Author Topic: Issues logging into my system  (Read 4380 times)

0 Members and 1 Guest are viewing this topic.

Offline lisa20

  • Full Member
  • ***
  • Posts: 52
    • View Profile
Issues logging into my system
« on: February 04, 2018, 07:26:48 PM »
I allowed my system to update and after it restarted, i couldn't get back into it. I've attached a few screen shots. I'm unable to log into my 2010 Vaio system after I enter my password for my user. I cannot get in by safe mode. I have an assist button with troubleshooting options I included in screen shot. I'm communicating via another device. Is there another back way into my system? Please let me know what else I should try. THANK YOU!

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 19469
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: Issues logging into my system
« Reply #1 on: February 04, 2018, 07:43:25 PM »
Hi, Lisa.  (Gee, funny seeing you here.  ;)  Thanks.  This is a much easier way to communicate plus has the advantage of others being able to assist.)

1.  Do you recall what update was installed?

2.  Because of the issues you are having, when attempting to get into Safe Mode you need to be on the sign in screen.  Do NOT enter your password.  Instead, hold the Shift key down while you select Power > Restart.  When Windows 10 reboots and asks you to select an option., choose Troubleshoot > Advanced Options.  From there, select "Startup Repairi".
 


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline lisa20

  • Full Member
  • ***
  • Posts: 52
    • View Profile
Re: Issues logging into my system
« Reply #2 on: February 04, 2018, 08:03:49 PM »
Thanks Corrine!  :) I think my computer is unique! I think it was a system or Windows update but not entirely she because in the past it would uninstall the winows uodates. I just rebooted and I don't get any options other than signing in with my password. I'm attaching a screen shot of recovering my computer.

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 19469
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: Issues logging into my system
« Reply #3 on: February 04, 2018, 08:34:20 PM »
Lisa, I'm sorry, but I can't read that.  What is the model of your Vaio?  Perhaps I can find that on the website.  Otherwise, you'll need to describe what it tells you to do. 


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline lisa20

  • Full Member
  • ***
  • Posts: 52
    • View Profile
Re: Issues logging into my system
« Reply #4 on: February 04, 2018, 08:59:03 PM »
I have the Vaio VPCE series. The instructions are for recovery and it instructs me to click on the assist button which I can only access after I sign in with my password. However, I don't want to restore my computer to its original factory condition if it isn't necessary. I can access many options as I showed in the screen shots. There is a troubleshoot option there. Let me know what else I can do. I can attempt to take larger photos of the troubleshooting options with the assist button.

Offline lisa20

  • Full Member
  • ***
  • Posts: 52
    • View Profile
Re: Issues logging into my system
« Reply #5 on: February 04, 2018, 09:04:01 PM »
It is a miracle! I just restarted again for maybe the 8th time and I finally can see my desktop. 😀 What should I do first? Also, I need new virus software.

Offline lisa20

  • Full Member
  • ***
  • Posts: 52
    • View Profile
Re: Issues logging into my system
« Reply #6 on: February 04, 2018, 09:11:24 PM »
Apparently my Windows Defender just appeared with message "threats found. Start the recommended actions. "Misleading Win32/Chekum . Quarantined threats have been isolated and prevented from running on your device. Should I click "remove all." I guess  it was malware or somethimg?

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 19469
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: Issues logging into my system
« Reply #7 on: February 04, 2018, 09:54:31 PM »
The threats have been quarantined so cannot do anything. Let's do a complete checkup.

Please download Farbar Recovery Scan Tool (FRST) and save it to your Desktop.

Note: You need to run the version compatible with your system (32- or 64-bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • The first time FRST is run, it will produce two logs in the same directory the tool is run from -- FRST.txt and Addition.txt.
  • Copy/paste both FRST.txt and Addition.txt into your reply.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline lisa20

  • Full Member
  • ***
  • Posts: 52
    • View Profile
Re: Issues logging into my system
« Reply #8 on: February 04, 2018, 10:59:56 PM »
I'll post them separately again to make sure the entire text is here. :)

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2018
Ran by lisa (administrator) on LISA-VAIO (04-02-2018 19:52:21)
Running from C:\Users\lisa\Desktop
Loaded Profiles: lisa (Available Profiles: lisa & DefaultAppPool)
Platform: Windows 10 Home Version 1709 16299.192 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe
(Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VAIOTM\VTSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Digital Delivery Networks, Inc.) C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VAIOTM\VTUsr.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\dlnaPlugin.exe
(Microsoft Corporation) C:\Windows\System32\BackgroundTransferHost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Program Files\internet explorer\iexplore.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingApp.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingBar.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\bingsurrogate.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\bingsurrogate.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\bingsurrogate.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\bingsurrogate.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-05-31] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [673136 2010-05-31] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [600928 2010-06-01] (Sony Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [InstaLAN] => C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [1885088 2012-02-23] (Affinegy, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-2330229276-1937969778-3526454886-1001] => http=127.0.0.1:64550
Hosts: 127.0.0.1   localhost
Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75
Tcpip\..\Interfaces\{57a09f4d-5472-450a-88fa-cd092971da04}: [DhcpNameServer] 75.75.76.76 75.75.75.75
Tcpip\..\Interfaces\{bc863aaa-54e2-4f05-a57b-5b003d0368db}: [DhcpNameServer] 68.111.16.25 68.111.16.30

Internet Explorer:
==================
HKU\S-1-5-21-2330229276-1937969778-3526454886-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.aadvantageeshopping.com/s____.htm
HKU\S-1-5-21-2330229276-1937969778-3526454886-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie9
HKU\S-1-5-21-2330229276-1937969778-3526454886-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=hxxps://mail.google.com/mail/?rli%3D1h48om17floxd%26rld%3D1&scc=1&ltmpl=default&ltmplcache=2&emr=1&osid=1#identifier
URLSearchHook: HKU\S-1-5-21-2330229276-1937969778-3526454886-1001 - FCToolbarURLSearchHook Class - {868978c8-95f3-4020-a5cd-5a16d60e36ca} - C:\Program Files (x86)\Dividend Miles Toolbar\Helper.dll ()
SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNNT
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNNT
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNNT
SearchScopes: HKU\S-1-5-21-2330229276-1937969778-3526454886-1001 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?FORM=UP94DF&PC=UP94&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2330229276-1937969778-3526454886-1001 -> DB07061EB62D42A98E3853E195D37BEA URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNNT_enUS424
SearchScopes: HKU\S-1-5-21-2330229276-1937969778-3526454886-1001 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?FORM=UP94DF&PC=UP94&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2330229276-1937969778-3526454886-1001 -> {7D1ADA97-646B-4957-9BEA-64068431946B} URL = hxxp://delicious.com/search?p={searchTerms}
SearchScopes: HKU\S-1-5-21-2330229276-1937969778-3526454886-1001 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://search.yahoo.com/search?p={searchTerms}
SearchScopes: HKU\S-1-5-21-2330229276-1937969778-3526454886-1001 -> {F40D307B-5829-4523-B880-8F59A61166A9} URL = hxxp://www.flickr.com/search/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2330229276-1937969778-3526454886-1001 -> {F9060207-6906-4104-BB79-DE40BBBAEC57} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-01] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-31] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-01] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-31] (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-01] (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-01] (Google Inc.)
Toolbar: HKU\S-1-5-21-2330229276-1937969778-3526454886-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-01] (Google Inc.)
DPF: HKLM-x32 {7677E74E-5831-4C9E-A2DD-9B1EF9DF2DB4} hxxps://www.paycomonline.net/v4/doceditor/officeviewer.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: HKLM-x32 {F53B7748-643C-4A78-8DBC-01A4855D1A10} hxxps://www.paycomonline.net/v4/doceditor/FoxitPDFSDK_AX_Pro.ocx
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-17] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-17] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\u7asfcq0.default [2015-11-28]
FF Extension: (RoxioNow Player Plugin) - C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\u7asfcq0.default\Extensions\{3112ca9c-de6d-4884-a869-9855de680400} [2012-03-26] [Legacy] [not signed]
FF ProfilePath: C:\Users\lisa\AppData\Roaming\eMusic\eMusic Download Manager\Profiles\aajcvvxi.default [2012-09-22]
FF Extension: (No Name) - C:\Program Files (x86)\eMusic Download Manager\xulrunner\extensions\dlm_itunes@emusic.com [not found]
FF Extension: (No Name) - C:\Program Files (x86)\eMusic Download Manager\xulrunner\extensions\dlm_winamp@emusic.com [not found]
FF Extension: (No Name) - C:\Program Files (x86)\eMusic Download Manager\xulrunner\extensions\dlm_wmp@emusic.com [not found]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll [2018-01-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\3.2.0.23388\npSkypeWebPlugin64.dll [2014-11-03] (Skype)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll [2018-01-09] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-31] (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2010-06-01] (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-17] (Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\lisa\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-11-18] (RocketLife, LLP)
FF Plugin-x32: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\3.2.0.23388\npSkypeWebPlugin.dll [2014-11-03] (Skype)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2330229276-1937969778-3526454886-1001: @yahoo.com/BrowserPlus,version=2.9.8 -> C:\Users\lisa\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll [2010-10-19] (Yahoo! Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2015-02-26] (Coupons, Inc.)

