i started a topic of this in the windows 7 forum mistakenly, https://www.bleepingcomputer.com/forums/t/728640/not-genuine-windows-popup/ , so im continuing it here to try to keep in line with the rules , i guess i should start with the frst logs:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-08-2020
Ran by bigdog (administrator) on OWNER-VAIO (Sony Corporation SVE1511RFXB) (15-08-2020 05:15:44)
Running from C:UsersbigdogDownloads
Loaded Profiles: bigdog
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe
(Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:Program Files (x86)Bluetooth SuiteAdminService.exe
(Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:Program Files (x86)Bluetooth SuiteAthBtTray.exe
(Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:Program Files (x86)Bluetooth SuiteBtvStack.exe
(Atheros Communications Inc. -> Atheros) [File not signed] C:Program Files (x86)Bluetooth SuiteAth_CoexAgent.exe
(Google Inc -> Google Inc.) C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:Program Files (x86)HpCommonHPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:Program Files (x86)HpHP Software Updatehpwuschd2.exe
(Intel Corporation -> Intel Corporation) C:Program Files (x86)IntelIntel® Management Engine ComponentsDALJhi_service.exe
(Intel Corporation -> Intel Corporation) C:Program Files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exe
(Intel Corporation -> Intel Corporation) C:Program Files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe
(Intel Corporation -> Intel Corporation) C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorDataMgrSvc.exe
(Intel Corporation -> Intel Corporation) C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorIcon.exe
(Intel Corporation -> Intel Corporation) C:Program Files (x86)IntelIntel® USB 3.0 eXtensible Host Controller DriverApplicationiusb3mon.exe
(Intel Corporation -> Intel Corporation) C:WindowsSystem32hkcmd.exe
(Intel Corporation -> Intel Corporation) C:WindowsSystem32igfxpers.exe
(Intel Corporation -> Intel Corporation) C:WindowsSystem32igfxtray.exe
(Intel® Upgrade Service -> Intel® Corporation) C:Program FilesInteliCLS ClientHeciServer.exe
(Microsoft Corporation -> Microsoft Corp.) C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:Program Files (x86)Common Filesmicrosoft sharedVirtualization HandlerCVHSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:Program Files (x86)Microsoft Application Virtualization Clientsftlist.exe
(Microsoft Corporation -> Microsoft Corporation) C:Program Files (x86)Microsoft Application Virtualization Clientsftvsa.exe
(Microsoft Corporation) [File not signed] C:WindowsSystem32lsm.exe
(Microsoft Corporation) [File not signed] C:WindowsSystem32slui.exe <2>
(Microsoft Corporation) [File not signed] C:WindowsSystem32taskeng.exe <3>
(Microsoft Corporation) [File not signed] C:WindowsSystem32VSSVC.exe
(Microsoft Corporation) [File not signed] C:WindowsSystem32wbemWmiPrvSE.exe
(Microsoft Windows -> Microsoft Corporation) C:Program FilesWindows Media Playerwmprph.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32mspaint.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32prevhost.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32wlanext.exe
(Mozilla Corporation -> Mozilla Corporation) C:Program FilesMozilla Firefoxfirefox.exe <13>
(Mozilla Messaging Inc. -> Mozilla Messaging) E:ThunderbirdPortableAppThunderbirdthunderbird.exe
(Oracle America, Inc. -> Oracle Corporation) C:Program Files (x86)Common FilesJavaJava Updatejucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:Program Files (x86)Common FilesJavaJava Updatejusched.exe
(Rare Ideas, LLC -> PortableApps.com) E:ThunderbirdPortableThunderbirdPortable.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARAVBg64.exe
(Sony Corporation -> Sony Corporation) C:Program Files (x86)SonyISB UtilityISBMgr.exe
(Sony Corporation -> Sony Corporation) C:Program Files (x86)SonyPlayMemories HomePMBVolumeWatcher.exe
(Sony Corporation -> Sony Corporation) C:Program FilesSonyVAIO Improvementvim.exe <2>
(Sony Corporation of America -> ) C:Program Files (x86)SonyKeyboard ShortcutsKeyboardShortcuts.exe
(Symantec Corporation -> Symantec Corporation) C:Program FilesCommon FilesAVNorton SecurityUpgrade.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:Program FilesSynapticsSynTPSynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:Program FilesSynapticsSynTPSynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM…Run: [RtHDVBg] => C:Program FilesRealtekAudioHDARAVBg64.exe [1156712 2012-03-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM…Run: [AtherosBtStack] => C:Program Files (x86)Bluetooth SuiteBtvStack.exe [1020576 2012-02-23] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
HKLM…Run: [AthBtTray] => C:Program Files (x86)Bluetooth SuiteAthBtTray.exe [800416 2012-02-23] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
HKLM…Run: [SynTPEnh] => C:Program FilesSynapticsSynTPSynTPEnh.exe [2885904 2012-03-13] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM…Run: [Logitech Download Assistant] => C:WindowsSystem32LogiLDA.dll [1832760 2012-09-20] (Logitech -> Logitech, Inc.)
