Resolved Laptop issues (slow, hanging, etc.)

Vicki · 2020/09/25

Don't even know where to begin (except maybe to throw this laptop into the trash!lol) I've been having "issues" with it since, well, forever! Slow pages loading when on the internet (speed issues don't seem to be a problem), numerous "a web page is slowing down your browser", programs often momentarily "stop responding". I'm just getting frustrated with it all. (I've tried to update my information about this laptop in my profile, but not certain I've done that correctly?)
I've scanned for viruses and malware (Windows Defender & Malwarebytes) Fortunately nothing was found there.
I believe all the updates are current on everything. Just don't know where to start to resolve any of this! :-(
My desktop computer (running Win7) operates soooo smoothly and fast, that it just makes me more frustrated to use my laptop. (I only use my laptop when the hubby is using the desktop)
Don't know if anyone can help me get my laptop to working like it should, especially because I'm so computer challenged, that even if I were given instructions, I'd probably mess that up! (I did a speedtest while my hubby was using the desktop)

MrBill · 2020/09/25

What browser are you using to access the internet? Have you tried another one?

Vicki · 2020/09/25

Oops...forgot to mention that! Firefox is what I use, but seem to have issues when using Microsoft Edge as well.

MrBill · 2020/09/25

Unplug the charger from the laptop. Hold the power button down for about 10 seconds then go back to normal and turn it on.

retiredlearner · 2020/09/25

Hi Vicki, is this your laptop specs?
https://www.cnet.com/products/hp-2000-2b19wm-15-6-e-300-windows-8-64-bit-4-gb-ram-320-gb-hdd-series/

Have you cleared Temp Files?
Have you uninstalled Software/Programs you don't use?
What AV program are you using?

Evan Omo · 2020/10/04

Hi,

Please follow steps 15-22 in my Optimizing Windows 10 guide and post the requested logs in your next reply.

Does your laptop have a hard drive or a solid state drive installed in it?

Vicki · 2020/10/16

Firstly, I apologize for the delay in responding to my query & the suggestions to take in resolving the issues I'm having. But I knew this would probably take some time to do and I wanted to be sure to be able to devote my time to concentrate on the steps I needed to perform. Secondly, thank you Mr. Omo for your help. I believe I have completed all the steps you have suggested I do and will post those results. (I believe my laptop has a harddrive, based on the link retiredlearner posted).
15 Minitoolbox report:
MiniToolBox by Farbar Version: 17-06-2016
Ran by Vicki (administrator) on 13-10-2020 at 11:05:00
Running from "C:\Users\Vicki\Desktop"
Microsoft Windows 10 Home (X64)
Model: HP 2000 Notebook PC Manufacturer: Hewlett-Packard
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
========================= IP Configuration: ================================

Qualcomm Atheros AR9485 802.11b|g|n WiFi Adapter = Wi-Fi (Connected)
Realtek PCIe FE Family Controller = Ethernet (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global taskoffload=disabled
set interface interface="Ethernet (Kernel Debugger)" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

popd
# End of IPv4 configuration

Windows IP Configuration

Host Name . . . . . . . . . . . . : laptop
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Ethernet:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 78-E3-B5-7D-42-55
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 1:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
Physical Address. . . . . . . . . : 16-E5-43-9F-51-0C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter #2
Physical Address. . . . . . . . . : 26-E5-43-9F-51-0C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Qualcomm Atheros AR9485 802.11b|g|n WiFi Adapter
Physical Address. . . . . . . . . : 74-E5-43-9F-51-0C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::a424:d6f3:3552:2827%8(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.104(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, October 13, 2020 8:31:46 AM
Lease Expires . . . . . . . . . . : Tuesday, October 13, 2020 12:31:45 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 91546947
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-25-C2-C0-55-78-E3-B5-7D-42-55
DNS Servers . . . . . . . . . . . : 192.168.0.1
0.0.0.0
NetBIOS over Tcpip. . . . . . . . : Enabled
Server: UnKnown
Address: 192.168.0.1

Name: google.com
Addresses: 2607:f8b0:4007:811::200e
172.217.11.174

Pinging google.com [172.217.11.78] with 32 bytes of data:
Reply from 172.217.11.78: bytes=32 time=90ms TTL=108
Reply from 172.217.11.78: bytes=32 time=91ms TTL=108

Ping statistics for 172.217.11.78:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 90ms, Maximum = 91ms, Average = 90ms
Server: UnKnown
Address: 192.168.0.1

Name: yahoo.com
Addresses: 2001:4998:24:120d::1:1
2001:4998:44:3507::8000
2001:4998:44:3507::8001
2001:4998:124:1507::f000
2001:4998:124:1507::f001
2001:4998:24:120d::1:0
98.137.11.163
74.6.143.26
74.6.143.25
74.6.231.20
98.137.11.164
74.6.231.21

Pinging yahoo.com [98.137.11.164] with 32 bytes of data:
Reply from 98.137.11.164: bytes=32 time=91ms TTL=44
Reply from 98.137.11.164: bytes=32 time=92ms TTL=44

Ping statistics for 98.137.11.164:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 91ms, Maximum = 92ms, Average = 91ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
4...78 e3 b5 7d 42 55 ......Realtek PCIe FE Family Controller
9...16 e5 43 9f 51 0c ......Microsoft Wi-Fi Direct Virtual Adapter
13...26 e5 43 9f 51 0c ......Microsoft Wi-Fi Direct Virtual Adapter #2
8...74 e5 43 9f 51 0c ......Qualcomm Atheros AR9485 802.11b|g|n WiFi Adapter
1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.104 55
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
192.168.0.0 255.255.255.0 On-link 192.168.0.104 311
192.168.0.104 255.255.255.255 On-link 192.168.0.104 311
192.168.0.255 255.255.255.255 On-link 192.168.0.104 311
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 192.168.0.104 311
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 192.168.0.104 311
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 331 ::1/128 On-link
8 311 fe80::/64 On-link
8 311 fe80::a424:d6f3:3552:2827/128
On-link
1 331 ff00::/8 On-link
8 311 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [54784] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\wshbth.dll [50688] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\NLAapi.dll [71168] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\mswsock.dll [324424] (Microsoft Corporation)
Catalog5 07 C:\WINDOWS\SysWOW64\winrnr.dll [34304] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [324424] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [324424] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [324424] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [324424] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [324424] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [324424] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [324424] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [324424] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [324424] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [324424] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [324424] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\SysWOW64\mswsock.dll [324424] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\SysWOW64\mswsock.dll [324424] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\SysWOW64\mswsock.dll [324424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [89088] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [89088] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\wshbth.dll [64000] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\NLAapi.dll [97280] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [417376] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [49152] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [417376] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [417376] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [417376] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [417376] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [417376] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [417376] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [417376] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [417376] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [417376] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [417376] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [417376] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [417376] (Microsoft Corporation)
x64-Catalog9 13 C:\Windows\System32\mswsock.dll [417376] (Microsoft Corporation)
x64-Catalog9 14 C:\Windows\System32\mswsock.dll [417376] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/13/2020 08:32:29 AM) (Source: ATIeRecord) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (10/12/2020 09:26:57 PM) (Source: ATIeRecord) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (10/12/2020 09:26:54 PM) (Source: ATIeRecord) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (10/12/2020 09:26:54 PM) (Source: ATIeRecord) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (10/12/2020 09:26:46 PM) (Source: ATIeRecord) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (10/12/2020 09:26:14 PM) (Source: ATIeRecord) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (10/12/2020 02:30:06 PM) (Source: ATIeRecord) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (10/11/2020 07:38:54 PM) (Source: ATIeRecord) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (10/11/2020 07:38:52 PM) (Source: ATIeRecord) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (10/11/2020 07:38:52 PM) (Source: ATIeRecord) (User: )
Description: ATI EEU maximum number of session has been surpassed

System errors:
=============
Error: (10/13/2020 08:37:43 AM) (Source: DCOM) (User: LAPTOP)
Description: Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca

Error: (10/13/2020 08:34:07 AM) (Source: DCOM) (User: LAPTOP)
Description: Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca

Error: (10/12/2020 09:27:20 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800703fa: 9WZDNCRFJBMP-MICROSOFT.WINDOWSSTORE.

