not genuine windows popup – Virus, Trojan, Spyware, and Malware Removal Help

i started a topic of this in the windows 7 forum mistakenly, https://www.bleepingcomputer.com/forums/t/728640/not-genuine-windows-popup/ , so im continuing it here to try to keep in line with the rules , i guess i should start with the frst logs:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-08-2020
Ran by bigdog (administrator) on OWNER-VAIO (Sony Corporation SVE1511RFXB) (15-08-2020 05:15:44)
Running from C:UsersbigdogDownloads
Loaded Profiles: bigdog
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe
(Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:Program Files (x86)Bluetooth SuiteAdminService.exe
(Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:Program Files (x86)Bluetooth SuiteAthBtTray.exe
(Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:Program Files (x86)Bluetooth SuiteBtvStack.exe
(Atheros Communications Inc. -> Atheros) [File not signed] C:Program Files (x86)Bluetooth SuiteAth_CoexAgent.exe
(Google Inc -> Google Inc.) C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:Program Files (x86)HpCommonHPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:Program Files (x86)HpHP Software Updatehpwuschd2.exe
(Intel Corporation -> Intel Corporation) C:Program Files (x86)IntelIntel® Management Engine ComponentsDALJhi_service.exe
(Intel Corporation -> Intel Corporation) C:Program Files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exe
(Intel Corporation -> Intel Corporation) C:Program Files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe
(Intel Corporation -> Intel Corporation) C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorDataMgrSvc.exe
(Intel Corporation -> Intel Corporation) C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorIcon.exe
(Intel Corporation -> Intel Corporation) C:Program Files (x86)IntelIntel® USB 3.0 eXtensible Host Controller DriverApplicationiusb3mon.exe
(Intel Corporation -> Intel Corporation) C:WindowsSystem32hkcmd.exe
(Intel Corporation -> Intel Corporation) C:WindowsSystem32igfxpers.exe
(Intel Corporation -> Intel Corporation) C:WindowsSystem32igfxtray.exe
(Intel® Upgrade Service -> Intel® Corporation) C:Program FilesInteliCLS ClientHeciServer.exe
(Microsoft Corporation -> Microsoft Corp.) C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:Program Files (x86)Common Filesmicrosoft sharedVirtualization HandlerCVHSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:Program Files (x86)Microsoft Application Virtualization Clientsftlist.exe
(Microsoft Corporation -> Microsoft Corporation) C:Program Files (x86)Microsoft Application Virtualization Clientsftvsa.exe
(Microsoft Corporation) [File not signed] C:WindowsSystem32lsm.exe
(Microsoft Corporation) [File not signed] C:WindowsSystem32slui.exe <2>
(Microsoft Corporation) [File not signed] C:WindowsSystem32taskeng.exe <3>
(Microsoft Corporation) [File not signed] C:WindowsSystem32VSSVC.exe
(Microsoft Corporation) [File not signed] C:WindowsSystem32wbemWmiPrvSE.exe
(Microsoft Windows -> Microsoft Corporation) C:Program FilesWindows Media Playerwmprph.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32mspaint.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32prevhost.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32wlanext.exe
(Mozilla Corporation -> Mozilla Corporation) C:Program FilesMozilla Firefoxfirefox.exe <13>
(Mozilla Messaging Inc. -> Mozilla Messaging) E:ThunderbirdPortableAppThunderbirdthunderbird.exe
(Oracle America, Inc. -> Oracle Corporation) C:Program Files (x86)Common FilesJavaJava Updatejucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:Program Files (x86)Common FilesJavaJava Updatejusched.exe
(Rare Ideas, LLC -> PortableApps.com) E:ThunderbirdPortableThunderbirdPortable.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARAVBg64.exe
(Sony Corporation -> Sony Corporation) C:Program Files (x86)SonyISB UtilityISBMgr.exe
(Sony Corporation -> Sony Corporation) C:Program Files (x86)SonyPlayMemories HomePMBVolumeWatcher.exe
(Sony Corporation -> Sony Corporation) C:Program FilesSonyVAIO Improvementvim.exe <2>
(Sony Corporation of America -> ) C:Program Files (x86)SonyKeyboard ShortcutsKeyboardShortcuts.exe
(Symantec Corporation -> Symantec Corporation) C:Program FilesCommon FilesAVNorton SecurityUpgrade.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:Program FilesSynapticsSynTPSynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:Program FilesSynapticsSynTPSynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM…Run: [RtHDVBg] => C:Program FilesRealtekAudioHDARAVBg64.exe [1156712 2012-03-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM…Run: [AtherosBtStack] => C:Program Files (x86)Bluetooth SuiteBtvStack.exe [1020576 2012-02-23] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
HKLM…Run: [AthBtTray] => C:Program Files (x86)Bluetooth SuiteAthBtTray.exe [800416 2012-02-23] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
HKLM…Run: [SynTPEnh] => C:Program FilesSynapticsSynTPSynTPEnh.exe [2885904 2012-03-13] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM…Run: [Logitech Download Assistant] => C:WindowsSystem32LogiLDA.dll [1832760 2012-09-20] (Logitech -> Logitech, Inc.)
HKLM-x32…Run: [IAStorIcon] => C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorIcon.exe [284440 2011-11-29] (Intel Corporation -> Intel Corporation)
HKLM-x32…Run: [USB3MON] => C:Program Files (x86)IntelIntel® USB 3.0 eXtensible Host Controller DriverApplicationiusb3mon.exe [291608 2012-02-22] (Intel Corporation -> Intel Corporation)
HKLM-x32…Run: [] => [X]
HKLM-x32…Run: [ISBMgr.exe] => C:Program Files (x86)SonyISB UtilityISBMgr.exe [60552 2011-09-20] (Sony Corporation -> Sony Corporation)
HKLM-x32…Run: [PMBVolumeWatcher] => c:Program Files (x86)SonyPlayMemories HomePMBVolumeWatcher.exe [693608 2012-02-21] (Sony Corporation -> Sony Corporation)
HKLM-x32…Run: [Adobe ARM] => C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe [1160408 2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32…Run: [HP Software Update] => C:Program Files (x86)HpHP Software UpdateHPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32…Run: [Adobe Reader Speed Launcher] => “C:Program Files (x86)AdobeReader 10.0ReaderReader_sl.exe”
HKLM-x32…Run: [SunJavaUpdateSched] => C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM…Winlogon: [Userinit] C:Windowssystem32userinit.exe [30720 2010-11-20] (Microsoft Corporation) [File not signed]
HKLM-x32…Winlogon: [Userinit] C:WindowssysWOW64userinit.exe [26624 2010-11-20] (Microsoft Corporation) [File not signed]
HKUS-1-5-18…RunOnce: [iCloud] => “C:Program Files (x86)Common FilesAppleInternet ServicesiCloud.exe”
HKLM…PrintMonitorsHP C211 Status Monitor: C:Windowssystem32hpinkstsC211LM.dll [333496 2013-01-08] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM…PrintMonitorsHP C511 Status Monitor: C:Windowssystem32hpinkstsC511LM.dll [333496 2012-12-15] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM…PrintMonitorsHP Discovery Port Monitor (HP Deskjet 2540 series): C:Windowssystem32HPDiscoPMC211.dll [763912 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM…PrintMonitorsHP Discovery Port Monitor (HP ENVY 4500 series): C:Windowssystem32HPDiscoPMC511.dll [763912 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLMSoftwareMicrosoftActive SetupInstalled Components: [2D46B6DC-2207-486B-B523-A557E6D54B47] -> C:Windowssystem32cmd.exe /D /C start C:Windowssystem32ie4uinit.exe -ClearIconCache
HKLMSoftwareMicrosoftActive SetupInstalled Components: [8A69D345-D564-463c-AFF1-A69D9E530F96] -> C:Program Files (x86)GoogleChromeApplication84.0.4147.125Installerchrmstp.exe [2020-08-10] (Google LLC -> Google LLC)
HKLMSoftwareWow6432NodeMicrosoftActive SetupInstalled Components: [8A69D345-D564-463c-AFF1-A69D9E530F96] -> “C:Program Files (x86)GoogleChromeApplication58.0.3029.81Installerchrmstp.exe” –configure-user-settings –verbose-logging –system-level
HKLMSoftware…AuthenticationCredential Providers: [ACFC407B-266C-8504-8DAE-F3E276336E4B] -> C:Windowssystem32AthCredentialProvider.dll [2012-02-23] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
HKLMSoftware…AuthenticationCredential Providers: [F8A0B131-5F68-486c-8040-7E8FC3C85BB6] -> C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDCREDPROV.DLL [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
HKLMSoftware…AuthenticationCredential Provider Filters: [ACFC407B-266C-8504-8DAE-F3E276336E4B] -> C:Windowssystem32AthCredentialProvider.dll [2012-02-23] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
Startup: C:UsersOwnerAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupMonitor Ink Alerts – HP Deskjet 2540 series.lnk [2019-01-02]
ShortcutAndArgument: Monitor Ink Alerts – HP Deskjet 2540 series.lnk -> C:Windowssystem32RunDll32.exe => “C:Program FilesHPHP Deskjet 2540 seriesbinHPStatusBL.dll”,RunDLLEntry SERIALNUMBER=CN45G3F1520604;CONNECTION=USB;MONITOR=1;
BootExecute: autocheck autochk *