HKLM-x32…Run: [IAStorIcon] => C:Program Files (x86)IntelIntel® Rapid Storage TechnologyIAStorIcon.exe [284440 2011-11-29] (Intel Corporation -> Intel Corporation)
HKLM-x32…Run: [USB3MON] => C:Program Files (x86)IntelIntel® USB 3.0 eXtensible Host Controller DriverApplicationiusb3mon.exe [291608 2012-02-22] (Intel Corporation -> Intel Corporation)
HKLM-x32…Run: [] => [X]
HKLM-x32…Run: [ISBMgr.exe] => C:Program Files (x86)SonyISB UtilityISBMgr.exe [60552 2011-09-20] (Sony Corporation -> Sony Corporation)
HKLM-x32…Run: [PMBVolumeWatcher] => c:Program Files (x86)SonyPlayMemories HomePMBVolumeWatcher.exe [693608 2012-02-21] (Sony Corporation -> Sony Corporation)
HKLM-x32…Run: [Adobe ARM] => C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe [1160408 2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32…Run: [HP Software Update] => C:Program Files (x86)HpHP Software UpdateHPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32…Run: [Adobe Reader Speed Launcher] => “C:Program Files (x86)AdobeReader 10.0ReaderReader_sl.exe”
HKLM-x32…Run: [SunJavaUpdateSched] => C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM…Winlogon: [Userinit] C:Windowssystem32userinit.exe [30720 2010-11-20] (Microsoft Corporation) [File not signed]
HKLM-x32…Winlogon: [Userinit] C:WindowssysWOW64userinit.exe [26624 2010-11-20] (Microsoft Corporation) [File not signed]
HKUS-1-5-18…RunOnce: [iCloud] => “C:Program Files (x86)Common FilesAppleInternet ServicesiCloud.exe”
HKLM…PrintMonitorsHP C211 Status Monitor: C:Windowssystem32hpinkstsC211LM.dll [333496 2013-01-08] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM…PrintMonitorsHP C511 Status Monitor: C:Windowssystem32hpinkstsC511LM.dll [333496 2012-12-15] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM…PrintMonitorsHP Discovery Port Monitor (HP Deskjet 2540 series): C:Windowssystem32HPDiscoPMC211.dll [763912 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM…PrintMonitorsHP Discovery Port Monitor (HP ENVY 4500 series): C:Windowssystem32HPDiscoPMC511.dll [763912 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLMSoftwareMicrosoftActive SetupInstalled Components: [2D46B6DC-2207-486B-B523-A557E6D54B47] -> C:Windowssystem32cmd.exe /D /C start C:Windowssystem32ie4uinit.exe -ClearIconCache
HKLMSoftwareMicrosoftActive SetupInstalled Components: [8A69D345-D564-463c-AFF1-A69D9E530F96] -> C:Program Files (x86)GoogleChromeApplication84.0.4147.125Installerchrmstp.exe [2020-08-10] (Google LLC -> Google LLC)
HKLMSoftwareWow6432NodeMicrosoftActive SetupInstalled Components: [8A69D345-D564-463c-AFF1-A69D9E530F96] -> “C:Program Files (x86)GoogleChromeApplication58.0.3029.81Installerchrmstp.exe” –configure-user-settings –verbose-logging –system-level
HKLMSoftware…AuthenticationCredential Providers: [ACFC407B-266C-8504-8DAE-F3E276336E4B] -> C:Windowssystem32AthCredentialProvider.dll [2012-02-23] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
HKLMSoftware…AuthenticationCredential Providers: [F8A0B131-5F68-486c-8040-7E8FC3C85BB6] -> C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDCREDPROV.DLL [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
HKLMSoftware…AuthenticationCredential Provider Filters: [ACFC407B-266C-8504-8DAE-F3E276336E4B] -> C:Windowssystem32AthCredentialProvider.dll [2012-02-23] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
Startup: C:UsersOwnerAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupMonitor Ink Alerts – HP Deskjet 2540 series.lnk [2019-01-02]
ShortcutAndArgument: Monitor Ink Alerts – HP Deskjet 2540 series.lnk -> C:Windowssystem32RunDll32.exe => “C:Program FilesHPHP Deskjet 2540 seriesbinHPStatusBL.dll”,RunDLLEntry SERIALNUMBER=CN45G3F1520604;CONNECTION=USB;MONITOR=1;
BootExecute: autocheck autochk *
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: 158A16F8-06C1-46E4-AD2E-065A1EE45CEF – System32TasksMicrosoftWindowsMedia CenterPvrScheduleTask => C:Windowsehomemcupdate.exe [198656 2017-12-31] (Microsoft Corporation) [File not signed]
Task: 19F8E268-B722-46BB-8088-BB94502AE34E – System32TasksSony CorporationXperia LinkXperia Link Logon Start => C:Program Files (x86)SonyXperia LinkXperia Link.exe [1001560 2013-03-26] (Sony Corporation -> Sony Corporation)
Task: 1B287017-9F57-4458-880B-3839F9B17B08 – System32TasksVAIO Health Report => C:Program Files (x86)SonyVAIO Health ReportVAIOHealthReport.exe
Task: 1E59BF56-14ED-4708-9DD9-5ACA63075197 – System32TasksHPCustParticipation HP Deskjet 2540 series => C:Program FilesHPHP Deskjet 2540 seriesBinHPCustPartic.exe [5745672 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
Task: 201C92EE-558A-44A1-B581-280183B58CCD – System32TasksSony CorporationVAIO Control CenterLevel4Month => C:Program Files (x86)SonyVAIO Control CenterWBCBatteryCare.exe [2312328 2012-03-07] (Sony Corporation -> Sony Corporation)
Task: 208A1F91-9B68-4FA2-8095-DF7FB9349F35 – System32TasksAdobe Flash Player NPAPI Notifier => C:WindowsSysWOW64MacromedFlashFlashUtil32_32_0_0_387_Plugin.exe
Task: 250D4E83-97B9-40B6-9432-EA68FA1EDD32 – System32TasksSony CorporationVAIO ImprovementVAIOImprovementMonitorUser => C:Program FilesSonyVAIO Improvementvim.exe [356440 2013-03-29] (Sony Corporation -> Sony Corporation)
Task: 36FF4F33-7FA9-4D31-8DC6-CDE8BBF820F7 – System32TasksMicrosoftWindowsMedia CenterSqlLiteRecoveryTask => C:Windowsehomemcupdate.exe [198656 2017-12-31] (Microsoft Corporation) [File not signed]
Task: 3E4BF444-D9B6-4335-9C9D-0A3C95994CE1 – System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [144200 2015-09-02] (Google Inc -> Google Inc.)