Error: (10/12/2020 06:09:59 PM) (Source: DCOM) (User: LAPTOP)
Description: Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca

Error: (10/12/2020 02:35:19 PM) (Source: DCOM) (User: LAPTOP)
Description: Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca

Error: (10/12/2020 02:31:43 PM) (Source: DCOM) (User: LAPTOP)
Description: Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca

Error: (10/11/2020 07:33:16 PM) (Source: DCOM) (User: LAPTOP)
Description: Microsoft.Windows.Photos_2020.20090.1002.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca

Error: (10/11/2020 06:35:12 PM) (Source: DCOM) (User: LAPTOP)
Description: Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca

Error: (10/11/2020 06:30:59 PM) (Source: DCOM) (User: LAPTOP)
Description: Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca

Error: (10/10/2020 08:29:49 PM) (Source: DCOM) (User: LAPTOP)
Description: microsoft.windowscommunicationsapps_16005.13228.41011.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca

Microsoft Office Sessions:
=========================
Error: (10/13/2020 08:32:29 AM) (Source: ATIeRecord)(User: )
Description:

Error: (10/12/2020 09:26:57 PM) (Source: ATIeRecord)(User: )
Description:

Error: (10/12/2020 09:26:54 PM) (Source: ATIeRecord)(User: )
Description:

Error: (10/12/2020 09:26:54 PM) (Source: ATIeRecord)(User: )
Description:

Error: (10/12/2020 09:26:46 PM) (Source: ATIeRecord)(User: )
Description:

Error: (10/12/2020 09:26:14 PM) (Source: ATIeRecord)(User: )
Description:

Error: (10/12/2020 02:30:06 PM) (Source: ATIeRecord)(User: )
Description:

Error: (10/11/2020 07:38:54 PM) (Source: ATIeRecord)(User: )
Description:

Error: (10/11/2020 07:38:52 PM) (Source: ATIeRecord)(User: )
Description:

Error: (10/11/2020 07:38:52 PM) (Source: ATIeRecord)(User: )
Description:

=========================== Installed Programs ============================

Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.433 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.433 - Adobe)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 5.71 - Piriform)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 86.0.622.38 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.41 - )
Microsoft Update Health Tools (HKLM\...\{406C9ADB-1325-4FD0-9D13-C119CFF64E0A}) (Version: 2.65.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mozilla Firefox 81.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 81.0.1 (x86 en-US)) (Version: 81.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 72.0.2 - Mozilla)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.98 - Synaptics Incorporated)

========================= Devices: ================================

========================= Memory info: ===================================

Percentage of memory in use: 62%
Total physical RAM: 1634.26 MB
Available physical RAM: 613.5 MB
Total Virtual: 4047.45 MB
Available Virtual: 2021.95 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:273.49 GB) (Free:210.79 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:23 GB) (Free:2.75 GB) NTFS
4 Drive f: () (Fixed) (Total:0.83 GB) (Free:0.24 GB) NTFS

========================= Users: ========================================

User accounts for \\LAPTOP

Administrator DefaultAccount Guest
Vicki WDAGUtilityAccount

**** End of log ****

16- AdwCleaner
# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-09-29.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-13-2020
# Duration: 00:00:23
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Vicki\AppData\LocalLow\Simple Adblock

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1457 octets] - [13/10/2020 11:16:42]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

17- Adwareremovaltool
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Adware Removal Tool 5.1
Time: 2020_10_13_11_31_27
OS: Windows 10 Home - x64 Bit
Account Name: Vicki
Adware Definition: 10092020
Elapsed time: 44:34
Repair Status:- Automatic Done
\\\\\\\\\\\\\\\\\\\\\\\ Repair Logs \\\\\\\\\\\\\\\\\\\\\\

No results found

18-ZHP Cleaner
~ ZHPCleaner v2020.10.10.244 by Nicolas Coolman (2020/10/10)
~ Run by Vicki (Administrator) (13/10/2020 13:45:45)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\Vicki\Desktop\ZHPCleaner (R).txt
~ Quarantine : C:\Users\Vicki\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ System Restore Point : OK
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit (Build 19041)

---\\ Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.

---\\ Services (0)
~ No malicious or unnecessary items found.

---\\ Browser internet (0)
~ No malicious or unnecessary items found.

---\\ Hosts file (1)
~ The hosts file is legitimate (21)

---\\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.

---\\ Explorer ( File, Folder) (2)
MOVED file: C:\Users\Vicki\AppData\Local\Microsoft\Edge\User Data\Default\Preferences =>Préférences Chromium
MOVED file: C:\Users\Vicki\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences =>Préférences Chromium

---\\ Registry ( Key, Value, Data) (0)
~ No malicious or unnecessary items found.

---\\ Summary of the elements found (1)
https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>Préférences Chromium

---\\ Other deletions. (6)
~ Registry Keys Tracing deleted (6)
~ Remove the old reports ZHPCleaner. (0)

---\\ Result of repair
~ Repair carried out successfully
~ Mozilla Firefox OK
~ Internet Explorer OK

---\\ Statistics
~ Items scanned : 1401
~ Items found : 0
~ Items cancelled : 0
~ Space saving (bytes) : 0
~ Items options : 9/16

---\\ OPTIONS NOT ACTIVES
~ Temporary file analysis
~ Temporary folder analysis
~ Empty Folder CLSID Analysis
~ Empty Other Folder Analysis
~ Empty LocalLow Folder Analysis
~ Empty Local Folder Analysis
~ Obsolete Installer File Analysis

~ End of clean in 00h01mn15s

---\\ Reports (2)
ZHPCleaner--13102020-12_56_15.txt
ZHPCleaner-[R]-13102020-13_47_00.txt

19- Hitman Pro

Code:

HitmanPro 3.8.20.314 www.hitmanpro.com Computer name . . . . : LAPTOP Windows . . . . . . . : 10.0.0.19041.X64/2 User name . . . . . . : LAPTOP\Vicki UAC . . . . . . . . . : Enabled License . . . . . . . : Free Scan date . . . . . . : 2020-10-13 14:05:47 Scan mode . . . . . . : Normal Scan duration . . . . : 13m 58s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 0 Traces . . . . . . . : 27 Objects scanned . . . : 1,879,571 Files scanned . . . . : 52,463 Remnants scanned . . : 706,805 files / 1,120,303 keys Cookies _____________________________________________________________________ C:\Users\Vicki\AppData\Local\Microsoft\Edge\User Data\Default\Cookies:atdmt.com C:\Users\Vicki\AppData\Local\Microsoft\Edge\User Data\Default\Cookies:connexity.net C:\Users\Vicki\AppData\Local\Microsoft\Edge\User Data\Default\Cookies:crwdcntrl.net C:\Users\Vicki\AppData\Local\Microsoft\Edge\User Data\Default\Cookies:doubleclick.net C:\Users\Vicki\AppData\Local\Microsoft\Edge\User Data\Default\Cookies:igodigital.com C:\Users\Vicki\AppData\Local\Microsoft\Edge\User Data\Default\Cookies:ml314.com C:\Users\Vicki\AppData\Local\Microsoft\Edge\User Data\Default\Cookies:scorecardresearch.com C:\Users\Vicki\AppData\Local\Microsoft\Edge\User Data\Default\Cookies:stats.paypal.com C:\Users\Vicki\AppData\Local\Microsoft\Edge\User Data\Default\Cookies:www.googleadservices.com C:\Users\Vicki\AppData\Roaming\Mozilla\Firefox\Profiles\91h6j3wf.default-release-1588449406983\cookies.sqlite:addthis.com C:\Users\Vicki\AppData\Roaming\Mozilla\Firefox\Profiles\91h6j3wf.default-release-1588449406983\cookies.sqlite:adnxs.com C:\Users\Vicki\AppData\Roaming\Mozilla\Firefox\Profiles\91h6j3wf.default-release-1588449406983\cookies.sqlite:adsrvr.org C:\Users\Vicki\AppData\Roaming\Mozilla\Firefox\Profiles\91h6j3wf.default-release-1588449406983\cookies.sqlite:advertising.com C:\Users\Vicki\AppData\Roaming\Mozilla\Firefox\Profiles\91h6j3wf.default-release-1588449406983\cookies.sqlite:agkn.com C:\Users\Vicki\AppData\Roaming\Mozilla\Firefox\Profiles\91h6j3wf.default-release-1588449406983\cookies.sqlite:bidswitch.net C:\Users\Vicki\AppData\Roaming\Mozilla\Firefox\Profiles\91h6j3wf.default-release-1588449406983\cookies.sqlite:demdex.net C:\Users\Vicki\AppData\Roaming\Mozilla\Firefox\Profiles\91h6j3wf.default-release-1588449406983\cookies.sqlite:doubleclick.net C:\Users\Vicki\AppData\Roaming\Mozilla\Firefox\Profiles\91h6j3wf.default-release-1588449406983\cookies.sqlite:dpm.demdex.net C:\Users\Vicki\AppData\Roaming\Mozilla\Firefox\Profiles\91h6j3wf.default-release-1588449406983\cookies.sqlite:mathtag.com C:\Users\Vicki\AppData\Roaming\Mozilla\Firefox\Profiles\91h6j3wf.default-release-1588449406983\cookies.sqlite:media6degrees.com C:\Users\Vicki\AppData\Roaming\Mozilla\Firefox\Profiles\91h6j3wf.default-release-1588449406983\cookies.sqlite:ml314.com C:\Users\Vicki\AppData\Roaming\Mozilla\Firefox\Profiles\91h6j3wf.default-release-1588449406983\cookies.sqlite:nbcu.demdex.net C:\Users\Vicki\AppData\Roaming\Mozilla\Firefox\Profiles\91h6j3wf.default-release-1588449406983\cookies.sqlite:pubmatic.com C:\Users\Vicki\AppData\Roaming\Mozilla\Firefox\Profiles\91h6j3wf.default-release-1588449406983\cookies.sqlite:rubiconproject.com C:\Users\Vicki\AppData\Roaming\Mozilla\Firefox\Profiles\91h6j3wf.default-release-1588449406983\cookies.sqlite:scorecardresearch.com C:\Users\Vicki\AppData\Roaming\Mozilla\Firefox\Profiles\91h6j3wf.default-release-1588449406983\cookies.sqlite:tapad.com C:\Users\Vicki\AppData\Roaming\Mozilla\Firefox\Profiles\91h6j3wf.default-release-1588449406983\cookies.sqlite:www.googleadservices.com