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: 158A16F8-06C1-46E4-AD2E-065A1EE45CEF – System32TasksMicrosoftWindowsMedia CenterPvrScheduleTask => C:Windowsehomemcupdate.exe [198656 2017-12-31] (Microsoft Corporation) [File not signed]
Task: 19F8E268-B722-46BB-8088-BB94502AE34E – System32TasksSony CorporationXperia LinkXperia Link Logon Start => C:Program Files (x86)SonyXperia LinkXperia Link.exe [1001560 2013-03-26] (Sony Corporation -> Sony Corporation)
Task: 1B287017-9F57-4458-880B-3839F9B17B08 – System32TasksVAIO Health Report => C:Program Files (x86)SonyVAIO Health ReportVAIOHealthReport.exe
Task: 1E59BF56-14ED-4708-9DD9-5ACA63075197 – System32TasksHPCustParticipation HP Deskjet 2540 series => C:Program FilesHPHP Deskjet 2540 seriesBinHPCustPartic.exe [5745672 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
Task: 201C92EE-558A-44A1-B581-280183B58CCD – System32TasksSony CorporationVAIO Control CenterLevel4Month => C:Program Files (x86)SonyVAIO Control CenterWBCBatteryCare.exe [2312328 2012-03-07] (Sony Corporation -> Sony Corporation)
Task: 208A1F91-9B68-4FA2-8095-DF7FB9349F35 – System32TasksAdobe Flash Player NPAPI Notifier => C:WindowsSysWOW64MacromedFlashFlashUtil32_32_0_0_387_Plugin.exe
Task: 250D4E83-97B9-40B6-9432-EA68FA1EDD32 – System32TasksSony CorporationVAIO ImprovementVAIOImprovementMonitorUser => C:Program FilesSonyVAIO Improvementvim.exe [356440 2013-03-29] (Sony Corporation -> Sony Corporation)
Task: 36FF4F33-7FA9-4D31-8DC6-CDE8BBF820F7 – System32TasksMicrosoftWindowsMedia CenterSqlLiteRecoveryTask => C:Windowsehomemcupdate.exe [198656 2017-12-31] (Microsoft Corporation) [File not signed]
Task: 3E4BF444-D9B6-4335-9C9D-0A3C95994CE1 – System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [144200 2015-09-02] (Google Inc -> Google Inc.)
Task: 4783729B-DC16-4612-88EB-15FCBB86054B – System32TasksSony CorporationVAIO GateVAIO Gate => C:Program FilesSonyVAIO GateVAIO Gate.exe [2357408 2011-09-23] (Sony Corporation -> Sony Corporation)
Task: 57569255-E8EC-4F5F-88F0-E9EF97534E5F – System32TasksMicrosoftWindowsMedia CenterMediaCenterRecoveryTask => C:Windowsehomemcupdate.exe [198656 2017-12-31] (Microsoft Corporation) [File not signed]
Task: 5A09FD78-466E-4128-9778-BF2E925A9EA0 – System32TasksSony CorporationVAIO Control CenterLevel4Daily => C:Program Files (x86)SonyVAIO Control CenterWBCBatteryCare.exe [2312328 2012-03-07] (Sony Corporation -> Sony Corporation)
Task: 5F0BA893-3829-4188-906A-E49E214ED891 – System32TasksHPCustParticipation HP ENVY 4500 series => C:Program FilesHPHP ENVY 4500 seriesBinHPCustPartic.exe [5745672 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Task: 6076B22F-1FDD-4815-B540-8EF9470D4AF6 – System32TasksMicrosoftWindowsMedia Centermcupdate => C:Windowsehomemcupdate.exe [198656 2017-12-31] (Microsoft Corporation) [File not signed]
Task: 6607233E-29D4-4E7B-A205-4519136AA084 – System32TasksMicrosoftWindowsMedia CenterPeriodicScanRetry => C:WindowsehomeMCUpdate.exe [198656 2017-12-31] (Microsoft Corporation) [File not signed]
Task: 75CECDF5-FBE1-4C14-A2AA-7AC14C5012A1 – System32TasksAdobe Flash Player Updater => C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [335416 2020-08-11] (Adobe Inc. -> Adobe)
Task: 7B92E593-E104-404C-B415-F7C01D2602F9 – System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [144200 2015-09-02] (Google Inc -> Google Inc.)
Task: 7FC83EBF-E639-4698-AE20-3FFA5EED2CA7 – System32TasksSonyKeyboard Shortcuts => C:Program Files (x86)SonyKeyboard ShortcutsKeyboardShortcuts.exe [477816 2012-03-20] (Sony Corporation of America -> )
Task: 80AB7A0E-EFDB-4027-B9D2-0C6FDE3A0CFA – System32TasksMicrosoftWindowsMedia CenterObjectStoreRecoveryTask => C:Windowsehomemcupdate.exe [198656 2017-12-31] (Microsoft Corporation) [File not signed]
Task: 8158DF18-5896-4E59-978B-77F87ED1A829 – System32TasksMozillaFirefox Default Browser Agent 308046B0AF4A39CB => C:Program FilesMozilla Firefoxdefault-browser-agent.exe [123600 2020-07-31] (Mozilla Corporation -> Mozilla Foundation)
Task: 8771B1A5-716D-4155-BC9D-7542F305A63F – System32TasksMicrosoftWindowsWindows Activation TechnologiesValidationTaskDeadline => C:Windowssystem32schtasks.exe [285696 2010-11-20] (Microsoft Corporation) [File not signed]
Task: 89E8613E-B112-4EB9-979F-167AB45D87FC – System32TasksSony CorporationBP CheckerCheckBPStatusCreate => C:Program FilesSonyBP CheckerBPChecker.exe [47672 2016-11-29] (Sony Corporation -> Sony Corporation)
Task: 8FB9BCE7-08E8-4F3F-91A6-B1AFA3ACE934 – System32TasksSony CorporationVAIO ImprovementVAIOImprovementMonitorSystem => C:Program FilesSonyVAIO Improvementvim.exe [356440 2013-03-29] (Sony Corporation -> Sony Corporation)
Task: 933105D5-5155-4613-BAF1-9A362D2525DD – System32TasksRemediationAntimalwareMigrationTask => C:Program FilesCommon FilesAVNorton SecurityUpgrade.exe [3073304 2016-01-06] (Symantec Corporation -> Symantec Corporation)
Task: A22CFD98-53DC-4068-ABA6-94B0CA8733E4 – System32TasksSony CorporationVAIO Smart NetworkVSN Logon Start => net [Argument = start VSNService]
Task: A38A6B4C-84E2-424A-8221-DCE3782A2A36 – System32TasksHP AR Program Upload – 14b2ceb39da0420db574af67be9cc409318a5a4988d146b3a18d0413320c1e06 => C:Program FilesHPHP Deskjet 2540 seriesbinHPRewards.exe [3495432 2014-03-06] (Hewlett Packard -> TODO: <Company name>)
Task: AC4E5ACF-89F7-4220-BA21-81EE183975E2 – System32TasksMicrosoftWindowsApplication ExperienceAitAgent => C:Windowssystem32aitagent.exe [122880 2010-11-20] (Microsoft Corporation) [File not signed]
Task: BF435641-F224-4E53-83A1-438B75E5A846 – System32TasksMicrosoftWindows LiveSOXEExtractor Definitions Update Task => 3519154C-227E-47F3-9CC9-12C3F05817F1
Task: D7355677-5A43-48E5-B6F3-05828EEED38A – System32TasksSony CorporationVAIO GateStartExecuteProxy => C:Program FilesSonyVAIO GateExecutionProxy.exe [401568 2011-09-23] (Sony Corporation -> Sony Corporation)
Task: E022E13F-AEF8-4DDF-9FA0-8428E35EB8A5 – System32TasksMicrosoftWindowsMedia CenterPvrRecoveryTask => C:Windowsehomemcupdate.exe [198656 2017-12-31] (Microsoft Corporation) [File not signed]
Task: E32C2DFE-BAC0-4C0E-B1FE-BE8BC0BACD09 – System32TasksSony CorporationBP CheckerCheckBPStatusLogon => C:Program FilesSonyBP CheckerBPChecker.exe [47672 2016-11-29] (Sony Corporation -> Sony Corporation)
Task: EACA24FF-236C-401D-A1E7-B3D5267B8A50 – System32TasksMicrosoftWindowsRACRacTask => 42060D27-CA53-41f5-96E4-B1E8169308A6 C:Windowssystem32RacEngn.dll [1556992 2010-11-20] (Microsoft Corporation) [File not signed]
Task: F62FFFE9-7F45-42F4-8B08-8EBB7535FB81 – System32TasksVHDInformationCheck => C:Program Files (x86)SonyVAIO RecoverypluginsInformationCheck.exe [1865352 2012-02-24] (Sony Corporation -> Sony Corporation)
Task: FB74B898-E8D5-4668-83BC-E7FC52270CBE – System32TasksSony CorporationVAIO Gesture ControlVCGULogonTask => C:Program Files (x86)SonyVAIO Camera Gesture UtilityVCGU.exe [718472 2011-12-27] (Sony Corporation -> Sony Corporation)
Task: FC92DBA0-C63E-41D0-BB8A-DF5C33B8A944 – System32TasksSony CorporationVAIO ImprovementVAIOImprovementUploader => C:Program FilesSonyVAIO Improvementviuploader.exe [428680 2011-12-27] (Sony Corporation -> Sony Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDNSP.DLL [171392 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 09 C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDNSP.DLL [171392 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
TcpipParameters: [DhcpNameServer] 192.168.254.254
Tcpip..Interfaces16DAD0B2-ED1B-4FE9-8EB0-0496724D0E60: [DhcpNameServer] 192.168.254.254
Tcpip..InterfacesE06FE4BD-F016-4612-B84D-AC20ACEC44E5: [DhcpNameServer] 192.168.254.254

