Win7, 32Bit Malwarebytes Premium, Microsoft Essentials,CC Cleaner Free Edition
I could not DL a good version of FRST because all three I download starting with the link from GeeksToGo site had a Trojan in it. I had an OLD VERSION of FRST so I ran it and provided the log. I also provided Adw because I ran it and it came up with a file in question C:\Windows\system32\GroupPolicy\User\Registry.pol .
I ran MalwareB nothing found. AdwCleaner info below. Ran Mbytes in SafeMode nothing found. Tried to run Sofus I get 1606 error and can not run updated version.
First day at the cursor the hourglass comes up and blinks repeatedly. 2nd day same blinking at the cursor and my computer locked up. I had to shut down with power button. Tried to go into Safe Mode and my CPU locked up and I had to use Power Button to power down then came back up and the system ran a disk check which I believe showed no problems.
2nd Day tried to run Sofos Virus Removal and I get Error 1606. Could not access network location data. 1st day I could access Sofos and I was running the scan but it was late and I decided to wait until day two to complete the scan now I get this error. Another odd thing When I change file names a DUPLICATE with no data but only a jpeg remains in the folder with the new named file.
i found after reading and searching the TaskManager
* googleupdate.exe turned off in TaskManager and the Blinking Hourglass goes away. I set in Startup NOT to Start googleupdate but it starts anyway. I only use google for search engine and I had a copy of Chrome on my system and I deleted that awhile ago. I never had problems with the 3ea google entries until lately. I never saw them in my system before.
AdwCleaner
C\Windows\system32\GroupPolicy\User\Registry.pol to remove
# AdwCleaner v3.307 - Report created 06/11/2019 at 05:57:39
# Updated 17/08/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)
# Username : Scott - SCOTT-PC
# Running from : C:\Users\Scott\Desktop\DESKTOP Utilities\AdwCleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
File Found : C:\Windows\system32\GroupPolicy\User\Registry.pol
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.19036
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://ixquick.com/
-\\ Mozilla Firefox v66.0.4 (x86 en-US)
[ File : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\txhldk6d.default\prefs.js ]
[ File : C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\ga1mnb9r.default-1435092364228\prefs.js ]
[ File : C:\Users\SM\AppData\Roaming\Mozilla\Firefox\Profiles\43mkhyks.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [1149 octets] - [20/06/2018 17:26:59]
AdwCleaner[R1].txt - [1168 octets] - [23/08/2018 10:42:56]
AdwCleaner[R2].txt - [1193 octets] - [06/11/2019 05:57:39]
AdwCleaner[S0].txt - [1212 octets] - [20/06/2018 17:56:33]
########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [1313 octets] ##########
OLD VERSION FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19.04.2018
Ran by Scott (administrator) on SCOTT-PC (07-11-2019 06:05:00)
Running from J:\Seagate Backup\SCOTT-PC\C\Users\Scott\Documents\NewInfo\My Documents\ScottPersonal\Computer\Computer Fix 052518\FRST-OlderVersion
Loaded Profiles: Scott & (Available Profiles: Scott & SM & Administrator)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Andrea Electronics Corporation) C:\Windows\System32\AERTSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Seagate Technology LLC) C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
() C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Reason Software Company Inc.) C:\Program Files\Unchecky\bin\unchecky_svc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Reason Software Company Inc.) C:\Program Files\Unchecky\bin\unchecky_bg.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Seagate LLC) C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