Task: 4783729B-DC16-4612-88EB-15FCBB86054B – System32TasksSony CorporationVAIO GateVAIO Gate => C:Program FilesSonyVAIO GateVAIO Gate.exe [2357408 2011-09-23] (Sony Corporation -> Sony Corporation)
Task: 57569255-E8EC-4F5F-88F0-E9EF97534E5F – System32TasksMicrosoftWindowsMedia CenterMediaCenterRecoveryTask => C:Windowsehomemcupdate.exe [198656 2017-12-31] (Microsoft Corporation) [File not signed]
Task: 5A09FD78-466E-4128-9778-BF2E925A9EA0 – System32TasksSony CorporationVAIO Control CenterLevel4Daily => C:Program Files (x86)SonyVAIO Control CenterWBCBatteryCare.exe [2312328 2012-03-07] (Sony Corporation -> Sony Corporation)
Task: 5F0BA893-3829-4188-906A-E49E214ED891 – System32TasksHPCustParticipation HP ENVY 4500 series => C:Program FilesHPHP ENVY 4500 seriesBinHPCustPartic.exe [5745672 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Task: 6076B22F-1FDD-4815-B540-8EF9470D4AF6 – System32TasksMicrosoftWindowsMedia Centermcupdate => C:Windowsehomemcupdate.exe [198656 2017-12-31] (Microsoft Corporation) [File not signed]
Task: 6607233E-29D4-4E7B-A205-4519136AA084 – System32TasksMicrosoftWindowsMedia CenterPeriodicScanRetry => C:WindowsehomeMCUpdate.exe [198656 2017-12-31] (Microsoft Corporation) [File not signed]
Task: 75CECDF5-FBE1-4C14-A2AA-7AC14C5012A1 – System32TasksAdobe Flash Player Updater => C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [335416 2020-08-11] (Adobe Inc. -> Adobe)
Task: 7B92E593-E104-404C-B415-F7C01D2602F9 – System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [144200 2015-09-02] (Google Inc -> Google Inc.)
Task: 7FC83EBF-E639-4698-AE20-3FFA5EED2CA7 – System32TasksSonyKeyboard Shortcuts => C:Program Files (x86)SonyKeyboard ShortcutsKeyboardShortcuts.exe [477816 2012-03-20] (Sony Corporation of America -> )
Task: 80AB7A0E-EFDB-4027-B9D2-0C6FDE3A0CFA – System32TasksMicrosoftWindowsMedia CenterObjectStoreRecoveryTask => C:Windowsehomemcupdate.exe [198656 2017-12-31] (Microsoft Corporation) [File not signed]
Task: 8158DF18-5896-4E59-978B-77F87ED1A829 – System32TasksMozillaFirefox Default Browser Agent 308046B0AF4A39CB => C:Program FilesMozilla Firefoxdefault-browser-agent.exe [123600 2020-07-31] (Mozilla Corporation -> Mozilla Foundation)
Task: 8771B1A5-716D-4155-BC9D-7542F305A63F – System32TasksMicrosoftWindowsWindows Activation TechnologiesValidationTaskDeadline => C:Windowssystem32schtasks.exe [285696 2010-11-20] (Microsoft Corporation) [File not signed]
Task: 89E8613E-B112-4EB9-979F-167AB45D87FC – System32TasksSony CorporationBP CheckerCheckBPStatusCreate => C:Program FilesSonyBP CheckerBPChecker.exe [47672 2016-11-29] (Sony Corporation -> Sony Corporation)
Task: 8FB9BCE7-08E8-4F3F-91A6-B1AFA3ACE934 – System32TasksSony CorporationVAIO ImprovementVAIOImprovementMonitorSystem => C:Program FilesSonyVAIO Improvementvim.exe [356440 2013-03-29] (Sony Corporation -> Sony Corporation)
Task: 933105D5-5155-4613-BAF1-9A362D2525DD – System32TasksRemediationAntimalwareMigrationTask => C:Program FilesCommon FilesAVNorton SecurityUpgrade.exe [3073304 2016-01-06] (Symantec Corporation -> Symantec Corporation)
Task: A22CFD98-53DC-4068-ABA6-94B0CA8733E4 – System32TasksSony CorporationVAIO Smart NetworkVSN Logon Start => net [Argument = start VSNService]
Task: A38A6B4C-84E2-424A-8221-DCE3782A2A36 – System32TasksHP AR Program Upload – 14b2ceb39da0420db574af67be9cc409318a5a4988d146b3a18d0413320c1e06 => C:Program FilesHPHP Deskjet 2540 seriesbinHPRewards.exe [3495432 2014-03-06] (Hewlett Packard -> TODO: <Company name>)
Task: AC4E5ACF-89F7-4220-BA21-81EE183975E2 – System32TasksMicrosoftWindowsApplication ExperienceAitAgent => C:Windowssystem32aitagent.exe [122880 2010-11-20] (Microsoft Corporation) [File not signed]
Task: BF435641-F224-4E53-83A1-438B75E5A846 – System32TasksMicrosoftWindows LiveSOXEExtractor Definitions Update Task => 3519154C-227E-47F3-9CC9-12C3F05817F1
Task: D7355677-5A43-48E5-B6F3-05828EEED38A – System32TasksSony CorporationVAIO GateStartExecuteProxy => C:Program FilesSonyVAIO GateExecutionProxy.exe [401568 2011-09-23] (Sony Corporation -> Sony Corporation)
Task: E022E13F-AEF8-4DDF-9FA0-8428E35EB8A5 – System32TasksMicrosoftWindowsMedia CenterPvrRecoveryTask => C:Windowsehomemcupdate.exe [198656 2017-12-31] (Microsoft Corporation) [File not signed]
Task: E32C2DFE-BAC0-4C0E-B1FE-BE8BC0BACD09 – System32TasksSony CorporationBP CheckerCheckBPStatusLogon => C:Program FilesSonyBP CheckerBPChecker.exe [47672 2016-11-29] (Sony Corporation -> Sony Corporation)
Task: EACA24FF-236C-401D-A1E7-B3D5267B8A50 – System32TasksMicrosoftWindowsRACRacTask => 42060D27-CA53-41f5-96E4-B1E8169308A6 C:Windowssystem32RacEngn.dll [1556992 2010-11-20] (Microsoft Corporation) [File not signed]
Task: F62FFFE9-7F45-42F4-8B08-8EBB7535FB81 – System32TasksVHDInformationCheck => C:Program Files (x86)SonyVAIO RecoverypluginsInformationCheck.exe [1865352 2012-02-24] (Sony Corporation -> Sony Corporation)