Internet Explorer:
==================
HKUS-1-5-21-3268705388-2528524113-2537434403-1003SoftwareMicrosoftInternet ExplorerMain,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL = hxxp://www.bing.com/search?q=searchTerms&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKLM -> 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL = hxxp://www.bing.com/search?q=searchTerms&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL = hxxp://www.bing.com/search?q=searchTerms&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKLM-x32 -> 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL = hxxp://www.bing.com/search?q=searchTerms&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKUS-1-5-21-3268705388-2528524113-2537434403-1003 -> DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL =
SearchScopes: HKUS-1-5-21-3268705388-2528524113-2537434403-1003 -> 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL =
BHO: Windows Live ID Sign-in Helper -> 9030D464-4C02-4ABF-8ECC-5164760863C6 -> C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Java™ Plug-In SSV Helper -> 761497BB-D6F0-462C-B6EB-D4DAF1D92D43 -> C:Program Files (x86)Javajre1.8.0_251binssv.dll [2020-06-09] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> 8D10F6C4-0E01-4BD4-8601-11AC1FDF8126 -> C:Program Files (x86)Bluetooth SuiteIEPlugIn.dll [2012-02-23] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
BHO-x32: Windows Live ID Sign-in Helper -> 9030D464-4C02-4ABF-8ECC-5164760863C6 -> C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> DBC80044-A445-435b-BC74-9C25C1C588A9 -> C:Program Files (x86)Javajre1.8.0_251binjp2ssv.dll [2020-06-09] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF DefaultProfile: 25xgp332.default-1595765038196
FF ProfilePath: C:UsersbigdogAppDataRoamingMozillaFirefoxProfiles25xgp332.default-1595765038196 [2020-08-15]
FF Extension: (No Name) – C:UsersbigdogAppDataRoamin[email protected]video_downloader_pro.xpi [2020-07-26] [not signed]
FF Extension: (No Name) – C:UsersbigdogAppDataRoamingMozillaFi[email protected]ant.com.xpi [2020-07-26] [not signed]
FF Extension: (No Name) – C:UsersbigdogAppDataRoamingMozillaFirefoxProfiles25xgp332.default-1595765038196Extensions73a6fe31-595d-460b-a920-fcc0f8843232.xpi [2020-08-11] [not signed]
FF Extension: (No Name) – C:UsersbigdogAppDataRoamingMozillaFirefoxProfiles25xgp332.default-1595765038196Extensionsb9db16a4-6edc-47ec-a1f4-b86292ed211d.xpi [2020-07-26] [not signed]
FF Extension: (No Name) – C:UsersbigdogAppDataRoamingMozillaFirefoxProfiles25xgp332.default-1595765038196Extensionsd10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d.xpi [2020-08-07] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:Windowssystem32MacromedFlashNPSWF64_32_0_0_414.dll [2020-08-11] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:Program FilesMicrosoft Silverlight5.1.30514.0npctrl.dll [2014-05-13] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:Program FilesVideoLANVLCnpvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:WindowsSysWOW64MacromedFlashNPSWF32_32_0_0_414.dll [2020-08-11] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:Program Files (x86)IntelIntel® Management Engine ComponentsIPTnpIntelWebAPIIPT.dll [2012-03-13] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:Program Files (x86)IntelIntel® Management Engine ComponentsIPTnpIntelWebAPIUpdater.dll [2012-03-13] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:Program Files (x86)Javajre1.8.0_251bindtpluginnpDeployJava1.dll [2020-06-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:Program Files (x86)Javajre1.8.0_251binplugin2npjp2.dll [2020-06-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:Program Files (x86)Microsoft Silverlight5.1.30514.0npctrl.dll [2014-05-13] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:PROGRA~2MICROS~1Office14NPSPWRAP.DLL [2011-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 -> C:Program Files (x86)SonyPLAYSTATION Network Downloadernppsndl.dll [2011-08-03] (Sony Computer Entertainment Inc. -> Sony Computer Entertainment Inc.)
FF Plugin-x32: @sony.com/ReaderDesktop -> C:Program Files (x86)SonyReaderDesktopnpreaderdetectmoz.dll [2011-10-07] (Sony Corporation) [File not signed]
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:Program Files (x86)SonyMedia Gonpmediago.dll [2011-08-02] (Sony Network Entertainment International LLC) [File not signed]
FF Plugin-x32: Adobe Reader -> C:Program Files (x86)AdobeReader 11.0ReaderAIRnppdf32.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:UsersbigdogAppDataLocalGoogleChromeUser DataDefault [2020-07-26]
CHR Extension: (Chrome Web Store Payments) – C:UsersbigdogAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2020-06-09]
CHR Extension: (Chrome Media Router) – C:UsersbigdogAppDataLocalGoogleChromeUser DataDefaultExtensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-09]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:Program Files (x86)Common FilesArcSoftConnection ServiceBinACService.exe [113152 2010-03-18] (ArcSoft, Inc. -> ArcSoft Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [335416 2020-08-11] (Adobe Inc. -> Adobe)
R2 AtherosSvc; C:Program Files (x86)Bluetooth Suiteadminservice.exe [106144 2012-02-23] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
R3 BITS; C:WindowsSystem32qmgr.dll [849920 2010-11-20] (Microsoft Corporation) [File not signed]
S3 CertPropSvc; C:WindowsSystem32certprop.dll [80384 2010-11-20] (Microsoft Corporation) [File not signed]
S3 DCDhcpService; C:Program FilesSonyVAIO Smart NetworkWFDADCDhcpService.exe [112256 2012-03-21] (Qualcomm Atheros -> Atheros Communication Inc.) [File not signed]
S3 dot3svc; C:WindowsSystem32dot3svc.dll [252416 2010-11-20] (Microsoft Corporation) [File not signed]
R2 DPS; C:Windowssystem32dps.dll [162816 2010-11-20] (Microsoft Corporation) [File not signed]
R2 eventlog; C:WindowsSystem32wevtsvc.dll [1646080 2010-11-20] (Microsoft Corporation) [File not signed]
S3 hkmsvc; C:Windowssystem32kmsvc.dll [90624 2010-11-20] (Microsoft Corporation) [File not signed]
S3 HomeGroupProvider; C:WindowsSysWOW64provsvc.dll [165376 2010-11-20] (Microsoft Corporation) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:Program Files (x86)HpCommonHPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company -> Hewlett-Packard Company)
S4 IconMan_R; C:Program Files (x86)RealtekRealtek PCIE Card ReaderRIconMan.exe [2429544 2012-02-08] (Realtek Semiconductor Corp -> Realsil Microelectronics Inc.)
R2 Intel® Capability Licensing Service Interface; c:Program FilesInteliCLS ClientHeciServer.exe [628448 2012-02-03] (Intel® Upgrade Service -> Intel® Corporation)
S4 MBAMService; C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe [6970968 2020-08-14] (Malwarebytes Inc -> Malwarebytes)
S3 napagent; C:Windowssystem32qagentRT.dll [476160 2010-11-20] (Microsoft Corporation) [File not signed]
S4 Oasis2Service; C:Program Files (x86)DDNiOasis2ServiceOasis2Service.exe [61440 2013-07-02] (Digital Delivery Networks, Inc.) [File not signed]
S4 PMBDeviceInfoProvider; c:Program Files (x86)SonyPlayMemories HomePMBDeviceInfoProvider.exe [473960 2012-02-21] (Sony Corporation -> Sony Corporation)
S3 RasMan; C:WindowsSystem32rasmans.dll [344064 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SCPolicySvc; C:WindowsSystem32certprop.dll [80384 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:Windowssystem32sessenv.dll [121856 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:WindowsSysWOW64sessenv.dll [113664 2010-11-20] (Microsoft Corporation) [File not signed]
S4 Sony SCSI Helper Service; C:Program Files (x86)Common FilesSony SharedFskSonySCSIHelperService.exe [73728 2011-09-23] (Sony Corporation) [File not signed]
S2 sppsvc; C:Windowssystem32sppsvc.exe [3524608 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TapiSrv; C:WindowsSystem32tapisrv.dll [316928 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TapiSrv; C:WindowsSysWOW64tapisrv.dll [242176 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TrustedInstaller; C:WindowsservicingTrustedInstaller.exe [194048 2010-11-20] (Microsoft Corporation) [File not signed]
S4 uCamMonitor; C:Program Files (x86)ArcSoftMagic-i Visual Effects 2uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc. -> ArcSoft, Inc.)
S3 vds; C:WindowsSystem32vds.exe [533504 2010-11-20] (Microsoft Corporation) [File not signed]
R3 VSS; C:Windowssystem32vssvc.exe [1600512 2010-11-20] (Microsoft Corporation) [File not signed]
R3 WdiServiceHost; C:WindowsSysWOW64wdi.dll [76288 2009-07-13] () [File not signed]
S3 WdiSystemHost; C:WindowsSysWOW64wdi.dll [76288 2009-07-13] () [File not signed]
R2 WinDefend; C:Program FilesWindows Defendermpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE [2292096 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
R2 ZAtheros Bt&Wlan Coex Agent; C:Program Files (x86)Bluetooth SuiteAth_CoexAgent.exe [158880 2012-02-23] (Atheros Communications Inc. -> Atheros) [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ArcSoftKsUFilter; C:WindowsSystem32DRIVERSArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc. -> ArcSoft, Inc.)
R3 athr; C:WindowsSystem32DRIVERSathrx.sys [2807808 2012-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 BTATH_VDP; C:WindowsSystem32driversbtath_vdp.sys [421664 2012-02-23] (Atheros Communications Inc. -> Atheros)
S4 cdfs; C:WindowsSystem32DRIVERScdfs.sys [92672 2019-02-10] (Microsoft Corporation) [File not signed]
S3 IpFilterDriver; C:WindowsSystem32DRIVERSipfltdrv.sys [82944 2010-11-20] (Microsoft Corporation) [File not signed]
R2 MBAMChameleon; C:WindowsSystem32DriversMbamChameleon.sys [216056 2020-08-14] (Malwarebytes Inc -> Malwarebytes)
S3 MBAMSwissArmy; C:WindowsSystem32Driversmbamswissarmy.sys [248968 2020-08-14] (Malwarebytes Inc -> Malwarebytes)
R3 Ndisuio; C:WindowsSystem32DRIVERSndisuio.sys [56832 2010-11-20] (Microsoft Corporation) [File not signed]
R3 NdisWan; C:WindowsSystem32DRIVERSndiswan.sys [164352 2010-11-20] (Microsoft Corporation) [File not signed]
R3 PptpMiniport; C:WindowsSystem32DRIVERSraspptp.sys [111104 2010-11-20] (Microsoft Corporation) [File not signed]
R3 Rasl2tp; C:WindowsSystem32DRIVERSrasl2tp.sys [129536 2010-11-20] (Microsoft Corporation) [File not signed]
S3 scfilter; C:WindowsSystem32DRIVERSscfilter.sys [29696 2010-11-20] (Microsoft Corporation) [File not signed]
R3 SFEP; C:WindowsSystem32DRIVERSSFEP.sys [14336 2012-01-16] (Microsoft Windows Hardware Compatibility Publisher -> Sony Corporation)
R3 Sftfs; C:WindowsSystem32DRIVERSSftfswin7.sys [768680 2013-06-26] (Microsoft Corporation -> Microsoft Corporation)
R3 Sftplay; C:WindowsSystem32DRIVERSSftplaywin7.sys [273576 2013-06-26] (Microsoft Corporation -> Microsoft Corporation)
R3 Sftredir; C:WindowsSystem32DRIVERSSftredirwin7.sys [29352 2013-06-26] (Microsoft Corporation -> Microsoft Corporation)
R3 Sftvol; C:WindowsSystem32DRIVERSSftvolwin7.sys [23208 2013-06-26] (Microsoft Corporation -> Microsoft Corporation)
R3 tunnel; C:WindowsSystem32DRIVERStunnel.sys [125440 2010-11-20] (Microsoft Corporation) [File not signed]
R4 udfs; C:WindowsSystem32DRIVERSudfs.sys [328192 2019-02-10] (Microsoft Corporation) [File not signed]
S3 USBAAPL64; C:WindowsSystem32Driversusbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [File not signed]
S3 semav6msr64; ??C:Windowssystem32driverssemav6msr64.sys [X]
S3 semav6thermal64ro; ??C:Windowssystem32driverssemav6thermal64ro.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-08-15 05:15 – 2020-08-15 05:17 – 000033993 _____ C:UsersbigdogDownloadsFRST.txt
2020-08-15 05:14 – 2020-08-15 05:17 – 000000000 ____D C:FRST
2020-08-15 05:13 – 2020-08-15 05:13 – 002296320 _____ (Farbar) C:UsersbigdogDownloadsFRST64.exe
2020-08-14 03:13 – 2020-08-14 03:13 – 000000000 ___RD C:UsersbigdogAppDataRoamingMicrosoftWindowsStart MenuProgramsBT Devices
2020-08-14 03:00 – 2020-08-14 03:00 – 000001643 _____ C:UsersbigdogDesktopfusioncore.txt
2020-08-14 02:34 – 2020-08-14 02:34 – 000248968 _____ (Malwarebytes) C:Windowssystem32Driversmbamswissarmy.sys
2020-08-14 02:34 – 2020-08-14 02:34 – 000001960 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes.lnk
2020-07-31 02:50 – 2020-07-31 02:50 – 000000000 ____D C:Windowssystem32TasksMozilla
2020-07-31 00:06 – 2020-08-07 02:42 – 000000000 ____D C:Program FilesMozilla Firefox
2020-07-28 00:01 – 2020-07-28 00:01 – 000278864 _____ C:WindowsMinidump72820-104239-01.dmp
2020-07-26 08:32 – 2020-07-26 08:32 – 000000936 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsFirefox.lnk
2020-07-26 08:32 – 2020-07-26 08:32 – 000000924 _____ C:UsersPublicDesktopFirefox.lnk
2020-07-26 08:32 – 2020-07-26 08:32 – 000000924 _____ C:ProgramDataDesktopFirefox.lnk
2020-07-26 05:38 – 2020-07-26 05:38 – 002665176 _____ (Trend Micro Inc.) C:UsersbigdogDownloadsHousecallLauncher64(1).exe
2020-07-26 05:34 – 2020-07-26 05:37 – 000000000 ____D C:Usersbigdogdwhelper
2020-07-26 05:33 – 2020-07-26 05:34 – 000000000 ____D C:Program Filesnet.downloadhelper.coapp
2020-07-26 05:27 – 2020-07-26 05:28 – 043467824 _____ (DownloadHelper ) C:UsersbigdogDownloadsVdhCoAppSetup-1.5.0.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-08-15 05:13 – 2009-07-14 00:45 – 000032384 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-08-15 05:13 – 2009-07-14 00:45 – 000032384 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-08-14 20:29 – 2019-12-13 06:40 – 000000000 ___HD C:UsersbigdogDownloads386
2020-08-14 03:15 – 2019-01-02 06:26 – 000000000 ____D C:UsersbigdogAppDataLocalLowMozilla
2020-08-14 03:12 – 2009-07-14 01:08 – 000000006 ____H C:WindowsTasksSA.DAT
2020-08-14 03:10 – 2019-07-20 03:53 – 000000024 _____ C:Usersbigdograndom.dat
2020-08-14 02:34 – 2020-03-26 03:23 – 000216056 _____ (Malwarebytes) C:Windowssystem32DriversMbamChameleon.sys
2020-08-14 02:34 – 2019-07-22 00:11 – 000001948 _____ C:UsersPublicDesktopMalwarebytes.lnk
2020-08-14 02:34 – 2019-07-22 00:11 – 000001948 _____ C:ProgramDataDesktopMalwarebytes.lnk
2020-08-14 02:32 – 2019-07-22 00:11 – 000153312 _____ (Malwarebytes) C:Windowssystem32Driversmbae64.sys
2020-08-12 23:38 – 2019-07-20 03:52 – 000000024 _____ C:Usersbigdogjagexappletviewer.preferences
2020-08-12 23:36 – 2019-07-20 03:53 – 000000045 _____ C:Usersbigdogjagex_cl_oldschool_LIVE.dat
2020-08-11 19:16 – 2020-07-15 03:33 – 006247480 _____ (Adobe) C:WindowsSysWOW64FlashPlayerInstaller.exe
2020-08-11 19:16 – 2014-08-01 15:12 – 000842296 _____ (Adobe) C:WindowsSysWOW64FlashPlayerApp.exe
2020-08-11 19:16 – 2014-08-01 15:12 – 000175160 _____ (Adobe) C:WindowsSysWOW64FlashPlayerCPLApp.cpl
2020-08-11 19:16 – 2014-08-01 15:11 – 000000000 ____D C:WindowsSysWOW64Macromed
2020-08-11 19:16 – 2014-08-01 15:11 – 000000000 ____D C:Windowssystem32Macromed
2020-08-10 19:47 – 2014-08-04 10:10 – 000002224 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk
2020-08-07 02:42 – 2018-06-12 18:05 – 000000000 ____D C:Program Files (x86)Mozilla Maintenance Service
2020-07-28 00:01 – 2020-04-02 09:42 – 384151793 _____ C:WindowsMEMORY.DMP
2020-07-28 00:01 – 2020-04-02 09:42 – 000000000 ____D C:WindowsMinidump
2020-07-26 08:04 – 2020-06-09 06:48 – 000000000 ____D C:UsersbigdogDesktopOld Firefox Data
2020-07-26 07:36 – 2019-01-02 06:17 – 000000000 ____D C:UsersbigdogAppDataLocalCrashDumps
2020-07-26 05:34 – 2019-01-02 05:12 – 000000000 ____D C:Usersbigdog
2020-07-17 07:28 – 2019-01-02 05:13 – 000000000 ____D C:UsersbigdogDocumentsBluetooth Folder