21- Malwarebytes
Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 10/13/20
Scan Time: 4:52 PM
Log File: 71464556-0d9e-11eb-bc30-78e3b57d4255.json

-Software Information-
Version: 4.0.4.49
Components Version: 1.0.810
Update Package Version: 1.0.31300
License: Free

-System Information-
OS: Windows 10 (Build 19041.508)
CPU: x64
File System: NTFS
User: LAPTOP\Vicki

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 286771
Threats Detected: 1
Threats Quarantined: 1
Time Elapsed: 11 min, 3 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 1
Generic.Malware/Suspicious, C:\USERS\VICKI\DESKTOP\ZOEK.EXE, Quarantined, 0, 392686, 1.0.31300, , shuriken,

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)

(end)

22- Autotuns

(more results to follow in next post)

Vicki · 2020/10/16

The rest of the results
20-Zoek
Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by Vicki on Tue 10/13/2020 at 14:52:05.31.
Microsoft Windows 10 Home 10.0.19041 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Vicki\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

10/13/2020 3:12:45 PM Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\Program Files\AVAST Software deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\PROGRA~3\ssh deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking deleted successfully
C:\Users\Vicki\AppData\Local\Adobe deleted successfully
C:\Users\Vicki\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Installed Programs ======================

Adobe Flash Player 32 NPAPI
Adobe Flash Player 32 PPAPI
AMD Catalyst Control Center
AMD Fuel
Catalyst Control Center - Branding
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Malwarebytes version 4.0.4.49
Microsoft Edge
Microsoft Edge Update
Microsoft Update Health Tools
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
Mozilla Firefox 81.0.2 (x86 en-US)
Mozilla Maintenance Service
Realtek High Definition Audio Driver
Speccy
Synaptics Pointing Device Driver

==== Running Processes ======================

C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe

==== Deleting Services ======================

==== FireFox Fix ======================

ProfilePath: C:\Users\Vicki\AppData\Roaming\Mozilla\Firefox\Profiles\1qssjxb3.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_20201013_0415_.backup

ProfilePath: C:\Users\Vicki\AppData\Roaming\Mozilla\Firefox\Profiles\91h6j3wf.default-release-1588449406983

user.js not found
---- Lines searchengine removed from prefs.js ----
user_pref("browser.pageActions.persistedActions", "{\"version\":1,\"ids\":[\"bookmark\",\"pinTab\",\"bookmarkSeparator\",\"copyURL\",\"emailLink\",\"a
---- Lines searches removed from prefs.js ----
user_pref("browser.urlbar.suggest.searches", false);
---- FireFox user.js and prefs.js backups ----

prefs_20201013_0415_.backup

==== Batch Command(s) Run By Tool======================

Resetting Compartment Forwarding, OK!
Resetting Compartment, OK!
Resetting Control Protocol, OK!
Resetting Echo Sequence Request, OK!
Resetting Global, OK!
Resetting Interface, OK!
Resetting Anycast Address, OK!
Resetting Multicast Address, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting Potential, OK!
Resetting Prefix Policy, OK!
Resetting Proxy Neighbor, OK!
Resetting Route, OK!
Resetting Site Prefix, OK!
Resetting Subinterface, OK!
Resetting Wakeup Pattern, OK!
Resetting Resolve Neighbor, OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.

==== Deleting Files \ Folders ======================

C:\PROGRA~3\Package Cache deleted
C:\Users\Vicki\AppData\Local\cache deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1150-1838-381ea1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1150-1838-381f10.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1150-1838-381f70.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1150-1838-381fb0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1150-1838-381fe1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1150-1838-382012.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1150-1838-382053.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1150-1838-382093.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1150-1838-382103.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1150-1838-382133.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1150-1838-382174.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1150-1838-3821a5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1150-1838-3821f5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1150-1838-382235.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1150-1838-382276.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1150-1838-3822b6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1150-1838-3822f7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1150-1838-382347.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1150-1838-3823a7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1450-168c-3c0a98.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1450-168c-3c0b08.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1450-168c-3c0b58.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1450-168c-3c0ba8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1450-168c-3c0be9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1450-168c-3c0c19.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1450-168c-3c0cd7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1450-168c-3c0d27.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1450-168c-3c0e13.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1450-168c-3c0e54.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1450-168c-3c0eb4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1450-168c-3c0ee5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1450-168c-3c0f15.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1450-168c-3c0f56.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1450-168c-3c0fa6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1450-168c-3c0fd7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1450-168c-3c1046.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1450-168c-3c10c5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1450-168c-3c10f6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1738-aa0-9040f2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1738-aa0-9043d2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1738-aa0-904442.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1738-aa0-904473.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1738-aa0-9044b3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1738-aa0-9044d4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1738-aa0-904505.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1738-aa0-904555.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1738-aa0-9045a5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1738-aa0-9045f6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1738-aa0-904665.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1738-aa0-904696.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1738-aa0-904734.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1738-aa0-904784.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1738-aa0-9047b5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1738-aa0-9047e6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1738-aa0-904826.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1738-aa0-9048c5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1738-aa0-904a0f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-198-14e4-1a753f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-198-14e4-1a79f4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-198-14e4-1a7a92.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-198-14e4-1a7b40.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-198-14e4-1a7bbf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-198-14e4-1a7c8c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-198-14e4-1a7cfb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-198-14e4-1a7e07.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-198-14e4-1a7ea5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-198-14e4-1a7f15.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-198-14e4-1a7f65.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-198-14e4-1a8080.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-198-14e4-1a80ef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-198-14e4-1a814f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-198-14e4-1a825b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-198-14e4-1a82f9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-198-14e4-1a83c6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-198-14e4-1a8510.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-198-14e4-1a8754.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-414-3e8-fd575.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-414-3e8-fd604.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-414-3e8-fd625.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-414-3e8-fd646.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-414-3e8-fd687.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-414-3e8-fd6a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-414-3e8-fd6c9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-414-3e8-fd6ea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-414-3e8-fd71b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-414-3e8-fd74c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-414-3e8-fd76d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-414-3e8-fd78f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-414-3e8-fd7b0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-414-3e8-fd7e1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-414-3e8-fd802.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-414-3e8-fd842.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-414-3e8-fd873.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-414-3e8-fd8c3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-414-3e8-fd8f4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d4-4d8-1542dc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d4-4d8-1542fe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d4-4d8-15430f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d4-4d8-154321.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d4-4d8-154342.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d4-4d8-154354.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d4-4d8-154365.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d4-4d8-154387.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d4-4d8-154398.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d4-4d8-1543ba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d4-4d8-1543ea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d4-4d8-1543fc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d4-4d8-15440e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d4-4d8-15441f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d4-4d8-154441.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d4-4d8-154452.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d4-4d8-154473.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d4-4d8-154495.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4d4-4d8-1544a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea8-17c8-d3fc6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea8-17c8-d4130.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea8-17c8-d419f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea8-17c8-d426c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea8-17c8-d432a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea8-17c8-d43f7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea8-17c8-d4437.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea8-17c8-d4487.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea8-17c8-d4555.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea8-17c8-d4b33.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea8-17c8-d4c4e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea8-17c8-d4cdc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea8-17c8-d4d2d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea8-17c8-d4d9c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea8-17c8-d4e1b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea8-17c8-d4ed8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea8-17c8-d5013.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea8-17c8-d515d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea8-17c8-d5259.tmp deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services deleted
C:\Users\Vicki\AppData\Roaming\Mozilla\Firefox\Profiles\91h6j3wf.default-release-1588449406983\extensions\trash\adblockultimate@adblockultimate.net.xpi deleted
"C:\DumpStack.log.tmp" not deleted

==== System Specs ======================

Windows: Windows 10 Core / Home (64-bit) (Build 0)
Memory (RAM): 1635 MB
CPU Info: AMD E-300 APU with Radeon(tm) HD Graphics
CPU Speed: 1315.0 MHz
Sound Card: Speakers (Realtek High Definiti |
Display Adapters: AMD Radeon HD 6310 Graphics | AMD Radeon HD 6310 Graphics
Monitors: 1x; Generic PnP Monitor |
Screen Resolution: 1366 X 768 - 32 bit
Network: Network Present
Network Adapters: Realtek PCIe FE Family Controller | Qualcomm Atheros AR9485 802.11b|g|n WiFi Adapter | Microsoft Wi-Fi Direct Virtual Adapter | Microsoft Wi-Fi Direct Virtual Adapter #2
CD / DVD Drives: 1x (E: | ) E: hp DVD RW AD-7760H
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C: 273.5GB | D: 23.0GB | F: 855.0MB
Hard Disks - Free: C: 210.6GB | D: 2.7GB | F: 249.0MB
Manufacturer *: Insyde
BIOS Info: AT/AT COMPATIBLE | | HPQOEM - 1
Time Zone: Central Standard Time
Motherboard *: Hewlett-Packard 188B
Country: United States
Language: ENU

==== System Specs (Software) ======================

Anti-Virus: Windows Defender On-access scanning disabled (Outdated)
Microsoft Edge Version: 44.19041.423.0
Internet Explorer Version: 11.508.19041.0
Mozilla Firefox version: 81.0.2 (x86 en-US)
Flash Player version: 32.0.0.433