Task: FB74B898-E8D5-4668-83BC-E7FC52270CBE – System32TasksSony CorporationVAIO Gesture ControlVCGULogonTask => C:Program Files (x86)SonyVAIO Camera Gesture UtilityVCGU.exe [718472 2011-12-27] (Sony Corporation -> Sony Corporation)
Task: FC92DBA0-C63E-41D0-BB8A-DF5C33B8A944 – System32TasksSony CorporationVAIO ImprovementVAIOImprovementUploader => C:Program FilesSonyVAIO Improvementviuploader.exe [428680 2011-12-27] (Sony Corporation -> Sony Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDNSP.DLL [171392 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 09 C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDNSP.DLL [171392 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
TcpipParameters: [DhcpNameServer] 192.168.254.254
Tcpip..Interfaces16DAD0B2-ED1B-4FE9-8EB0-0496724D0E60: [DhcpNameServer] 192.168.254.254
Tcpip..InterfacesE06FE4BD-F016-4612-B84D-AC20ACEC44E5: [DhcpNameServer] 192.168.254.254
Internet Explorer:
==================
HKUS-1-5-21-3268705388-2528524113-2537434403-1003SoftwareMicrosoftInternet ExplorerMain,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL = hxxp://www.bing.com/search?q=searchTerms&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKLM -> 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL = hxxp://www.bing.com/search?q=searchTerms&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL = hxxp://www.bing.com/search?q=searchTerms&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKLM-x32 -> 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL = hxxp://www.bing.com/search?q=searchTerms&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKUS-1-5-21-3268705388-2528524113-2537434403-1003 -> DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL =
SearchScopes: HKUS-1-5-21-3268705388-2528524113-2537434403-1003 -> 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL =
BHO: Windows Live ID Sign-in Helper -> 9030D464-4C02-4ABF-8ECC-5164760863C6 -> C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Java Plug-In SSV Helper -> 761497BB-D6F0-462C-B6EB-D4DAF1D92D43 -> C:Program Files (x86)Javajre1.8.0_251binssv.dll [2020-06-09] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> 8D10F6C4-0E01-4BD4-8601-11AC1FDF8126 -> C:Program Files (x86)Bluetooth SuiteIEPlugIn.dll [2012-02-23] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
BHO-x32: Windows Live ID Sign-in Helper -> 9030D464-4C02-4ABF-8ECC-5164760863C6 -> C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Java Plug-In 2 SSV Helper -> DBC80044-A445-435b-BC74-9C25C1C588A9 -> C:Program Files (x86)Javajre1.8.0_251binjp2ssv.dll [2020-06-09] (Oracle America, Inc. -> Oracle Corporation)
FireFox:
========
FF DefaultProfile: 25xgp332.default-1595765038196
FF ProfilePath: C:UsersbigdogAppDataRoamingMozillaFirefoxProfiles25xgp332.default-1595765038196 [2020-08-15]
FF Extension: (No Name) – C:UsersbigdogAppDataRoamin[email protected]video_downloader_pro.xpi [2020-07-26] [not signed]
FF Extension: (No Name) – C:UsersbigdogAppDataRoamingMozillaFi[email protected]ant.com.xpi [2020-07-26] [not signed]
FF Extension: (No Name) – C:UsersbigdogAppDataRoamingMozillaFirefoxProfiles25xgp332.default-1595765038196Extensions73a6fe31-595d-460b-a920-fcc0f8843232.xpi [2020-08-11] [not signed]
FF Extension: (No Name) – C:UsersbigdogAppDataRoamingMozillaFirefoxProfiles25xgp332.default-1595765038196Extensionsb9db16a4-6edc-47ec-a1f4-b86292ed211d.xpi [2020-07-26] [not signed]
FF Extension: (No Name) – C:UsersbigdogAppDataRoamingMozillaFirefoxProfiles25xgp332.default-1595765038196Extensionsd10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d.xpi [2020-08-07] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:Windowssystem32MacromedFlashNPSWF64_32_0_0_414.dll [2020-08-11] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:Program FilesMicrosoft Silverlight5.1.30514.0npctrl.dll [2014-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:Program FilesVideoLANVLCnpvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:WindowsSysWOW64MacromedFlashNPSWF32_32_0_0_414.dll [2020-08-11] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:Program Files (x86)IntelIntel® Management Engine ComponentsIPTnpIntelWebAPIIPT.dll [2012-03-13] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:Program Files (x86)IntelIntel® Management Engine ComponentsIPTnpIntelWebAPIUpdater.dll [2012-03-13] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:Program Files (x86)Javajre1.8.0_251bindtpluginnpDeployJava1.dll [2020-06-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:Program Files (x86)Javajre1.8.0_251binplugin2npjp2.dll [2020-06-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:Program Files (x86)Microsoft Silverlight5.1.30514.0npctrl.dll [2014-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:PROGRA~2MICROS~1Office14NPSPWRAP.DLL [2011-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 -> C:Program Files (x86)SonyPLAYSTATION Network Downloadernppsndl.dll [2011-08-03] (Sony Computer Entertainment Inc. -> Sony Computer Entertainment Inc.)