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=orcl_default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\lisa\AppData\Local\Google\Chrome\User Data\Default [2018-01-16]
CHR Extension: (Skype) - C:\Users\lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-01-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-09]
CHR Extension: (Chrome Media Router) - C:\Users\lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-01-16]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nogdfjjfhknacchjpiccacoimeelkajb] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AffinegyService; C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe [563104 2012-02-23] (Affinegy, Inc.)
R2 Belkin Local Backup Service; C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [181760 2011-04-19] () [File not signed]
R2 Belkin Network USB Helper; C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [55296 2010-02-09] () [File not signed]
R2 DMAgent; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [408576 2010-06-07] (Red Bend Ltd.) [File not signed]
R2 Oasis2Service; C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [61440 2013-07-02] (Digital Delivery Networks, Inc.) [File not signed]
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [851824 2010-06-17] (Sony Corporation)
R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [836608 2010-06-08] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1656600 2016-03-31] (Sony Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-21] (Microsoft Corporation)
R2 WiMAXAppSrv; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [911872 2010-06-07] (Intel(R) Corporation) [File not signed]
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-21] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 MpKsl286ecf7a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{07CE2EBF-7CD8-4B37-8F3C-558F91118778}\MpKsl286ecf7a.sys [58120 2018-02-04] (Microsoft Corporation)
S3 NETw5s64; C:\WINDOWS\System32\DRIVERS\NETw5s64.sys [7689216 2010-05-31] (Intel Corporation) [File not signed]
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew00.sys [3341824 2017-09-29] (Intel Corporation)
S2 sxuptp; C:\WINDOWS\System32\drivers\sxuptp.sys [291352 2009-06-22] (silex technology, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-01-21] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2018-01-21] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-21] (Microsoft Corporation)
R3 ykinw8; C:\WINDOWS\System32\drivers\ykinx64.sys [288768 2017-09-29] (Marvell)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-04 19:52 - 2018-02-04 19:54 - 000022093 _____ C:\Users\lisa\Desktop\FRST.txt
2018-02-04 19:52 - 2018-02-04 19:52 - 000000000 ____D C:\FRST
2018-02-04 19:48 - 2018-02-04 19:48 - 002393088 _____ (Farbar) C:\Users\lisa\Desktop\FRST64.exe
2018-02-04 16:56 - 2018-02-04 16:56 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-01-30 19:26 - 2017-12-22 08:45 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-01-30 19:26 - 2017-12-22 08:45 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-01-21 17:25 - 2018-01-01 06:25 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-01-21 17:25 - 2018-01-01 06:24 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-01-21 17:25 - 2018-01-01 06:20 - 018917888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-01-21 17:25 - 2018-01-01 06:19 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-01-21 17:25 - 2018-01-01 06:16 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-01-21 17:24 - 2018-01-01 12:15 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-01-21 17:24 - 2018-01-01 07:51 - 001055128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-01-21 17:24 - 2018-01-01 07:51 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2018-01-21 17:24 - 2018-01-01 07:50 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-01-21 17:24 - 2018-01-01 07:49 - 008605080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-01-21 17:24 - 2018-01-01 07:49 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-01-21 17:24 - 2018-01-01 07:48 - 007831760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-01-21 17:24 - 2018-01-01 07:48 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-01-21 17:24 - 2018-01-01 07:47 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-01-21 17:24 - 2018-01-01 07:46 - 002709704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-01-21 17:24 - 2018-01-01 07:46 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-01-21 17:24 - 2018-01-01 07:45 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-01-21 17:24 - 2018-01-01 07:45 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-01-21 17:24 - 2018-01-01 07:45 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-01-21 17:24 - 2018-01-01 07:42 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-01-21 17:24 - 2018-01-01 07:42 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-01-21 17:24 - 2018-01-01 07:41 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-01-21 17:24 - 2018-01-01 07:40 - 001206680 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-01-21 17:24 - 2018-01-01 07:39 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-01-21 17:24 - 2018-01-01 07:39 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-01-21 17:24 - 2018-01-01 07:39 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-01-21 17:24 - 2018-01-01 07:38 - 003904808 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-01-21 17:24 - 2018-01-01 07:37 - 001426664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-01-21 17:24 - 2018-01-01 07:36 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2018-01-21 17:24 - 2018-01-01 07:35 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-01-21 17:24 - 2018-01-01 07:34 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-01-21 17:24 - 2018-01-01 07:33 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-01-21 17:24 - 2018-01-01 07:32 - 004481240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-01-21 17:24 - 2018-01-01 07:27 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-01-21 17:24 - 2018-01-01 07:26 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-01-21 17:24 - 2018-01-01 07:25 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-01-21 17:24 - 2018-01-01 07:25 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2018-01-21 17:24 - 2018-01-01 07:23 - 021352144 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-01-21 17:24 - 2018-01-01 07:03 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2018-01-21 17:24 - 2018-01-01 06:53 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-01-21 17:24 - 2018-01-01 06:46 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-01-21 17:24 - 2018-01-01 06:45 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-01-21 17:24 - 2018-01-01 06:45 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-01-21 17:24 - 2018-01-01 06:45 - 002192624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-01-21 17:24 - 2018-01-01 06:43 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-01-21 17:24 - 2018-01-01 06:42 - 006479552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-01-21 17:24 - 2018-01-01 06:42 - 004644912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-01-21 17:24 - 2018-01-01 06:42 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-01-21 17:24 - 2018-01-01 06:42 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-01-21 17:24 - 2018-01-01 06:37 - 025247232 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-01-21 17:24 - 2018-01-01 06:34 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-01-21 17:24 - 2018-01-01 06:25 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-01-21 17:24 - 2018-01-01 06:25 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-01-21 17:24 - 2018-01-01 06:25 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2018-01-21 17:24 - 2018-01-01 06:24 - 003668480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-01-21 17:24 - 2018-01-01 06:23 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-01-21 17:24 - 2018-01-01 06:23 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-01-21 17:24 - 2018-01-01 06:23 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-01-21 17:24 - 2018-01-01 06:21 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2018-01-21 17:24 - 2018-01-01 06:20 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-01-21 17:24 - 2018-01-01 06:19 - 008014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-01-21 17:24 - 2018-01-01 06:19 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2018-01-21 17:24 - 2018-01-01 06:19 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-01-21 17:24 - 2018-01-01 06:19 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-01-21 17:24 - 2018-01-01 06:19 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-01-21 17:24 - 2018-01-01 06:18 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-01-21 17:24 - 2018-01-01 06:18 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-01-21 17:24 - 2018-01-01 06:18 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2018-01-21 17:24 - 2018-01-01 06:17 - 011923968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-01-21 17:24 - 2018-01-01 06:17 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-01-21 17:24 - 2018-01-01 06:17 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-01-21 17:24 - 2018-01-01 06:17 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-01-21 17:24 - 2018-01-01 06:17 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2018-01-21 17:24 - 2018-01-01 06:16 - 003676672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-01-21 17:24 - 2018-01-01 06:16 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-01-21 17:24 - 2018-01-01 06:16 - 000812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-01-21 17:24 - 2018-01-01 06:16 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-01-21 17:24 - 2018-01-01 06:16 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-01-21 17:24 - 2018-01-01 06:16 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-01-21 17:24 - 2018-01-01 06:15 - 012687872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-01-21 17:24 - 2018-01-01 06:15 - 006029312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-01-21 17:24 - 2018-01-01 06:15 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2018-01-21 17:24 - 2018-01-01 06:14 - 023655936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-01-21 17:24 - 2018-01-01 06:14 - 002465280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-01-21 17:24 - 2018-01-01 06:14 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-01-21 17:24 - 2018-01-01 06:13 - 013657600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-01-21 17:24 - 2018-01-01 06:13 - 012830208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-01-21 17:24 - 2018-01-01 06:13 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-01-21 17:24 - 2018-01-01 06:13 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-01-21 17:24 - 2018-01-01 06:13 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-01-21 17:24 - 2018-01-01 06:12 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-01-21 17:24 - 2018-01-01 06:12 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-01-21 17:24 - 2018-01-01 06:12 - 001547776 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-01-21 17:24 - 2018-01-01 06:12 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-01-21 17:24 - 2018-01-01 06:11 - 008108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-01-21 17:24 - 2018-01-01 06:11 - 004748288 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-01-21 17:24 - 2018-01-01 06:11 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-01-21 17:24 - 2018-01-01 06:11 - 003165696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-01-21 17:24 - 2018-01-01 06:11 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-01-21 17:24 - 2018-01-01 06:11 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-01-21 17:24 - 2018-01-01 06:11 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-01-21 17:24 - 2018-01-01 06:09 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-01-21 17:24 - 2018-01-01 06:09 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-01-21 17:24 - 2018-01-01 06:08 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-01-21 17:24 - 2018-01-01 06:08 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-01-21 17:24 - 2018-01-01 06:05 - 002510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-01-21 17:24 - 2018-01-01 06:05 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-01-21 17:23 - 2018-01-01 07:54 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-01-21 17:23 - 2018-01-01 07:53 - 001090984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-01-21 17:23 - 2018-01-01 07:52 - 000066712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2018-01-21 17:23 - 2018-01-01 07:51 - 001414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-01-21 17:23 - 2018-01-01 07:51 - 001209240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-01-21 17:23 - 2018-01-01 07:51 - 000191816 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-01-21 17:23 - 2018-01-01 07:50 - 000780464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-01-21 17:23 - 2018-01-01 07:50 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-01-21 17:23 - 2018-01-01 07:50 - 000077208 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-01-21 17:23 - 2018-01-01 07:49 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-01-21 17:23 - 2018-01-01 07:49 - 000292376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2018-01-21 17:23 - 2018-01-01 07:48 - 000382360 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-01-21 17:23 - 2018-01-01 07:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-01-21 17:23 - 2018-01-01 07:46 - 000898216 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-01-21 17:23 - 2018-01-01 07:46 - 000733592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2018-01-21 17:23 - 2018-01-01 07:43 - 001173576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-01-21 17:23 - 2018-01-01 07:43 - 000367336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-01-21 17:23 - 2018-01-01 07:43 - 000062872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2018-01-21 17:23 - 2018-01-01 07:42 - 001029016 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2018-01-21 17:23 - 2018-01-01 07:42 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-01-21 17:23 - 2018-01-01 07:42 - 000109976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-01-21 17:23 - 2018-01-01 07:41 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-01-21 17:23 - 2018-01-01 07:41 - 000549552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2018-01-21 17:23 - 2018-01-01 07:39 - 000677784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-01-21 17:23 - 2018-01-01 07:39 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2018-01-21 17:23 - 2018-01-01 07:38 - 000727448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-01-21 17:23 - 2018-01-01 07:38 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-01-21 17:23 - 2018-01-01 07:38 - 000103320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-01-21 17:23 - 2018-01-01 07:38 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
2018-01-21 17:23 - 2018-01-01 07:37 - 000461720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2018-01-21 17:23 - 2018-01-01 07:36 - 000413888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-01-21 17:23 - 2018-01-01 07:36 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2018-01-21 17:23 - 2018-01-01 07:36 - 000113560 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2018-01-21 17:23 - 2018-01-01 07:36 - 000057752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys
2018-01-21 17:23 - 2018-01-01 07:35 - 000075160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-01-21 17:23 - 2018-01-01 07:34 - 001336344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-01-21 17:23 - 2018-01-01 07:34 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-01-21 17:23 - 2018-01-01 07:34 - 000087384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2018-01-21 17:23 - 2018-01-01 07:33 - 002773400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-01-21 17:23 - 2018-01-01 07:32 - 000617304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-01-21 17:23 - 2018-01-01 07:27 - 000163736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-01-21 17:23 - 2018-01-01 07:26 - 000081304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2018-01-21 17:23 - 2018-01-01 07:21 - 001103768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-01-21 17:23 - 2018-01-01 07:21 - 000614296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2018-01-21 17:23 - 2018-01-01 07:06 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-01-21 17:23 - 2018-01-01 07:03 - 000777904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-01-21 17:23 - 2018-01-01 07:03 - 000650328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-01-21 17:23 - 2018-01-01 07:03 - 000566664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-01-21 17:23 - 2018-01-01 06:49 - 000481464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-01-21 17:23 - 2018-01-01 06:49 - 000258808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2018-01-21 17:23 - 2018-01-01 06:46 - 000289816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-01-21 17:23 - 2018-01-01 06:45 - 000450928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2018-01-21 17:23 - 2018-01-01 06:42 - 001003152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-01-21 17:23 - 2018-01-01 06:42 - 000386424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2018-01-21 17:23 - 2018-01-01 06:42 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-01-21 17:23 - 2018-01-01 06:42 - 000074992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2018-01-21 17:23 - 2018-01-01 06:25 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2018-01-21 17:23 - 2018-01-01 06:24 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboutSettingsHandlers.dll