==================== Files in the root of some directories ========

2019-07-27 12:59 – 2019-07-27 12:59 – 000375844 _____ () C:UsersbigdogAppDataLocalars.cache
2019-07-27 13:00 – 2019-07-27 13:00 – 000694174 _____ () C:UsersbigdogAppDataLocalcensus.cache
2019-07-27 05:19 – 2019-07-27 05:19 – 000000036 _____ () C:UsersbigdogAppDataLocalhousecall.guid.cache

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

C:Windowssystem32userinit.exe => MD5 is legit
C:WindowsSysWOW64userinit.exe => MD5 is legit

LastRegBack: 2020-08-15 00:43
==================== End of FRST.txt ========================

 

 

 

and it did another one:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-08-2020
Ran by bigdog (15-08-2020 05:19:38)
Running from C:UsersbigdogDownloads
Windows 7 Home Premium Service Pack 1 (X64) (2014-08-01 17:57:23)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3268705388-2528524113-2537434403-500 – Administrator – Disabled)
bigdog (S-1-5-21-3268705388-2528524113-2537434403-1003 – Administrator – Enabled) => C:Usersbigdog
Guest (S-1-5-21-3268705388-2528524113-2537434403-501 – Limited – Disabled)
HomeGroupUser$ (S-1-5-21-3268705388-2528524113-2537434403-1002 – Limited – Enabled)
Owner (S-1-5-21-3268705388-2528524113-2537434403-1000 – Administrator – Enabled) => C:UsersOwner

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled – Up to date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46