FF Plugin-x32: @sony.com/ReaderDesktop -> C:Program Files (x86)SonyReaderDesktopnpreaderdetectmoz.dll [2011-10-07] (Sony Corporation) [File not signed]
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:Program Files (x86)SonyMedia Gonpmediago.dll [2011-08-02] (Sony Network Entertainment International LLC) [File not signed]
FF Plugin-x32: Adobe Reader -> C:Program Files (x86)AdobeReader 11.0ReaderAIRnppdf32.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:UsersbigdogAppDataLocalGoogleChromeUser DataDefault [2020-07-26]
CHR Extension: (Chrome Web Store Payments) – C:UsersbigdogAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2020-06-09]
CHR Extension: (Chrome Media Router) – C:UsersbigdogAppDataLocalGoogleChromeUser DataDefaultExtensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-09]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACDaemon; C:Program Files (x86)Common FilesArcSoftConnection ServiceBinACService.exe [113152 2010-03-18] (ArcSoft, Inc. -> ArcSoft Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [335416 2020-08-11] (Adobe Inc. -> Adobe)
R2 AtherosSvc; C:Program Files (x86)Bluetooth Suiteadminservice.exe [106144 2012-02-23] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
R3 BITS; C:WindowsSystem32qmgr.dll [849920 2010-11-20] (Microsoft Corporation) [File not signed]
S3 CertPropSvc; C:WindowsSystem32certprop.dll [80384 2010-11-20] (Microsoft Corporation) [File not signed]
S3 DCDhcpService; C:Program FilesSonyVAIO Smart NetworkWFDADCDhcpService.exe [112256 2012-03-21] (Qualcomm Atheros -> Atheros Communication Inc.) [File not signed]
S3 dot3svc; C:WindowsSystem32dot3svc.dll [252416 2010-11-20] (Microsoft Corporation) [File not signed]
R2 DPS; C:Windowssystem32dps.dll [162816 2010-11-20] (Microsoft Corporation) [File not signed]
R2 eventlog; C:WindowsSystem32wevtsvc.dll [1646080 2010-11-20] (Microsoft Corporation) [File not signed]
S3 hkmsvc; C:Windowssystem32kmsvc.dll [90624 2010-11-20] (Microsoft Corporation) [File not signed]
S3 HomeGroupProvider; C:WindowsSysWOW64provsvc.dll [165376 2010-11-20] (Microsoft Corporation) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:Program Files (x86)HpCommonHPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company -> Hewlett-Packard Company)
S4 IconMan_R; C:Program Files (x86)RealtekRealtek PCIE Card ReaderRIconMan.exe [2429544 2012-02-08] (Realtek Semiconductor Corp -> Realsil Microelectronics Inc.)
R2 Intel® Capability Licensing Service Interface; c:Program FilesInteliCLS ClientHeciServer.exe [628448 2012-02-03] (Intel® Upgrade Service -> Intel® Corporation)
S4 MBAMService; C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe [6970968 2020-08-14] (Malwarebytes Inc -> Malwarebytes)
S3 napagent; C:Windowssystem32qagentRT.dll [476160 2010-11-20] (Microsoft Corporation) [File not signed]
S4 Oasis2Service; C:Program Files (x86)DDNiOasis2ServiceOasis2Service.exe [61440 2013-07-02] (Digital Delivery Networks, Inc.) [File not signed]
S4 PMBDeviceInfoProvider; c:Program Files (x86)SonyPlayMemories HomePMBDeviceInfoProvider.exe [473960 2012-02-21] (Sony Corporation -> Sony Corporation)
S3 RasMan; C:WindowsSystem32rasmans.dll [344064 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SCPolicySvc; C:WindowsSystem32certprop.dll [80384 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:Windowssystem32sessenv.dll [121856 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:WindowsSysWOW64sessenv.dll [113664 2010-11-20] (Microsoft Corporation) [File not signed]
S4 Sony SCSI Helper Service; C:Program Files (x86)Common FilesSony SharedFskSonySCSIHelperService.exe [73728 2011-09-23] (Sony Corporation) [File not signed]
S2 sppsvc; C:Windowssystem32sppsvc.exe [3524608 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TapiSrv; C:WindowsSystem32tapisrv.dll [316928 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TapiSrv; C:WindowsSysWOW64tapisrv.dll [242176 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TrustedInstaller; C:WindowsservicingTrustedInstaller.exe [194048 2010-11-20] (Microsoft Corporation) [File not signed]
S4 uCamMonitor; C:Program Files (x86)ArcSoftMagic-i Visual Effects 2uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc. -> ArcSoft, Inc.)