() C:\Program Files\EZ-DUB\EZ-DUB.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Google LLC.) C:\Users\Scott\AppData\Local\Google\Update\Install\{8E467853-7744-42FC-9890-C91DDFBC9468}\GoogleVideoSupportPluginInstaller.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Daum Communications) C:\Program Files\DAUM\PotPlayer\PotPlayerMini.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssist\uaclauncher.exe
(Daum Communications) C:\Program Files\DAUM\PotPlayer\PotPlayerMini.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\microsoft office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\microsoft office\Office12\WINWORD.EXE
(Daum Communications) C:\Program Files\DAUM\PotPlayer\PotPlayerMini.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4907008 2008-01-17] (Realtek Semiconductor)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2010-08-10] (Apple Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1002984 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [MaxMenuMgr] => C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe [185640 2009-09-25] (Seagate LLC)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM Group Policy restriction on software: %userprofile%\AppData\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.com <==== ATTENTION
HKLM Group Policy restriction on software: syskey.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.scr <==== ATTENTION
HKLM Group Policy restriction on software: vssadmin.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.pif <==== ATTENTION
HKLM Group Policy restriction on software: scsvserv.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.scr <==== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Binexe <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.com <==== ATTENTION
HKLM Group Policy restriction on software: ** <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.scr <==== ATTENTION
HKLM Group Policy restriction on software: lsassvrtdbks.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.divx*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.scr <==== ATTENTION
HKLM Group Policy restriction on software: lsassw86s.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.scr <==== ATTENTION
HKLM Group Policy restriction on software: cipher.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*\svchost.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.divx*.com <==== ATTENTION
HKLM Group Policy restriction on software: %systemdrive%\*\svchost.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.com <==== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Binpif <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Binscr <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.divx*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.com <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.divx*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bincom <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.pif <==== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.com <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.com <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %programfiles%\*\svchost.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Appdata\Roaming\Microsoft\Windows\IEUpdate\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.scr <==== ATTENTION
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035201690\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-10] (Piriform Ltd)
HKU\S-1-5-21-4044866103-2329573634-2605357377-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-4044866103-2329573634-2605357377-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-10] (Piriform Ltd)
HKU\S-1-5-21-4044866103-2329573634-2605357377-1000\...\Policies\Explorer: [NoDriveAutoRun] -1
HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-10] (Piriform Ltd)
HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169\...\Policies\Explorer: [NoDriveAutoRun] -1