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
2020-09-22 04:39:58 6EC7E2A42C768846B5DBBDDF9EFB0CA2 67584 --s-a-w- C:\WINDOWS\bootstat.dat
2020-09-22 04:07:19 054F6E4419404C94F35888CEA6B4DE32 202240 ----a-w- C:\WINDOWS\notepad.exe
2020-09-22 03:58:18 C56BF71C18D9CB67F7B9986817A481BE 4592136 ----a-w- C:\WINDOWS\explorer.exe
2020-09-22 03:58:07 AA4138C0FBC6D41F9EBC5C4EFE20ECCA 135168 ----a-w- C:\WINDOWS\splwow64.exe
2020-09-22 02:33:40 0E359EF178B73AAAE2C6D6AC11B4FE15 11433 ----a-w- C:\WINDOWS\diagwrn.xml
2020-09-22 02:33:40 0E359EF178B73AAAE2C6D6AC11B4FE15 11433 ----a-w- C:\WINDOWS\diagerr.xml
====== C:\Users\Vicki\AppData\Local\Temp ====
2020-10-13 19:41:52 8377C99BF813BE986D07730F5C433382 68096 ----a-w- C:\Users\Vicki\AppData\Local\Temp\ZAScan.exe
2020-10-13 19:41:52 75375C22C72F1BEB76BEA39C22A1ED68 167936 ----a-w- C:\Users\Vicki\AppData\Local\Temp\unzip.exe
2020-10-13 19:41:52 1A3F82F420340222F13C5633AEB716D6 533851 ----a-w- C:\Users\Vicki\AppData\Local\Temp\sr.exe
2020-10-11 00:53:27 E03E585DC6BB7262F7CA9BA6BED6676F 602440 ----a-w- C:\Users\Vicki\AppData\Local\Temp\5E7A0211-FA29-4520-ACCC-63BBC1E28696\WimProvider.dll
2020-10-11 00:53:27 DF22AB29DECE81825F02DF639C030D31 212808 ----a-w- C:\Users\Vicki\AppData\Local\Temp\5E7A0211-FA29-4520-ACCC-63BBC1E28696\MsiProvider.dll
2020-10-11 00:53:27 BBD8532DECC3470F29E510713D2229BC 185672 ----a-w- C:\Users\Vicki\AppData\Local\Temp\5E7A0211-FA29-4520-ACCC-63BBC1E28696\OfflineSetupProvider.dll
2020-10-11 00:53:27 B489FE4C79D830AC701FDC01DAF8CC17 152904 ----a-w- C:\Users\Vicki\AppData\Local\Temp\5E7A0211-FA29-4520-ACCC-63BBC1E28696\OSProvider.dll
2020-10-11 00:53:27 AF8E0710271F7174B919E6162B56BA91 797000 ----a-w- C:\Users\Vicki\AppData\Local\Temp\5E7A0211-FA29-4520-ACCC-63BBC1E28696\SysprepProvider.dll
2020-10-11 00:53:27 AF78B7EFCFAAC2267EC2CD50878792E5 159544 ----a-w- C:\Users\Vicki\AppData\Local\Temp\5E7A0211-FA29-4520-ACCC-63BBC1E28696\SetupPlatformProvider.dll
2020-10-11 00:53:27 9D7C01E7F5979760FD42751E868FC718 78880 ----a-w- C:\Users\Vicki\AppData\Local\Temp\5E7A0211-FA29-4520-ACCC-63BBC1E28696\LogProvider.dll
2020-10-11 00:53:27 865D5E378DBB171E5288B1122B9C1631 1321784 ----a-w- C:\Users\Vicki\AppData\Local\Temp\5E7A0211-FA29-4520-ACCC-63BBC1E28696\TransmogProvider.dll
2020-10-11 00:53:27 829FFB07F2147D76AD67BC8AEC012534 767816 ----a-w- C:\Users\Vicki\AppData\Local\Temp\5E7A0211-FA29-4520-ACCC-63BBC1E28696\ProvProvider.dll
2020-10-11 00:53:27 75D45A575DEC56DB1ED9EF663CF65D6D 233288 ----a-w- C:\Users\Vicki\AppData\Local\Temp\5E7A0211-FA29-4520-ACCC-63BBC1E28696\UnattendProvider.dll
2020-10-11 00:53:27 7343AC1E107CEE6C0ACA91087E86EA9F 303432 ----a-w- C:\Users\Vicki\AppData\Local\Temp\5E7A0211-FA29-4520-ACCC-63BBC1E28696\IntlProvider.dll
2020-10-11 00:53:27 5751396D23E5D5C9E24C33E3ECBD1F63 572744 ----a-w- C:\Users\Vicki\AppData\Local\Temp\5E7A0211-FA29-4520-ACCC-63BBC1E28696\VhdProvider.dll
2020-10-11 00:53:27 43ACB4DA1176CB1CBD3C7C5ECA323D10 224072 ----a-w- C:\Users\Vicki\AppData\Local\Temp\5E7A0211-FA29-4520-ACCC-63BBC1E28696\ImagingProvider.dll
2020-10-11 00:53:27 25C24877E1818581B540AAFBDCFCA6DE 252744 ----a-w- C:\Users\Vicki\AppData\Local\Temp\5E7A0211-FA29-4520-ACCC-63BBC1E28696\SmiProvider.dll
2020-10-11 00:53:26 C1DE3A53E08615AE37BA0AACAE6A6101 61240 ----a-w- C:\Users\Vicki\AppData\Local\Temp\5E7A0211-FA29-4520-ACCC-63BBC1E28696\FolderProvider.dll
2020-10-11 00:53:26 A033F16836D6F8ACBE3B27B614B51453 187920 ----a-w- C:\Users\Vicki\AppData\Local\Temp\5E7A0211-FA29-4520-ACCC-63BBC1E28696\DismCorePS.dll
2020-10-11 00:53:26 91C68A09F4C89CE0266DB995ACC09DC6 891720 ----a-w- C:\Users\Vicki\AppData\Local\Temp\5E7A0211-FA29-4520-ACCC-63BBC1E28696\CbsProvider.dll
2020-10-11 00:53:26 90072E1F1B4B75F05CE3B382465CCE3B 152392 ----a-w- C:\Users\Vicki\AppData\Local\Temp\5E7A0211-FA29-4520-ACCC-63BBC1E28696\GenericProvider.dll
2020-10-11 00:53:26 80E6C06C378BC7C382C23B1D643CD7D2 145928 ----a-w- C:\Users\Vicki\AppData\Local\Temp\5E7A0211-FA29-4520-ACCC-63BBC1E28696\DismHost.exe
2020-10-11 00:53:26 70405CBCEFF263230CD23C5253DCA028 115000 ----a-w- C:\Users\Vicki\AppData\Local\Temp\5E7A0211-FA29-4520-ACCC-63BBC1E28696\AssocProvider.dll
2020-10-11 00:53:26 26665FBC1DCC1A1639473CFD282210D7 422728 ----a-w- C:\Users\Vicki\AppData\Local\Temp\5E7A0211-FA29-4520-ACCC-63BBC1E28696\DmiProvider.dll
2020-10-11 00:53:26 22C4F083F0D9625C3F9AA347A686C716 407864 ----a-w- C:\Users\Vicki\AppData\Local\Temp\5E7A0211-FA29-4520-ACCC-63BBC1E28696\DismCore.dll
2020-10-11 00:53:26 144B47C00AB75E2A1323D5FCFC1905E5 259896 ----a-w- C:\Users\Vicki\AppData\Local\Temp\5E7A0211-FA29-4520-ACCC-63BBC1E28696\DismProv.dll
2020-10-11 00:53:26 088867038A4C5C2219D6DE9BE16635BC 632832 ----a-w- C:\Users\Vicki\AppData\Local\Temp\5E7A0211-FA29-4520-ACCC-63BBC1E28696\FfuProvider.dll
2020-10-11 00:53:26 034C800CFF83B47084DD3B35A908D228 60432 ----a-w- C:\Users\Vicki\AppData\Local\Temp\5E7A0211-FA29-4520-ACCC-63BBC1E28696\IBSProvider.dll
2020-10-11 00:53:25 FC77A691448BA1110A04BF25E1F4EE8B 565064 ----a-w- C:\Users\Vicki\AppData\Local\Temp\5E7A0211-FA29-4520-ACCC-63BBC1E28696\AppxProvider.dll
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
2020-10-13 16:32:03 53CDBB093B0AEE9FD6CF1CBD25A95077 290304 ----a-w- C:\WINDOWS\SysWOW64\subinacl.exe
====== C:\WINDOWS\SysWOW64\drivers =====
2020-09-22 04:03:34 36C3EBE48382D0FED59C15D63CA2DB81 29696 ----a-w- C:\WINDOWS\SysWOW64\drivers\afunix.sys
====== C:\WINDOWS\Sysnative =====
====== C:\WINDOWS\Sysnative\drivers =====
2020-09-22 04:04:28 B3C2433FC1E532D927A3871385610FBC 31760 ----a-w- C:\WINDOWS\Sysnative\drivers\rdpvideominiport.sys
2020-09-22 04:03:51 4C1A5C031B1E0A2BBB32297D9E823055 95032 ----a-w- C:\WINDOWS\Sysnative\drivers\hvservice.sys
2020-09-22 04:01:59 ADA29A94C3C187461CFB42052563ADB5 44032 ----a-w- C:\WINDOWS\Sysnative\drivers\scfilter.sys
2020-09-22 04:01:44 FCF941424AB1AB3EF57B0ABE6DBCDF77 86016 ----a-w- C:\WINDOWS\Sysnative\drivers\rassstp.sys
2020-09-22 04:01:44 E48770FA7691847311752AE892FCC6B4 206848 ----a-w- C:\WINDOWS\Sysnative\drivers\ndiswan.sys
2020-09-22 04:01:44 CC6EDCFAF5A19B948C46F92791AC452F 101888 ----a-w- C:\WINDOWS\Sysnative\drivers\raspptp.sys
2020-09-22 04:01:44 40CBDB4B80284451536C8CA49561E5CD 110080 ----a-w- C:\WINDOWS\Sysnative\drivers\rasl2tp.sys
2020-09-22 04:01:43 3EF3CE7B8CA9BE90BB6045E7B305D2BF 113152 ----a-w- C:\WINDOWS\Sysnative\drivers\agilevpn.sys
2020-09-22 04:01:38 F7EE34360235227A7AC164215A583EE6 41984 ----a-w- C:\WINDOWS\Sysnative\drivers\afunix.sys
2020-09-22 04:01:14 7EA9C32797A03CEF152D10CF146D6C3E 455480 ----a-w- C:\WINDOWS\Sysnative\drivers\rdbss.sys
2020-09-22 04:01:14 6EE28BABC5134E6FBEE8335496C55B39 573752 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb.sys
2020-09-22 04:01:14 6218EB03BF54117AA39ACF07E3973C59 783360 ----a-w- C:\WINDOWS\Sysnative\drivers\srv2.sys
2020-09-22 04:01:14 4FC1D7ACB4CEA3834740F66DC1A03CCD 259888 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb20.sys
2020-09-22 04:01:14 2BDF4469E8D403074F77F313446B4180 314880 ----a-w- C:\WINDOWS\Sysnative\drivers\srvnet.sys
2020-09-22 04:01:06 B71EB6B62002F47DA5ED77C7D4278EE6 403768 ----a-w- C:\WINDOWS\Sysnative\drivers\clfs.sys
2020-09-22 04:01:05 74D18B48B27F2A7BF0A9FA6A3BAAF979 502592 ----a-w- C:\WINDOWS\Sysnative\drivers\FWPKCLNT.SYS
2020-09-22 04:01:05 6E3A6194D503F33F0A596E0B6DC0A921 2991416 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys
2020-09-22 04:01:04 F66853F8E9E94CBB36DC914E08EBE5CD 603464 ----a-w- C:\WINDOWS\Sysnative\drivers\netio.sys
2020-09-22 04:01:04 BB440BCB3F06B32FC2C5A121D696C2A8 380728 ----a-w- C:\WINDOWS\Sysnative\drivers\msrpc.sys
2020-09-22 04:01:04 6F082A5EB40F9BFD6873F3796F10F866 647480 ----a-w- C:\WINDOWS\Sysnative\drivers\afd.sys
2020-09-22 04:01:03 D1DDA7C4170D74D1494D88C07CEF2A03 1472824 ----a-w- C:\WINDOWS\Sysnative\drivers\ndis.sys
2020-09-22 04:01:03 5F69A552F83065DE5102AFA553228696 147256 ----a-w- C:\WINDOWS\Sysnative\drivers\ksecdd.sys
2020-09-22 04:01:03 47DCD64DED164A9148F83A9E7FC0E62C 827704 ----a-w- C:\WINDOWS\Sysnative\drivers\Wdf01000.sys
2020-09-22 04:01:03 22A64522AF35834FBB9CB9A5ACCBDC4C 59192 ----a-w- C:\WINDOWS\Sysnative\drivers\WdfLdr.sys
2020-09-22 04:01:01 D734926DC33F9D7E306F8B3BF68EAC57 33096 ----a-w- C:\WINDOWS\Sysnative\drivers\hwpolicy.sys
2020-09-22 04:01:01 CDBB82FE58FB8D8F9423BB9EF3498CF3 2851128 ----a-w- C:\WINDOWS\Sysnative\drivers\ntfs.sys
2020-09-22 04:01:01 823F66F291F30493AD4120CDD7D377C5 430392 ----a-w- C:\WINDOWS\Sysnative\drivers\fltMgr.sys
2020-09-22 04:00:58 ECF3060D9CB19E6D2BB0E90E51B4F33E 180024 ----a-w- C:\WINDOWS\Sysnative\drivers\ksecpkg.sys
2020-09-22 04:00:58 D4F9936929255185F12E868C4C8A9D80 732432 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys
2020-09-22 04:00:56 1B9172B25182BE5F3560F76F4085A5B7 322376 ----a-w- C:\WINDOWS\Sysnative\drivers\msquic.sys
2020-09-22 04:00:51 58100AE414B011D141C31B7B9910366E 39736 ----a-w- C:\WINDOWS\Sysnative\drivers\wimmount.sys
2020-09-22 04:00:41 DF80BD76E307ABDFF6688408864B681C 491520 ----a-w- C:\WINDOWS\Sysnative\drivers\cldflt.sys
2020-09-22 04:00:38 FF5F3A4E62BC24FCFB18C173B98EA038 18432 ----a-w- C:\WINDOWS\Sysnative\drivers\applockerfltr.sys
2020-09-22 04:00:38 48A2317DCE7698FADA2420608ED15EFE 208696 ----a-w- C:\WINDOWS\Sysnative\drivers\appid.sys
2020-09-22 03:59:57 1ADE4D1F65B4A1E52F701C69FB455769 113152 ----a-w- C:\WINDOWS\Sysnative\drivers\UcmUcsiCx.sys
2020-09-22 03:59:55 EEA21C915F325FD6E029DB7927D95C11 143160 ----a-w- C:\WINDOWS\Sysnative\drivers\bindflt.sys
2020-09-22 03:59:52 B59BC05D6C552AB3CC5E39FE53382DBE 180040 ----a-w- C:\WINDOWS\Sysnative\drivers\wfplwfs.sys
2020-09-22 03:59:06 E0C0B02E56EE1E639CA3928F55D59D59 183112 ----a-w- C:\WINDOWS\Sysnative\drivers\msgpioclx.sys
2020-09-22 03:58:59 A8D4DA115DA0B9139E3478835D4F48CC 903992 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms2.sys
2020-09-22 03:58:58 6AA431B5CF3CEE6A75F4E4E4FA341ED0 3779384 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys
2020-09-22 03:58:58 36223EAC736E2AE353881EB807F6774C 454960 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms1.sys
2020-09-22 03:58:56 795F747649A4879D462795E80AC1FDCD 1089344 ----a-w- C:\WINDOWS\Sysnative\drivers\ClipSp.sys
2020-09-22 03:58:29 988A7A685BB51BAC62F4E176BE5432AC 429880 ----a-w- C:\WINDOWS\Sysnative\drivers\volsnap.sys
2020-09-22 03:58:20 F9769AAD33A44F68F540D75349FFCFAD 733696 ----a-w- C:\WINDOWS\Sysnative\drivers\nwifi.sys
2020-09-22 03:58:20 891FFBD96763CCBEA7CDC8D098E63BD2 951808 ----a-w- C:\WINDOWS\Sysnative\drivers\WdiWiFi.sys
2020-09-22 03:58:06 A26AD59A080EDDF8AD13E3B9483FA74B 822784 ----a-w- C:\WINDOWS\Sysnative\drivers\PEAuth.sys
2020-09-22 03:58:04 AF7BE3A2E5DA866E340CC82FD2EADC8D 159048 ----a-w- C:\WINDOWS\Sysnative\drivers\pdc.sys
2020-09-22 03:58:04 061859D01C9A52F3D2B51F1BFDF68295 702776 ----a-w- C:\WINDOWS\Sysnative\drivers\storport.sys
2020-09-22 03:57:49 C1D2CB775388E10E62C50C8F2A9F9E1D 259584 ----a-w- C:\WINDOWS\Sysnative\drivers\winnat.sys
2020-09-22 03:57:42 711820A3F1E4B5AC61DDCFA34366F8CC 32256 ----a-w- C:\WINDOWS\Sysnative\drivers\KNetPwrDepBroker.sys
2020-09-22 03:57:41 78E352A45506B8AA6C1A343F1BCFA13F 386048 ----a-w- C:\WINDOWS\Sysnative\drivers\MbbCx.sys
2020-09-22 03:57:20 A1666770F97B7F51B2CFFB87638B5B65 160064 ----a-w- C:\WINDOWS\Sysnative\drivers\vmbus.sys
2020-09-22 03:57:19 8127F00C5A0B911A5969E57AC0016B7E 639288 ----a-w- C:\WINDOWS\Sysnative\drivers\Vid.sys
2020-09-22 03:57:17 EB450E224E45FD6D0E5EC0BD252466AF 305472 ----a-w- C:\WINDOWS\Sysnative\drivers\sdbus.sys
2020-09-22 03:57:17 A3F2D829290781B8BC41DEC78CFAD66F 195896 ----a-w- C:\WINDOWS\Sysnative\drivers\dumpsd.sys
2020-09-22 03:57:17 42C4888166F5457C71D9E1A90316DACC 255296 ----a-w- C:\WINDOWS\Sysnative\drivers\tpm.sys
2020-09-22 03:57:16 D635BD9DB05B9BC15EAED46086857259 1548288 ----a-w- C:\WINDOWS\Sysnative\drivers\bthport.sys
2020-09-22 03:57:16 D4FB176D0E89BBBDECA6D2D99FBE6803 110592 ----a-w- C:\WINDOWS\Sysnative\drivers\BTHUSB.SYS
2020-09-22 03:57:16 C6D1E24E96FCE7662F7C09394241CC8F 185664 ----a-w- C:\WINDOWS\Sysnative\drivers\usbccgp.sys
2020-09-22 03:57:16 C343EC4406E0F039F52CA6F24430C743 45568 ----a-w- C:\WINDOWS\Sysnative\drivers\BthMini.SYS
2020-09-22 03:57:16 BAA82FAEFCCA50270C6F38D4108403A3 120320 ----a-w- C:\WINDOWS\Sysnative\drivers\hidbth.sys
2020-09-22 03:57:16 9C2D1FD2D00EF01D8406880047A22D74 113664 ----a-w- C:\WINDOWS\Sysnative\drivers\bthenum.sys
2020-09-22 03:57:16 4AB704FD17CA7D6BAD6A442ADED6AE38 647992 ----a-w- C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS
2020-09-22 03:57:16 29F82295E9175BAF041A3570A209D855 602440 ----a-w- C:\WINDOWS\Sysnative\drivers\USBXHCI.SYS
2020-09-22 03:57:16 0825C3B0D4A788E95DE80739E52C9174 106496 ----a-w- C:\WINDOWS\Sysnative\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2020-09-22 03:57:15 F08861347B531E60BBE27ED463AA45FE 223040 ----a-w- C:\WINDOWS\Sysnative\drivers\ataport.sys
2020-09-22 03:57:15 DAE16968F831E8B08B377F73DC803100 185672 ----a-w- C:\WINDOWS\Sysnative\drivers\storahci.sys
2020-09-22 03:57:15 C394B2347795AB247F4F4FFAB46B8935 30024 ----a-w- C:\WINDOWS\Sysnative\drivers\atapi.sys
2020-09-22 03:57:15 B4455289CE91DC29BED94436E485567F 60744 ----a-w- C:\WINDOWS\Sysnative\drivers\storufs.sys
2020-09-22 03:57:15 8CC13B89FA497F29285DB309663CCBE8 472376 ----a-w- C:\WINDOWS\Sysnative\drivers\pci.sys
2020-09-22 03:57:15 6DF4B0136BD9F9E6785239DA69A01281 16704 ----a-w- C:\WINDOWS\Sysnative\drivers\pciide.sys
2020-09-22 03:57:15 5ADECAC874BC8654E94EBEE1095DCA89 155952 ----a-w- C:\WINDOWS\Sysnative\drivers\stornvme.sys
2020-09-22 03:57:15 4FDDC2D1746FFB8BC7F16C6E4B8BEF6C 821048 ----a-w- C:\WINDOWS\Sysnative\drivers\vhdmp.sys
2020-09-22 03:57:15 3B8E0DB1C40727BFEABF28D3C41571F4 19776 ----a-w- C:\WINDOWS\Sysnative\drivers\intelide.sys
2020-09-22 03:57:15 16E6C7C7D4D7BED38CF39EB616C696BC 56648 ----a-w- C:\WINDOWS\Sysnative\drivers\pciidex.sys
2020-09-22 03:57:14 E3CE23E1B2AC47C19C9945407E2AC53E 418800 ----a-w- C:\WINDOWS\Sysnative\drivers\intelpep.sys
2020-09-22 03:57:14 D16E24D3B8E2F298305DA690EE9D4941 26600 ----a-w- C:\WINDOWS\Sysnative\drivers\IntelTA.sys
2020-09-22 03:57:14 76DB2803F668B0D9023422DBD429C2B3 809280 ----a-w- C:\WINDOWS\Sysnative\drivers\acpi.sys
2020-09-22 03:57:14 422A7B5E41AD97859AB5E809C179AA8E 678200 ----a-w- C:\WINDOWS\Sysnative\drivers\spaceport.sys
2020-09-22 03:57:14 1555923007CAD6F7704715D47BEF4A65 215880 ----a-w- C:\WINDOWS\Sysnative\drivers\spacedump.sys
2020-09-22 03:57:14 0A977D7C699B15FDB5CEDFB1D8E5D659 314688 ----a-w- C:\WINDOWS\Sysnative\drivers\usbvideo.sys
2020-09-22 03:57:13 074D2516B7435B3560BF2A69F10BBF22 80896 ----a-w- C:\WINDOWS\Sysnative\drivers\monitor.sys
2020-09-22 03:57:12 F9CDAA90C1E5E356067A88F68B2FF198 202752 ----a-w- C:\WINDOWS\Sysnative\drivers\USBAUDIO.sys