S3 vds; C:WindowsSystem32vds.exe [533504 2010-11-20] (Microsoft Corporation) [File not signed]
R3 VSS; C:Windowssystem32vssvc.exe [1600512 2010-11-20] (Microsoft Corporation) [File not signed]
R3 WdiServiceHost; C:WindowsSysWOW64wdi.dll [76288 2009-07-13] () [File not signed]
S3 WdiSystemHost; C:WindowsSysWOW64wdi.dll [76288 2009-07-13] () [File not signed]
R2 WinDefend; C:Program FilesWindows Defendermpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE [2292096 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
R2 ZAtheros Bt&Wlan Coex Agent; C:Program Files (x86)Bluetooth SuiteAth_CoexAgent.exe [158880 2012-02-23] (Atheros Communications Inc. -> Atheros) [File not signed]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ArcSoftKsUFilter; C:WindowsSystem32DRIVERSArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc. -> ArcSoft, Inc.)
R3 athr; C:WindowsSystem32DRIVERSathrx.sys [2807808 2012-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 BTATH_VDP; C:WindowsSystem32driversbtath_vdp.sys [421664 2012-02-23] (Atheros Communications Inc. -> Atheros)
S4 cdfs; C:WindowsSystem32DRIVERScdfs.sys [92672 2019-02-10] (Microsoft Corporation) [File not signed]
S3 IpFilterDriver; C:WindowsSystem32DRIVERSipfltdrv.sys [82944 2010-11-20] (Microsoft Corporation) [File not signed]
R2 MBAMChameleon; C:WindowsSystem32DriversMbamChameleon.sys [216056 2020-08-14] (Malwarebytes Inc -> Malwarebytes)
S3 MBAMSwissArmy; C:WindowsSystem32Driversmbamswissarmy.sys [248968 2020-08-14] (Malwarebytes Inc -> Malwarebytes)
R3 Ndisuio; C:WindowsSystem32DRIVERSndisuio.sys [56832 2010-11-20] (Microsoft Corporation) [File not signed]
R3 NdisWan; C:WindowsSystem32DRIVERSndiswan.sys [164352 2010-11-20] (Microsoft Corporation) [File not signed]
R3 PptpMiniport; C:WindowsSystem32DRIVERSraspptp.sys [111104 2010-11-20] (Microsoft Corporation) [File not signed]
R3 Rasl2tp; C:WindowsSystem32DRIVERSrasl2tp.sys [129536 2010-11-20] (Microsoft Corporation) [File not signed]
S3 scfilter; C:WindowsSystem32DRIVERSscfilter.sys [29696 2010-11-20] (Microsoft Corporation) [File not signed]
R3 SFEP; C:WindowsSystem32DRIVERSSFEP.sys [14336 2012-01-16] (Microsoft Windows Hardware Compatibility Publisher -> Sony Corporation)
R3 Sftfs; C:WindowsSystem32DRIVERSSftfswin7.sys [768680 2013-06-26] (Microsoft Corporation -> Microsoft Corporation)
R3 Sftplay; C:WindowsSystem32DRIVERSSftplaywin7.sys [273576 2013-06-26] (Microsoft Corporation -> Microsoft Corporation)
R3 Sftredir; C:WindowsSystem32DRIVERSSftredirwin7.sys [29352 2013-06-26] (Microsoft Corporation -> Microsoft Corporation)
R3 Sftvol; C:WindowsSystem32DRIVERSSftvolwin7.sys [23208 2013-06-26] (Microsoft Corporation -> Microsoft Corporation)
R3 tunnel; C:WindowsSystem32DRIVERStunnel.sys [125440 2010-11-20] (Microsoft Corporation) [File not signed]
R4 udfs; C:WindowsSystem32DRIVERSudfs.sys [328192 2019-02-10] (Microsoft Corporation) [File not signed]
S3 USBAAPL64; C:WindowsSystem32Driversusbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [File not signed]
S3 semav6msr64; ??C:Windowssystem32driverssemav6msr64.sys [X]
S3 semav6thermal64ro; ??C:Windowssystem32driverssemav6thermal64ro.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-08-15 05:15 – 2020-08-15 05:17 – 000033993 _____ C:UsersbigdogDownloadsFRST.txt
2020-08-15 05:14 – 2020-08-15 05:17 – 000000000 ____D C:FRST
2020-08-15 05:13 – 2020-08-15 05:13 – 002296320 _____ (Farbar) C:UsersbigdogDownloadsFRST64.exe
2020-08-14 03:13 – 2020-08-14 03:13 – 000000000 ___RD C:UsersbigdogAppDataRoamingMicrosoftWindowsStart MenuProgramsBT Devices
2020-08-14 03:00 – 2020-08-14 03:00 – 000001643 _____ C:UsersbigdogDesktopfusioncore.txt
2020-08-14 02:34 – 2020-08-14 02:34 – 000248968 _____ (Malwarebytes) C:Windowssystem32Driversmbamswissarmy.sys
2020-08-14 02:34 – 2020-08-14 02:34 – 000001960 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes.lnk
2020-07-31 02:50 – 2020-07-31 02:50 – 000000000 ____D C:Windowssystem32TasksMozilla
2020-07-31 00:06 – 2020-08-07 02:42 – 000000000 ____D C:Program FilesMozilla Firefox
2020-07-28 00:01 – 2020-07-28 00:01 – 000278864 _____ C:WindowsMinidump 72820-104239-01.dmp
2020-07-26 08:32 – 2020-07-26 08:32 – 000000936 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsFirefox.lnk
2020-07-26 08:32 – 2020-07-26 08:32 – 000000924 _____ C:UsersPublicDesktopFirefox.lnk
2020-07-26 08:32 – 2020-07-26 08:32 – 000000924 _____ C:ProgramDataDesktopFirefox.lnk
2020-07-26 05:38 – 2020-07-26 05:38 – 002665176 _____ (Trend Micro Inc.) C:UsersbigdogDownloadsHousecallLauncher64(1).exe
2020-07-26 05:34 – 2020-07-26 05:37 – 000000000 ____D C:Usersbigdogdwhelper
2020-07-26 05:33 – 2020-07-26 05:34 – 000000000 ____D C:Program Filesnet.downloadhelper.coapp
2020-07-26 05:27 – 2020-07-26 05:28 – 043467824 _____ (DownloadHelper ) C:UsersbigdogDownloadsVdhCoAppSetup-1.5.0.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-08-15 05:13 – 2009-07-14 00:45 – 000032384 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-08-15 05:13 – 2009-07-14 00:45 – 000032384 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-08-14 20:29 – 2019-12-13 06:40 – 000000000 ___HD C:UsersbigdogDownloads386