HKU\S-1-5-21-4044866103-2329573634-2605357377-1000.new-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035213988\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-10] (Piriform Ltd)
HKU\S-1-5-21-4044866103-2329573634-2605357377-1000.new-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035213988\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-4044866103-2329573634-2605357377-1000.new-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035213988\...\Run: [Google Update] => C:\Users\Scott\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe
HKU\S-1-5-21-4044866103-2329573634-2605357377-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035214173\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-10] (Piriform Ltd)
HKU\S-1-5-18\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-10] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\EZ-DUB Finder.lnk [2014-04-09]
ShortcutTarget: EZ-DUB Finder.lnk -> C:\Program Files\EZ-DUB\EZ-DUB.exe ()
GroupPolicy\User: Restriction ? <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3C6031F9-D42E-4882-9D5F-83F90B249A56}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4044866103-2329573634-2605357377-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4044866103-2329573634-2605357377-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://ixquick.com/
HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://ixquick.com/
SearchScopes: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000 -> {0169E633-8781-F882-9BC7-7B014AE4DE4E} URL = hxxp://www.bing.com/search?q={searchTerms}&pc=Z206&form=ZGAIDF&install_date=20111213&iesrc={referrer:source}
SearchScopes: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000 -> {09533787-AE1B-4686-AD2C-648367BFEF2B} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
SearchScopes: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000 -> {454575F2-C92B-4CBB-B1F6-3D04AC434B77} URL = hxxp://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169 -> {0169E633-8781-F882-9BC7-7B014AE4DE4E} URL = hxxp://www.bing.com/search?q={searchTerms}&pc=Z206&form=ZGAIDF&install_date=20111213&iesrc={referrer:source}
SearchScopes: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169 -> {09533787-AE1B-4686-AD2C-648367BFEF2B} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
SearchScopes: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169 -> {454575F2-C92B-4CBB-B1F6-3D04AC434B77} URL = hxxp://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000.new-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035213988 -> {8ED32383-468A-4A24-BDD3-1CF6EFCBCB5F} URL =
FireFox:
========
FF ProfilePath: C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\ga1mnb9r.default-1435092364228 [2019-11-07]
FF Homepage: Mozilla\Firefox\Profiles\ga1mnb9r.default-1435092364228 -> hxxps://www.startpage.com/
FF Extension: (ePUB Reader) - C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\ga1mnb9r.default-1435092364228\Extensions\{323353ee-cfbd-4178-9676-85566d98c8b1}.xpi [2019-07-25]
FF Extension: (NoScript) - C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\ga1mnb9r.default-1435092364228\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2018-04-19]
FF Extension: (ePub to PDF converter) - C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\ga1mnb9r.default-1435092364228\Extensions\{8a0f8ab2-8697-4228-a27c-3200e8989ed7}.xpi [2019-07-25]
FF Extension: (Adblock Plus) - C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\ga1mnb9r.default-1435092364228\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-04-24]
FF Extension: (Baidu Search Update) - C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\ga1mnb9r.default-1435092364228\features\{8e7c2858-31be-4289-ba96-b2ade21ea15c}\[email protected] [2019-05-06]
FF Extension: (Firefox Monitor) - C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\ga1mnb9r.default-1435092364228\features\{8e7c2858-31be-4289-ba96-b2ade21ea15c}\[email protected] [2019-05-06]
