AlternateDataStreams: C:\Users\George\Downloads\IMG_3465.JPG:Updt_Summa ryInformation [151]
AlternateDataStreams: C:\Users\George\Downloads\IMG_3468.JPG:SummaryInf ormation [0]
AlternateDataStreams: C:\Users\George\Downloads\IMG_3468.JPG:Updt_Summa ryInformation [151]
AlternateDataStreams: C:\Users\George\Downloads\IMG_3471.JPG:SummaryInf ormation [0]
AlternateDataStreams: C:\Users\George\Downloads\IMG_3471.JPG:Updt_Summa ryInformation [151]
AlternateDataStreams: C:\Users\George\Downloads\IMG_3472.JPG:SummaryInf ormation [0]
AlternateDataStreams: C:\Users\George\Downloads\IMG_3472.JPG:Updt_Summa ryInformation [151]
AlternateDataStreams: C:\Users\George\Downloads\IMG_3485.JPG:SummaryInf ormation [0]
AlternateDataStreams: C:\Users\George\Downloads\IMG_3485.JPG:Updt_Summa ryInformation [151]
AlternateDataStreams: C:\Users\George\Downloads\IMG_3486.JPG:SummaryInf ormation [0]
AlternateDataStreams: C:\Users\George\Downloads\IMG_3486.JPG:Updt_Summa ryInformation [151]
AlternateDataStreams: C:\Users\George\Downloads\IMG_3489.JPG:SummaryInf ormation [0]
AlternateDataStreams: C:\Users\George\Downloads\IMG_3489.JPG:Updt_Summa ryInformation [151]
AlternateDataStreams: C:\Users\George\Downloads\IMG_3491.JPG:SummaryInf ormation [0]
AlternateDataStreams: C:\Users\George\Downloads\IMG_3491.JPG:Updt_Summa ryInformation [151]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\ZAM.exe" /service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\ZAM.exe" /service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\zam64.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-96959487-344117887-1461987557-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-96959487-344117887-1461987557-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-96959487-344117887-1461987557-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-96959487-344117887-1461987557-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-96959487-344117887-1461987557-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-96959487-344117887-1461987557-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-96959487-344117887-1461987557-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-96959487-344117887-1461987557-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-96959487-344117887-1461987557-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-96959487-344117887-1461987557-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-96959487-344117887-1461987557-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-96959487-344117887-1461987557-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-96959487-344117887-1461987557-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-96959487-344117887-1461987557-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-96959487-344117887-1461987557-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-96959487-344117887-1461987557-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-96959487-344117887-1461987557-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-96959487-344117887-1461987557-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-96959487-344117887-1461987557-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-96959487-344117887-1461987557-1001\...\1001movie.com -> 1001movie.com

There are 6091 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2017-12-12 19:13 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\s ystem32;%SystemRoot%;%SystemRoot%\System32\Wbem;%S YSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTE MROOT%\System32\OpenSSH\
HKU\S-1-5-21-96959487-344117887-1461987557-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\George\AppData\Local\Microsoft\Windows\Th emes\img8.jpg
DNS Servers: 13.59.228.155 - 208.67.220.220
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Tel ephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\Windows\pss\Microsoft Office.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^George^AppData^Roaming^Microsoft^Windows^ Start Menu^Programs^Startup^Monitor Ink Alerts - HP Officejet 6600 (Network).lnk => C:\Windows\pss\Monitor Ink Alerts - HP Officejet 6600 (Network).lnk.Startup
MSCONFIG\startupfolder: C:^Users^George^AppData^Roaming^Microsoft^Windows^ Start Menu^Programs^Startup^wkcalrem.LNK => C:\Windows\pss\WKCALREM.LNK.Startup
HKLM\...\StartupApproved\StartupFolder: => "RealTimes.lnk"
HKLM\...\StartupApproved\Run32: => "SoundMAXPnP"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "RealDownloader"
HKLM\...\StartupApproved\Run32: => "TkBellExe"
HKU\S-1-5-21-96959487-344117887-1461987557-1001\...\StartupApproved\StartupFolder: => "Monitor Ink Alerts - HP Officejet 6600 (Network).lnk"
HKU\S-1-5-21-96959487-344117887-1461987557-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-96959487-344117887-1461987557-1001\...\StartupApproved\Run: => "GarminExpress"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{F182F0D7-A0BC-4C2D-A57C-57A090BDB11C}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
FirewallRules: [{BFBCC560-6005-49F3-BD7D-631ACF9062A5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{15D7B749-BEEE-400B-8FFB-8D7A8C470EAE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{06156F4E-A02F-417D-82DB-EB435EAB1000}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{106A13F0-7204-4D5A-9D4F-739971AE3C63}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{48AA5C83-0075-4DA8-A752-33E6486FB37F}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{D7A4681F-8736-4604-AF76-F8DCF7199909}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{366B0106-C2D8-41CC-822B-7C3474EAE158}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{2737ED92-144C-496B-8CD5-BC62A210CC35}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{7478DCCA-40A3-40C0-9A91-9BC19131572C}] => (Allow) LPort=7000
FirewallRules: [{29E0D32C-AC47-41A9-B665-AABE2A793499}] => (Allow) LPort=7000
FirewallRules: [{0CA84604-70F1-4CAA-93F7-C649C8262413}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DB4E623B-0A08-4EC9-A6CD-9F55D984520B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{04C82FE2-4FA8-4397-B182-FCD1BE2E9DC9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{73736062-56CA-4332-AD2F-5C90D242571F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4FC5129A-C63E-41A4-BF4F-60F830C9DB3A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EB31D6FF-54D8-40C9-AD42-840148B1E250}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{9BD81D7C-3C45-480A-A785-61D24256FCE8}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{3A9D750F-08AA-465E-92D9-CB82FC530D86}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