2020-08-14 03:15 – 2019-01-02 06:26 – 000000000 ____D C:UsersbigdogAppDataLocalLowMozilla
2020-08-14 03:12 – 2009-07-14 01:08 – 000000006 ____H C:WindowsTasksSA.DAT
2020-08-14 03:10 – 2019-07-20 03:53 – 000000024 _____ C:Usersbigdograndom.dat
2020-08-14 02:34 – 2020-03-26 03:23 – 000216056 _____ (Malwarebytes) C:Windowssystem32DriversMbamChameleon.sys
2020-08-14 02:34 – 2019-07-22 00:11 – 000001948 _____ C:UsersPublicDesktopMalwarebytes.lnk
2020-08-14 02:34 – 2019-07-22 00:11 – 000001948 _____ C:ProgramDataDesktopMalwarebytes.lnk
2020-08-14 02:32 – 2019-07-22 00:11 – 000153312 _____ (Malwarebytes) C:Windowssystem32Driversmbae64.sys
2020-08-12 23:38 – 2019-07-20 03:52 – 000000024 _____ C:Usersbigdogjagexappletviewer.preferences
2020-08-12 23:36 – 2019-07-20 03:53 – 000000045 _____ C:Usersbigdogjagex_cl_oldschool_LIVE.dat
2020-08-11 19:16 – 2020-07-15 03:33 – 006247480 _____ (Adobe) C:WindowsSysWOW64FlashPlayerInstaller.exe
2020-08-11 19:16 – 2014-08-01 15:12 – 000842296 _____ (Adobe) C:WindowsSysWOW64FlashPlayerApp.exe
2020-08-11 19:16 – 2014-08-01 15:12 – 000175160 _____ (Adobe) C:WindowsSysWOW64FlashPlayerCPLApp.cpl
2020-08-11 19:16 – 2014-08-01 15:11 – 000000000 ____D C:WindowsSysWOW64Macromed
2020-08-11 19:16 – 2014-08-01 15:11 – 000000000 ____D C:Windowssystem32Macromed
2020-08-10 19:47 – 2014-08-04 10:10 – 000002224 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk
2020-08-07 02:42 – 2018-06-12 18:05 – 000000000 ____D C:Program Files (x86)Mozilla Maintenance Service
2020-07-28 00:01 – 2020-04-02 09:42 – 384151793 _____ C:WindowsMEMORY.DMP
2020-07-28 00:01 – 2020-04-02 09:42 – 000000000 ____D C:WindowsMinidump
2020-07-26 08:04 – 2020-06-09 06:48 – 000000000 ____D C:UsersbigdogDesktopOld Firefox Data
2020-07-26 07:36 – 2019-01-02 06:17 – 000000000 ____D C:UsersbigdogAppDataLocalCrashDumps
2020-07-26 05:34 – 2019-01-02 05:12 – 000000000 ____D C:Usersbigdog
2020-07-17 07:28 – 2019-01-02 05:13 – 000000000 ____D C:UsersbigdogDocumentsBluetooth Folder
==================== Files in the root of some directories ========
2019-07-27 12:59 – 2019-07-27 12:59 – 000375844 _____ () C:UsersbigdogAppDataLocalars.cache
2019-07-27 13:00 – 2019-07-27 13:00 – 000694174 _____ () C:UsersbigdogAppDataLocalcensus.cache
2019-07-27 05:19 – 2019-07-27 05:19 – 000000036 _____ () C:UsersbigdogAppDataLocalhousecall.guid.cache
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
C:Windowssystem32userinit.exe => MD5 is legit
C:WindowsSysWOW64userinit.exe => MD5 is legit
LastRegBack: 2020-08-15 00:43
==================== End of FRST.txt ========================
and it did another one:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-08-2020
Ran by bigdog (15-08-2020 05:19:38)
Running from C:UsersbigdogDownloads
Windows 7 Home Premium Service Pack 1 (X64) (2014-08-01 17:57:23)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3268705388-2528524113-2537434403-500 – Administrator – Disabled)
bigdog (S-1-5-21-3268705388-2528524113-2537434403-1003 – Administrator – Enabled) => C:Usersbigdog
Guest (S-1-5-21-3268705388-2528524113-2537434403-501 – Limited – Disabled)
HomeGroupUser$ (S-1-5-21-3268705388-2528524113-2537434403-1002 – Limited – Enabled)
Owner (S-1-5-21-3268705388-2528524113-2537434403-1000 – Administrator – Enabled) => C:UsersOwner
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled – Up to date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46
==================== Installed Programs ======================
(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3D Home Architect 4 (HKLM-x32…3D Home Architect 4) (Version: – )
7-Zip 9.20 (x64 edition) (HKLM…23170F69-40C1-2702-0920-000001000000) (Version: 9.20.00.0 – Igor Pavlov)
ACID Music Studio 8.0 (HKLM-x32…7A6374F0-6D04-11E0-92E0-005056C00008) (Version: 8.0.178 – Sony) Hidden
Adobe Flash Player 32 ActiveX (HKLM-x32…Adobe Flash Player ActiveX) (Version: 32.0.0.414 – Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32…Adobe Flash Player NPAPI) (Version: 32.0.0.414 – Adobe)
Adobe Reader XI (11.0.20) (HKLM-x32…AC76BA86-7AD7-1033-7B44-AB0000000001) (Version: 11.0.20 – Adobe Systems Incorporated)
Ant Video downloader (Native messaging host) (HKLM-x32…C24130F9-5A40-481C-AF62-4ED491729565) (Version: 4.5 – Ant.com)
AnyBurn (HKLM-x32…AnyBurn) (Version: 4.6 – Power Software Ltd)
Application Manager for VAIO (HKLM-x32…Application Manager for VAIO) (Version: – )
ArcSoft Magic-i Visual Effects 2 (HKLM-x32…61438020-DDD4-42FA-99A2-50225441980A) (Version: 2.0.1.161 – ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32…C793AD32-2BB8-4CC4-ABD3-A1469C21593C) (Version: 4.0.21.457 – ArcSoft)
Atheros Bluetooth Suite (64) (HKLM…230D1595-57DA-4933-8C4E-375797EBB7E1) (Version: 7.4.0.125 – Atheros)
BPCx64 (HKLM…C25C68CF-E4A1-4B6F-9F28-5559264F23FD) (Version: 1.0.0 – Sony Corporation) Hidden
BPCx86 (HKLM-x32…F5802A74-7CAF-42E7-AC98-BB8D99B90C7D) (Version: 1.0.0 – Sony Corporation) Hidden
CyberLink PowerDVD (HKLM-x32…InstallShield_A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8) (Version: 9.0.5009.52 – CyberLink Corp.)