FF Extension: (WebCompat Reporter) - C:\Program Files\Mozilla Firefox\browser\features\[email protected] [2019-05-04] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_270.dll [2019-10-09] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2012-08-08] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-26] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4044866103-2329573634-2605357377-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Scott\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-4044866103-2329573634-2605357377-1000: @talk.google.com/O1DPlugin -> C:\Users\Scott\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-4044866103-2329573634-2605357377-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169: @talk.google.com/GoogleTalkPlugin -> C:\Users\Scott\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169: @talk.google.com/O1DPlugin -> C:\Users\Scott\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169: @tools.google.com/Google Update;version=3 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [No File]
FF Plugin ProgramFiles/Appdata: C:\Users\Scott\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Scott\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-10-09] (Adobe)
R2 AERTFilters; C:\Windows\system32\AERTSrv.exe [77824 2007-12-05] (Andrea Electronics Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [171928 2017-12-14] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [2358672 2017-12-14] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [188816 2017-12-14] (Dell Inc.)
S3 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [396952 2016-06-08] ()
R2 FreeAgentGoNext Service; C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe [189736 2009-09-25] (Seagate Technology LLC)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5394136 2019-06-26] (Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [103696 2016-11-14] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [280864 2016-11-14] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.) [File not signed]
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.) [File not signed]
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [41432 2018-02-14] (Dell Inc.)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2004-12-13] (Ulead Systems, Inc.) [File not signed]
R2 Unchecky; C:\Program Files\Unchecky\bin\unchecky_svc.exe [297240 2018-04-08] (Reason Software Company Inc.)
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [396952 2016-06-08] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 DDDriver; C:\Windows\System32\drivers\DDDriver32Dcsa.sys [30912 2017-12-10] (Dell Inc.)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [30520 2017-12-10] (Dell Computer Corporation)
R3 e1express; C:\Windows\System32\DRIVERS\e1e6232.sys [232312 2012-10-30] (Intel Corporation)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [128552 2019-01-08] (Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [173512 2019-11-06] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [190624 2019-11-07] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [64296 2019-11-07] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [241760 2019-11-07] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [86768 2019-11-07] (Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [252808 2016-08-25] (Microsoft Corporation)
R1 MpKslada68005; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E94387ED-6823-471E-8AF4-A8D7BCEA8303}\MpKslada68005.sys [49504 2019-11-07] (Microsoft Corporation)
S3 NAL; C:\Windows\system32\Drivers\iqvw32.sys [33816 2017-09-11] (Intel Corporation )
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R3 ULCDRHlp; C:\Windows\System32\Drivers\ULCDRHlp.sys [27392 2004-12-22] (Ulead Systems, Inc.) [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-11-07 05:49 - 2019-11-07 05:49 - 000000000 _____ C:\Users\Scott\Downloads\FRST.exe