==================== Installed Programs ======================

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3D Home Architect 4 (HKLM-x32…3D Home Architect 4) (Version:  – )
7-Zip 9.20 (x64 edition) (HKLM…23170F69-40C1-2702-0920-000001000000) (Version: 9.20.00.0 – Igor Pavlov)
ACID Music Studio 8.0 (HKLM-x32…7A6374F0-6D04-11E0-92E0-005056C00008) (Version: 8.0.178 – Sony) Hidden
Adobe Flash Player 32 ActiveX (HKLM-x32…Adobe Flash Player ActiveX) (Version: 32.0.0.414 – Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32…Adobe Flash Player NPAPI) (Version: 32.0.0.414 – Adobe)
Adobe Reader XI (11.0.20) (HKLM-x32…AC76BA86-7AD7-1033-7B44-AB0000000001) (Version: 11.0.20 – Adobe Systems Incorporated)
Ant Video downloader (Native messaging host) (HKLM-x32…C24130F9-5A40-481C-AF62-4ED491729565) (Version: 4.5 – Ant.com)
AnyBurn (HKLM-x32…AnyBurn) (Version: 4.6 – Power Software Ltd)
Application Manager for VAIO (HKLM-x32…Application Manager for VAIO) (Version:  – )
ArcSoft Magic-i Visual Effects 2 (HKLM-x32…61438020-DDD4-42FA-99A2-50225441980A) (Version: 2.0.1.161 – ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32…C793AD32-2BB8-4CC4-ABD3-A1469C21593C) (Version: 4.0.21.457 – ArcSoft)
Atheros Bluetooth Suite (64) (HKLM…230D1595-57DA-4933-8C4E-375797EBB7E1) (Version: 7.4.0.125 – Atheros)
BPCx64 (HKLM…C25C68CF-E4A1-4B6F-9F28-5559264F23FD) (Version: 1.0.0 – Sony Corporation) Hidden
BPCx86 (HKLM-x32…F5802A74-7CAF-42E7-AC98-BB8D99B90C7D) (Version: 1.0.0 – Sony Corporation) Hidden
CyberLink PowerDVD (HKLM-x32…InstallShield_A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8) (Version: 9.0.5009.52 – CyberLink Corp.)
D3DX10 (HKLM-x32…E09C4DB7-630C-4F06-A631-8EA7239923AF) (Version: 15.4.2368.0902 – Microsoft) Hidden
DJ2540FWUpdateAlert (HKLM-x32…9D341092-CB1C-4F6F-B492-FD79193A0F82) (Version: 1.00.0000 – HP) Hidden
DVD Architect Studio 5.0 (HKLM-x32…79E06DF1-24FE-11E1-913F-F04DA23A5C58) (Version: 5.0.157 – Sony) Hidden
Epic Games Launcher (HKLM-x32…1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6) (Version: 1.1.267.0 – Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM…66C5838F-B854-4A55-89E6-A6138747A4DF) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden
Evernote v. 4.5.2 (HKLM-x32…8CE152BA-1D16-11E1-867D-984BE15F174E) (Version: 4.5.2.5904 – Evernote Corp.)
FDUx86 (HKLM-x32…3490653F-2789-46A1-B1BF-6BD4CF4131AB) (Version: 1.0.0 – Sony Corporation) Hidden
Google Chrome (HKLM-x32…Google Chrome) (Version: 84.0.4147.125 – Google LLC)
Google Update Helper (HKLM-x32…60EC980A-BDA2-4CB6-A427-B07A5498B4CA) (Version: 1.3.35.451 – Google LLC) Hidden
Google Update Helper (HKLM-x32…A92DAB39-4E2C-4304-9AB6-BC44E68B55E2) (Version: 1.3.25.11 – Google Inc.) Hidden
HP Deskjet 2540 series Basic Device Software (HKLM…6A79CD11-0C1C-4E24-A8C6-46A02F680346) (Version: 32.2.188.47710 – Hewlett-Packard Co.)
HP Deskjet 2540 series Help (HKLM-x32…4539575D-C09D-4E71-B207-0F2D6BD74DA2) (Version: 30.0.0 – Hewlett Packard)
HP ENVY 4500 series Basic Device Software (HKLM…6915424E-704F-4F5D-9057-9C7B406B36DB) (Version: 32.3.198.49673 – Hewlett-Packard Co.)
HP ENVY 4500 series Help (HKLM-x32…95BECC50-22B4-4FCA-8A2E-BF77713E6D3A) (Version: 30.0.0 – Hewlett Packard)
HP FWUpdateEDO2 (HKLM-x32…415FA9AD-DA10-4ABE-97B6-5051D4795C90) (Version: 1.2.0.0 – Hewlett-Packard)
HP Photo Creations (HKLM-x32…HP Photo Creations) (Version: 1.0.0.7702 – HP)
HP Support Solutions Framework (HKLM-x32…FC3C2B77-6800-48C6-A15D-9D1031130C16) (Version: 11.51.0049 – Hewlett-Packard Company)
HP Update (HKLM-x32…912D30CF-F39E-4B31-AD9A-123C6B794EE2) (Version: 5.005.002.002 – Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32…B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D) (Version: 1.00.0001 – Microsoft) Hidden
ImgBurn (HKLM-x32…ImgBurn) (Version: 2.5.8.0 – LIGHTNING UK!)
Intel® Control Center (HKLM-x32…F8A9085D-4C7A-41a9-8A77-C8998A96C421) (Version: 1.2.1.1007 – Intel Corporation)
Intel® Management Engine Components (HKLM-x32…65153EA5-8B6E-43B6-857B-C6E4FC25798A) (Version: 8.0.2.1410 – Intel Corporation)
Intel® OpenCL CPU Runtime (HKLM-x32…FCB3772C-B7D0-4933-B1A9-3707EBACC573) (Version:  – Intel Corporation)
Intel® Processor Graphics (HKLM-x32…F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA) (Version: 8.15.10.2618 – Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32…3E29EE6C-963A-4aae-86C1-DC237C4A49FC) (Version: 11.0.0.1032 – Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32…240C3DDD-C5E9-4029-9DF7-95650D040CF2) (Version: 1.0.3.214 – Intel Corporation)
Intel® Trusted Connect Service Client (HKLM…9536BA1-E498-4CC3-B834-D884A67D7E34) (Version: 1.23.605.1 – Intel Corporation)
Java 8 Update 251 (HKLM-x32…26A24AE4-039D-4CA4-87B4-2F32180251F0) (Version: 8.0.2510.8 – Oracle Corporation)
Junk Mail filter update (HKLM-x32…1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4) (Version: 15.4.3502.0922 – Microsoft Corporation) Hidden
Keyboard_Shortcuts (HKLM-x32…FE8974B4-479C-4DBA-8544-9E5342ABB26A) (Version: 1.1.0.12190 – Sony Corporation) Hidden
KUx86 (HKLM-x32…6FD21053-829D-40E7-B04C-CAFB7D5CD025) (Version: 1.0.0 – Sony Corporation ) Hidden
Launcher Prerequisites (x64) (HKLM-x32…c6c5a357-c7ca-4a5f-9789-3bb1af579253) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden
LibreOffice 5.1.1.3 (HKLM-x32…2F9F0129-3D3D-4F77-8580-C910DD649645) (Version: 5.1.1.3 – The Document Foundation)
Malwarebytes version 4.1.2.73 (HKLM…35065F43-4BB2-439A-BFF7-0F1014F2E0CD_is1) (Version: 4.1.2.73 – Malwarebytes)
Media Go (HKLM-x32…167A1F6A-9BF2-4B24-83DB-C6D659F680EA) (Version: 2.0.317 – Sony) Hidden
Mesh Runtime (HKLM-x32…8C6D6116-B724-4810-8F2D-D047E6B7D68E) (Version: 15.4.5722.2 – Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM…92FB6C44-E685-45AD-9B20-CADF4CABA132 – 1033) (Version: 4.5.50938 – Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32…95140000-0070-0000-0000-0000000FF1CE) (Version: 14.0.4763.1000 – Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32…Office14.Click2Run) (Version: 14.0.6122.5000 – Microsoft Corporation)
Microsoft Office Starter 2010 – English (HKLM-x32…90140011-0066-0409-0000-0000000FF1CE) (Version: 14.0.6123.5008 – Microsoft Corporation)
Microsoft Silverlight (HKLM…89F4137D-6C26-4A84-BDB8-2E5A4BB71E00) (Version: 5.1.30514.0 – Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32…F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8) (Version: 3.1.0000 – Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32…3A9FC03D-C685-4831-94CF-4EDFD3749497) (Version: 3.5.8080.0 – Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32…710f4c1c-cc18-4c49-8cbf-51240c89a1a2) (Version: 8.0.61001 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.17 (HKLM…8220EEFE-38CD-377E-8595-13398D740ACE) (Version: 9.0.30729 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.6161 (HKLM…5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4) (Version: 9.0.30729.6161 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x86 9.0.21022 (HKLM-x32…FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4) (Version: 9.0.21022 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.17 (HKLM-x32…9A25302D-30C0-39D9-BD6F-21E6EC160475) (Version: 9.0.30729 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.4148 (HKLM-x32…1F1C2DFC-2D24-3E06-BCB8-725134ADF989) (Version: 9.0.30729.4148 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…9BE518E6-ECC6-35A9-88E4-87755C07200F) (Version: 9.0.30729.6161 – Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable – 10.0.30319 (HKLM…DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E) (Version: 10.0.30319 – Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable – 10.0.30319 (HKLM-x32…196BB40D-1578-3D01-B289-BEFC77A11A1E) (Version: 10.0.30319 – Microsoft Corporation)
Mozilla Firefox 79.0 (x64 en-US) (HKLM…Mozilla Firefox 79.0 (x64 en-US)) (Version: 79.0 – Mozilla)
Mozilla Maintenance Service (HKLM…MozillaMaintenanceService) (Version: 78.0.2 – Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32…196467F1-C11F-4F76-858B-5812ADC83B94) (Version: 4.30.2100.0 – Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32…1D95BA90-F4F8-47EC-A882-441C99D30C1E) (Version: 4.30.2117.0 – Microsoft Corporation)
Oasis2Service (HKLM-x32…E50FC5DB-7CBD-407D-A46E-0C13E45BC386) (Version: 1.0.4 – DDNi)
OldSchool RuneScape Launcher 1.2.7 (HKLM-x32…FEDDCE73-34B8-4980-90B8-8619A78C902C) (Version: 1.2.7 – Jagex Ltd)
OpenOffice 4.1.0 (HKLM-x32…C87EF11D-36E9-479D-9898-7541EA1E8A6A) (Version: 4.10.9764 – Apache Software Foundation)
ParetoLogic FileCure (HKLM-x32…C1C441C4-57FA-4950-BDBA-BABFBAA2AA39) (Version: 2.0.1.0 – ParetoLogic, Inc.)
PlayMemories Home (HKLM-x32…E03CD71A-F595-49DF-9ADC-0CFC93B1B211) (Version: 6.1.01.14210 – Sony Corporation) Hidden
PlayReady PC Runtime amd64 (HKLM…BCA9334F-B6C9-4F65-9A73-AC5A329A4D04) (Version: 1.3.0 – Microsoft Corporation)
PlayStation®Network Downloader (HKLM-x32…B6659DD8-00A7-4A24-BBFB-C1F6982E5D66) (Version: 2.07.00849 – Sony Computer Entertainment Inc.) Hidden
PlayStation®Store (HKLM-x32…E532C84-4275-41B3-9D81-D4A1A20D8EE7) (Version: 4.5.15.13232 – Sony Computer Entertainment Inc.) Hidden
Product Improvement Study for HP Deskjet 2540 series (HKLM…DF34643B-A745-430C-B27B-A48F853C81E4) (Version: 32.2.188.47710 – Hewlett-Packard Co.)