2018-01-21 17:23 - 2018-01-01 06:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-01-21 17:23 - 2018-01-01 06:24 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2018-01-21 17:23 - 2018-01-01 06:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2018-01-21 17:23 - 2018-01-01 06:23 - 000385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-01-21 17:23 - 2018-01-01 06:23 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\convertvhd.exe
2018-01-21 17:23 - 2018-01-01 06:23 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-01-21 17:23 - 2018-01-01 06:23 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2018-01-21 17:23 - 2018-01-01 06:23 - 000047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2018-01-21 17:23 - 2018-01-01 06:22 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2018-01-21 17:23 - 2018-01-01 06:22 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2018-01-21 17:23 - 2018-01-01 06:22 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll
2018-01-21 17:23 - 2018-01-01 06:21 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-01-21 17:23 - 2018-01-01 06:21 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2018-01-21 17:23 - 2018-01-01 06:21 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2018-01-21 17:23 - 2018-01-01 06:21 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2018-01-21 17:23 - 2018-01-01 06:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2018-01-21 17:23 - 2018-01-01 06:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspptp.sys
2018-01-21 17:23 - 2018-01-01 06:21 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2018-01-21 17:23 - 2018-01-01 06:21 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2018-01-21 17:23 - 2018-01-01 06:20 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-01-21 17:23 - 2018-01-01 06:20 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-01-21 17:23 - 2018-01-01 06:20 - 000397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2018-01-21 17:23 - 2018-01-01 06:20 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-01-21 17:23 - 2018-01-01 06:20 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-01-21 17:23 - 2018-01-01 06:20 - 000212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2018-01-21 17:23 - 2018-01-01 06:20 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-01-21 17:23 - 2018-01-01 06:20 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2018-01-21 17:23 - 2018-01-01 06:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-01-21 17:23 - 2018-01-01 06:20 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2018-01-21 17:23 - 2018-01-01 06:20 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2018-01-21 17:23 - 2018-01-01 06:20 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2018-01-21 17:23 - 2018-01-01 06:20 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
2018-01-21 17:23 - 2018-01-01 06:20 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys
2018-01-21 17:23 - 2018-01-01 06:20 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2018-01-21 17:23 - 2018-01-01 06:19 - 000795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalAuth.dll
2018-01-21 17:23 - 2018-01-01 06:19 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-01-21 17:23 - 2018-01-01 06:19 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2018-01-21 17:23 - 2018-01-01 06:19 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2018-01-21 17:23 - 2018-01-01 06:19 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-01-21 17:23 - 2018-01-01 06:19 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2018-01-21 17:23 - 2018-01-01 06:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-01-21 17:23 - 2018-01-01 06:19 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2018-01-21 17:23 - 2018-01-01 06:19 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2018-01-21 17:23 - 2018-01-01 06:19 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2018-01-21 17:23 - 2018-01-01 06:19 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2018-01-21 17:23 - 2018-01-01 06:19 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msoert2.dll
2018-01-21 17:23 - 2018-01-01 06:19 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-01-21 17:23 - 2018-01-01 06:19 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2018-01-21 17:23 - 2018-01-01 06:19 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2018-01-21 17:23 - 2018-01-01 06:19 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2018-01-21 17:23 - 2018-01-01 06:19 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2018-01-21 17:23 - 2018-01-01 06:18 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2018-01-21 17:23 - 2018-01-01 06:18 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-01-21 17:23 - 2018-01-01 06:18 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2018-01-21 17:23 - 2018-01-01 06:18 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2018-01-21 17:23 - 2018-01-01 06:18 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-01-21 17:23 - 2018-01-01 06:18 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-01-21 17:23 - 2018-01-01 06:18 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-01-21 17:23 - 2018-01-01 06:18 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2018-01-21 17:23 - 2018-01-01 06:18 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-01-21 17:23 - 2018-01-01 06:18 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll
2018-01-21 17:23 - 2018-01-01 06:18 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2018-01-21 17:23 - 2018-01-01 06:18 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-01-21 17:23 - 2018-01-01 06:18 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2018-01-21 17:23 - 2018-01-01 06:18 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-01-21 17:23 - 2018-01-01 06:18 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-01-21 17:23 - 2018-01-01 06:18 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2018-01-21 17:23 - 2018-01-01 06:18 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2018-01-21 17:23 - 2018-01-01 06:18 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2018-01-21 17:23 - 2018-01-01 06:17 - 006564864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-01-21 17:23 - 2018-01-01 06:17 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-01-21 17:23 - 2018-01-01 06:17 - 000791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-01-21 17:23 - 2018-01-01 06:17 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2018-01-21 17:23 - 2018-01-01 06:17 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-01-21 17:23 - 2018-01-01 06:17 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2018-01-21 17:23 - 2018-01-01 06:17 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2018-01-21 17:23 - 2018-01-01 06:17 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2018-01-21 17:23 - 2018-01-01 06:17 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2018-01-21 17:23 - 2018-01-01 06:17 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-01-21 17:23 - 2018-01-01 06:17 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msoert2.dll
2018-01-21 17:23 - 2018-01-01 06:16 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-01-21 17:23 - 2018-01-01 06:16 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-01-21 17:23 - 2018-01-01 06:16 - 000966656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2018-01-21 17:23 - 2018-01-01 06:16 - 000956928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-01-21 17:23 - 2018-01-01 06:16 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-01-21 17:23 - 2018-01-01 06:16 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-01-21 17:23 - 2018-01-01 06:16 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2018-01-21 17:23 - 2018-01-01 06:16 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2018-01-21 17:23 - 2018-01-01 06:16 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2018-01-21 17:23 - 2018-01-01 06:16 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-01-21 17:23 - 2018-01-01 06:16 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-01-21 17:23 - 2018-01-01 06:15 - 002349568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-01-21 17:23 - 2018-01-01 06:15 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-01-21 17:23 - 2018-01-01 06:15 - 001381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2018-01-21 17:23 - 2018-01-01 06:15 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2018-01-21 17:23 - 2018-01-01 06:15 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-01-21 17:23 - 2018-01-01 06:15 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2018-01-21 17:23 - 2018-01-01 06:15 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-01-21 17:23 - 2018-01-01 06:15 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2018-01-21 17:23 - 2018-01-01 06:15 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2018-01-21 17:23 - 2018-01-01 06:15 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2018-01-21 17:23 - 2018-01-01 06:14 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-01-21 17:23 - 2018-01-01 06:14 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-01-21 17:23 - 2018-01-01 06:14 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-01-21 17:23 - 2018-01-01 06:14 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-01-21 17:23 - 2018-01-01 06:14 - 000870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-01-21 17:23 - 2018-01-01 06:13 - 002013184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-01-21 17:23 - 2018-01-01 06:13 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-01-21 17:23 - 2018-01-01 06:13 - 000897024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-01-21 17:23 - 2018-01-01 06:12 - 001573376 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2018-01-21 17:23 - 2018-01-01 06:12 - 000760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2018-01-21 17:23 - 2018-01-01 06:12 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-01-21 17:23 - 2018-01-01 06:11 - 002082304 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-01-21 17:23 - 2018-01-01 06:11 - 001816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-01-21 17:23 - 2018-01-01 06:11 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-01-21 17:23 - 2018-01-01 06:11 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2018-01-21 17:23 - 2018-01-01 06:11 - 001231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-01-21 17:23 - 2018-01-01 06:11 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-01-21 17:23 - 2018-01-01 06:11 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-01-21 17:23 - 2018-01-01 06:10 - 003126272 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-01-21 17:23 - 2018-01-01 06:10 - 002528256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-01-21 17:23 - 2018-01-01 06:10 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscproxystub.dll
2018-01-21 17:23 - 2018-01-01 06:09 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-01-21 17:23 - 2018-01-01 06:09 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-01-21 17:23 - 2018-01-01 06:08 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-01-21 17:23 - 2018-01-01 06:08 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-01-21 17:23 - 2018-01-01 06:08 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2018-01-21 17:23 - 2018-01-01 06:06 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll
2018-01-21 17:23 - 2018-01-01 06:05 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-01-21 16:44 - 2018-01-21 16:44 - 000000000 ____D C:\Users\lisa\AppData\Local\DBG
2018-01-20 20:21 - 2018-01-20 20:21 - 000000000 ____D C:\Users\WDAGUtilityAccount\AppData\Local\Packages
2018-01-20 20:21 - 2018-01-20 20:21 - 000000000 ____D C:\Users\WDAGUtilityAccount
2018-01-20 20:20 - 2018-01-20 20:20 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-01-20 20:18 - 2018-01-20 20:18 - 000000000 ___HD C:\Users\lisa\MicrosoftEdgeBackups
2018-01-20 20:16 - 2018-02-04 15:45 - 000000000 ___RD C:\Users\lisa\3D Objects
2018-01-20 20:16 - 2018-01-20 20:16 - 000000020 ___SH C:\Users\lisa\ntuser.ini
2018-01-20 20:16 - 2018-01-20 20:16 - 000000000 ____D C:\Users\lisa\AppData\Local\ConnectedDevicesPlatform
2018-01-20 15:52 - 2018-02-04 16:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-01-20 15:52 - 2018-01-28 10:30 - 000003364 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2330229276-1937969778-3526454886-1001
2018-01-20 15:52 - 2018-01-20 15:52 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-01-20 15:52 - 2018-01-20 15:52 - 000003344 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-01-20 15:52 - 2018-01-20 15:52 - 000003322 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-01-20 15:52 - 2018-01-20 15:52 - 000003242 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2F03448F-2839-4571-8302-D2CAADEC42D8}
2018-01-20 15:52 - 2018-01-20 15:52 - 000003120 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-01-20 15:52 - 2018-01-20 15:52 - 000002678 _____ C:\WINDOWS\System32\Tasks\HPCustParticipation HP Photosmart Plus B210 series
2018-01-20 15:52 - 2018-01-20 15:52 - 000002304 _____ C:\WINDOWS\System32\Tasks\HpWebReg.exe
2018-01-20 15:52 - 2018-01-20 15:52 - 000000000 ____D C:\WINDOWS\System32\Tasks\WPD
2018-01-20 15:52 - 2018-01-20 15:52 - 000000000 ____D C:\WINDOWS\System32\Tasks\Sony Corporation
2018-01-20 15:52 - 2018-01-20 15:52 - 000000000 ____D C:\WINDOWS\System32\Tasks\SONY
2018-01-20 15:52 - 2018-01-20 15:52 - 000000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2018-01-20 15:52 - 2018-01-20 15:52 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2018-01-20 15:52 - 2011-10-19 20:07 - 000003430 _____ C:\WINDOWS\System32\Tasks\DDNi Startup
2018-01-20 15:52 - 2011-04-03 19:36 - 000003646 _____ C:\WINDOWS\System32\Tasks\VAIO® Messenger (lisa)
2018-01-20 15:52 - 2010-07-27 04:23 - 000003986 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0E626F3C-8A24-4FFB-84FD-07195C3D7244}
2018-01-20 15:51 - 2018-01-20 15:52 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2018-01-20 15:51 - 2018-01-20 15:52 - 000011433 _____ C:\WINDOWS\diagerr.xml
2018-01-20 15:34 - 2018-01-20 15:34 - 000001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-01-20 15:29 - 2018-02-04 17:59 - 000000000 ____D C:\Users\lisa
2018-01-20 15:29 - 2018-01-20 15:45 - 000000000 ____D C:\Users\DefaultAppPool
2018-01-20 15:28 - 2018-01-20 15:28 - 000000000 ____D C:\ProgramData\USOShared
2018-01-20 15:20 - 2017-09-29 08:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-01-20 15:17 - 2018-02-04 17:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-01-20 15:17 - 2018-01-30 19:24 - 000427376 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-01-20 14:22 - 2018-01-20 18:12 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2018-01-20 14:22 - 2018-01-20 14:22 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-01-20 14:22 - 2018-01-20 14:22 - 000000000 ____D C:\Program Files\Common Files\SpeechEngines
2018-01-20 14:16 - 2018-01-20 18:12 - 000000000 ____D C:\Program Files (x86)\MSBuild
2018-01-20 14:16 - 2018-01-20 14:16 - 000000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2018-01-20 14:16 - 2018-01-20 14:16 - 000000000 ____D C:\WINDOWS\system32\msmq
2018-01-20 14:16 - 2018-01-20 14:16 - 000000000 ____D C:\WINDOWS\system32\BestPractices
2018-01-20 14:16 - 2018-01-20 14:16 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-01-20 14:16 - 2018-01-20 14:16 - 000000000 ____D C:\Program Files\MSBuild
2018-01-20 14:16 - 2018-01-20 14:16 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2018-01-20 14:16 - 2018-01-20 14:16 - 000000000 ____D C:\inetpub
2018-01-20 14:12 - 2017-09-22 18:19 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2018-01-20 14:12 - 2017-09-22 18:19 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-01-20 14:12 - 2017-09-22 18:19 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2018-01-20 14:11 - 2017-09-28 15:50 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2018-01-20 14:11 - 2017-09-28 15:50 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2018-01-20 14:11 - 2017-09-28 15:50 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2018-01-20 13:55 - 2018-01-20 13:55 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2018-01-20 13:12 - 2018-01-20 20:16 - 000000000 ___DC C:\WINDOWS\Panther
2018-01-16 22:01 - 2018-01-16 22:01 - 005156348 _____ C:\Users\lisa\Documents\Debt Management Program Contract 1.16.18.pdf
2018-01-16 21:34 - 2018-01-16 21:34 - 000163602 _____ C:\Users\lisa\Documents\Barclaycard Statement 1.8.18.pdf
2018-01-13 14:03 - 2018-01-13 14:03 - 000073769 _____ C:\Users\lisa\Desktop\Lisa Rimmington_TransUnion Personal Credit Report 1.13.18.pdf
2018-01-12 18:37 - 2018-01-12 18:37 - 000000000 __SHD C:\found.003
2018-01-09 19:43 - 2018-01-09 19:43 - 005845504 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-04 18:07 - 2017-09-29 08:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-04 18:07 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-02-04 18:07 - 2017-09-29 08:46 - 000000000 ___