2019-11-07 05:40 - 2019-11-07 05:41 - 000000000 ____D C:\Users\Scott\Desktop\Esoteric Pictures
2019-11-07 04:40 - 2019-11-07 04:54 - 768791078 _____ C:\Users\Scott\Downloads\dani-jenson-gets-a-cp_1080p.mp4
2019-11-07 04:35 - 2019-11-07 04:50 - 687500431 _____ C:\Users\Scott\Downloads\nicole-aniston-nicole-s-oasis_1080p.mp4
2019-11-07 04:34 - 2019-11-07 04:53 - 738396595 _____ C:\Users\Scott\Downloads\hello-sexy-2_1080p.mp4
2019-11-07 04:27 - 2019-11-07 04:47 - 766467627 _____ C:\Users\Scott\Downloads\hello-sexy-3_1080p.mp4
2019-11-07 04:19 - 2019-11-07 04:48 - 1140851350 _____ C:\Users\Scott\Downloads\hardx-bella-roland-new-to-anal_1080p.mp4
2019-11-07 04:17 - 2019-11-07 04:43 - 1054815631 _____ C:\Users\Scott\Downloads\lubed-winter-jade-soaked-winter_1080p.mp4
2019-11-07 04:16 - 2019-11-07 04:32 - 550628150 _____ C:\Users\Scott\Downloads\exxxtrasmall-aubree-ice6_720p.mp4
2019-11-07 04:13 - 2019-11-07 04:33 - 1167221000 _____ C:\Users\Scott\Downloads\sis-loves-me-indica-flower_1080p.mp4
2019-11-07 04:08 - 2019-11-07 04:13 - 222035127 _____ C:\Users\Scott\Downloads\lara-cumkitten-brutal-zerfickt-und-als-sperma-eimer-b_1080p.mp4
2019-11-07 04:07 - 2019-11-07 04:12 - 244058561 _____ C:\Users\Scott\Downloads\lara-cumkitten-rastplatz-[bleep]-zerfickt-mega-cumshot_1080p.mp4
2019-11-07 04:06 - 2019-11-07 04:11 - 196617593 _____ C:\Users\Scott\Downloads\lara-cumkitten-fickdate-mit-andy-schlampen-matratze_1080p.mp4
2019-11-07 04:05 - 2019-11-07 04:11 - 280558565 _____ C:\Users\Scott\Downloads\lara-cumkitten-fickdate-auf-der-strasse-klargemacht_1080p.mp4
2019-11-07 03:51 - 2019-11-07 03:51 - 000190624 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-11-07 03:51 - 2019-11-07 03:51 - 000064296 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-11-07 03:50 - 2019-11-07 03:50 - 000241760 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-11-07 03:50 - 2019-11-07 03:50 - 000086768 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-11-06 07:50 - 2019-11-07 05:23 - 000000000 ____D C:\Users\Scott\Desktop\Problem 110619
2019-11-05 13:04 - 2019-11-05 13:27 - 2044512433 _____ C:\Users\Scott\Downloads\LaSirena69 BB Pierced Nipple Maid Gets [bleep]ed 1080p.mp4
2019-11-05 10:42 - 2019-11-05 15:33 - 895439364 _____ C:\Users\Scott\Downloads\watchmen.s01e01.720p.mp4
2019-11-05 10:09 - 2019-11-05 12:06 - 1442968451 _____ C:\Users\Scott\Downloads\Kali Roses POVD Oil Me Down 1080p.mp4
2019-11-05 10:06 - 2019-11-05 15:44 - 2403321075 _____ C:\Users\Scott\Downloads\Kleio Valentien DeepLush Passionate Moment BIG 1080p.mp4
2019-11-04 13:27 - 2019-11-04 14:14 - 879847232 _____ C:\Users\Scott\Downloads\Kali Roses Familystrokes 1080p.mp4
2019-11-04 13:26 - 2019-11-04 13:55 - 459896502 _____ C:\Users\Scott\Downloads\Kali Roses Teenpies 720p.mp4
2019-11-04 13:22 - 2019-11-04 13:56 - 974168864 _____ C:\Users\Scott\Downloads\Kali Roses JaysPOV Horny teen ss 1080p.mp4
2019-11-04 13:21 - 2019-11-04 14:14 - 1746786822 _____ C:\Users\Scott\Downloads\Kali Roses BB Bangbus 1080p.mp4
2019-11-04 10:58 - 2019-11-04 11:37 - 1934715390 _____ C:\Users\Scott\Downloads\Kali Roses VR Kalifornication 1080p.mp4
2019-11-04 10:57 - 2019-11-04 11:27 - 827166762 _____ C:\Users\Scott\Downloads\Kali Roses WankzVR Taco Tuesday 1080p.mp4
2019-11-04 10:52 - 2019-11-04 11:24 - 1124617366 _____ C:\Users\Scott\Downloads\Kali Roses POV Propertysex Property manager issues 1080p.mp4
2019-11-04 09:38 - 2019-11-04 09:47 - 732902537 _____ C:\Users\Scott\Downloads\Canel Skin Momxxx 1080p.mp4
2019-11-04 09:20 - 2019-11-04 13:28 - 1618962920 _____ C:\Users\Scott\Downloads\Winter Jade POVD Pumped Pussy 1080p.mp4
2019-11-04 08:21 - 2019-11-04 08:49 - 1223223487 _____ C:\Users\Scott\Downloads\LaSirena69 BANG Rammed 1080p.mp4
2019-11-04 08:20 - 2019-11-04 09:08 - 698695612 _____ C:\Users\Scott\Downloads\LaSirena69 MrLuckyPOVsirena A very sexy Halloween 1080p.mp4