02-06-2019 01:32:42 Scheduled Checkpoint
11-06-2019 11:09:08 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/18/2019 01:23:03 PM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (3252,D,22) SRUJet: A bad page link (error -327) has been detected in a B-Tree (ObjectId: 29, PgnoRoot: 3136) of database C:\WINDOWS\system32\SRU\SRUDB.dat (5061 => 4416, 3170).

Error: (06/18/2019 12:21:16 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1000) (User: NT AUTHORITY)
Description: Access to performance data was denied to user "SYSTEM" (value from GetUserName() for the running thread) as attempted from module "c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe" (value from GetModuleFileName() for the binary that issued the query).

Error: (06/18/2019 12:03:13 PM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (3404,D,22) SRUJet: A bad page link (error -327) has been detected in a B-Tree (ObjectId: 29, PgnoRoot: 3136) of database C:\WINDOWS\system32\SRU\SRUDB.dat (5061 => 4416, 3170).

Error: (06/18/2019 10:56:57 AM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (3404,D,22) SRUJet: A bad page link (error -327) has been detected in a B-Tree (ObjectId: 29, PgnoRoot: 3136) of database C:\WINDOWS\system32\SRU\SRUDB.dat (5061 => 4416, 3170).

Error: (06/18/2019 10:56:20 AM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (3404,D,22) SRUJet: A bad page link (error -327) has been detected in a B-Tree (ObjectId: 29, PgnoRoot: 3136) of database C:\WINDOWS\system32\SRU\SRUDB.dat (5061 => 4416, 3170).

Error: (06/18/2019 09:13:15 AM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (3404,D,22) SRUJet: A bad page link (error -327) has been detected in a B-Tree (ObjectId: 29, PgnoRoot: 3136) of database C:\WINDOWS\system32\SRU\SRUDB.dat (5061 => 4416, 3170).

Error: (06/18/2019 09:13:00 AM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (3404,D,22) SRUJet: A bad page link (error -327) has been detected in a B-Tree (ObjectId: 29, PgnoRoot: 3136) of database C:\WINDOWS\system32\SRU\SRUDB.dat (5061 => 4416, 3170).

Error: (06/18/2019 09:12:00 AM) (Source: ESENT) (EventID: 447) (User: )
Description: svchost (3404,D,22) SRUJet: A bad page link (error -327) has been detected in a B-Tree (ObjectId: 29, PgnoRoot: 3136) of database C:\WINDOWS\system32\SRU\SRUDB.dat (5061 => 4416, 3170).


System errors:
=============
Error: (06/18/2019 01:20:34 PM) (Source: DCOM) (EventID: 10016) (User: George-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
and APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
to the user George-PC\George SID (S-1-5-21-96959487-344117887-1461987557-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/18/2019 01:20:34 PM) (Source: DCOM) (EventID: 10016) (User: George-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
and APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
to the user George-PC\George SID (S-1-5-21-96959487-344117887-1461987557-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/18/2019 01:20:33 PM) (Source: DCOM) (EventID: 10016) (User: George-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
and APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
to the user George-PC\George SID (S-1-5-21-96959487-344117887-1461987557-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/18/2019 01:14:48 PM) (Source: DCOM) (EventID: 10016) (User: George-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
and APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
to the user George-PC\George SID (S-1-5-21-96959487-344117887-1461987557-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/18/2019 01:14:48 PM) (Source: DCOM) (EventID: 10016) (User: George-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
and APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
to the user George-PC\George SID (S-1-5-21-96959487-344117887-1461987557-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/18/2019 01:14:47 PM) (Source: DCOM) (EventID: 10016) (User: George-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
and APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
to the user George-PC\George SID (S-1-5-21-96959487-344117887-1461987557-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/18/2019 12:26:17 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscDataProtection
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/18/2019 12:26:17 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