Offline lisa20

  • Full Member
  • ***
  • Posts: 52
    • View Profile
Re: Issues logging into my system
« Reply #9 on: February 04, 2018, 11:03:12 PM »
Here is the rest of the First Text. I'll send the Addition Text in another post.

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-04 18:07 - 2017-09-29 08:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-04 18:07 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-02-04 18:07 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-04 18:00 - 2016-07-30 08:07 - 001152924 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-04 15:45 - 2016-07-30 08:41 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-02-04 14:38 - 2011-08-31 19:09 - 000000000 ____D C:\Users\lisa\AppData\Local\ElevatedDiagnostics
2018-02-04 14:08 - 2017-09-29 03:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-01-30 20:05 - 2017-09-29 08:44 - 000000000 ____D C:\WINDOWS\INF
2018-01-30 19:24 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-01-30 19:19 - 2017-09-29 08:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-01-30 19:19 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-01-30 19:19 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-01-30 19:18 - 2017-09-29 08:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-01-30 19:18 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-01-30 19:18 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-01-30 19:18 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-01-30 19:18 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\Provisioning
2018-01-30 19:18 - 2017-09-29 03:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-01-28 10:31 - 2011-03-26 18:31 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-01-28 10:30 - 2016-07-31 07:27 - 000002403 _____ C:\Users\lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-01-28 10:30 - 2016-07-31 07:27 - 000000000 ___RD C:\Users\lisa\OneDrive
2018-01-21 20:54 - 2017-09-29 08:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-01-21 20:45 - 2017-09-29 08:41 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-01-21 20:44 - 2017-09-29 08:41 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-01-21 20:44 - 2017-09-29 08:41 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-01-21 17:21 - 2016-07-30 08:41 - 000000000 ____D C:\Users\lisa\AppData\Local\Packages
2018-01-21 16:46 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\appcompat
2018-01-20 20:17 - 2016-07-30 08:41 - 000000000 ____D C:\Users\lisa\AppData\Local\TileDataLayer
2018-01-20 18:16 - 2017-09-29 08:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-01-20 18:13 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2018-01-20 18:13 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-01-20 18:13 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2018-01-20 18:13 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\spool
2018-01-20 18:13 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-01-20 18:13 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-01-20 18:13 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\IME
2018-01-20 18:13 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\schemas
2018-01-20 18:13 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\Resources
2018-01-20 18:13 - 2015-10-30 04:07 - 000000000 ____D C:\WINDOWS\ShellNew
2018-01-20 18:13 - 2015-10-30 02:24 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-01-20 18:13 - 2013-07-29 03:02 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-01-20 18:13 - 2012-04-01 06:21 - 000000000 ____D C:\WINDOWS\system32\SPReview
2018-01-20 18:13 - 2012-04-01 06:17 - 000000000 ____D C:\WINDOWS\system32\EventProviders
2018-01-20 18:13 - 2011-05-02 17:24 - 000000000 __SHD C:\WINDOWS\system32\%APPDATA%
2018-01-20 18:13 - 2011-03-26 18:23 - 000000000 ____D C:\WINDOWS\SysWOW64\VAIO Startup Setting Tool
2018-01-20 18:13 - 2010-07-12 16:22 - 000000000 ____D C:\WINDOWS\SysWOW64\SDA
2018-01-20 18:12 - 2017-09-29 08:49 - 000000000 ____D C:\WINDOWS\Setup
2018-01-20 18:12 - 2017-09-29 08:46 - 000000000 __SHD C:\Program Files\Windows Sidebar
2018-01-20 18:12 - 2017-09-29 08:46 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2018-01-20 18:12 - 2017-09-29 08:46 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2018-01-20 18:12 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\Help
2018-01-20 18:12 - 2017-09-29 08:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-01-20 18:12 - 2017-07-06 19:37 - 000000000 ____D C:\Program Files\UNP
2018-01-20 18:12 - 2016-07-15 22:01 - 000000000 __RHD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
2018-01-20 18:12 - 2016-01-12 22:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-01-20 18:12 - 2014-10-28 19:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2018-01-20 18:12 - 2014-10-28 15:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2018-01-20 18:12 - 2014-10-15 19:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-01-20 18:12 - 2014-06-10 05:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopAtHome.com Helper
2018-01-20 18:12 - 2014-04-13 18:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belkin
2018-01-20 18:12 - 2013-07-04 06:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Messenger
2018-01-20 18:12 - 2012-09-22 19:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eMusic Download Manager
2018-01-20 18:12 - 2012-08-25 14:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2018-01-20 18:12 - 2012-08-25 14:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2018-01-20 18:12 - 2012-03-25 11:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2018-01-20 18:12 - 2012-02-12 14:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2018-01-20 18:12 - 2011-09-30 05:07 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Main
2018-01-20 18:12 - 2011-05-07 13:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2018-01-20 18:12 - 2011-05-01 20:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
2018-01-20 18:12 - 2010-07-27 04:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2018-01-20 18:12 - 2010-07-27 03:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft WebCam Companion 3
2018-01-20 18:12 - 2010-07-27 03:44 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayStation Tools
2018-01-20 18:12 - 2010-07-27 03:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMB
2018-01-20 18:12 - 2010-07-27 03:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Wireless Wizard
2018-01-20 18:12 - 2010-07-13 13:20 - 000000000 ___RD C:\Users\Public\Recorded TV
2018-01-20 18:12 - 2010-07-12 16:29 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2018-01-20 18:12 - 2010-07-12 15:46 - 000000000 ____D C:\Program Files (x86)\Intel
2018-01-20 15:55 - 2016-07-29 21:27 - 000000000 ___HD C:\$GetCurrent
2018-01-20 15:53 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-01-20 15:52 - 2017-09-29 03:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-01-20 15:51 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\Registration
2018-01-20 15:50 - 2017-09-29 08:46 - 000000000 __RSD C:\WINDOWS\media
2018-01-20 15:50 - 2016-07-30 08:31 - 000022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2018-01-20 15:45 - 2012-10-05 20:16 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-20 15:45 - 2012-10-05 20:16 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-01-20 15:40 - 2016-05-15 16:46 - 000000000 ____D C:\Users\lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eFile Express 2015
2018-01-20 15:40 - 2015-06-14 19:48 - 000000000 ____D C:\Users\lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eFile Express 2014
2018-01-20 15:40 - 2012-05-06 16:15 - 000000000 ____D C:\Users\lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eFile Express 2011
2018-01-20 15:40 - 2011-11-12 16:58 - 000000000 ____D C:\Users\lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dividend Miles Toolbar
2018-01-20 15:40 - 2011-11-12 09:48 - 000000000 ____D C:\Users\lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Catalina Marketing Corp
2018-01-20 15:40 - 2011-05-07 13:05 - 000000000 ____D C:\Users\lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2018-01-20 15:40 - 2011-05-01 20:22 - 000000000 ____D C:\Users\lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserPlus
2018-01-20 15:40 - 2011-04-10 13:28 - 000000000 ____D C:\Users\lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eFile Express 2010
2018-01-20 15:32 - 2015-12-05 20:36 - 000000000 ____D C:\Users\lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
2018-01-20 15:28 - 2017-09-29 08:46 - 000000000 ____D C:\ProgramData\USOPrivate
2018-01-20 15:24 - 2017-09-29 03:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2018-01-20 15:24 - 2016-07-30 08:07 - 000972436 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2018-01-20 15:21 - 2017-09-29 08:46 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-01-20 15:21 - 2017-09-29 08:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-01-20 15:21 - 2016-07-30 08:05 - 000000000 ____D C:\Program Files\Apoint
2018-01-20 15:20 - 2016-07-30 08:04 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2018-01-20 14:33 - 2017-09-29 08:46 - 000000000 __RHD C:\Users\Public\Libraries
2018-01-20 14:22 - 2016-07-30 08:04 - 000000000 ____D C:\Program Files\Realtek
2018-01-20 14:22 - 2010-07-27 03:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2018-01-20 14:22 - 2009-07-14 00:32 - 000000000 ____D C:\Program Files\Microsoft Games
2018-01-20 14:16 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2018-01-20 14:16 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2018-01-20 14:16 - 2017-09-29 08:43 - 000613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2018-01-20 14:16 - 2017-09-29 08:43 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2018-01-20 14:16 - 2017-09-29 08:43 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2018-01-20 14:16 - 2017-09-29 08:43 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2018-01-20 14:16 - 2017-09-29 08:43 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2018-01-20 14:16 - 2017-09-29 08:43 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2018-01-20 14:15 - 2017-09-29 08:43 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2018-01-20 14:15 - 2017-09-29 08:43 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2018-01-20 14:15 - 2017-09-29 08:43 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2018-01-20 14:15 - 2017-09-29 08:43 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2018-01-20 14:15 - 2017-09-29 08:43 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2018-01-20 14:15 - 2017-09-29 08:43 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2018-01-20 14:15 - 2017-09-29 08:43 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2018-01-20 14:15 - 2017-09-29 08:43 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2018-01-20 14:15 - 2017-09-29 08:43 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2018-01-20 14:15 - 2017-09-29 08:43 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2018-01-20 14:15 - 2017-09-29 08:43 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2018-01-20 14:15 - 2017-09-29 08:43 - 000009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2018-01-20 14:15 - 2017-09-29 08:42 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2018-01-20 14:15 - 2017-09-29 08:42 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2018-01-20 14:15 - 2017-09-29 08:42 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2018-01-20 14:15 - 2017-09-29 08:42 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2018-01-20 14:15 - 2017-09-29 08:41 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2018-01-20 14:15 - 2017-09-29 08:41 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2018-01-20 14:15 - 2017-09-29 08:41 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2018-01-20 14:15 - 2017-09-29 08:41 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2018-01-20 14:15 - 2017-09-29 08:41 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2018-01-20 14:15 - 2017-09-29 08:41 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2018-01-20 14:15 - 2017-09-29 08:41 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2018-01-20 14:15 - 2017-09-29 08:41 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2018-01-20 14:15 - 2017-09-29 08:41 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2018-01-20 14:15 - 2017-09-29 08:41 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2018-01-20 14:15 - 2017-09-29 08:41 - 000009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2018-01-20 14:14 - 2017-09-29 08:43 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2018-01-20 14:14 - 2017-09-29 08:43 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2018-01-20 14:14 - 2017-09-29 08:41 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2018-01-20 14:14 - 2017-09-29 08:41 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2018-01-20 13:02 - 2016-07-29 21:29 - 000000036 _____ C:\WINDOWS\progress.ini
2018-01-20 13:02 - 2016-07-29 21:27 - 000000000 ____D C:\Windows10Upgrade
2018-01-20 09:33 - 2017-12-26 16:33 - 000000795 _____ C:\Users\lisa\Desktop\Windows 10 Update Assistant.lnk
2018-01-20 09:33 - 2017-10-02 09:28 - 000000807 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Update Assistant.lnk
2018-01-18 18:40 - 2017-07-25 09:02 - 000000000 ____D C:\Program Files\rempl
2018-01-13 14:02 - 2011-10-10 20:16 - 000000000 ____D C:\Users\lisa\Documents\Resumes
2018-01-10 19:41 - 2017-10-10 20:05 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-10 19:40 - 2011-03-26 18:49 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories =======