2019-11-04 08:02 - 2019-11-04 10:22 - 1009645930 _____ C:\Users\Scott\Downloads\KS-RL Problem.mp4
2019-11-04 07:52 - 2019-11-04 09:44 - 1362304557 _____ C:\Users\Scott\Downloads\Karissa Shannon Absolutely Bootiful In Leggings 1080p.mp4
2019-11-04 07:47 - 2019-11-04 09:15 - 1078639259 _____ C:\Users\Scott\Downloads\Karissa Shannon Sneaky Shannon Silhouette 1080p.mp4
2019-11-04 06:59 - 2019-11-04 07:13 - 1176603672 _____ C:\Users\Scott\Downloads\Angela White VR Knows how to wash your car right 1080p.mp4
2019-11-04 06:51 - 2019-11-04 07:04 - 995783816 _____ C:\Users\Scott\Downloads\Angela White BANG Surprise 1080p.mp4
2019-11-04 06:37 - 2019-11-04 06:43 - 578216470 _____ C:\Users\Scott\Downloads\Angela White VR Your white knight 1080p.mp4
2019-11-01 05:32 - 2019-11-01 06:12 - 1578029512 _____ C:\Users\Scott\Downloads\Dani jensen Pervmom POV Ginger MILF Dreams 1080p.mp4
2019-11-01 04:24 - 2019-11-01 04:43 - 1170160192 _____ C:\Users\Scott\Downloads\Vina Sky BANG YNGR POV 1080p.mp4
2019-11-01 04:20 - 2019-11-01 04:35 - 919783253 _____ C:\Users\Scott\Downloads\Jessie Lee RawAttack 1080p.mp4
2019-10-30 05:03 - 2019-10-30 05:28 - 1770784386 _____ C:\Users\Scott\Downloads\Winter Jade Dadcrush POV Innapropriate talks with stepdad 1080p.mp4
2019-10-30 05:01 - 2019-10-30 05:19 - 1083796854 _____ C:\Users\Scott\Downloads\Winter Jade Pornfidelity In dreaming of winter 720p.mp4
2019-10-28 09:56 - 2019-10-28 09:56 - 002271416 _____ C:\Users\Scott\Downloads\The_Mystery_of_Oak_Island_Pt-3_Swan_Secrets.pdf
2019-10-28 07:52 - 2019-10-28 08:21 - 1902901452 _____ C:\Users\Scott\Downloads\Sovereign Syre Wildoncam Cherry Pimps 1080p.mp4
2019-10-24 12:38 - 2019-10-24 14:50 - 1310023139 _____ C:\Users\Scott\Downloads\Khloe Kapri VR MSHF 101419 1080p.mp4
2019-10-24 12:34 - 2019-10-24 15:00 - 1739337611 _____ C:\Users\Scott\Downloads\Gia Derza POV Teen Hooker To Come [bleep] Him While His Wife Is Gone 1080.mp4
2019-10-24 12:26 - 2019-10-24 12:33 - 263100594 _____ C:\Users\Scott\Downloads\Gia Derza Cherry Pimps 720p.mp4
2019-10-24 12:25 - 2019-10-24 12:39 - 760900836 _____ C:\Users\Scott\Downloads\Gia Derza VR Fondling Memories 1080p.mp4
2019-10-23 09:02 - 2019-10-23 09:14 - 576252771 _____ C:\Users\Scott\Downloads\Alexa POV Wars 1080p.mp4
2019-10-23 09:01 - 2019-10-23 09:12 - 407227389 _____ C:\Users\Scott\Downloads\Nia Nacci VR One year later 1080p.mp4
2019-10-23 09:00 - 2019-10-23 09:16 - 599674470 _____ C:\Users\Scott\Downloads\Tasha Reign VR Reign Supreme 1080p.mp4
2019-10-23 08:24 - 2019-10-23 08:38 - 981759354 _____ C:\Users\Scott\Downloads\Indica Flower Pornfidelity Free Spirit 720p.mp4
2019-10-23 07:38 - 2019-10-23 08:45 - 1133057219 _____ C:\Users\Scott\Downloads\Kimber Woods Pornfidelity 1080p.mp4
2019-10-23 07:21 - 2019-10-23 09:23 - 882517858 _____ C:\Users\Scott\Downloads\Ryan Conner Scene with Steve Holmes 1080p.mp4
2019-10-23 07:08 - 2019-10-23 11:03 - 1441070657 _____ C:\Users\Scott\Downloads\Ryan Conner Full Service POV #5 1080p.mp4
2019-10-23 04:37 - 2019-10-23 06:34 - 1442028771 _____ C:\Users\Scott\Downloads\Gianna Dior HW1on1 102319 1080p.mp4
2019-10-21 05:05 - 2019-10-20 23:01 - 1928093611 _____ C:\Users\Scott\Downloads\Ava Addams MFHM 102119 1080p.mp4
2019-10-20 08:13 - 2019-10-20 11:05 - 2111671506 _____ C:\Users\Scott\Downloads\Kit Mercer RawAttack.mp4
2019-10-20 08:09 - 2019-10-20 08:23 - 714260743 _____ C:\Users\Scott\Downloads\Kit Mercer MrLuckyPOV Late night [bleep] 1080p.mp4
2019-10-20 07:19 - 2019-10-20 07:32 - 729831088 _____ C:\Users\Scott\Downloads\Abigail Mac MOFOs POV Being Squeezed1080p.mp4
2019-10-20 07:14 - 2019-10-20 07:48 - 2257056221 _____ C:\Users\Scott\Downloads\Kit Mercer WildOnCam CherryPimps 090519 1080p.mp4
2019-10-20 07:03 - 2019-10-20 07:18 - 999325344 _____ C:\Users\Scott\Downloads\September Reighn RawAttack 1080p.mp4
2019-10-18 05:51 - 2019-10-18 06:10 - 235804827 _____ C:\Users\Scott\Downloads\Kaylani Lei Onlyfan Las Vegas Hotel Hard Sex.mp4