2020-09-22 03:57:11 6A3D89AC2F01A375CC6F12FEC588EFC9 430080 ----a-w- C:\WINDOWS\Sysnative\drivers\HdAudio.sys
====== C:\WINDOWS\Tasks ======
2020-10-13 18:49:33 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\Mozilla
2020-09-28 14:33:12 32B5A747C2FC19F78E73DDF3ED4A7724 4518 ----a-w- C:\WINDOWS\Sysnative\Tasks\Adobe Flash Player NPAPI Notifier
2020-09-22 02:35:14 F2661C171B4588795B4077D560BE343A 3356 ----a-w- C:\WINDOWS\Sysnative\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-09-22 02:35:14 B58D4F301F016C8B5867EB52C30C136B 3480 ----a-w- C:\WINDOWS\Sysnative\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-09-22 02:35:13 F0362FDB68A92E471945D5330D0B3ED6 3716 ----a-w- C:\WINDOWS\Sysnative\Tasks\Adobe Flash Player PPAPI Notifier
2020-09-22 02:35:13 97D35180D69ECF02BB369D453653BA16 4380 ----a-w- C:\WINDOWS\Sysnative\Tasks\Adobe Flash Player Updater
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2020-09-22 03:09:42 -------- d-----w- C:\Program Files\Reference Assemblies
2020-09-22 03:09:42 -------- d-----w- C:\Program Files\MSBuild
2020-09-22 02:52:43 -------- d-----w- C:\Program Files\ATI Technologies
======= C:\PROGRA~2 =====
2020-10-13 16:32:03 -------- d-----w- C:\PROGRA~2\Adware Removal Tool by TSA
2020-09-22 03:09:42 -------- d-----w- C:\PROGRA~2\Reference Assemblies
2020-09-22 03:09:42 -------- d-----w- C:\PROGRA~2\MSBuild
2020-09-19 18:01:22 -------- d-----w- C:\PROGRA~2\ATI Technologies
======= C: =====
====== C:\Users\Vicki\AppData\Roaming ======
2020-10-13 17:26:43 -------- d-----w- C:\Users\Vicki\AppData\Roaming\ZHP
2020-10-13 17:26:43 -------- d-----w- C:\Users\Vicki\AppData\Local\ZHP
2020-09-25 01:10:30 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming\Microsoft
2020-09-24 22:23:45 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\DataSharing
2020-09-24 22:00:03 -------- d-s---w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Locallow\Microsoft
2020-09-22 04:43:37 -------- d-s---w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Locallow\Microsoft
2020-09-22 04:42:16 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Microsoft
2020-09-22 04:42:08 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Microsoft
2020-09-22 04:42:06 -------- d-s---w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Roaming\Microsoft
2020-09-22 04:36:31 -------- d-s---w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Roaming\Microsoft
2020-09-22 04:36:31 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\Microsoft
2020-09-22 04:36:31 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft
2020-09-22 02:42:33 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\D3DSCache
2020-09-22 02:38:29 -------- d-s---w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Locallow\Microsoft
2020-09-22 02:16:05 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\Adobe
2020-09-22 02:16:05 -------- d-----r- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2020-09-22 02:08:32 -------- d-----w- C:\Users\Default\AppData\Roaming\ATI
2020-09-22 02:08:32 -------- d-----w- C:\Users\Default\AppData\Local\ATI
2020-09-22 02:08:32 -------- d-----w- C:\Users\Default User\AppData\Roaming\ATI
2020-09-22 02:08:32 -------- d-----w- C:\Users\Default User\AppData\Local\ATI
2020-09-22 02:08:19 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\ATI
2020-09-22 02:08:19 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\ATI
2020-09-22 02:07:15 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft
2020-09-22 01:59:13 -------- d-s---w- C:\Users\Vicki\AppData\Roaming\Microsoft
2020-09-22 01:59:13 -------- d-----w- C:\Users\Vicki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2020-09-22 01:59:13 -------- d-----w- C:\Users\Vicki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2020-09-22 01:59:13 -------- d-----w- C:\Users\Vicki\AppData\Local\Temp
2020-09-22 01:59:13 -------- d-----w- C:\Users\Vicki\AppData\Local\Microsoft
2020-09-22 01:59:13 -------- d-----r- C:\Users\Vicki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2020-09-22 01:59:13 -------- d-----r- C:\Users\Vicki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2020-09-22 01:59:13 -------- d-----r- C:\Users\Vicki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2020-09-22 01:58:59 -------- d-s---w- C:\Users\Guest\AppData\Roaming\Microsoft
2020-09-22 01:58:59 -------- d-----w- C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2020-09-22 01:58:59 -------- d-----w- C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2020-09-22 01:58:59 -------- d-----w- C:\Users\Guest\AppData\Local\Temp
2020-09-22 01:58:59 -------- d-----w- C:\Users\Guest\AppData\Local\Microsoft
2020-09-22 01:58:59 -------- d-----r- C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2020-09-22 01:58:59 -------- d-----r- C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2020-09-22 01:58:59 -------- d-----r- C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2020-09-22 01:55:28 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\FontCache
2020-09-22 01:53:04 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2020-09-22 01:53:04 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2020-09-22 01:53:04 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp
2020-09-22 01:53:04 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2020-09-22 01:53:04 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2020-09-22 01:53:04 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2020-09-22 01:52:51 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2020-09-22 01:52:50 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2020-09-22 01:52:50 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2020-09-22 01:52:50 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2020-09-22 01:52:50 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2020-09-22 01:52:49 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp
2020-09-22 01:52:45 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Packages
====== C:\Users\Vicki ======
2020-10-13 19:04:45 -------- d-----w- C:\ProgramData\HitmanPro
2020-10-13 19:03:23 BCFD13A9CA0D48F4FFCFAE543DC42A18 11431000 ----a-w- C:\Users\Vicki\Desktop\HitmanPro_x64.exe
2020-10-13 17:24:01 A75E2D7CDF3656E7848E2FCDC6A45231 3332992 ----a-w- C:\Users\Vicki\Desktop\ZHPCleaner.exe
2020-10-13 16:29:01 0FF0F5C72CF494A6A431DF733A4F1E83 752296 ----a-w- C:\Users\Vicki\Desktop\Adware Removal Tool by TSA.exe
2020-10-13 16:10:53 EDE520D0E55EED063FAA3B86AC17569B 8447152 ----a-w- C:\Users\Vicki\Desktop\AdwCleaner.exe
2020-10-13 15:59:07 DC57926B0AA518A3A884A8B7F7158E16 892416 ----a-w- C:\Users\Vicki\Desktop\MiniToolBox.exe
2020-09-25 01:10:30 -------- d-----r- C:\WINDOWS\sysWoW64\config\systemprofile\Desktop
2020-09-22 12:31:23 -------- d-----w- C:\ProgramData\Microsoft OneDrive
2020-09-22 04:42:06 -------- d--h--w- C:\WINDOWS\serviceprofiles\networkservice\AppData
2020-09-22 04:36:31 -------- d--h--w- C:\WINDOWS\serviceprofiles\Localservice\AppData
2020-09-22 02:53:27 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2020-09-22 02:39:46 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Vicki\ntuser.ini
2020-09-22 02:08:19 -------- d-----w- C:\ProgramData\ATI
2020-09-22 01:59:13 -------- d--h--w- C:\Users\Vicki\AppData
2020-09-22 01:58:59 -------- d--h--w- C:\Users\Guest\AppData