2014-01-12 16:11 - 2014-01-18 08:18 - 000000142 _____ () C:\Users\lisa\AppData\Roaming\WB.CFG
2014-01-12 16:11 - 2014-01-18 08:18 - 000000005 _____ () C:\Users\lisa\AppData\Roaming\WBPU-TTL.DAT
2012-10-19 21:02 - 2012-10-19 21:02 - 000007605 _____ () C:\Users\lisa\AppData\Local\Resmon.ResmonCfg
2011-09-10 09:28 - 2011-09-10 09:28 - 000000000 _____ () C:\Users\lisa\AppData\Local\{2195D532-CD53-4B70-A0F9-3CB7F7DC12C8}

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-01-30 20:06

==================== End of FRST.txt ============================

Offline lisa20

  • Full Member
  • ***
  • Posts: 52
    • View Profile
Re: Issues logging into my system
« Reply #10 on: February 04, 2018, 11:04:45 PM »
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.01.2018
Ran by lisa (04-02-2018 19:55:35)
Running from C:\Users\lisa\Desktop
Windows 10 Home Version 1709 16299.192 (X64) (2018-01-20 20:56:30)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2330229276-1937969778-3526454886-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2330229276-1937969778-3526454886-503 - Limited - Disabled)
Guest (S-1-5-21-2330229276-1937969778-3526454886-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2330229276-1937969778-3526454886-1002 - Limited - Enabled)
lisa (S-1-5-21-2330229276-1937969778-3526454886-1001 - Administrator - Enabled) => C:\Users\lisa
WDAGUtilityAccount (S-1-5-21-2330229276-1937969778-3526454886-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Manager for VAIO (HKLM-x32\...\Application Manager for VAIO) (Version:  - )
ArcSoft WebCam Companion 3 (HKLM-x32\...\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}) (Version: 3.0.21.368 - ArcSoft)
AVS Image Converter 1.3.3.146 (HKLM-x32\...\AVS Image Converter_is1) (Version:  - Online Media Technologies Ltd.)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version:  - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version:  - Online Media Technologies Ltd.)
Belkin Setup and Router Monitor (HKLM-x32\...\Belkin Setup and Router Monitor_is1) (Version:  - )
Belkin USB Print and Storage Center (HKLM\...\Belkin USB Print and Storage Center) (Version: 1.1.4 - Belkin International, Inc.)
Best Buy pc app (HKLM\...\{FBBC4667-2521-4E78-B1BD-8706F774549B}) (Version: 3.0.0.0 - Best Buy) Hidden
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bing Rewards Client Installer (HKLM-x32\...\{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}) (Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.1.5) (Version: 5.0.1.5 - Coupons.com Incorporated)
Dividend Miles Toolbar (HKLM-x32\...\Dividend Miles Toolbar) (Version:  - )
eFile Express 2010 (HKLM-x32\...\eFile Express 2010) (Version:  - )
eFile Express 2011 (HKLM-x32\...\eFile Express 2011) (Version:  - )
eFile Express 2014 (HKLM-x32\...\eFile Express 2014) (Version: 2014.0b - Smartrak Group, Inc.)
eFile Express 2015 (HKLM-x32\...\eFile Express 2015) (Version: 2015.0b - Smartrak Group, Inc.)
eMusic Download Manager (HKLM-x32\...\eMusic Download Manager 5.0.5) (Version: 5.0.5 - eMusic.com Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP Photo Creations (HKU\S-1-5-21-2330229276-1937969778-3526454886-1001\...\HP Photo Creations) (Version: 1.0.0.19522 - HP)
HP Photosmart Plus B210 series Basic Device Software (HKLM\...\{F4330A8B-3610-4483-975E-69789B70A764}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Photosmart Plus B210 series Help (HKLM-x32\...\{7F5FDEA1-D0AC-4D80-9D95-59775FCCFA40}) (Version: 140.0.54.54 - Hewlett Packard)
HP Photosmart Plus B210 series Product Improvement Study (HKLM\...\{7C1C9924-3755-483C-87B1-8371B7454B1A}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
Intel WiMAX Tutorial (HKLM\...\{4F26C164-9373-4974-8F43-E0F2176AF937}) (Version: 1.5.3.1 - Intel Corporation)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2555 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{0D9917CE-1C77-4B58-A153-DCB5A854ED82}) (Version: 1.2.15.0 - Intel Corporation)
Intel® PROSet/Wireless WiMAX Software (HKLM\...\{6548B189-BEA4-4041-80E0-AEB60548E046}) (Version: 2.03.0005 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{8E5233E1-7495-44FB-8DEB-4BE906D59619}) (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Media Gallery (HKLM\...\{115B60D5-BBDB-490E-AF2E-064D37A3CE01}) (Version: 1.3.0 - Sony Corporation) Hidden
Media Gallery (HKLM\...\{202B76AB-1B21-434E-A289-788D767D3A7C}) (Version: 1.3.0 - Sony Corporation) Hidden
Media Gallery (HKLM-x32\...\{20536917-E2DF-45D9-B41F-9AC0CAFFE48A}) (Version: 1.3.0.06230 - Sony Corporation) Hidden
Media Gallery (HKLM-x32\...\{3DB5EA77-4A14-4EC9-8BFC-73BC848BDE73}) (Version: 1.3.0.06230 - Sony Corporation) Hidden
Media Gallery (HKLM-x32\...\{D8FF4505-5977-4116-8DE4-2AF7174E70AC}) (Version: 1.3.0.06230 - Sony Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2330229276-1937969778-3526454886-1001\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Oasis2Service (HKLM-x32\...\{E50FC5DB-7CBD-407D-A46E-0C13E45BC386}) (Version: 1.0.4 - DDNi)
OOBE (HKLM-x32\...\{1B500D37-E7CF-480B-8054-8A563594EC4E}) (Version: 3.10.0630 - Sony Corporation) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.3.00.06040 - Sony Corporation) Hidden
PMB VAIO Edition Guide (HKLM-x32\...\{88C252C8-A7EE-4B60-BF74-8E5919A8048F}) (Version: 1.3.00.06040 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (Click to Disc) (HKLM\...\{10E14C74-0638-4996-ABAD-BBF7A6CF1FAA}) (Version: 3.3.00 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (Click to Disc) (HKLM\...\{1E37FC84-799E-481B-9462-3489861E36C9}) (Version: 3.3.00 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (Click to Disc) (HKLM-x32\...\{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 3.3.00.06180 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (Click to Disc) (HKLM-x32\...\{CFB66DB0-00AC-4CBC-B99D-99EFEB03743C}) (Version: 3.3.00 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Image Optimizer) (HKLM-x32\...\{1873FFC1-FDCB-47E1-B7C7-F418211E3530}) (Version: 1.3.00.06110 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Movie Story) (HKLM\...\{4DABD2B3-B67A-41B0-86FE-C11AAF5D158A}) (Version: 2.3.00 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Movie Story) (HKLM\...\{5AC18E2C-7EAB-4F9E-BEEC-07FD722B28E3}) (Version: 2.3.00 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Movie Story) (HKLM-x32\...\{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}) (Version: 2.3.00.06180 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Movie Story) (HKLM-x32\...\{FBB4411F-1328-4E36-A5B3-16AA8CFA8F9C}) (Version: 2.3.00 - Sony Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6098 - Realtek Semiconductor Corp.)
Remote Keyboard (HKLM-x32\...\{25AF1025-095C-4AA9-A3FD-29710D3C3AE5}) (Version: 1.1.1.07060 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (HKLM-x32\...\{734B6C6C-4740-476F-BB0C-F7AF469EDBB2}) (Version: 1.0.2.06210 - Sony Corporation) Hidden
Remote Play with PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.0.2.06210 - Sony Corporation) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype Web Plugin (HKLM-x32\...\{15AF46DB-9EBA-4662-AA52-29EF23585035}) (Version: 3.2.0.23388 - Skype Technologies S.A.)
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{EC5A6438-850E-4AD1-9169-DD071C8EFFEF}) (Version: 2.10.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{B7AFAF92-D1C8-49A0-B34A-B5DAF9C9D5C6}) (Version: 1.9.0.0 - Microsoft Corporation) Hidden
VAIO - Media Gallery (HKLM-x32\...\{DD88F979-FA58-41AC-980C-A6E1A82B61D9}) (Version: 1.3.0.06230 - Sony Corporation) Hidden
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{88C252C8-A7EE-4B60-BF74-8E5919A8048F}) (Version: 1.3.00.06040 - Sony Corporation) Hidden
VAIO - PMB VAIO Edition plug-in (Click to Disc) (HKLM-x32\...\InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 3.3.00.06180 - Sony Corporation) Hidden
VAIO - PMB VAIO Edition plug-in (VAIO Image Optimizer) (HKLM-x32\...\InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}) (Version: 1.3.00.06110 - Sony Corporation) Hidden
VAIO - PMB VAIO Edition plug-in (VAIO Movie Story) (HKLM-x32\...\InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}) (Version: 2.3.00.06180 - Sony Corporation) Hidden
VAIO - Remote Keyboard (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.1.0.07060 - Sony Corporation)
VAIO Care (HKLM\...\{28D70998-F9F8-4F4B-BB1D-64C11123C01B}) (Version: 8.4.5.06021 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{6ED1750E-F44F-4635-8F0D-B76B9262B7FB}) (Version: 1.1.1.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.3.0.05310 - Sony Corporation) Hidden
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.4.0.05240 - Sony Corporation) Hidden
VAIO Data Restore Tool (HKLM-x32\...\{8211C280-5B02-4E7E-B55F-845A207249BA}) (Version: 1.4.0.05240 - Sony Corporation) Hidden
VAIO DVD Menu Data (HKLM-x32\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 2.2.00.05120 - Sony Corporation) Hidden
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.2.02200 - Sony Corporation) Hidden
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.2.0.07020 - Sony Corporation) Hidden
VAIO Hardware Diagnostics (HKLM-x32\...\{2F9D63BE-A891-4E39-AFB3-7402D486800C}) (Version: 4.0.0.06230 - Sony Corporation) Hidden
VAIO Help and Support (HKLM-x32\...\{AD3E7141-A22E-40F1-A7A4-55E898AE35E3}) (Version: 12.00.0622 - Sony Corporation)
VAIO Manual (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 1.1.0.05280 - Sony Corporation) Hidden
VAIO Media plus (HKLM\...\{5AFD1F5C-8FDA-413C-AF38-F1E7BD10D72F}) (Version: 2.1.0 - Sony Corporation) Hidden
VAIO Media plus (HKLM\...\{A3D964A6-411A-4817-9D58-5CB8808F494E}) (Version: 2.1.0 - Sony Corporation) Hidden
VAIO Media plus (HKLM-x32\...\{177AF091-7854-4615-8327-AC7518F62782}) (Version: 2.1.0.18210 - Sony Corporation) Hidden
VAIO Media plus (HKLM-x32\...\{4B9DA746-5AE1-4BA0-9087-BDB162242890}) (Version: 2.1.0.18210 - Sony Corporation) Hidden
VAIO Media plus (HKLM-x32\...\{52F9CDDA-26F6-4499-90E0-6DDDE6D2259C}) (Version: 2.1.0.18210 - Sony Corporation) Hidden
VAIO Media plus (HKLM-x32\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 2.1.0.18210 - Sony Corporation) Hidden
VAIO Media plus (HKLM-x32\...\{B941F34C-F36A-4A6F-A97C-50B5948E451F}) (Version: 2.1.0.18210 - Sony Corporation) Hidden
VAIO Media plus Opening Movie (HKLM-x32\...\{6BF03C88-C06A-48DC-B9A1-FE72B24E5FA9}) (Version: 2.1.0.14080 - Sony Corporation) Hidden
VAIO Messenger (HKLM-x32\...\VAIO Messenger) (Version: 2.0.550.0 - DDNi)
VAIO Movie Story Template Data (HKLM-x32\...\{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 2.3.00.06040 - Sony Corporation) Hidden
VAIO Movie Story Template Data (HKLM-x32\...\InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 2.3.00.06040 - Sony Corporation) Hidden
VAIO Quick Web Access (HKLM-x32\...\{5A92468F-3ED8-4F96-A9E1-4F176C80EC29}) (Version: 1.3.4.2 - Sony Corporation) Hidden
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.3.4.2 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.2.0.16080 - Sony Corporation) Hidden
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.3.0.06080 - Sony Corporation)
VAIO Survey (HKLM-x32\...\{34B37A74-125E-4406-87BA-E4BD3D097AE5}) (Version: 6.00.1028 - Sony Corporation) Hidden
VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.2.0.06230 - Sony Corporation) Hidden
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.2.0.16270 - Sony Corporation)
VAIO Wireless Wizard (HKLM-x32\...\{76F52BDB-C3A6-46B6-ADD1-9638E40F9AB9}) (Version: 3.0.0.06230 - Sony) Hidden
VGClientX64 (HKLM\...\{99E6C2F3-59B2-4308-B1CD-4928B55B7E30}) (Version: 1.0.0 - Sony Corporation) Hidden
VGClientX86 (HKLM-x32\...\{8B583EF5-FA7B-4AE2-9008-51B7FD505886}) (Version: 1.0.0 - Sony Corporation) Hidden
Video Mover (HKLM-x32\...\Video Mover_is1) (Version:  - )
VU5x86 (HKLM-x32\...\{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}) (Version: 1.0.0 - Sony Corporation ) Hidden
VUx64 (HKLM\...\{A0A2BE14-D3FF-41C8-9545-4B130E3FE9A4}) (Version: 1.2.0 - Sony Corporation) Hidden
VUx86 (HKLM-x32\...\{D04F1D22-4A47-42C6-A2B9-094A7B844D9B}) (Version: 1.2.0 - Sony Corporation) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22334 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WiseConvert (HKLM-x32\...\WiseConvert) (Version: 1.0 - WiseConvert)