Product Improvement Study for HP ENVY 4500 series (HKLM…58139103-BACF-4BDC-B71C-955F9164ADA6) (Version: 32.3.198.49673 – Hewlett-Packard Co.)
Qualcomm Atheros Direct Connect (HKLM-x32…21DD6041-7251-40FA-9D06-C5EB30268E0F) (Version: 3.1 – Qualcomm Atheros) Hidden
Qualcomm Atheros WiFi Driver Installation (HKLM-x32…E727B31A-8B24-4C1C-934A-69634E0D2C0B) (Version: 3.0 – Qualcomm Atheros)
Reader for PC (HKLM-x32…CF5B430D-C563-4EE6-803D-A8A133DFCE5E) (Version: 1.1.02.10070 – Sony Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32…F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC) (Version: 6.0.1.6564 – Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32…C1594429-8296-4652-BF54-9DBE4932A44C) (Version: 6.1.7601.91 – Realtek Semiconductor Corp.)
Remote Keyboard (HKLM-x32…6466EF6E-700E-470F-94CB-D0050302C84E) (Version: 1.2.0.09270 – Sony Corporation) Hidden
Remote Play with PlayStation®3 (HKLM-x32…D56DA747-5FDB-4AD5-9A6A-3481C0ED44BD) (Version: 1.1.0.21090 – Sony Corporation) Hidden
Sound Forge Audio Studio 10.0 (HKLM-x32…A013EA1-A1D3-11E0-8DCF-005056C00008) (Version: 10.0.176 – Sony) Hidden
SSLx64 (HKLM…312395BC-7CC2-434C-A660-30250276A926) (Version: 1.0.0 – Sony Corporation ) Hidden
SSLx86 (HKLM-x32…63C43435-F428-42BA-8E7B-5848749D9262) (Version: 1.0.0 – Sony Corporation ) Hidden
Star Wars Galactic Battlegrounds: Saga (HKLM-x32…10133CDD-50B9-4783-B336-8B48F3653715) (Version:  – )
Synaptics Pointing Device Driver (HKLM…SynTPDeinstKey) (Version: 16.0.1.0 – Synaptics Incorporated)
TeamViewer 9 (HKLM-x32…TeamViewer 9) (Version: 9.0.32494 – TeamViewer)
TrackID™ with BRAVIA (HKLM-x32…858B32BD-121C-4AC8-BD87-CE37C51C03E2) (Version: 1.2.0.09270 – Sony Corportaion) Hidden
TriDef 3D (Sony) 2.0.5 (HKLM-x32…experience-sony-bundle) (Version: 2.0.5 – Dynamic Digital Depth Australia Pty Ltd)
V3DPx86 (HKLM-x32…D4E7BB46-310E-4A21-B261-052A5997EA2F) (Version: 1.0.0 – Sony Corporation ) Hidden
VAIO – Microsoft Visual C++ 2010 SP1 Runtime 10.0.40219.325 (HKLM…34EB42BE-F4D3-44C1-B28E-9740115DB72C) (Version: 1.0.00.01300 – Sony Corporation)
VAIO – Remote Keyboard (HKLM-x32…7396FB15-9AB4-4B78-BDD8-24A9C15D2C65) (Version: 1.2.0.09270 – Sony Corporation) Hidden
VAIO – Remote Keyboard with PlayStation®3 (HKLM-x32…E682702C-609C-4017-99E7-3129C163955F) (Version: 1.2.0.09210 – Sony Corporation) Hidden
VAIO – Remote Play with PlayStation®3 (HKLM-x32…7441A52-E208-478A-92B7-5C337CA8C131) (Version: 1.1.0.21090 – Sony Corporation) Hidden
VAIO – TrackID™ with BRAVIA (HKLM-x32…2F41EF61-A066-4EBF-84F8-21C1B317A780) (Version: 1.2.0.09270 – Sony Corporation) Hidden
VAIO – Xperia Link (HKLM-x32…D91558BF-D1F3-411F-AEFE-8774CB406512) (Version: 1.1.1.03270 – Sony Corporation)
VAIO 3D Portal (HKLM-x32…C14EAE86-C526-4E00-B245-CFF86233C3D2) (Version: 1.2.0.10131 – Sony Corporation) Hidden
VAIO Care Recovery (HKLM…6ED1750E-F44F-4635-8F0D-B76B9262B7FB) (Version: 1.1.1.13230 – Sony Corporation)
VAIO Control Center (HKLM-x32…8E797841-A110-41FD-B17A-3ABC0641187A) (Version: 5.2.1.15070 – Sony Corporation) Hidden
VAIO CPU Fan Diagnostic (HKLM-x32…BCE6E3D7-B565-4E1B-AC77-F780666A35FB) (Version: 1.1.0.09200 – Sony Corporation) Hidden
VAIO Data Restore Tool (HKLM-x32…5156C9BF-1C27-430B-96D8-7129F11699A8) (Version: 1.9.0.13190 – Sony Corporation) Hidden
VAIO Data Restore Tool (HKLM-x32…57B955CE-B5D3-495D-AF1B-FAEE0540BFEF) (Version: 1.9.0.13190 – Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32…7C80D30A-AC02-4E3F-B95D-29F0E4FF937B) (Version: 1.1.2.01120 – Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32…InstallShield_7C80D30A-AC02-4E3F-B95D-29F0E4FF937B) (Version: 1.1.2.01120 – Sony Corporation) Hidden
VAIO Gate (HKLM-x32…A7C30414-2382-4086-B0D6-01A88ABA21C3) (Version: 2.4.1.09230 – Sony Corporation) Hidden
VAIO Gate (HKLM-x32…AE5F3379-8B81-457E-8E09-7E61D941AFA4) (Version: 2.4.1.09230 – Sony Corporation) Hidden
VAIO Gate Default (HKLM-x32…B7546697-2A80-4256-A24B-1C33163F535B) (Version: 2.5.2.02090 – Sony Corporation) Hidden
VAIO Gesture Control (HKLM-x32…692955F2-DE9F-4078-8FAA-858D6F3A1776) (Version: 1.0.0.12300 – Sony Corporation) Hidden
VAIO Gesture Control (HKLM-x32…C8544A9A-76BE-4F82-811E-979799AE493B) (Version: 1.0.0.12300 – Sony Corporation) Hidden
VAIO Help and Support (HKLM-x32…C9EFF66F-B0CF-4B1A-9371-2FC647658CDF) (Version: 17.00.0109 – Sony Corporation) Hidden
VAIO Improvement (HKLM-x32…3A26D9BD-0F73-432D-B522-2BA18138F7EF) (Version: 1.3.0.12280 – Sony Corporation) Hidden
VAIO Manual (HKLM-x32…C6E893E7-E5EA-4CD5-917C-5443E753FCBD) (Version: 2.3.0.12300 – Sony Corporation) Hidden
VAIO Messenger (HKLM-x32…VAIO Messenger) (Version: 2.0.550.0 – DDNi)
VAIO OOBE (HKLM-x32…D9777637-33B7-47A9-800C-F6A2CD4EB0FE) (Version: 12.2.1.2483 – Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32…547C9EB4-4CA6-402F-9D1B-8BD30DC71E44) (Version: 1.4.0.09010 – Sony Corporation) Hidden
VAIO Satisfaction Survey. (HKLM-x32…VAIO Satisfaction Survey.3.0) (Version: 3.0 – Sony Electronics Inc.) Hidden
VAIO Smart Network (HKLM-x32…899D75A-C2FC-42EA-A702-5B9A5F24EAD5) (Version: 3.14.1.07010 – Sony Corporation) Hidden
VAIO Transfer Support (HKLM-x32…5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF) (Version: 1.7.1.06040 – Sony Corporation) Hidden
VCCx64 (HKLM…549AD5FB-F52D-4307-864A-C0008FB35D96) (Version: 1.0.0 – Sony Corporation) Hidden
VCCx86 (HKLM-x32…DF184496-1CA2-4D07-92E7-0BD251D7DEF0) (Version: 1.0.0 – Sony Corporation) Hidden
VdhCoApp 1.5.0 (HKLM…weh-iss-net.downloadhelper.coapp_is1) (Version:  – DownloadHelper)
Vegas Movie Studio HD Platinum 11.0 (HKLM-x32…CE3DE3AE-F384-11E0-B00E-F04DA23A5C58) (Version: 11.0.256 – Sony) Hidden
VHD (HKLM-x32…DB1A3EA7-0C25-4BEC-A108-176195190369) (Version: 1.0.0 – Microsoft) Hidden
VIx64 (HKLM…D55EAC07-7207-44BD-B524-0F063F327743) (Version: 1.0.0 – Sony Corporation) Hidden
VIx86 (HKLM-x32…D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6) (Version: 1.0.0 – Sony Corporation) Hidden
VLC media player (HKLM…VLC media player) (Version: 3.0.8 – VideoLAN)
VMLx86 (HKLM-x32…7E5A5CA6-B7D0-406E-A75E-157CAB47EB94) (Version: 1.0.0 – Sony Corporation) Hidden
VPMx64 (HKLM…DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84) (Version: 1.0.0 – Sony Corporation ) Hidden
VSNx64 (HKLM…F2611404-06BF-4E67-A5B7-8DB2FFC1CBF6) (Version: 1.0.0 – Sony Corporation) Hidden
VSNx86 (HKLM-x32…A49A517F-5332-4665-922C-6D9AD31ADD4F) (Version: 1.0.0 – Sony Corporation) Hidden
VSSTx64 (HKLM…4F31AC31-0A28-4F5A-8416-513972DA1F79) (Version: 1.0.0 – Sony Corporation ) Hidden
VSSTx86 (HKLM-x32…B24BB74E-8359-43AA-985A-8E80C9219C70) (Version: 1.0.0 – Sony Corporation) Hidden
VU5x86 (HKLM-x32…D2D23D08-D10E-43D6-883C-78E0B2AC9CC6) (Version: 1.0.0 – Sony Corporation ) Hidden
VWSTx86 (HKLM-x32…B8991D99-88FD-41F2-8C32-DB70278D5C30) (Version: 1.0.0 – Sony Corporation) Hidden
Windows 7 USB/DVD Download Tool (HKLM-x32…CCF298AF-9CE1-4B26-B251-486E98A34789) (Version: 1.0.30 – Microsoft Corporation)
Windows Live Essentials (HKLM-x32…WinLiveSuite) (Version: 15.4.3538.0513 – Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32…2902F983-B4C1-44BA-B85D-5C6D52E2C441) (Version: 15.4.5722.2 – Microsoft Corporation)
XperiaLinkx86 (HKLM-x32…721F23DC-DD5D-4406-8C3A-0D9736C99C51) (Version: 1.0.0 – Sony Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [7-Zip] -> 23170F69-40C1-278A-1000-000100020000 => C:Program Files7-Zip7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Atheros] -> B8952421-0E55-400B-94A6-FA858FC0A39F => C:Program Files (x86)Bluetooth SuiteBtvAppExt.dll [2012-02-23] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
ContextMenuHandlers2: [AddtoVAIOGate] -> 6988D6F2-F24F-4732-8855-A39DB1AA1346 => C:Program FilesSonyVAIO GateVAIOGateShellExt.dll [2011-09-23] (Sony Corporation -> Sony Corporation)
ContextMenuHandlers3: [AddtoVAIOGate] -> 6988D6F2-F24F-4732-8855-A39DB1AA1346 => C:Program FilesSonyVAIO GateVAIOGateShellExt.dll [2011-09-23] (Sony Corporation -> Sony Corporation)
ContextMenuHandlers3: [FTShellContext] -> AFF81F7B-6942-40c4-AADA-7214EF7B6DD1 => C:Program Files (x86)Bluetooth SuiteShellContextExt.dll [2012-02-23] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
ContextMenuHandlers4: [7-Zip] -> 23170F69-40C1-278A-1000-000100020000 => C:Program Files7-Zip7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> 3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4 => C:Windowssystem32igfxpph.dll [2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AddtoVAIOGate] -> 6988D6F2-F24F-4732-8855-A39DB1AA1346 => C:Program FilesSonyVAIO GateVAIOGateShellExt.dll [2011-09-23] (Sony Corporation -> Sony Corporation)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM…Drivers32: [vidc.iv50] => C:WindowsSysWOW64ir50_32.dll [746496 2009-07-13] (Microsoft Windows -> Intel Corporation)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription__FilterToConsumerBinding->CommandLineEventConsumer.Name=”BVTConsumer””,Filter=”__EventFilter.Name=”BVTFilter”::
WMI:subscription__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA “Win32_Processor” AND TargetInstance.LoadPercentage > 99]
WMI:subscriptionCommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\tools\kernrate]