2019-10-17 08:24 - 2019-10-17 10:25 - 1484742287 _____ C:\Users\Scott\Downloads\Lauren Phillips POV Lauren’s Anal Training 1080p.mp4
2019-10-17 06:29 - 2019-09-22 18:46 - 1072490240 _____ C:\Users\Scott\Downloads\Olivia Austin POV ss Actual Reality 1080p.mp4
2019-10-17 06:08 - 2019-10-17 08:18 - 949301882 _____ C:\Users\Scott\Downloads\Linzee Ryder POV Always Be Closing 1080p.mp4
2019-10-16 06:32 - 2019-10-16 06:51 - 1121842225 _____ C:\Users\Scott\Downloads\Adira Allure Rawattack POV 1080p.mp4
2019-10-16 06:14 - 2019-10-16 06:30 - 734295492 _____ C:\Users\Scott\Downloads\Aubrey Black Toughlovex POV 1080p.mp4
2019-10-16 06:11 - 2019-10-16 06:33 - 792098810 _____ C:\Users\Scott\Downloads\Evi Rei Blackvalleygirls POV 720p.mp4
2019-10-16 06:11 - 2019-10-16 06:32 - 758414105 _____ C:\Users\Scott\Downloads\Evi Rei Pornfidelity Ebony Teaserporn 720p.mp4
2019-10-16 06:09 - 2019-10-16 06:30 - 1077825421 _____ C:\Users\Scott\Downloads\Julie Cash Cash Grab 1080p.mp4
2019-10-16 05:51 - 2019-10-16 06:05 - 795406709 _____ C:\Users\Scott\Downloads\Kendra Spade LookatHernow 1080p.mp4
2019-10-16 05:49 - 2019-10-16 06:03 - 704775454 _____ C:\Users\Scott\Downloads\Khloe Kapri VR MSHF 101419 1080p SMALL.mp4
2019-10-16 05:29 - 2019-10-15 16:25 - 1766199594 _____ C:\Users\Scott\Downloads\Karma Rx POV I'll [bleep] Who I Want 1080p.mp4
2019-10-14 07:58 - 2019-10-14 07:59 - 043444059 _____ C:\Users\Scott\Downloads\The Ghost in the Machine.pdf
2019-10-14 07:41 - 2019-10-14 07:41 - 021619722 _____ C:\Users\Scott\Downloads\1910__waite___book_of_black_magic_and_pacts.pdf
2019-10-12 07:44 - 2019-10-12 07:57 - 936775036 _____ C:\Users\Scott\Downloads\LaSirena69 Catch Me If You Cam 1080p.mp4
2019-10-12 05:08 - 2019-10-12 05:33 - 1727265629 _____ C:\Users\Scott\Downloads\Olive Glass Pornfidelity The Artist 1080p.mp4
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-11-07 06:05 - 2018-04-17 13:12 - 000000000 ____D C:\FRST
2019-11-07 05:27 - 2009-07-13 20:34 - 000021904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-11-07 05:27 - 2009-07-13 20:34 - 000021904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-11-07 04:35 - 2014-04-11 05:19 - 000002627 _____ C:\Users\Scott\AppData\Roaming\TinnitusTamerPrefs.dat
2019-11-07 03:31 - 2016-11-16 02:11 - 000000000 ____D C:\Users\Scott\AppData\LocalLow\Mozilla
2019-11-07 03:26 - 2009-07-13 20:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-11-06 13:42 - 2009-07-13 18:37 - 000000000 ____D C:\Windows\inf
2019-11-06 07:14 - 2014-08-13 10:38 - 000000000 ____D C:\Windows\pss
2019-11-06 07:06 - 2018-06-20 17:26 - 000000000 ____D C:\AdwCleaner
2019-11-06 06:51 - 2019-07-03 11:34 - 000173512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-11-03 08:00 - 2018-04-22 04:32 - 000000000 ____D C:\Users\Scott\AppData\Local\CrashDumps
2019-11-03 07:36 - 2010-11-20 13:01 - 000782470 _____ C:\Windows\system32\PerfStringBackup.INI
2019-11-01 07:34 - 2014-04-23 07:09 - 000000000 ____D C:\Users\Scott\AppData\Local\CutePDF Writer
2019-10-29 13:24 - 2009-07-13 20:53 - 000032594 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-10-29 10:50 - 2016-11-06 06:39 - 000000000 ____D C:\Users\Scott\Downloads\Redo Delete
2019-10-24 12:16 - 2016-08-07 12:11 - 000000000 ____D C:\Users\Scott\AppData\Roaming\Anvsoft
2019-10-20 10:00 - 2014-04-09 13:28 - 000000000 ____D C:\Users\Scott\AppData\Roaming\vlc
2019-10-10 08:38 - 2014-10-07 11:44 - 000000000 ____D C:\Users\Scott\Desktop\Post
2019-10-09 05:07 - 2014-04-10 11:55 - 000842296 _____ (Adobe) C:\Windows\system32\FlashPlayerApp.exe
2019-10-09 05:07 - 2014-04-10 11:55 - 000175160 _____ (Adobe) C:\Windows\system32\FlashPlayerCPLApp.cpl
2019-10-09 05:07 - 2014-04-10 11:55 - 000000000 ____D C:\Windows\system32\Macromed
==================== Files in the root of some directories =======
2018-03-05 14:52 - 2018-11-05 04:32 - 000000136 _____ () C:\Users\Scott\AppData\Roaming\downloads.json