Yahoo! BrowserPlus 2.9.8 (HKU\S-1-5-21-2330229276-1937969778-3526454886-1001\...\Yahoo! BrowserPlus) (Version:  - Yahoo! Inc.)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [Belkin HistoryBrowser] -> {5E0A7F0F-4B41-4661-A084-BFF3F8CBDE25} => C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkHistoryBrowser.dll [2011-04-19] (Belkin International, Inc.)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll [2010-12-10] (Online Media Technologies Ltd.)
ContextMenuHandlers2: [AddtoVAIOGate] -> {6988D6F2-F24F-4732-8855-A39DB1AA1346} => C:\Program Files\Sony\VAIO Gate\VAIOGateShellExt.dll [2012-02-20] (Sony Corporation)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers3: [AddtoVAIOGate] -> {6988D6F2-F24F-4732-8855-A39DB1AA1346} => C:\Program Files\Sony\VAIO Gate\VAIOGateShellExt.dll [2012-02-20] (Sony Corporation)
ContextMenuHandlers4: [Belkin HistoryBrowser] -> {5E0A7F0F-4B41-4661-A084-BFF3F8CBDE25} => C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkHistoryBrowser.dll [2011-04-19] (Belkin International, Inc.)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2012-11-26] (Intel Corporation)
ContextMenuHandlers6: [AddtoVAIOGate] -> {6988D6F2-F24F-4732-8855-A39DB1AA1346} => C:\Program Files\Sony\VAIO Gate\VAIOGateShellExt.dll [2012-02-20] (Sony Corporation)
ContextMenuHandlers6: [Belkin HistoryBrowser] -> {5E0A7F0F-4B41-4661-A084-BFF3F8CBDE25} => C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkHistoryBrowser.dll [2011-04-19] (Belkin International, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00C759A1-E361-4EC0-A539-CAE5FBDA6135} - System32\Tasks\HpWebReg.exe => C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HpWebReg.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {05715DF7-2B4F-424A-98C2-2B616661C975} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2016-03-24] (Sony Corporation)
Task: {078746C1-4678-43DA-8727-CA1356556D8A} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {08559FA2-5CDD-409C-ABB5-5DDA8DBC0DB9} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {09A65FD2-A298-4CC8-A5C8-FB99765DD9D9} - System32\Tasks\Sony Corporation\VAIO Care\VTSvc => C:\Program Files\Sony\VAIO Care\VAIOTM\VTSvc.exe [2016-05-30] (Sony Corporation)
Task: {0A15D25F-8B02-42F1-8993-007707338BB5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {146D1175-1EF9-439D-A207-34BD438BB60E} - System32\Tasks\Sony Corporation\VAIO Care\VKSvcDaily => C:\Program Files\Sony\VAIO Care\VAIOTM\VKSvc.exe [2016-05-30] (Sony Corporation)
Task: {14DB277A-C4C0-41C1-834F-7D7AE3C16052} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2016-05-31] (Sony Corporation)
Task: {1B92E179-3B23-45F0-A6B8-846B615A3BC3} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1F79345A-A75D-4BC2-8341-FD356ACAF5D0} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {21E9A505-12E5-4732-866C-0BE4A51E0A30} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {23087BA4-F7C5-4423-B445-A6EDB4182F4E} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {23317F8F-FF2B-446F-BA5A-DEBD19940AAB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {24CEC004-28A8-4E35-9BB7-A3F7F8832B2C} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2016-05-31] (Sony Corporation)
Task: {2F0809CB-FD06-449D-88C3-8B7AA3FCCBB4} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {431B0170-A06F-4A31-AC5E-72C6FC462A96} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {44D45321-96B0-4383-83CF-0B5E3235BD85} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2016-05-31] (Sony Corporation)
Task: {45C4E945-7FE1-44EA-AFA8-0D3127C2FB8E} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2016-05-31] (Sony Corporation)
Task: {46B0E0C0-77E2-44F0-95D2-DC7D2F6F0D5E} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {4B2B00C0-2438-40AB-AFC7-0C57E74B20DB} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {51842E5E-1EDE-41D8-B814-8B909771E110} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {5387BABF-2FB0-4596-AB6E-F1EBEA23C09D} - System32\Tasks\Sony\Java Update => C:\Program Files\Java\jre6\bin\jusched.exe
Task: {53DA5D98-877E-4DFA-A0AD-52376515F3B1} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {544EFF58-2A69-487B-8AE4-8D419B4713B2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5C605ECB-52D3-4071-A90E-FFDC1D83B46D} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2016-05-31] (Sony Corporation)
Task: {5D311927-99AF-4BAC-949E-F730B81C12E3} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {5F53E859-34E4-4AE7-8D02-F78CF484FAEA} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2016-05-31] (Sony Corporation)
Task: {5FDC0BC3-8581-439E-A25B-867CC2AB00A1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-21] (Microsoft Corporation)
Task: {60E8562B-7AE8-4547-8613-B03D3BB48A6B} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {62242B98-3C96-4DE4-A157-45A975990C90} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {63560233-994B-4920-B4A5-987D166A1649} - System32\Tasks\HPCustParticipation HP Photosmart Plus B210 series => C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {66B94F21-24D5-4EB4-91FB-2AEC6499A375} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2016-05-31] (Sony Corporation)
Task: {69432802-5F3D-4405-A0FB-01C078E1C0E3} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7036A704-0B24-4CBE-AA3D-F1B4854EF58D} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2016-03-31] (Sony Corporation)
Task: {761B52E8-F8A3-419B-9A4E-7D083FC85ACD} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7C08FBBE-49C0-4ADB-A390-3D264D8246C2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {85CD2846-ED71-484B-BF00-F974E632555A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {86E7AAF5-1A8B-4E90-9659-879A5E676C16} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {87720F2B-502E-4910-84B0-B475A28CCF7D} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2016-04-25] (Sony Corporation)
Task: {8E202D2F-15FE-455B-B9F1-4C280BDFB84F} - System32\Tasks\Sony Corporation\VAIO Care\VKSvcWeekly => C:\Program Files\Sony\VAIO Care\VAIOTM\VKSvc.exe [2016-05-30] (Sony Corporation)
Task: {8FF0A885-3D37-417C-AB1D-980BCB20FB90} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {920CB384-76C4-490E-A2A8-B67903AC5FDC} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2016-03-30] (Sony Corporation)
Task: {95988775-5F2D-4FE9-91B3-96BE333E2FE2} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {99EBA0BA-6B05-4527-8369-A209CDBF7344} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-06-22] (Sony Corporation)
Task: {9AC141F8-DBE8-4232-BD9C-1BC9F06DC023} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {9C5EFC15-0C1B-4330-9A0D-FA773019C200} - \Microsoft\Windows\Setup\EOONotify -> No File <==== ATTENTION
Task: {9E717761-3DEB-47E9-BC8F-8CC46D7651C0} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2016-05-31] (Sony Corporation)
Task: {9E9FCC53-F8DF-4E2B-90B1-749E1B23ED38} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9FCEAF38-E18E-4051-A2A0-4F424074C3CF} - System32\Tasks\VAIO® Messenger (lisa) => C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe [2013-07-03] (Digital Delivery Networks, Inc.)
Task: {A8109214-9B3E-45BB-8FCB-55C138E2B942} - System32\Tasks\Sony Corporation\VAIO Care\VTUsr => C:\Program Files\Sony\VAIO Care\VAIOTM\VTUsr.exe [2016-05-30] (Sony Corporation)
Task: {A91CE716-07A0-4E5C-A4D0-5604FC706AA2} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {ACD8BA23-74CA-4ECE-8B73-FFC1162DF8E4} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B123CE02-1C8B-47DD-88A5-5D91FDBC89C1} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B2A45063-1B58-43B1-8F90-89EEB9BFAFE5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B3EAB967-736C-416F-888D-50AC58CB7DC7} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-06-22] (Sony Corporation)
Task: {B753FC92-CCD2-4DC5-8779-7272247D44F8} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B82B3CCD-CAB6-4F36-9097-3D5D1C152CDB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {B9520DC5-45E2-4E15-AE19-9E42F6E5BE19} - System32\Tasks\SONY\VAIO Wallpaper Setting Tool\VAIO Wallpaper Setting Tool => C:\Program Files (x86)\Sony\VAIO Wallpaper Setting Tool\VWSet.exe
Task: {BAC77103-A43D-4911-8DCF-5EFFF353A7B8} - System32\Tasks\Sony\VAIO Survey => C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe [2009-10-26] ()
Task: {C11DB1F3-4A7B-420C-9F9E-AFFCFE771B0D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C1FA5F65-3C25-42C0-B67D-DF3BE612BF96} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-21] (Microsoft Corporation)
Task: {C68D6612-E008-40E3-8291-FCDF4BA042E9} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {C8FDBCF6-DC9C-4C60-A047-961744B72262} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-09] (Adobe Systems Incorporated)
Task: {C91CC596-52FF-476A-A760-A776A0DD9A10} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-21] (Microsoft Corporation)
Task: {DF4B9FCB-008D-428F-80C9-E4B27726E88B} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2016-05-31] (Sony Corporation)
Task: {E3A89007-6736-4E63-99A6-704E4D5C5E63} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {E3C35152-4FD2-490E-8180-322DD0220D31} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E6D101A9-7C94-4360-A4AA-E73356B0BCDE} - System32\Tasks\DDNi Startup => C:\Program Files (x86)\DDNi\Oasis\DDNiStartup.exe [2013-07-03] (Digital Delivery Networks, Inc.)
Task: {EDB2C26E-DD94-40B7-A7A0-D3C1848F663C} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2016-03-18] (Sony Corporation)
Task: {F369EDFB-5A0B-427A-848C-3C1E3C251051} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2012-02-20] (Sony Corporation)
Task: {FA6DE131-C399-4377-8965-322A91F788D3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-21] (Microsoft Corporation)
Task: {FDC9E8F7-9631-44D7-A5DB-012A466D79F2} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {FFB2D4ED-4B5A-4C17-97F4-C8B1027C3899} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-09-29 08:41 - 2017-09-29 08:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2014-04-13 18:45 - 2011-04-19 16:31 - 000181760 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
2014-04-13 18:45 - 2010-02-09 15:55 - 000055296 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
2013-09-05 01:17 - 2013-09-05 01:17 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 008801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-04-13 18:45 - 2011-04-19 16:31 - 000150016 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkLocalBackup.dll
2017-12-13 20:33 - 2017-12-13 20:33 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-13 20:33 - 2017-12-13 20:33 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-01-30 20:02 - 2018-01-30 21:06 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-01-30 20:02 - 2018-01-30 21:06 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-01-30 20:02 - 2018-01-30 21:06 - 025135104 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-01-30 20:02 - 2018-01-30 21:06 - 002542592 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\skypert.dll
2012-11-26 23:54 - 2012-11-26 23:54 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-04-13 18:42 - 2012-02-23 15:57 - 000022944 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinServicePS.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 000073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 001044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-07-27 03:30 - 2010-05-31 21:18 - 000013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2010-07-27 03:30 - 2010-05-31 21:18 - 000013312 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll
2013-07-02 23:06 - 2013-07-02 23:06 - 000039936 _____ () C:\Program Files (x86)\DDNi\Oasis2Service\OasisCloudModel.dll
2013-07-02 23:06 - 2013-07-02 23:06 - 000011264 _____ () C:\Program Files (x86)\DDNi\Oasis2Service\OasisCloudClient.dll
2014-04-13 18:42 - 2010-08-22 20:01 - 000847360 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtNetwork4.dll
2014-04-13 18:42 - 2010-08-22 20:01 - 000325632 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtXml4.dll
2014-04-13 18:42 - 2010-08-22 20:01 - 007187456 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtGui4.dll
2014-04-13 18:42 - 2010-08-22 20:01 - 001954304 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtCore4.dll
2014-04-13 18:42 - 2010-08-22 19:32 - 000119808 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
2014-04-13 18:42 - 2012-02-23 15:19 - 000669696 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2330229276-1937969778-3526454886-1001\...\paycomonline.net -> hxxps://www.paycomonline.net