Windows Defender:
===================================
Date: 2019-06-17 18:51:46.641
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {E2E4E59E-931A-445F-B4D7-13E248853B0E}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-06-17 16:59:03.498
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {9D5C7E51-E691-4B1A-A6B2-9842EE9A8BFA}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-06-17 14:56:33.113
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {7CF402A1-55FC-4083-B4F1-A23EE16C5AF7}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-06-17 13:39:10.366
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {5D3C3CB9-9367-4DC0-A3C7-9EACC33E1B13}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-06-17 13:23:27.825
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?lin...3&enterprise=0
Name: Trojan:HTML/FakeAlert.B
ID: 2147735813
Severity: Severe
Category: Trojan
Path: file:_C:\Users\George\AppData\Local\Temp\RRmG9ulp. htm.part; file:_C:\Users\George\AppData\Local\Temp\TYWm9BjP. htm.part
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files\CCleaner\CCleaner64.exe
Signature Version: AV: 1.295.897.0, AS: 1.295.897.0, NIS: 1.295.897.0
Engine Version: AM: 1.1.16000.6, NIS: 1.1.16000.6

Date: 2019-06-03 13:55:47.551
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.293.2807.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16000.6
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

==================== Memory info ===========================

BIOS: Dell Inc. A09 03/11/2008
Motherboard: Dell Inc. 0GM819
Processor: Intel(R) Core(TM)2 Duo CPU E6550 @ 2.33GHz
Percentage of memory in use: 51%
Total physical RAM: 3956.61 MB
Available physical RAM: 1919.42 MB
Total Virtual: 7412.61 MB
Available Virtual: 5009.13 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:924.11 GB) (Free:861.18 GB) NTFS

\\?\Volume{beffec3a-5af5-11e4-adec-806e6f6e6963}\ (System) (Fixed) (Total:7.4 GB) (Free:1.1 GB) NTFS

==================== MBR & Partition Table ==================

================================================== ======
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: C7ECBF10)
Partition 1: (Active) - (Size=7.4 GB) - (Type=27)
Partition 2: (Not Active) - (Size=924.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
Reply With Quote
  #6  
Old June 18th, 2019, 06:35 PM
Jerry56 Jerry56 is offline
Senior Member
 