==================== Loaded Modules (Whitelisted) =============

2014-08-01 14:13 – 2011-11-29 23:00 – 000059392 _____ () [File not signed] [File is in use] C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIsdiInterop.dll
2020-08-14 03:14 – 2020-08-14 03:14 – 000008704 _____ () [File not signed] C:UsersbigdogAppDataLocalTempnsvCB5B.tmpnewadvsplash.dll
2020-08-14 03:14 – 2020-08-14 03:14 – 000029696 _____ () [File not signed] C:UsersbigdogAppDataLocalTempnsvCB5B.tmpregistry.dll
2019-05-20 09:09 – 2019-05-20 09:09 – 000172032 _____ () [File not signed] C:WindowsassemblyNativeImages_v2.0.50727_32IsdiInterop72942022d04b079ab54528d7acd76660IsdiInterop.ni.dll
2012-02-23 19:52 – 2012-02-23 19:52 – 000053920 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:Program Files (x86)Bluetooth SuiteAthCopyHook.dll
2012-02-23 19:53 – 2012-02-23 19:53 – 000020128 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:Program Files (x86)Bluetooth Suiteathr_debug.dll
2012-02-23 19:53 – 2012-02-23 19:53 – 000040608 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:Program Files (x86)Bluetooth SuiteBPP.DLL
2012-02-23 19:54 – 2012-02-23 19:54 – 000045216 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:Program Files (x86)Bluetooth SuiteBTBIP.DLL
2012-02-23 19:55 – 2012-02-23 19:55 – 000161952 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:Program Files (x86)Bluetooth SuiteBtvAppExt.dll
2012-02-23 20:01 – 2012-02-23 20:01 – 000515232 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:Program Files (x86)Bluetooth Suitefiletransfer.dll
2012-02-23 20:02 – 2012-02-23 20:02 – 000085152 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:Program Files (x86)Bluetooth SuiteGattI.dll
2012-02-23 20:02 – 2012-02-23 20:02 – 000099488 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:Program Files (x86)Bluetooth Suitegatts.DLL
2012-02-23 20:02 – 2012-02-23 20:02 – 000106144 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:Program Files (x86)Bluetooth SuiteGOEP.DLL
2012-02-23 20:03 – 2012-02-23 20:03 – 000082592 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:Program Files (x86)Bluetooth SuiteHandsfree.dll
2012-02-23 20:04 – 2012-02-23 20:04 – 000093856 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:Program Files (x86)Bluetooth SuiteL2capLib.dll
2012-02-23 20:06 – 2012-02-23 20:06 – 000310944 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:Program Files (x86)Bluetooth SuiteObjPush.dll
2012-02-23 20:06 – 2012-02-23 20:06 – 004977824 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:Program Files (x86)Bluetooth SuiteOutLookLib.dll
2012-02-23 20:06 – 2012-02-23 20:06 – 000073888 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:Program Files (x86)Bluetooth SuitePhoneBook.DLL
2012-02-23 20:07 – 2012-02-23 20:07 – 000065184 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:Program Files (x86)Bluetooth SuiteRfcommLib.dll
2012-02-23 20:07 – 2012-02-23 20:07 – 000109216 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:Program Files (x86)Bluetooth Suitesesmgr.dll
2012-02-23 20:08 – 2012-02-23 20:08 – 000284832 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:Program Files (x86)Bluetooth SuiteShellContextExt.dll
2012-02-23 20:08 – 2012-02-23 20:08 – 000041632 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:Program Files (x86)Bluetooth Suitesim.DLL
2012-02-23 20:08 – 2012-02-23 20:08 – 000129696 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:Program Files (x86)Bluetooth Suiteskypeagent.dll
2012-02-23 20:08 – 2012-02-23 20:08 – 000061088 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:Program Files (x86)Bluetooth SuiteSync.dll
2012-02-23 20:09 – 2012-02-23 20:09 – 000030368 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:Program Files (x86)Bluetooth Suiteutils.DLL
2014-08-01 14:14 – 2012-02-10 04:25 – 000114688 _____ (Atheros Communications, Inc.) [File not signed] C:Program Files (x86)Qualcomm Atheros WiFi Driver InstallationAthIhvWlanExt.dll
2014-08-01 14:14 – 2012-02-10 04:25 – 000269824 _____ (Atheros Communications, Inc.) [File not signed] c:program files (x86)qualcomm atheros wifi driver installationathihvwpap2p.dll
2010-11-18 21:08 – 2010-11-18 21:08 – 000086016 _____ (Igor Pavlov) [File not signed] C:Program Files7-Zip7-zip.dll
2019-05-20 09:09 – 2019-05-20 09:09 – 000014336 _____ (Intel Corp.) [File not signed] C:WindowsassemblyNativeImages_v2.0.50727_32IAStorCommon2c124842f2740267d4146b4211b412a0IAStorCommon.ni.dll
2014-08-01 14:13 – 2011-11-29 23:00 – 000175616 _____ (Intel Corporation) [File not signed] [File is in use] C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorUIHelper.dll
2014-08-01 14:13 – 2011-11-29 23:00 – 001319424 _____ (Intel Corporation) [File not signed] [File is in use] C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIntelVisualDesign.dll
2014-08-01 14:13 – 2011-11-29 22:41 – 000278016 _____ (Intel Corporation) [File not signed] C:Program Files (x86)IntelIntel® Rapid Storage TechnologyISDI.dll
2014-08-01 14:14 – 2012-02-22 13:10 – 000073728 _____ (Intel Corporation) [File not signed] C:Program Files (x86)IntelIntel® USB 3.0 eXtensible Host Controller DriverApplicationiusb3mon.dll
2020-01-19 13:14 – 2020-01-19 13:14 – 000225280 _____ (Intel Corporation) [File not signed] C:WindowsassemblyNativeImages_v2.0.50727_32IAStorDataMgrc64c05bf09fe8c421829cca89b51f547IAStorDataMgr.ni.dll
2020-01-19 13:14 – 2020-01-19 13:14 – 000487424 _____ (Intel Corporation) [File not signed] C:WindowsassemblyNativeImages_v2.0.50727_32IAStorUtil432a39402d23f6e21a6887900c7b573eIAStorUtil.ni.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000232448 _____ (Microsoft Corporation) [File not signed] [File is in use] C:Windowssystem32sppcomapi.dll
2014-08-01 14:45 – 2014-08-01 14:45 – 000225280 _____ (Microsoft Corporation) [File not signed] [File is in use] C:WindowsWinSxSx86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57msvcm90.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000342016 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32apphelp.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000749568 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32BatMeter.dll
2010-11-20 23:23 – 2010-11-20 23:23 – 000024576 _____ (Microsoft Corporation) [File not signed] c:windowssystem32bitsperf.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000094720 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32Cabinet.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000071680 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32certpoleng.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000314368 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32CLUSAPI.DLL
2010-11-20 23:24 – 2010-11-20 23:24 – 000594432 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32COMDLG32.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 002067456 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32d3d9.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 001087488 _____ (Microsoft Corporation) [File not signed] c:windowssystem32dbghelp.dll
2010-11-20 23:23 – 2010-11-20 23:23 – 000508928 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32DeviceCenter.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000162816 _____ (Microsoft Corporation) [File not signed] c:windowssystem32dps.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 001632256 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32dwmcore.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000128512 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32dwmredir.dll
2010-11-20 23:23 – 2010-11-20 23:23 – 000459776 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32dxp.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000303616 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32eapphost.dll
2010-11-20 23:23 – 2010-11-20 23:23 – 000295936 _____ (Microsoft Corporation) [File not signed] C:WindowsSystem32framedynos.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000332288 _____ (Microsoft Corporation) [File not signed] C:WindowsSystem32hgcpl.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000045056 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32httpapi.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000145920 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32IPHLPAPI.DLL
2010-11-20 23:24 – 2010-11-20 23:24 – 000186880 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32logoncli.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000221184 _____ (Microsoft Corporation) [File not signed] C:WindowsSystem32MPRAPI.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000046592 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32MSASN1.dll
2010-11-20 23:23 – 2010-11-20 23:23 – 000035840 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32msdmo.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000799744 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32MsftEdit.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 001326080 _____ (Microsoft Corporation) [File not signed] C:WindowsSystem32NaturalLanguage6.dll
2010-11-20 23:23 – 2010-11-20 23:23 – 000090112 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32NCI.dll
2010-11-20 23:23 – 2010-11-20 23:23 – 000519680 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32netcfgx.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000188928 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32netjoin.dll
2010-11-20 23:23 – 2010-11-20 23:23 – 002652160 _____ (Microsoft Corporation) [File not signed] C:WindowsSystem32netshell.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000029184 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32netutils.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 001672704 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32NetworkExplorer.dll
2010-11-20 23:23 – 2010-11-20 23:23 – 000015360 _____ (Microsoft Corporation) [File not signed] c:windowssystem32nrpsrv.DLL
2010-11-20 23:24 – 2010-11-20 23:24 – 000129536 _____ (Microsoft Corporation) [File not signed] C:WindowsSystem32ntlanman.dll
2010-11-20 23:23 – 2010-11-20 23:23 – 000720896 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32ODBC32.dll
2010-11-20 23:23 – 2010-11-20 23:23 – 000235520 _____ (Microsoft Corporation) [File not signed] c:windowssystem32OneX.DLL
2010-11-20 23:23 – 2010-11-20 23:23 – 001808384 _____ (Microsoft Corporation) [File not signed] C:WindowsSystem32pnidui.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000048128 _____ (Microsoft Corporation) [File not signed] C:WindowsSystem32PrintIsolationProxy.dll
2010-11-20 23:23 – 2010-11-20 23:23 – 000416256 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32prnfldr.dll
2010-11-20 23:23 – 2010-11-20 23:23 – 001212416 _____ (Microsoft Corporation) [File not signed] c:windowssystem32PROPSYS.dll
2010-11-20 23:23 – 2010-11-20 23:23 – 000266240 _____ (Microsoft Corporation) [File not signed] C:WindowsSystem32QAgent.dll
2010-11-20 23:23 – 2010-11-20 23:23 – 000849920 _____ (Microsoft Corporation) [File not signed] c:windowssystem32qmgr.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000107520 _____ (Microsoft Corporation) [File not signed] C:WindowsSystem32QUtil.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000313856 _____ (Microsoft Corporation) [File not signed] C:WindowsSystem32ReAgent.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000633344 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32RICHED20.DLL
2010-11-20 23:24 – 2010-11-20 23:24 – 000065536 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32RpcRtRemote.dll
2010-11-20 23:23 – 2010-11-20 23:23 – 000052224 _____ (Microsoft Corporation) [File not signed] C:WindowsSystem32rtutils.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000067584 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32samcli.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000232960 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32scecli.DLL
2010-11-20 23:24 – 2010-11-20 23:24 – 000867840 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32SearchFolder.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 001900544 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32SETUPAPI.dll
2010-11-20 23:23 – 2010-11-20 23:23 – 000028160 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32shgina.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000448512 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32SHLWAPI.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000015360 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32slwga.dll
2010-11-20 23:23 – 2010-11-20 23:23 – 000225280 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32SndVolSSO.DLL
2010-11-20 23:24 – 2010-11-20 23:24 – 000145920 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32SPPC.DLL
2010-11-20 23:24 – 2010-11-20 23:24 – 000128000 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32srvcli.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000257024 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32stobject.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000582656 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32sxs.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000419840 _____ (Microsoft Corporation) [File not signed] C:WindowsSystem32systemcpl.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 001197056 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32taskschd.dll
2010-11-20 23:23 – 2010-11-20 23:23 – 000112640 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32thumbcache.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000172544 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32twext.dll
2010-11-20 23:23 – 2010-11-20 23:23 – 003860992 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32UIRibbon.dll
2010-11-20 23:23 – 2010-11-20 23:23 – 001164800 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32UIRibbonRes.dll
2010-11-20 23:23 – 2010-11-20 23:23 – 000059904 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32umb.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000264192 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32upnp.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000061952 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32vss_ps.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 001753088 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32VSSAPI.DLL
2010-11-20 23:24 – 2010-11-20 23:24 – 000191488 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32wbemwmidcprv.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000754176 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32wbemwmiprvsd.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000036352 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32wdiasqmmodule.dll
2010-11-20 23:23 – 2010-11-20 23:23 – 001646080 _____ (Microsoft Corporation) [File not signed] c:windowssystem32wevtsvc.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000071680 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32wkscli.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000577536 _____ (Microsoft Corporation) [File not signed] C:WindowsSystem32wsdapi.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000026112 _____ (Microsoft Corporation) [File not signed] C:Windowssystem32WSDCHNGR.DLL
2010-11-20 23:23 – 2010-11-20 23:23 – 000485888 _____ (Microsoft Corporation) [File not signed] C:Windowssyswow64COMDLG32.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000119808 _____ (Microsoft Corporation) [File not signed] C:Windowssyswow64IMM32.dll
2010-11-20 23:23 – 2010-11-20 23:23 – 000034304 _____ (Microsoft Corporation) [File not signed] C:Windowssyswow64MSASN1.dll
2010-11-20 23:23 – 2010-11-20 23:23 – 001667584 _____ (Microsoft Corporation) [File not signed] C:Windowssyswow64SETUPAPI.dll
2010-11-20 23:23 – 2010-11-20 23:23 – 000350208 _____ (Microsoft Corporation) [File not signed] C:Windowssyswow64SHLWAPI.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000505856 _____ (Microsoft Corporation) [File not signed] C:WindowsSysWOW64taskschd.dll
2010-11-20 23:24 – 2010-11-20 23:24 – 000194048 _____ (Microsoft Corporation) [File not signed] C:WindowsSysWOW64WINMM.dll
2011-12-25 21:42 – 2011-03-03 08:10 – 000249856 _____ (Mozilla Foundation) [File not signed] E:ThunderbirdPortableAppthunderbirdfreebl3.dll
2011-12-25 21:42 – 2011-03-03 08:10 – 000098304 _____ (Mozilla Foundation) [File not signed] E:ThunderbirdPortableAppthunderbirdnssdbm3.dll
2011-12-25 21:42 – 2011-03-03 08:10 – 000155648 _____ (Mozilla Foundation) [File not signed] E:ThunderbirdPortableAppthunderbirdsoftokn3.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMBAMService => “”=”Service”
HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMBAMService => “”=”Service”