====== C: exe-files ==
2020-10-10 01:17:43 32F265C10B4ABA657FAE6852664AD607 3581328 ----a-w- C:\Program Files (x86)\Microsoft\Edge\Application\86.0.622.38\Installer\setup.exe
2020-10-10 01:17:36 5E8D3204152804167E860AF3C1283CEC 1028992 ----a-w- C:\Program Files (x86)\Microsoft\Edge\Application\86.0.622.38\notification_helper.exe
2020-10-10 01:17:35 57D32B62B413B7CE16ADDFB8FF51B19B 1459592 ----a-w- C:\Program Files (x86)\Microsoft\Edge\Application\86.0.622.38\msedge_pwa_launcher.exe
2020-10-10 01:17:34 06BE532074349746B854DD8CED97C3DF 2476944 ----a-w- C:\Program Files (x86)\Microsoft\Edge\Application\86.0.622.38\msedgewebview2.exe
2020-10-10 01:16:49 FCB4695CB5AC403F27E28FE287E5FB8E 1025936 ----a-w- C:\Program Files (x86)\Microsoft\Edge\Application\86.0.622.38\identity_helper.exe
2020-10-10 01:16:46 03D149211C305DD1EF7DDEFCB34459C3 1535376 ----a-w- C:\Program Files (x86)\Microsoft\Edge\Application\86.0.622.38\elevation_service.exe
2020-10-10 01:16:44 ADA8C7B707204FD5A6295F8E6B1057CD 100240 ----a-w- C:\Program Files (x86)\Microsoft\Edge\Application\86.0.622.38\cookie_exporter.exe
2020-10-10 01:16:43 C9299E8D8F15D9C3172AAC45FC00B67C 484752 ----a-w- C:\Program Files (x86)\Microsoft\Edge\Application\86.0.622.38\BHO\ie_to_edge_stub.exe
2020-10-10 00:52:13 1334325EC0B3AA5DE43FD7A8EE7531B3 34499472 ----a-w- C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}\86.0.622.38\MicrosoftEdge_X64_86.0.622.38_85.0.564.70.exe
2020-10-07 11:28:58 1620108852E1C74CCA24350F61C142B2 1813920 ----a-w- C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.135.41\MicrosoftEdgeUpdateSetup.exe
2020-10-07 11:28:47 F0E2D7A206E24797D6A63F5D792E1B75 232352 ----a-w- C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.135.41\MicrosoftEdgeUpdateCore.exe
2020-10-07 11:28:46 F1E3213448990CD96023FC731FC3A670 200096 ----a-w- C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.135.41\MicrosoftEdgeUpdateComRegisterShell64.exe
2020-10-07 11:28:46 7119890640B4EEC930BFB3BF5AD0D979 157600 ----a-w- C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.135.41\MicrosoftEdgeComRegisterShellARM64.exe
2020-10-07 11:28:45 A233974C5FC09A0B5B654BDD0AF443AC 101264 ----a-w- C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.135.41\MicrosoftEdgeUpdateBroker.exe
2020-10-07 11:28:45 8661FBB97161096BE503CD295AA46409 213920 ----a-w- C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.135.41\MicrosoftEdgeUpdate.exe
2020-10-07 11:28:45 2A959D0A874F7CD187879C1B12701C1E 101280 ----a-w- C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.135.41\MicrosoftEdgeUpdateOnDemand.exe
2020-10-07 11:28:38 1620108852E1C74CCA24350F61C142B2 1813920 ----a-w- C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.135.41\MicrosoftEdgeUpdateSetup_X86_1.3.135.41.exe
=== C: other files ==
2020-10-10 01:17:38 903E72AC93C31F30E7B9C084203D94AE 372 ----a-w- C:\Program Files (x86)\Microsoft\Edge\Application\86.0.622.38\show_third_party_software_licenses.bat
2020-10-07 11:34:59 836F6336032FEBE14FD298AE87A066BB 48536 ----a-w- C:\Windows\System32\drivers\wd\WdBoot.sys
2020-10-07 11:34:59 0BC89319365E2C79C2EAB2C4FB93834A 69864 ----a-w- C:\Windows\System32\drivers\wd\WdNisDrv.sys
2020-10-07 11:34:59 00480F0692057AEA3D53502C9A05F02B 428264 ----a-w- C:\Windows\System32\drivers\wd\WdFilter.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-416553533-128511661-218540698-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Smart Cleaning"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_USERS\S-1-5-21-416553533-128511661-218540698-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #0"="C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --notification-launch-id=1|1|2|Default|0|chrome-extension://mlhnkbkckpjokodfbhlaeoeelmndflnm/|mlhnkbkckpjokodfbhlaeoeelmndflnm-adForSupport --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Smart Cleaning"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #0"="C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --notification-launch-id=1|1|2|Default|0|chrome-extension://mlhnkbkckpjokodfbhlaeoeelmndflnm/|mlhnkbkckpjokodfbhlaeoeelmndflnm-adForSupport --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"
"SecurityHealth"="%windir%\system32\SecurityHealthSystray.exe "
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\Adobe Flash Player NPAPI Notifier" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_Plugin.exe]
"C:\WINDOWS\SysNative\tasks\Adobe Flash Player PPAPI Notifier" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_pepper.exe]
"C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\WINDOWS\SysNative\tasks\CCleaner Update" [C:\Program Files\CCleaner\CCUpdate.exe]
"C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\WINDOWS\SysNative\tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B" [C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Vicki\AppData\Roaming\Mozilla\Firefox\Profiles\91h6j3wf.default-release-1588449406983
user_pref("browser.startup.homepage", "https://www.msn.com/");