D3DX10 (HKLM-x32…E09C4DB7-630C-4F06-A631-8EA7239923AF) (Version: 15.4.2368.0902 – Microsoft) Hidden
DJ2540FWUpdateAlert (HKLM-x32…9D341092-CB1C-4F6F-B492-FD79193A0F82) (Version: 1.00.0000 – HP) Hidden
DVD Architect Studio 5.0 (HKLM-x32…79E06DF1-24FE-11E1-913F-F04DA23A5C58) (Version: 5.0.157 – Sony) Hidden
Epic Games Launcher (HKLM-x32…1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6) (Version: 1.1.267.0 – Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM…66C5838F-B854-4A55-89E6-A6138747A4DF) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden
Evernote v. 4.5.2 (HKLM-x32…8CE152BA-1D16-11E1-867D-984BE15F174E) (Version: 4.5.2.5904 – Evernote Corp.)
FDUx86 (HKLM-x32…3490653F-2789-46A1-B1BF-6BD4CF4131AB) (Version: 1.0.0 – Sony Corporation) Hidden
Google Chrome (HKLM-x32…Google Chrome) (Version: 84.0.4147.125 – Google LLC)
Google Update Helper (HKLM-x32…60EC980A-BDA2-4CB6-A427-B07A5498B4CA) (Version: 1.3.35.451 – Google LLC) Hidden
Google Update Helper (HKLM-x32…A92DAB39-4E2C-4304-9AB6-BC44E68B55E2) (Version: 1.3.25.11 – Google Inc.) Hidden
HP Deskjet 2540 series Basic Device Software (HKLM…6A79CD11-0C1C-4E24-A8C6-46A02F680346) (Version: 32.2.188.47710 – Hewlett-Packard Co.)
HP Deskjet 2540 series Help (HKLM-x32…4539575D-C09D-4E71-B207-0F2D6BD74DA2) (Version: 30.0.0 – Hewlett Packard)
HP ENVY 4500 series Basic Device Software (HKLM…6915424E-704F-4F5D-9057-9C7B406B36DB) (Version: 32.3.198.49673 – Hewlett-Packard Co.)
HP ENVY 4500 series Help (HKLM-x32…95BECC50-22B4-4FCA-8A2E-BF77713E6D3A) (Version: 30.0.0 – Hewlett Packard)
HP FWUpdateEDO2 (HKLM-x32…415FA9AD-DA10-4ABE-97B6-5051D4795C90) (Version: 1.2.0.0 – Hewlett-Packard)
HP Photo Creations (HKLM-x32…HP Photo Creations) (Version: 1.0.0.7702 – HP)
HP Support Solutions Framework (HKLM-x32…FC3C2B77-6800-48C6-A15D-9D1031130C16) (Version: 11.51.0049 – Hewlett-Packard Company)
HP Update (HKLM-x32…912D30CF-F39E-4B31-AD9A-123C6B794EE2) (Version: 5.005.002.002 – Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32…B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D) (Version: 1.00.0001 – Microsoft) Hidden
ImgBurn (HKLM-x32…ImgBurn) (Version: 2.5.8.0 – LIGHTNING UK!)
Intel® Control Center (HKLM-x32…F8A9085D-4C7A-41a9-8A77-C8998A96C421) (Version: 1.2.1.1007 – Intel Corporation)
Intel® Management Engine Components (HKLM-x32…65153EA5-8B6E-43B6-857B-C6E4FC25798A) (Version: 8.0.2.1410 – Intel Corporation)
Intel® OpenCL CPU Runtime (HKLM-x32…FCB3772C-B7D0-4933-B1A9-3707EBACC573) (Version: – Intel Corporation)
Intel® Processor Graphics (HKLM-x32…F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA) (Version: 8.15.10.2618 – Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32…3E29EE6C-963A-4aae-86C1-DC237C4A49FC) (Version: 11.0.0.1032 – Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32…240C3DDD-C5E9-4029-9DF7-95650D040CF2) (Version: 1.0.3.214 – Intel Corporation)
Intel® Trusted Connect Service Client (HKLM…