Join Date: Jul 2007
Posts: 1,048
Thumbs up

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-06-2019
Ran by George (administrator) on GEORGE-PC (Dell Inc. OptiPlex 755) (18-06-2019 13:21:50)
Running from C:\Users\George\Desktop
Loaded Profiles: George (Available Profiles: George & DefaultAppPool)
Platform: Windows 10 Pro Version 1809 17763.557 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.BingFinance_4.29.10701 .0_x64__8wekyb3d8bbwe\Microsoft.Msn.Money.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x6 4__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1 904.42.0_x64__8wekyb3d8bbwe\Calculator.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19051.545. 0_x64__8wekyb3d8bbwe\YourPhone.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.114 11.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SM SvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SM SvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wek yb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x6 4__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> ) C:\Windows\System32\Windows.WARP.JITService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.ex e
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\snmp.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\NisSrv.exe
(Microsoft® Corporation) [File not signed] C:\Program Files (x86)\Common Files\microsoft shared\Works Shared\WkCalRem.exe
(RealNetworks, Inc. -> ) C:\Program Files (x86)\Real\RealDownloader\downloader2.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealDownloader\realdownloader264.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [353056 2018-11-20] (RealNetworks, Inc. -> RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => c:\program files (x86)\real\RealDownloader\downloader2.exe [1262368 2018-09-10] (RealNetworks, Inc. -> )
HKU\S-1-5-21-96959487-344117887-1461987557-1001\...\Run: [HP Officejet 6600 (NET)] => C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-96959487-344117887-1461987557-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30857712 2019-05-29] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-96959487-344117887-1461987557-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [151552 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\Inst aller\chrmstp.exe [2019-05-21] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2018-11-20]
ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
Startup: C:\Users\George\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet 6600 (Network).lnk [2017-12-04]
ShortcutAndArgument: Monitor Ink Alerts - HP Officejet 6600 (Network).lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Officejet 6600\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN41H8R67S05RN;CONNECTION=NW;MONITOR= 1;
Startup: C:\Users\George\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Startup\WKCALREM.LNK [2018-10-28]
ShortcutTarget: WKCALREM.LNK -> C:\Program Files (x86)\Common Files\microsoft shared\Works Shared\WkCalRem.exe (Microsoft® Corporation) [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {004C4ADF-6E86-4457-81B9-B8A6AC595648} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [237432 2019-04-29] (HP Inc. -> HP Inc.)
Task: {03964096-1F84-4276-A678-3F225C5529E3} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0656C675-DAC9-4D9A-B6F7-10B9B197382A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1488248 2018-12-10] (HP Inc. -> HP Inc.)
Task: {09C6D6AE-C236-438F-BE62-79691B38FC87} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {0DCC5990-745A-45A5-B8E8-A42218A2F18A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {0F774EFB-44C4-4219-B00A-74D880C69E2B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_ 0_0_207_Plugin.exe [1457208 2019-06-15] (Adobe Inc. -> Adobe)
Task: {0FD73492-33D7-4E29-AD7D-01E0010F687E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16664352 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1B711B91-5880-40CE-B239-E12A9BD206C3} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1C545390-4EA9-4D40-BF50-D75536071E83} - System32\Tasks\Microsoft\Windows\SideShow\SystemDa taProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {2106089C-9495-4AA6-ADD4-DFC1DD117044} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {23A2E971-5BC5-472F-9D7B-7F8B5A8AC5B9} - System32\Tasks\RealDownloaderDownloaderScheduledTa skS-1-5-21-96959487-344117887-1461987557-1001 => c:\program files (x86)\real\RealDownloader\recordingmanager.exe [959776 2018-09-10] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {241A2939-DCD6-46CD-87EF-458D047DAE50} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2987F57C-0A3D-43B9-A09D-CC81AC8FFE71} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {423FC988-BAE9-45BA-8841-2C2B0309C5B4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ HB => C:\WINDOWS\system32\MRT.exe [135349160 2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {43BCF16C-002C-427D-95E9-872BC3114574} - System32\Tasks\adobe flash player updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [335416 2019-06-15] (Adobe Inc. -> Adobe)
Task: {46A01979-9185-40DD-A3AC-665B059BD7C0} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {4780622E-2110-4F5E-BB7E-041CADBB679C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2017-10-12] (Apple Inc. -> Apple Inc.)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsPare ntalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4ADB616E-9021-452D-80BC-782CDFDB6512} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-96959487-344117887-1461987557-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [135456 2018-09-10] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {4B4A9C4D-7C79-4AC6-A462-FF085ADB932A} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsPare ntalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {61497939-9B9D-4705-A48C-4477FB32FC2F} - System32\Tasks\RealDownloader Update Check => c:\program files (x86)\real\RealDownloader\downloader2.exe [1262368 2018-09-10] (RealNetworks, Inc. -> )
Task: {620190C6-6B68-468D-9E08-DD7E89D44691} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {62F21AF4-2D08-41CA-8601-4B17A0AB2546} - System32\Tasks\RealDownloaderRealUpgradeScheduledT askS-1-5-21-96959487-344117887-1461987557-1001 => C:\program files (x86)\real\RealDownloader\RealUpgrade.exe [135456 2018-09-10] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {6B29E5A6-779B-4758-AB37-AACB31FAA8F5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {7070106F-7A5B-4C4F-9A30-794660BBC131} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {720DFD4E-51DA-4FA7-BDFE-9DB32BB28533} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-96959487-344117887-1461987557-1001 => C:\program files (x86)\real\RealDownloader\RealUpgrade.exe [135456 2018-09-10] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {737FCD55-E499-4954-9B02-A9049C199928} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {754ACFDF-790D-4E86-9A7B-07167747A0C1} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {783293EE-0C39-4E6B-8598-F7BC10374762} - System32\Tasks\HPCustParticipation HP Officejet 6600 => C:\Program Files\HP\HP Officejet 6600\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {7949D64F-DF57-40AC-A58D-C0AFFC89F83E} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7B207F80-B0A3-4118-A3C4-AB949FA8A5B2} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {7BE1C76B-A775-467E-89C7-495EF493FC32} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9125ACDE-DCB7-47CE-AE40-E73C822AE6B3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136056 2019-01-02] (HP Inc. -> HP Inc.)
Task: {92830350-B996-47BB-8AD3-67E5526F3061} - System32\Tasks\Microsoft\Windows\SideShow\GadgetMa nager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {9865CE0B-DBF4-461E-B6DE-B17D97244F7F} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {9F19199F-0DF1-4A1C-B68E-BA05B9AA8E25} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A1141410-D905-49BE-8644-CA93A34AD1F5} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A814B961-F531-4BAC-BC00-2C96F1980852} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A826717C-5CD8-4D74-B2FB-372C7458D0DB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1488248 2018-12-10] (HP Inc. -> HP Inc.)
Task: {A97319BF-E4BE-43E7-8A70-F3758A9F73A2} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {ABD81568-9119-421E-B019-55593CC63799} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AD99A3BD-1207-4CEC-9500-3788BAF8918D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AEF64111-230F-4896-A16E-A7722A327B43} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\Backgro undConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371}
Task: {B55163E8-5D4C-4779-8926-FA5BABBC605E} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {B7F49C98-64CE-49D6-8A3C-7725FFF6FDE5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [652664 2019-04-17] (HP Inc. -> HP Inc.)
Task: {BA1EA391-BBD1-48CD-8833-40A811A6FC9C} - System32\Tasks\HPCeeScheduleForGeorge => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [99208 2016-06-24] (Hewlett-Packard Company -> HP Inc.)
Task: {C2FBA673-9877-4AFF-A95B-D71C2EA5BCB0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [652664 2019-04-17] (HP Inc. -> HP Inc.)
Task: {C3FDCECC-1F2D-4A05-A43F-6AF6C279C23B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CA4BEDDF-2101-4BB9-96D9-4EE7741EA3B9} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-96959487-344117887-1461987557-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [135456 2018-09-10] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {CBBEFEC4-5D80-4403-9309-3BD731A71152} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CE6F9B0E-AA6E-4988-8864-70400ABC3690} - System32\Tasks\Microsoft\Windows\SideShow\SessionA gent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {D1D96479-B464-4D1A-A9AC-339D97B3182A} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2019-05-29] (Garmin International, Inc. -> )
Task: {D22D80DA-0108-4FC5-B51B-65C14B6A8341} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D508E296-78F4-402F-90F4-A1300FBED793} - System32\Tasks\GoogleUpdateTaskMachineUA1d0e27c2ab 926a5 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {D6BDCA4E-BFB7-4BD8-837F-CD961B380125} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D9AA4A49-A52A-4607-9980-6FD9B7449462} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {E1278B51-489A-4E80-A301-F670589AB544} - System32\Tasks\GoogleUpdateTaskMachineCore1d0e27c2 a9ac8c5 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {F7EB62A2-C35E-4A97-B805-F09FA96796B6} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.ex e [198696 2016-11-07] (HP Inc. -> HP Inc.)
Task: {F952942E-4F9B-4EE9-A734-01B12E66251C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {FB22E064-0756-4A2C-9D77-A09A5CAC941B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {FD8CEBC3-DDA7-4F7D-8756-72CCD27CDA38} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FF97C808-A65D-43C5-AB6D-36C5EB7DFEF1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChec ker.exe [1073528 2019-04-02] (HP Inc. -> HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForGeorge.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-96959487-344117887-1461987557-1001] => 192.168.1.2:15316
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{075acb4f-fee5-49b1-944a-072ff0d3012f}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4953a872-4581-4a1b-ac5b-4616234d6338}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{6d5cde59-8142-42be-b2ce-5a001dbeff55}: [NameServer] 13.59.228.155,208.67.220.220
Tcpip\..\Interfaces\{6d5cde59-8142-42be-b2ce-5a001dbeff55}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> c:\program files (x86)\real\RealDownloader\BrowserPlugins\IE\rndlbr owserrecordplugin64.dll [2018-09-10] (RealNetworks, Inc. -> RealDownloader)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-12-13] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-12-13] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> c:\program files (x86)\real\RealDownloader\BrowserPlugins\IE\rndlbr owserrecordplugin.dll [2018-09-10] (RealNetworks, Inc. -> RealDownloader)
Handler-x32: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation) [File not signed]
Handler-x32: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation) [File not signed]
Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2001-06-20] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation) [File not signed]