==== Firefox Extensions ======================

ProfilePath: C:\Users\Vicki\AppData\Roaming\Mozilla\Firefox\Profiles\91h6j3wf.default-release-1588449406983
- Undetermined - %ProfilePath%\extensions\trash
- Facebook Container - %ProfilePath%\extensions\@contain-facebook.xpi
- short_ __MSG_short_name__ - %ProfilePath%\extensions\adblockultimate@adblockultimate.net.xpi
- Webmail Ad Blocker - %ProfilePath%\extensions\gmailnoads@mywebber.com.xpi

==== Firefox Plugins ======================

==== Chromium Look ======================

Origin - Vicki\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh
Webmail Ad Blocker - Vicki\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mlhnkbkckpjokodfbhlaeoeelmndflnm

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="MSN | Outlook, Office, Skype, Bing, Breaking News, and Latest Videos"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="MSN | Outlook, Office, Skype, Bing, Breaking News, and Latest Videos"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - It's harvest time on World Food Day{searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - It's harvest time on World Food Day{searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} - Google{searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - Google{searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - It's harvest time on World Food Day{searchTerms}&src=IE-SearchBox&FORM=IESR02
HKCU\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} - Google{searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Uninstall List x64 ======================

Adobe Flash Player 32 NPAPI [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player NPAPI]
Adobe Flash Player 32 PPAPI [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player PPAPI]

Vicki · 2020/10/16

more:
AMD Catalyst Control Center [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AF0FDA86-6E7B-1A6C-51D4-43AF50181ED2}]
AMD Catalyst Control Center [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WUCCCApp]
AMD Fuel [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E7366CA8-7179-77AE-E712-BA18D70A0A07}]
Catalyst Control Center - Branding [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{11087D24-567D-7D88-69C6-D7A08B5F4C47}]
Catalyst Control Center InstallProxy [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{64D5A142-BD50-726E-ED9E-D2508D2A17E2}]
Catalyst Control Center Localization All [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1AD99E77-37CC-744E-39CA-67F6FD34565A}]
ccc-utility64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{063E67F0-C298-8A2A-0FA6-84C15322A4E0}]
CCC Help Chinese Standard [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{35A71DED-DA81-1313-352A-EC8A0B27DF3B}]
CCC Help Chinese Traditional [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{79D22166-78C1-2AD4-04E7-BD22BD58FD46}]
CCC Help Czech [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3D13AB8-468A-0174-1D06-DB9AAE8A131B}]
CCC Help Danish [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F8DDBE95-DCBE-03B5-5359-DE3601146E21}]
CCC Help Dutch [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CA95D57F-9FC3-0DD7-7C36-362F74D8C04E}]
CCC Help English [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1BB85E73-0D92-604A-0AAF-C7AAD5E3A3C6}]
CCC Help Finnish [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{085EBD0C-F24E-EB94-6D33-2A22EF64C5CF}]
CCC Help French [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1E72F5D1-553E-CFF9-06A3-8C5AF507DD1C}]
CCC Help German [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6FDCB1C3-9EDC-3CBC-473C-DD85ED5E0494}]
CCC Help Greek [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F77474EE-EB6C-C87B-88AF-3310C848E068}]
CCC Help Hungarian [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2D07E15C-A9A4-D8D6-D371-92EC8779E587}]
CCC Help Italian [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{82CA1714-13EA-F419-91FE-12834424745E}]
CCC Help Japanese [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C1EA3764-1138-AE27-AD63-549BAD99BA15}]
CCC Help Korean [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{07326A3E-02B3-1078-25D7-B8666BA8FE15}]
CCC Help Norwegian [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A5A6A4D0-2005-2A05-2E21-495808CF95ED}]
CCC Help Polish [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E817E580-6318-AFC8-2102-322C73117EC4}]
CCC Help Portuguese [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B839153C-D4D2-F89C-5033-0A160C62706B}]
CCC Help Russian [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{25ACE797-EBDA-0E4B-096F-9FE97A1E2A6F}]
CCC Help Spanish [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{350E61E5-6C2C-2F3C-3A14-7E094AB6D3A0}]
CCC Help Swedish [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8FFCCB27-EE2D-D58F-5ABD-ED5C06B91E81}]
CCC Help Thai [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A760847A-C4D9-E7EF-716F-07C6CBF6B147}]
CCC Help Turkish [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8CBC65A3-40AB-DE65-2CB1-997ABDA8FD68}]
CCleaner [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CCleaner]
Malwarebytes version 4.0.4.49 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1]
Microsoft Edge [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Edge]
Microsoft Edge Update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Edge Update]
Microsoft Update Health Tools [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{406C9ADB-1325-4FD0-9D13-C119CFF64E0A}]
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15134cb0-b767-4960-a911-f2d16ae54797}]
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{22154f09-719a-4619-bb71-5b3356999fbf}]
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}]
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}]
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}]
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}]
Mozilla Firefox 81.0.2 (x86 en-US) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 81.0.2 (x86 en-US)]
Mozilla Maintenance Service [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MozillaMaintenanceService]
Realtek High Definition Audio Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}]
Speccy [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Speccy]
Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\SynTPDeinstKey]

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\86.0.622.38\BHO\ie_to_edge_bho.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\RunOnce: [Application Restart #0] C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --notification-launch-id=1|1|2|Default|0|chrome-extension://mlhnkbkckpjokodfbhlaeoeelmndflnm/|mlhnkbkckpjokodfbhlaeoeelmndflnm-adForSupport --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_5429a - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Vicki\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Vicki\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Vicki\AppData\Local\Mozilla\Firefox\Profiles\91h6j3wf.default-release-1588449406983\cache2 emptied successfully

==== Empty Edge Cache ======================

Edge Cache Emptied Successfully

==== Empty Chrome Cache ======================

C:\Users\Vicki\AppData\Local\Microsoft\Edge\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=23 folders=151 19733094 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Guest\AppData\Local\Temp emptied successfully
C:\Users\Vicki\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Vicki\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\DumpStack.log.tmp" not deleted

==== EOF on Tue 10/13/2020 at 16:49:05.00 ======================

Vicki · 2020/10/16

Hope I did this correctly! Thanks again for the offer to help. Like I stated in my original post, I don't often use this laptop unless my hubby is using the desktop. So I haven't been able to really see if there have been any improvements since apply these steps. But then I'm not sure if that should be the case anyway? Will wait further instructions before I reply with any noticeable difference.
~Vicki

Evan Omo · 2020/11/11

Since your laptop has a hard drive installed, I would highly recommend you upgrade the system to a solid state drive which will dramatically improve the systems performance. I would look at getting this SSD, Samsung 860 EVO 500GB 2.5 Inch SATA III Internal SSD.

In Autoruns on the Logon Tab, remove the Realtek HD Audio Manager and the Catalyst Control Center items from startup.

Also based on the logs your laptop only has 2 GB's of RAM installed. Is this true? Can you open up Task Manager and let me know how much memory is installed in the laptop?

retiredlearner · 2020/11/11

I agree Evan, An SSD and max out the RAM as 2GB's is light for 64bit W10.

Vicki · 2020/11/11

Thank you both for your responses. According to Speccy "2.00GB DDR3 @ 540MHz (7-7-7-19)" is what I have for RAM. Not sure I would feel comfortable trying to upgrade the Ram and hard drive myself?! And due to my lack of computer knowledge, I don't know even where to look to remove those items from start up. :-(

Evan Omo · 2020/11/14

Use the Autoruns application that you posted a screenshot of and disable those two items that I outlined in my previous post.

You could upgrade the RAM and install an SSD but if you don't feel comfortable in upgrading those parts yourself then you may want to have a local computer technician do that for you, or you can simply buy a newer laptop with better hardware.

Vicki · 2020/11/14

Thanks everyone for taking your time to help me with this! I'm not sure it would even be worthwhile to try and upgrade this "older" laptop? I don't rely on it that much and if it does get to the point where I can no longer tolerate it, I will definitely be purchasing a newer one! (It has seen some improvement in recent days, so I'm okay with it for now) Truly appreciate all the good advice I find on this BBS!

Evan Omo · 2020/11/14

Thanks for the update.

Log in or Sign up

Resolved Laptop issues (slow, hanging, etc.)

Vicki Well-Known Member Thread Starter

MrBill SuperGeek WindowsBBS Team Member

Vicki Well-Known Member Thread Starter

MrBill SuperGeek WindowsBBS Team Member

retiredlearner SuperGeek WindowsBBS Team Member

Evan Omo Computer Support Technician Staff

Vicki Well-Known Member Thread Starter

Vicki Well-Known Member Thread Starter

Vicki Well-Known Member Thread Starter

Vicki Well-Known Member Thread Starter

Evan Omo Computer Support Technician Staff

retiredlearner SuperGeek WindowsBBS Team Member

Vicki Well-Known Member Thread Starter

Evan Omo Computer Support Technician Staff

Vicki Well-Known Member Thread Starter

Evan Omo Computer Support Technician Staff

Share This Page

Log in or Sign up

Resolved Laptop issues (slow, hanging, etc.)

Vicki Well-Known Member Thread Starter

MrBill SuperGeek WindowsBBS Team Member

Vicki Well-Known Member Thread Starter

MrBill SuperGeek WindowsBBS Team Member

retiredlearner SuperGeek WindowsBBS Team Member

Evan Omo Computer Support Technician Staff

Vicki Well-Known Member Thread Starter

Vicki Well-Known Member Thread Starter

Vicki Well-Known Member Thread Starter

Vicki Well-Known Member Thread Starter

Evan Omo Computer Support Technician Staff

retiredlearner SuperGeek WindowsBBS Team Member

Vicki Well-Known Member Thread Starter

Evan Omo Computer Support Technician Staff

Vicki Well-Known Member Thread Starter

Evan Omo Computer Support Technician Staff

Share This Page

Useful Searches