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 – 2009-06-10 17:00 – 000000824 ____N C:Windowssystem32driversetchosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLMSystemCurrentControlSetControlSession ManagerEnvironment\Path -> C:Program Files (x86)Common FilesOracleJavajavapath;C:ProgramDataOracleJavajavapath;C:Program FilesCommon FilesMicrosoft SharedWindows Live;C:Program Files (x86)Common FilesMicrosoft SharedWindows Live;c:Program Files (x86)InteliCLS Client;c:Program FilesInteliCLS Client;%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;%SYSTEMROOT%System32WindowsPowerShellv1.0;C:Program Files (x86)IntelOpenCL SDK2.0binx86;C:Program Files (x86)IntelOpenCL SDK2.0binx64;C:Program FilesIntelIntel® Management Engine ComponentsDAL;C:Program FilesIntelIntel® Management Engine ComponentsIPT;C:Program Files (x86)IntelIntel® Management Engine ComponentsDAL;C:Program Files (x86)IntelIntel® Management Engine ComponentsIPT;C:Program FilesSonyVAIO Improvement;C:Program Files (x86)SonyVAIO Startup Setting Tool;C:Program Files (x86)Windows LiveShared
HKUS-1-5-21-3268705388-2528524113-2537434403-1003Control PanelDesktop\Wallpaper -> C:UsersbigdogAppDataRoamingMicrosoftWindowsThemesTranscodedWallpaper.jpg
DNS Servers: 192.168.254.254
HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIGServices: Apple Mobile Device Service => 2
MSCONFIGServices: Bonjour Service => 2
MSCONFIGServices: IconMan_R => 2
MSCONFIGServices: Intel® ME Service => 2
MSCONFIGServices: MBAMService => 3
MSCONFIGServices: Oasis2Service => 2
MSCONFIGServices: PMBDeviceInfoProvider => 2
MSCONFIGServices: SOHCImp => 3
MSCONFIGServices: SOHDs => 3
MSCONFIGServices: Sony SCSI Helper Service => 3
MSCONFIGServices: SpfService => 3
MSCONFIGServices: TeamViewer9 => 2
MSCONFIGServices: uCamMonitor => 2
MSCONFIGServices: VAIO Event Service => 2
MSCONFIGServices: VAIO Power Management => 3
MSCONFIGServices: VCFw => 3
MSCONFIGServices: VcmIAlzMgr => 3
MSCONFIGServices: VcmINSMgr => 3
MSCONFIGServices: VcmXmlIfHelper => 3
MSCONFIGServices: VCService => 3
MSCONFIGServices: VSNService => 2
MSCONFIGServices: VUAgent => 3
MSCONFIGstartupreg: EpicGamesLauncher => “C:Program Files (x86)Epic GamesLauncherPortalBinariesWin64EpicGamesLauncher.exe” -silent

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User561F8181-84D8-454F-BA71-0AB741A539EBC:program fileshphp envy 4500 seriesbinhpnetworkcommunicatorcom.exe] => (Allow) C:program fileshphp envy 4500 seriesbinhpnetworkcommunicatorcom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [UDP Query UserF677C62B-98D4-437C-91E5-9915A297E7CAC:program fileshphp envy 4500 seriesbinhpnetworkcommunicatorcom.exe] => (Allow) C:program fileshphp envy 4500 seriesbinhpnetworkcommunicatorcom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [573D6A62-3D9B-4ADA-B86C-35BB022F7FBD] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)
FirewallRules: [075F5311-F7F4-46E4-ADEA-16D221475696] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)
FirewallRules: [4F9BD8B3-F5BA-4EAD-9F04-8A42A2229454] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)
FirewallRules: [A15897EB-4ED1-45EC-9D37-55AB98F9B420] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)
FirewallRules: [3E51022D-3756-44B3-A0A1-57D3855D556B] => (Allow) C:UsersbigdogDownloadsFirefox Installer (1).exe (Mozilla Corporation -> Mozilla)
FirewallRules: [E9FD7CE4-85C4-4E20-B2A0-F19E3CDCE321] => (Allow) C:UsersbigdogDownloadsFirefox Installer (1).exe (Mozilla Corporation -> Mozilla)
FirewallRules: [78D5813D-05F0-4925-BC92-91375BF89AFB] => (Allow) C:UsersbigdogDownloadsFirefox Installer (1).exe (Mozilla Corporation -> Mozilla)
FirewallRules: [E135107C-72B9-45C2-B7A4-D94EAFD82651] => (Allow) C:UsersbigdogDownloadsFirefox Installer (1).exe (Mozilla Corporation -> Mozilla)
FirewallRules: [85D337A0-1326-4057-80F8-9E30C2CDFA4A] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [764D4B44-7A5D-4A51-8540-90B9C76C56FF] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [71BFD126-84AF-4FF0-99CE-065C48D7CA0A] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

26-07-2020 10:00:08 Scheduled Checkpoint
27-07-2020 05:08:07 Windows Update
01-08-2020 04:42:19 Windows Update
04-08-2020 05:28:40 Windows Update
07-08-2020 05:55:26 Windows Update
15-08-2020 00:00:28 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click “Update Driver”, which starts the Hardware Update wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click “Update Driver”, which starts the Hardware Update wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click “Update Driver”, which starts the Hardware Update wizard.

==================== Event log errors: ========================

Application errors:
==================
Error: (08/15/2020 05:17:48 AM) (Source: ESENT) (EventID: 474) (User: )
Description: Catalog Database (1288) Catalog Database: The database page read from the file “C:Windowssystem32CatRoot2F750E6C3-38EE-11D1-85E5-00C04FC295EEcatdb” at offset 34340864 (0x00000000020c0000) (database page 8383 (0x20BF)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch.  The expected checksum was [a8f39e04d6efcafa] and the actual checksum was [000020bf65382677].  The read operation will fail with error -1018 (0xfffffc06).  If this condition persists then please restore the database from a previous backup.  This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

Error: (08/15/2020 05:17:06 AM) (Source: ESENT) (EventID: 474) (User: )
Description: Catalog Database (1288) Catalog Database: The database page read from the file “C:Windowssystem32CatRoot2F750E6C3-38EE-11D1-85E5-00C04FC295EEcatdb” at offset 34340864 (0x00000000020c0000) (database page 8383 (0x20BF)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch.  The expected checksum was [a8f39e04d6efcafa] and the actual checksum was [000020bf65382677].  The read operation will fail with error -1018 (0xfffffc06).  If this condition persists then please restore the database from a previous backup.  This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

Error: (08/15/2020 05:17:06 AM) (Source: ESENT) (EventID: 474) (User: )
Description: Catalog Database (1288) Catalog Database: The database page read from the file “C:Windowssystem32CatRoot2F750E6C3-38EE-11D1-85E5-00C04FC295EEcatdb” at offset 34340864 (0x00000000020c0000) (database page 8383 (0x20BF)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch.  The expected checksum was [a8f39e04d6efcafa] and the actual checksum was [000020bf65382677].  The read operation will fail with error -1018 (0xfffffc06).  If this condition persists then please restore the database from a previous backup.  This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.

Error: (08/15/2020 12:01:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: rundll32.exe_srrstr.dll, version: 6.1.7601.23755, time stamp: 0x58dd1e4f
Faulting module name: srhelper.dll, version: 6.1.7600.16385, time stamp: 0x4a5be07e
Exception code: 0xc0000005
Fault offset: 0x00000000000093ed
Faulting process id: 0x17c0
Faulting application start time: 0x01d672b88c674710
Faulting application path: C:Windowssystem32rundll32.exe
Faulting module path: C:Windowssystem32srhelper.dll
Report Id: f038e8d1-deab-11ea-99cc-08edb9d00dbe

Error: (08/15/2020 12:00:28 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.

System Error:
The parameter is incorrect.
.

Error: (08/15/2020 12:00:26 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.

System Error:
The parameter is incorrect.
.

Error: (08/14/2020 05:44:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: rundll32.exe_srrstr.dll, version: 6.1.7601.23755, time stamp: 0x58dd1e4f
Faulting module name: srhelper.dll, version: 6.1.7600.16385, time stamp: 0x4a5be07e
Exception code: 0xc0000005
Fault offset: 0x00000000000093ed
Faulting process id: 0xcc0
Faulting application start time: 0x01d6721f855f6304
Faulting application path: C:Windowssystem32rundll32.exe
Faulting module path: C:Windowssystem32srhelper.dll
Report Id: ccd79f8a-de12-11ea-99cc-08edb9d00dbe

Error: (08/14/2020 03:14:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query “SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA “Win32_Processor” AND TargetInstance.LoadPercentage > 99″ could not be reactivated in namespace “//./root/CIMV2” because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

System errors:
=============
Error: (08/15/2020 05:26:14 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume DeviceHarddiskVolume3.

Error: (08/15/2020 05:20:38 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume DeviceHarddiskVolume3.

Error: (08/15/2020 05:16:39 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume DeviceHarddiskVolume3.

Error: (08/15/2020 04:27:09 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume C:.

Error: (08/15/2020 04:26:22 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume DeviceHarddiskVolume3.

Error: (08/15/2020 04:25:48 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume C:.

Error: (08/15/2020 04:25:46 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume DeviceHarddiskVolume3.

Error: (08/15/2020 04:25:45 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume DeviceHarddiskVolume3.

Windows Defender:
===================================
Date: 2015-06-24 13:29:37.465
Description:
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature:On Access
Error Code:0x80501002
Error description:The program can’t find definition files that help detect unwanted software. Check for updates to the definition files, and then try again. For information on installing updates, see Help and Support.
Reason:Real Time Monitoring has stopped functioning for an unknown reason. Restart the service in order to recover.

==================== Memory info ===========================

BIOS: Insyde Corp. R0180E5 04/24/2012
Motherboard: Sony Corporation VAIO
Processor: Intel® Core™ i3-2370M CPU @ 2.40GHz
Percentage of memory in use: 94%
Total physical RAM: 3996.36 MB
Available physical RAM: 221.95 MB
Total Virtual: 8683.28 MB
Available Virtual: 670.71 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:446.92 GB) (Free:225.43 GB) NTFS
Drive d: (Oct 17 2018) (CDROM) (Total:0.68 GB) (Free:0 GB) UDF
Drive e: () (Removable) (Total:1.83 GB) (Free:0.99 GB) FAT

\?Volume7a1818d1-19a4-11e4-95f9-806e6f6e6963 (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.3 GB) NTFS
\?Volume7a1818d0-19a4-11e4-95f9-806e6f6e6963 (Recovery) (Fixed) (Total:18.5 GB) (Free:1.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 03107966)
Partition 1: (Not Active) – (Size=18.5 GB) – (Type=27)
Partition 2: (Active) – (Size=350 MB) – (Type=07 NTFS)
Partition 3: (Not Active) – (Size=446.9 GB) – (Type=07 NTFS)

==========================================================
Disk: 1 (Protective MBR) (Size: 1.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================