FireFox:
========
FF DefaultProfile: eseh3iue.default-1491324543132-1552172998205
FF ProfilePath: C:\Users\George\AppData\Roaming\Mozilla\Firefox\Pr ofiles\eseh3iue.default-1491324543132-1552172998205 [2019-06-18]
FF Homepage: Mozilla\Firefox\Profiles\eseh3iue.default-1491324543132-1552172998205 -> hxxp://www.excite.com/
FF NewTabOverride: Mozilla\Firefox\Profiles\eseh3iue.default-1491324543132-1552172998205 -> Disabled: Maps_Now_1a47fbf8546a43d949f229efca9...w.maps now.co
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\Browser Plugins\Firefox\Ext => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_ 207.dll [2019-06-15] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1 .dll [2017-12-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-12-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) [File not signed]
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) [File not signed]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_ 207.dll [2019-06-15] (Adobe Inc. -> )
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=18.1.14.202 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2018-11-20] (RealNetworks, Inc. -> RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.14.202 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2018-11-20] (RealNetworks, Inc. -> RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-02] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.excite.com/"
CHR Profile: C:\Users\George\AppData\Local\Google\Chrome\User Data\Default [2019-06-17]
CHR Extension: (Slides) - C:\Users\George\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhon fmgoek [2017-12-06]
CHR Extension: (Docs) - C:\Users\George\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake [2017-12-06]
CHR Extension: (Google Drive) - C:\Users\George\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf [2016-02-25]
CHR Extension: (YouTube) - C:\Users\George\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo [2016-02-25]
CHR Extension: (Google Search) - C:\Users\George\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljnie djpjpf [2016-02-25]
CHR Extension: (Sheets) - C:\Users\George\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpeb giejap [2017-12-06]
CHR Extension: (Google Docs Offline) - C:\Users\George\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2019-04-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\George\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2019-04-25]
CHR Extension: (Gmail) - C:\Users\George\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia [2015-04-27]
CHR Extension: (Chrome Media Router) - C:\Users\George\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcj beemfm [2019-04-25]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc. -> Apple Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [347512 2018-12-06] (HP Inc. -> HP Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
R2 REALPLAYERUPDATESVC; C:\program files (x86)\real\UpdateService\RealPlayerUpdateSvc.exe [38016 2018-09-10] (RealNetworks, Inc. -> RealNetworks, Inc.)
R2 RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [990840 2018-11-20] (RealNetworks, Inc. -> RealNetworks, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5382448 2019-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SNMP; C:\WINDOWS\System32\snmp.exe [53248 2019-01-26] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\NisSrv.exe [2433136 2019-06-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MsMpEng.exe [109896 2019-06-01] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [47616 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47496 2019-06-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [337632 2019-06-01] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-06-01] (Microsoft Windows -> Microsoft Corporation)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2016-09-23] (Zemana Ltd. -> Zemana Ltd.)
S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

============================
Reply With Quote
  #7  
Old June 18th, 2019, 06:38 PM
Jerry56 Jerry56 is offline
Senior Member
 