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-09-05 19:41 - 2015-11-21 13:22 - 000000357 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1   localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2330229276-1937969778-3526454886-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\lisa\Pictures\2013-06-30\132.JPG
DNS Servers: 75.75.76.76 - 75.75.75.75
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: IntelWirelessWiMAX => "C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe" /tasktray /nosplash
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~2\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{33F9B572-0A5D-4635-960F-EF55A2A01BB8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{9ADB7CF9-BB6A-4F45-8EC4-90A30E833E56}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
FirewallRules: [{82DE0DCF-56DF-4E90-A333-4711A488473E}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
FirewallRules: [{D745888D-C68E-4BFE-843E-2A2996F30E62}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
FirewallRules: [{E08D95BF-36F4-4BC9-B8C1-74FB75245860}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
FirewallRules: [{538244D4-4A97-495F-B12C-59B31C16671B}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel Wireless Display\WiDiApp.exe
FirewallRules: [{E3302768-E46E-4F83-BA68-B71F36587E2C}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{A3DB6DC7-D059-47B5-BE94-3A0C7A7FFBCA}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{043DE775-8142-4D31-8FEE-09E7D1C1A221}] => (Allow) svchost.exe
FirewallRules: [{A491B525-F448-40A7-A2F0-1E23F98F5578}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{F42CB48A-DA1E-4C8C-8CF1-F8EAC2C076A1}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{8F6EB939-04E3-4B07-AF6C-60A74DD6C88C}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{CBFFC972-2E8E-4D8C-BF46-A2D2CE8E38C3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{05A8D605-FFDF-4704-A487-E999D2CE3B53}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{03DCBA26-9A22-4F9B-81D1-A5595FCCF494}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7C94CEC8-9730-43D0-8DCF-DD2B314807D3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4F9E348D-C97F-44AE-87A4-7B04278012FD}] => (Allow) C:\Program Files (x86)\Dividend Miles Toolbar\TroubleShooter.exe
FirewallRules: [{F742E2FC-D88C-4E8F-84CA-808A0BF914D6}] => (Allow) C:\Program Files (x86)\Dividend Miles Toolbar\TroubleShooter.exe
FirewallRules: [{D3B36C2D-285F-4F2C-A496-26D888E3E24E}] => (Allow) C:\Program Files (x86)\Dividend Miles Toolbar\ToolbarUpdate.exe
FirewallRules: [{F77495C6-34D4-4FB7-8AB8-5E5CB2C362DC}] => (Allow) C:\Program Files (x86)\Dividend Miles Toolbar\ToolbarUpdate.exe
FirewallRules: [{54857A7D-2617-4640-A5AE-D0812A85B8EE}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\DeviceSetup.exe
FirewallRules: [{FD0B0124-E30E-49F0-AADD-FCFD89E263DC}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\DeviceSetup.exe
FirewallRules: [{46F1DA8E-8ED3-4148-B442-F38DE7EBBEEE}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{858A0B86-84CF-4D65-BA5B-F26E59EACD65}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{86FBE8F2-CDAF-4539-A2D7-940CB9181F79}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [TCP Query User{43325B2C-6E7F-4D27-953F-80F0F78D4ADF}C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe
FirewallRules: [UDP Query User{DE6B9C62-2FB5-4DF2-AD09-E7C80764F875}C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe
FirewallRules: [{8EC1DD6B-C37A-4983-B6C9-16C26C7580AB}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{B33A009C-4AC5-496E-B118-6070BB112A45}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{F053A2F1-5A66-4DA5-8657-C9ED0DAAE384}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{330DC3A3-48AC-4D32-8184-B80006AF6150}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{3E8DC075-B807-4987-A95C-7561211EE980}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
FirewallRules: [{8FEA550F-FD2E-4832-A529-A422DD1D297A}] => (Allow) C:\Program Files\Belkin\Belkin USB Print and Storage Center\Connect.exe
FirewallRules: [{9094DD97-48F8-41FB-BA32-B25431FD631B}] => (Allow) LPort=19540
FirewallRules: [{F1B7FDAA-7D1B-4E08-A753-2A6E5830ED48}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{2F2B0482-F3C1-4D8B-8362-159748407DC3}] => (Allow) C:\Program Files (x86)\SkypeWebPlugin\3.2.0.23388\SkypeWebPlugin.exe
FirewallRules: [{CB772A20-EFBE-411B-8A8F-B388A2101607}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F9A74491-22C8-4E18-978C-5B8864BD749E}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{34F895A9-BD66-4D6C-BEB7-BFE802026349}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
FirewallRules: [{C46F1DEC-5FE2-4302-8318-C5749624D336}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
FirewallRules: [{EE61947F-CE33-410F-896B-8BCDF1CAA81E}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe

==================== Restore Points =========================

21-01-2018 17:21:30 Windows Update

==================== Faulty Device Manager Devices =============

Name: SXUPTP Driver
Description: SXUPTP Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Belkin International, Inc.
Service: sxuptp
Problem: : The software for this device has been blocked from starting because it is known to have problems with Windows. Contact the hardware vendor for a new driver. (Code 48)
Resolution: Download the latest drivers from the manufacturer, uninstall the current driver, and then install the latest drivers.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/04/2018 04:56:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname lisa-VAIO.local already in use; will try lisa-VAIO-2.local instead

Error: (02/04/2018 04:56:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister    4 lisa-VAIO.local. Addr 10.0.0.175

Error: (02/04/2018 04:56:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.175:5353   16 lisa-VAIO.local. AAAA 2601:0547:1000:BE29:0000:0000:0000:653C

Error: (02/04/2018 04:46:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: lisa-VAIO)
Description: Package Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe+App was terminated because it took too long to suspend.

Error: (02/04/2018 03:44:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname lisa-VAIO.local already in use; will try lisa-VAIO-2.local instead

Error: (02/04/2018 03:44:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 0; will deregister    4 lisa-VAIO.local. Addr 10.0.0.175

Error: (02/04/2018 03:44:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.175:5353   16 lisa-VAIO.local. AAAA 2601:0547:1000:BE29:0000:0000:0000:653C

Error: (02/04/2018 03:29:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2664438

Error: (02/04/2018 03:29:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2664438

Error: (02/04/2018 03:29:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (02/04/2018 04:57:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (02/04/2018 04:57:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NetTcpPortSharing service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (02/04/2018 04:57:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the NetTcpPortSharing service to connect.

Error: (02/04/2018 04:56:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The sxuptp service failed to start due to the following error:
This driver has been blocked from loading

Error: (02/04/2018 04:55:57 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: sxuptp.sys

Error: (02/04/2018 04:56:28 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 3:44:28 PM on ‎2/‎4/‎2018 was unexpected.

Error: (02/04/2018 03:59:31 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (02/04/2018 03:57:29 PM) (Source: DCOM) (EventID: 10010) (User: lisa-VAIO)
Description: The server Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca did not register with DCOM within the required timeout.

Error: (02/04/2018 03:45:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NetMsmqActivator service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (02/04/2018 03:45:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the NetMsmqActivator service to connect.


CodeIntegrity:
===================================
  Date: 2018-02-04 19:55:30.122
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-02-04 19:55:30.120
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-02-04 19:40:44.725
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-02-04 19:40:44.722
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-02-04 19:40:43.061
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-02-04 19:40:43.055
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-02-04 19:40:43.000
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-02-04 19:40:42.996
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-02-04 18:04:43.400
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-02-04 18:04:43.398
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz
Percentage of memory in use: 83%
Total physical RAM: 3758.09 MB
Available physical RAM: 622.9 MB
Total Virtual: 7598.09 MB
Available Virtual: 3872 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:287.36 GB) (Free:227.15 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 6EA98A7E)
Partition 1: (Not Active) - (Size=10.2 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=287.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=449 MB) - (Type=27)

==================== End of Addition.txt ============================

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 19469
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: Issues logging into my system
« Reply #11 on: February 05, 2018, 12:38:52 AM »
Wow! Vaio sure does include a lot of extra programs. 

1.  Something to consider:  With Windows 10, the Microsoft Edge browser can open PDFs.  Not only that, you can select text, right-click and select copy!  As a result, you may want to consider uninstalling Adobe Reader. 

2.  The version of Java on your computer (Java 8 Update 101) is outdated and missing critical security updates.  Personally, I haven't used Java in years and it certainly isn't installed on my computer.  I suggest you uninstall it.  In the event a program you use requires it, you'll be prompted to install it.  In the event you wish to keep Java, the current version for 64-bit computers is Java SE Runtime Environment 9.0.4, available from here.  Uninstall the old version first and then download the new version.  Watch for pre-checked options as they are not needed.

3.  WiseConvert is what is referred to as a PUP (Potentially Unwanted Program).  It is a Conduit "Community Toolbar" which redirects searches to search.conduit.com. Conduit toolbars are also reputed to have a certain trackware functionality and will often come bundled with various third party software.  Unless you intentionally installed and use it, I suggest you uninstall it. 

4.  You may also consider whether you use Yahoo! BrowserPlus and, if not, uninstall it as well.

5.  Yahoo Messenger is a thing of the past, no longer supported so you might as well uninstall it as well.

6.  Did you intentionally set up a ProxyServer for accessing the Internet?

7.  Please download Malwarebytes to your desktop.
  • Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
  • The log is available from the History tab.  Please post it contents in your next reply.

Please let me know about items 1-6 when you post the results from the Malwarebytes scan.

Edit to add:  Did you intentionally install the Bing and Google toolbars on your browsers or were they added with something else you installed?


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline lisa20

  • Full Member
  • ***
  • Posts: 52
    • View Profile
Re: Issues logging into my system
« Reply #12 on: February 06, 2018, 12:45:58 AM »
1) I'll consider later
2) I uninstalled Java and will consider later if I need to install new version
3) I couldn't uninstall WiseConvert--kept getting error messages when I clicked on uninstall. Honestly, I do not recall downloading this
4) I'll consider later
5) I uninstalled messenger
6) No, I didn't set up a proxyserver--no clue
7) I think this is the report from the Malwarebytes scan--I couldn't find a history tab:

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 2/5/18
Scan Time: 9:10 PM
Log File: dd101a9e-0ae2-11e8-b7ac-544249f27a4c.json
Administrator: Yes

-Software Information-
Version: 3.3.1.2183
Components Version: 1.0.262
Update Package Version: 1.0.3878
License: Trial

-System Information-
OS: Windows 10 (Build 16299.192)
CPU: x64
File System: NTFS
User: lisa-VAIO\lisa

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 382084
Threats Detected: 13
Threats Quarantined: 13
Time Elapsed: 12 min, 15 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 3
PUM.Optional.ProxyHijacker, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, Quarantined, [7916], [-1],0.0.0
Adware.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\nogdfjjfhknacchjpiccacoimeelkajb, Quarantined, [4271], [387359],1.0.3878
PUP.Optional.HighLightly, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE}, Quarantined, [6035], [167585],1.0.3878

Registry Value: 6
PUM.Optional.ProxyHijacker, HKU\S-1-5-21-2330229276-1937969778-3526454886-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, Quarantined, [7916], [408164],1.0.3878
PUM.Optional.ProxyHijacker, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [7916], [-1],0.0.0
PUM.Optional.ProxyHijacker, HKU\S-1-5-21-2330229276-1937969778-3526454886-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [7916], [-1],0.0.0
PUM.Optional.ProxyHijacker, HKU\S-1-5-21-2330229276-1937969778-3526454886-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYSERVER, Quarantined, [7916], [-1],0.0.0
PUM.Optional.ProxyHijacker, HKU\S-1-5-21-2330229276-1937969778-3526454886-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYOVERRIDE, Quarantined, [7916], [-1],0.0.0
PUM.Optional.ProxyHijacker, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [7916], [-1],0.0.0

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 4
PUP.Optional.Vitruvian, C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\DEFAULTS\PREFERENCES\!VITRUVIAN-AUTOENABLE.JS, Quarantined, [1449], [244582],1.0.3878
PUP.Optional.Vitruvian, C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\DEFAULTS\PREFERENCES\!VITRUVIAN-CSP.JS, Quarantined, [1449], [244583],1.0.3878
Adware.WinYahoo, C:\USERS\LISA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [4271], [387359],1.0.3878
PUP.Optional.MindSpark, C:\USERS\LISA\DOWNLOADS\COUPONALERT.EXE, Quarantined, [229], [301125],1.0.3878

Physical Sector: 0
(No malicious items detected)


(end)


Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 19469
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: Issues logging into my system
« Reply #13 on: February 06, 2018, 06:59:48 PM »
Thanks, Lisa.  I hope you had a good day at work.

Since you've uninstalled Java, I'm going to include Java items that may not have been removed with the uninstall. 

Please do the following to run FRST:

Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
  • Please select the entire contents of the code box below, from the "Start::" line to "End", including both lines.  Right-click and select "Copy ".
Code: [Select]
Start::
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
RemoveProxy:
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-31] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-31] (Oracle Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-31] (Oracle Corporation)
U3 idsvc; no ImagePath
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
Task: {23317F8F-FF2B-446F-BA5A-DEBD19940AAB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {431B0170-A06F-4A31-AC5E-72C6FC462A96} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {46B0E0C0-77E2-44F0-95D2-DC7D2F6F0D5E} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {4B2B00C0-2438-40AB-AFC7-0C57E74B20DB} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {9C5EFC15-0C1B-4330-9A0D-FA773019C200} - \Microsoft\Windows\Setup\EOONotify -> No File <==== ATTENTION
Task: {B82B3CCD-CAB6-4F36-9097-3D5D1C152CDB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E3A89007-6736-4E63-99A6-704E4D5C5E63} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {FDC9E8F7-9631-44D7-A5DB-012A466D79F2} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~2\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
FirewallRules: [{F42CB48A-DA1E-4C8C-8CF1-F8EAC2C076A1}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{8F6EB939-04E3-4B07-AF6C-60A74DD6C88C}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FindFolder: WiseConvert
EmptyTemp:
End::
  • Please right-click on FRST/FRST64 to run as administrator.  When the tool opens, click "yes" to the disclaimer.
  • Press the Fix button once and wait.
  • FRST will process fixlist.txt
  • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST/FRST64.exe
  • Please post the log in your next reply.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline lisa20

  • Full Member
  • ***
  • Posts: 52
    • View Profile
Re: Issues logging into my system
« Reply #14 on: February 06, 2018, 11:38:20 PM »
Thank you! My system rebooted shortly after I clicked on "fix":

Fix result of Farbar Recovery Scan Tool (x64) Version: 27.01.2018
Ran by lisa (06-02-2018 20:08:27) Run:1
Running from C:\Users\lisa\Desktop
Loaded Profiles: lisa (Available Profiles: lisa & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
RemoveProxy:
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-31] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-31] (Oracle Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-31] (Oracle Corporation)
U3 idsvc; no ImagePath
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
Task: {23317F8F-FF2B-446F-BA5A-DEBD19940AAB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {431B0170-A06F-4A31-AC5E-72C6FC462A96} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {46B0E0C0-77E2-44F0-95D2-DC7D2F6F0D5E} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {4B2B00C0-2438-40AB-AFC7-0C57E74B20DB} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {9C5EFC15-0C1B-4330-9A0D-FA773019C200} - \Microsoft\Windows\Setup\EOONotify -> No File <==== ATTENTION
Task: {B82B3CCD-CAB6-4F36-9097-3D5D1C152CDB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E3A89007-6736-4E63-99A6-704E4D5C5E63} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {FDC9E8F7-9631-44D7-A5DB-012A466D79F2} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~2\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
FirewallRules: [{F42CB48A-DA1E-4C8C-8CF1-F8EAC2C076A1}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{8F6EB939-04E3-4B07-AF6C-60A74DD6C88C}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FindFolder: WiseConvert
EmptyTemp:

*****************

Restore point was successfully created.
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui" => removed successfully

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-2330229276-1937969778-3526454886-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-2330229276-1937969778-3526454886-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => key not found
"HKLM\Software\Wow6432Node\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => key not found
"HKLM\Software\Wow6432Node\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.101.2 => key not found
"C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll" => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.101.2 => key not found
"C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll" => not found
"HKLM\System\CurrentControlSet\Services\idsvc" => removed successfully
idsvc => service removed successfully
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets" => removed successfully
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{23317F8F-FF2B-446F-BA5A-DEBD19940AAB} => could not remove key. ErrorCode1: 0x00000002
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23317F8F-FF2B-446F-BA5A-DEBD19940AAB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{431B0170-A06F-4A31-AC5E-72C6FC462A96}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{431B0170-A06F-4A31-AC5E-72C6FC462A96}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{46B0E0C0-77E2-44F0-95D2-DC7D2F6F0D5E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46B0E0C0-77E2-44F0-95D2-DC7D2F6F0D5E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4B2B00C0-2438-40AB-AFC7-0C57E74B20DB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4B2B00C0-2438-40AB-AFC7-0C57E74B20DB}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => key not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9C5EFC15-0C1B-4330-9A0D-FA773019C200}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C5EFC15-0C1B-4330-9A0D-FA773019C200}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOONotify" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B82B3CCD-CAB6-4F36-9097-3D5D1C152CDB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B82B3CCD-CAB6-4F36-9097-3D5D1C152CDB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E3A89007-6736-4E63-99A6-704E4D5C5E63}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3A89007-6736-4E63-99A6-704E4D5C5E63}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FDC9E8F7-9631-44D7-A5DB-012A466D79F2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FDC9E8F7-9631-44D7-A5DB-012A466D79F2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Messenger (Yahoo!)" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F42CB48A-DA1E-4C8C-8CF1-F8EAC2C076A1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8F6EB939-04E3-4B07-AF6C-60A74DD6C88C}" => removed successfully
================== FindFolder: "WiseConvert" ===================

No File

=== End of FindFolder ===

=========== EmptyTemp: ==========

BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 100906895 B
Java, Flash, Steam htmlcache => 22141 B
Windows/system/drivers => 4225742 B
Edge => 10603416 B
Chrome => 501272376 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 29434 B
lisa => 363753995 B
DefaultAppPool => 0 B

RecycleBin => 0 B
EmptyTemp: => 941.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:19:09 ====