Join Date: Jul 2007
Posts: 1,048
Thumbs up

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-18 13:21 - 2019-06-18 13:23 - 000030490 _____ C:\Users\George\Desktop\FRST.txt
2019-06-18 13:21 - 2019-06-18 13:21 - 000000000 ____D C:\FRST
2019-06-18 13:14 - 2019-06-18 13:20 - 002418688 _____ (Farbar) C:\Users\George\Desktop\FRST64.exe
2019-06-13 20:35 - 2019-06-13 20:35 - 026808320 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 023438336 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 020816384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 018999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 015221248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 012869120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 012162048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 007875072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 007724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 006926336 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 006547144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayR eady.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 006441472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 006309256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 006068224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 005764608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 005588184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 005210904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 005112792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 005086208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 004883968 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 004661760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 004627456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 003906560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 003743744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 003426816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 003344896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 002926096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-06-13 20:35 - 2019-06-13 20:35 - 002777736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 002690048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 002627600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-06-13 20:35 - 2019-06-13 20:35 - 002469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 002276192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-06-13 20:35 - 2019-06-13 20:35 - 002017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-06-13 20:35 - 2019-06-13 20:35 - 001899160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 001860608 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 001761280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 001750016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 001700312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-06-13 20:35 - 2019-06-13 20:35 - 001670840 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 001618944 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuin.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 001483872 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 001471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-06-13 20:35 - 2019-06-13 20:35 - 001466496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 001342904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-06-13 20:35 - 2019-06-13 20:35 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 001260048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-06-13 20:35 - 2019-06-13 20:35 - 001255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 001254912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 001223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 001180184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-06-13 20:35 - 2019-06-13 20:35 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 001072640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\assignedaccessmanagersvc.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authenticatio n.Web.Core.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-06-13 20:35 - 2019-06-13 20:35 - 000699392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessManager.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000555232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000553664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000540720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000515152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000513904 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000474936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-06-13 20:35 - 2019-06-13 20:35 - 000451104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000430904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2019-06-13 20:35 - 2019-06-13 20:35 - 000427688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000398208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2019-06-13 20:35 - 2019-06-13 20:35 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-06-13 20:35 - 2019-06-13 20:35 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000351744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2019-06-13 20:35 - 2019-06-13 20:35 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000287912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2019-06-13 20:35 - 2019-06-13 20:35 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000262160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-06-13 20:35 - 2019-06-13 20:35 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2019-06-13 20:35 - 2019-06-13 20:35 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade .dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000122680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient. dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000091424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000087864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker. dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-06-13 20:35 - 2019-06-13 20:35 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dl l
2019-06-13 20:35 - 2019-06-13 20:35 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2019-06-13 20:34 - 2019-06-13 20:35 - 022114960 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 017484800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 009682744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-06-13 20:34 - 2019-06-13 20:34 - 007884288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 007687576 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayR eady.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 005297152 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 004997096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-06-13 20:34 - 2019-06-13 20:34 - 003983872 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 003637248 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-06-13 20:34 - 2019-06-13 20:34 - 003385344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 003363640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-06-13 20:34 - 2019-06-13 20:34 - 003270144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 003091968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 002999808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 002928640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 002707968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-06-13 20:34 - 2019-06-13 20:34 - 002653696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 002638336 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-06-13 20:34 - 2019-06-13 20:34 - 002422272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-06-13 20:34 - 2019-06-13 20:34 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.oneco re.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 002085168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 001929216 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 001903616 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 001860096 ____R (The ICU Project) C:\WINDOWS\system32\icuin.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 001644544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 001616384 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 001605120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.deskt op.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 001462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 001298952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 001256448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-06-13 20:34 - 2019-06-13 20:34 - 001229824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-06-13 20:34 - 2019-06-13 20:34 - 001219424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 001054712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-06-13 20:34 - 2019-06-13 20:34 - 001048592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-06-13 20:34 - 2019-06-13 20:34 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authenticatio n.Web.Core.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 001005056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000887808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000863544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-06-13 20:34 - 2019-06-13 20:34 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000850760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000758688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-06-13 20:34 - 2019-06-13 20:34 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000752144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-06-13 20:34 - 2019-06-13 20:34 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000730592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-06-13 20:34 - 2019-06-13 20:34 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000676048 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000651576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-06-13 20:34 - 2019-06-13 20:34 - 000651064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-06-13 20:34 - 2019-06-13 20:34 - 000615440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2019-06-13 20:34 - 2019-06-13 20:34 - 000604344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-06-13 20:34 - 2019-06-13 20:34 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000586040 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-06-13 20:34 - 2019-06-13 20:34 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000506192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000419368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000404792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-06-13 20:34 - 2019-06-13 20:34 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000386576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000375544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-06-13 20:34 - 2019-06-13 20:34 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000292664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-06-13 20:34 - 2019-06-13 20:34 - 000282424 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000247608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-06-13 20:34 - 2019-06-13 20:34 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000196920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-06-13 20:34 - 2019-06-13 20:34 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade .dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dl l
2019-06-13 20:34 - 2019-06-13 20:34 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSrv.exe
2019-06-13 20:34 - 2019-06-13 20:34 - 000156984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient. dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000152896 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000152400 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000137056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000125528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000114648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000101176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker. dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingFilterDS.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Microsoft.Bluetooth.Le gacy.LEEnumerator.sys
2019-06-13 20:34 - 2019-06-13 20:34 - 000090424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000080400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-06-13 20:34 - 2019-06-13 20:34 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2019-06-13 20:34 - 2019-06-13 20:34 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-06-13 20:34 - 2019-06-13 20:34 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dl l
2019-06-13 20:34 - 2019-06-13 20:34 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-06-13 20:34 - 2019-06-13 20:34 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-06-13 20:34 - 2019-06-13 20:34 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-06-13 20:34 - 2019-06-13 20:34 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-06-13 20:34 - 2019-06-13 20:34 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-06-13 20:34 - 2019-06-13 20:34 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-06-13 20:34 - 2019-06-13 20:34 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-06-13 20:34 - 2019-06-13 20:34 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-06-13 20:34 - 2019-06-13 20:34 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-06-12 19:39 - 2019-06-18 12:13 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-06-12 00:15 - 2019-06-12 00:15 - 001993528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-06-06 07:12 - 2019-06-17 07:10 - 000003252 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForGeorge
2019-06-05 22:24 - 2019-06-05 22:24 - 000001970 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2019-06-05 22:24 - 2019-06-05 22:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2019-06-04 15:04 - 2019-06-04 15:04 - 000071556 _____ C:\Users\George\Downloads\Cardfile.zip

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-18 13:23 - 2018-10-08 13:31 - 000064973 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2019-06-18 13:20 - 2016-11-20 00:03 - 000000000 ____D C:\Users\George\AppData\LocalLow\Mozilla
2019-06-18 12:57 - 2018-09-15 03:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-06-18 12:22 - 2019-01-26 15:36 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-06-18 12:21 - 2018-09-15 02:09 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-06-18 12:03 - 2019-01-26 15:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-06-18 06:58 - 2019-01-26 15:36 - 000004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronizatio n-{5C497AA6-8DA4-4F51-9231-255D2BE41896}
2019-06-17 19:57 - 2014-11-15 02:58 - 000000000 ____D C:\Users\George\AppData\Local\CrashDumps
2019-06-17 18:46 - 2015-10-10 15:54 - 006967296 _____ C:\Users\George\Documents\my money.mny
2019-06-17 18:45 - 2015-10-10 16:00 - 007489696 ____R C:\Users\George\Documents\My Money Backup.mbf
2019-06-17 13:24 - 2018-09-15 03:31 - 000000000 ____D C:\WINDOWS\INF
2019-06-17 13:22 - 2019-01-26 15:36 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-06-17 13:21 - 2014-10-31 18:07 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-06-17 13:16 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-06-17 13:12 - 2018-09-15 03:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-17 13:12 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-06-17 12:54 - 2019-03-14 08:35 - 000000356 _____ C:\WINDOWS\Tasks\HPCeeScheduleForGeorge.job
2019-06-15 21:06 - 2015-11-05 18:10 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-06-15 17:21 - 2019-01-26 15:36 - 000003364 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-96959487-344117887-1461987557-1001
2019-06-15 17:21 - 2015-08-12 17:45 - 000000000 ___RD C:\Users\George\OneDrive
2019-06-15 17:20 - 2019-01-26 15:14 - 000002409 _____ C:\Users\George\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\OneDrive.lnk
2019-06-15 12:18 - 2018-05-15 12:06 - 000000000 ____D C:\Users\George\AppData\Local\Adobe
2019-06-15 12:17 - 2019-01-26 15:36 - 000004578 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-06-15 12:17 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-06-15 12:17 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-06-14 01:45 - 2017-12-16 02:13 - 000000000 ___RD C:\Users\George\3D Objects
2019-06-14 01:45 - 2015-08-12 17:41 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-06-14 01:43 - 2019-01-26 15:08 - 000445640 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-06-14 01:43 - 2014-05-15 12:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-06-14 01:41 - 2018-09-15 03:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-06-14 01:41 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2019-06-14 01:41 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-06-14 01:41 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2019-06-14 01:41 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-06-13 20:38 - 2018-09-15 03:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-06-12 22:07 - 2014-05-15 12:17 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-06-12 02:02 - 2019-01-26 15:25 - 000972156 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-06-12 01:57 - 2019-01-26 15:14 - 000000000 ____D C:\Users\George
2019-06-12 00:33 - 2014-05-15 09:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-06-12 00:15 - 2014-05-15 09:50 - 135349160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-06-05 22:39 - 2015-08-13 13:22 - 000000000 ____D C:\ProgramData\Garmin
2019-06-05 22:37 - 2019-03-01 16:03 - 000000000 ____D C:\Users\George\AppData\Local\Garmin
2019-06-05 22:24 - 2015-08-13 13:22 - 000000000 ____D C:\ProgramData\Package Cache
2019-06-05 22:24 - 2015-08-13 13:22 - 000000000 ____D C:\Program Files (x86)\Garmin
2019-06-05 22:23 - 2019-01-26 15:36 - 000003624 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2019-06-03 13:47 - 2017-12-16 13:39 - 000028666 _____ C:\Users\George\AppData\Roaming\wklnhst.dat
2019-06-01 07:02 - 2018-02-24 13:17 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-05-31 14:03 - 2018-09-15 03:36 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-05-31 14:03 - 2018-09-15 03:36 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-29 14:16 - 2018-07-11 20:22 - 000000000 ____D C:\ProgramData\Packages
2019-05-21 17:00 - 2014-05-15 12:17 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-21 17:00 - 2014-05-15 12:17 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Files in the root of some directories ================

2017-12-16 13:39 - 2019-06-03 13:47 - 000028666 _____ () C:\Users\George\AppData\Roaming\wklnhst.dat
2019-01-01 14:08 - 2019-01-01 14:08 - 000000000 _____ () C:\Users\George\AppData\Local\{CDE04B78-B621-4C63-A573-37D5F9040E4C}

==================== FLock ================

2014-10-23 06:08 C:\WINDOWS\CSC

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================
Reply With Quote
  #8  
Old June 19th, 2019, 04:47 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 51,807
Active remnants of an old Zemana security install there. Let's remove those and check before we do anything else.


In the search bar, type cmd.exe. When Cmd.exe shows at the top of the display, right click it and select Run as administrator. When the command window opens, type the following, pressing Enter after each:

sc config ZAM_Guard start= disabled

sc stop ZAM_Guard

sc delete ZAM_Guard

sc delete ZAM


If they removed successfully, restart the system and check for improvement. If they didn't, just post back here and we'll change techniques.
Reply With Quote
  #9  
Old June 19th, 2019, 11:51 PM
Jerry56 Jerry56 is offline
Senior Member
 
Join Date: Jul 2007
Posts: 1,048
Thumbs up

It froze once today
Reply With Quote
  #10  
Old June 20th, 2019, 06:10 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 51,807
In the search bar, type device manager. When Device Manager shows at the top of the display, right click it and select "Run as administrator".

In Device Manager click the arrow next to "Network adapters" to expand the list. ID your ethernet adapter. Leave Device Manager open. Then go here and download the correct ethernet driver for your system. This is for just if Windows can't reinstall the adapter software.


Then back in Device Manager, right click on your ethernet adapters and select Uninstall. DO NOT allow the uninstall to delete the driver if offered. Close Device Manager and reboot the computer. Windows should see the ethernet device and reload it's software during startup. If it does not, go to the Dell ethernet software you downloaded and reinstall the adapter using that.

Then post back if that brought any improvement.
Reply With Quote
  #11  
Old June 20th, 2019, 06:55 PM
Jerry56 Jerry56 is offline
Senior Member
 
Join Date: Jul 2007
Posts: 1,048
Thumbs up

When I go to Device Manager I don't see " Ethernet adapter"
Also when I go to Dell its not allowing me to download anything for this computer

When I go to Network Adapter the following is what is there
1) Intel (r) 82566DM-2 Gigabit Network Connection
2) WAN Miniport (IKEv2)
3) WAN (IP)
4) WAN (IPv6)
5) WAN (L2TP)
6) WAN (NETWORK Monitor)
7) WAN (PPPOE)
8) WAN (PPTP)
9) WAN (SSTP)

Last edited by Jerry56; June 20th, 2019 at 11:30 PM.
Reply With Quote
  #12  
Old June 20th, 2019, 11:12 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 51,807
Lightbulb

In device manager click the arrow next to network adapters not ethernet adapters. Then when you click expand, there you will find your ethernet device.

They're on the Dell website, you have a click at the bottom where it says see more drivers, until you see the ethernet drivers.
Reply With Quote
  #13  
Old June 21st, 2019, 05:51 PM
Jerry56 Jerry56 is offline
Senior Member
 
Join Date: Jul 2007
Posts: 1,048
Thumbs up

It's my mistake to say "Ethernet adapter" what I wanted to say is "Network adapter"

This is what in Network adapter]
When I go to Network Adapter the following is what is there
1) Intel (r) 82566DM-2 Gigabit Network Connection
2) WAN Miniport (IKEv2)
3) WAN (IP)
4) WAN (IPv6)
5) WAN (L2TP)
6) WAN (NETWORK Monitor)
7) WAN (PPPOE)
8) WAN (PPTP)
9) WAN (SSTP)
There is no "Ethernet adapter" there.
Reply With Quote
  #14  
Old June 21st, 2019, 10:11 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 51,807
That Intel Gigabit is the one you want.
Reply With Quote
  #15  
Old June 22nd, 2019, 03:54 AM
Jerry56 Jerry56 is offline
Senior Member
 
Join Date: Jul 2007
Posts: 1,048
Thumbs up

I uninstall it and reboot the computer and it reinstall itself but there is no improvement.
Reply With Quote
Reply

Bookmarks

Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump




All times are GMT +1. The time now is 03:18 AM.