2014-04-11 05:19 - 2014-04-11 05:19 - 000000455 _____ () C:\Users\Scott\AppData\Roaming\dsf.dat
2014-04-11 05:19 - 2019-11-07 04:35 - 000002627 _____ () C:\Users\Scott\AppData\Roaming\TinnitusTamerPrefs.dat
2014-05-17 21:53 - 2018-06-20 09:51 - 000007627 _____ () C:\Users\Scott\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2019-10-30 11:17
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 19.04.2018
Ran by Scott (07-11-2019 06:07:54)
Running from J:\Seagate Backup\SCOTT-PC\C\Users\Scott\Documents\NewInfo\My Documents\ScottPersonal\Computer\Computer Fix 052518\FRST-OlderVersion
Microsoft Windows 7 Professional Service Pack 1 (X86) (2014-04-09 18:07:55)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4044866103-2329573634-2605357377-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-4044866103-2329573634-2605357377-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4044866103-2329573634-2605357377-1002 - Limited - Enabled)
Scott (S-1-5-21-4044866103-2329573634-2605357377-1000 - Administrator - Enabled) => C:\Users\Scott
SM (S-1-5-21-4044866103-2329573634-2605357377-1003 - Administrator - Enabled) => C:\Users\SM
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Spybot - Search and Destroy (Disabled - Out of date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
. . . (HKLM\...\{06DA421D-EE23-487D-878F-F0AF97EF69AD}) (Version: 2.6.1.4 - Intel) Hidden
. . . (HKLM\...\{679012E8-DFAC-4484-AD14-D08C6FD7FB4B}) (Version: 2.1.28.3 - Intel) Hidden
4K Video Downloader 4.4 (HKLM\...\{4E97C234-3F6C-4AA9-BFAF-0166F3050A68}) (Version: 4.4.11.2412 - Open Media LLC)
7-Zip 17.01 beta (HKLM\...\7-Zip) (Version: 17.01 beta - Igor Pavlov)
ACT! 2000 (HKU\S-1-5-21-4044866103-2329573634-2605357377-1000\...\ACT! 2000) (Version: - )
ACT! 2000 (HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169\...\ACT! 2000) (Version: - )
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.270 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.270 - Adobe)
Adobe Reader XI (11.0.13) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Advanced Scan to PDF Free 3.9.2 (HKLM\...\Advanced Scan to PDF Free_is1) (Version: - PDFChief Co., Ltd.)
Any Video Converter 6.2.8 (HKLM\...\Any Video Converter) (Version: 6.2.8 - Anvsoft)
Apple Application Support (HKLM\...\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}) (Version: 6.0.0.59 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
CryptoPrevent (HKLM\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version: - Foolish IT LLC)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - Acro Software Inc.)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 2.0.6875.668 - Dell)
Dell SupportAssistAgent (HKLM\...\{8BD286A4-87C7-406B-9257-F8D8E6ACB35F}) (Version: 2.1.4.14 - Dell)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
e-Sword (HKLM\...\{294B365B-32EF-49EE-99B3-A00558DC76E5}) (Version: 10.02.0001 - Rick Meyers)
e-Sword Module Installer version .4 (HKLM\...\{6E442F8C-3EB1-4911-BB65-F3AD73438F52}_is1) (Version: .4 - BibleSupport.com)
EZ-DUB (HKLM\...\{7E30D45E-EEC5-41A6-A613-F3BFB2694ACB}) (Version: 3.0 - Ulead System)
EZ-DUB Finder (HKLM\...\{F33C4D28-899A-4C3C-868B-9169A121528B}) (Version: 1.00.0722 - LiteON) Hidden
EZ-DUB Finder (HKLM\...\InstallShield_{F33C4D28-899A-4C3C-868B-9169A121528B}) (Version: 1.00.0722 - LiteON)
Freemake Video Converter version 4.1.9 (HKLM\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Google Talk Plugin (HKLM\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 21.1 - Intel)
Intel® TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
Intel® Driver Update Utility (HKLM\...\{fe2eebd3-ee15-4538-bb19-b627e3f2a911}) (Version: 2.6.1.4 - Intel)
iTunes (HKLM\...\{0F6F6876-6334-4977-B5DD-CFC12E193420}) (Version: 10.7.0.21 - Apple Inc.)
Java 8 Update 171 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
LiveUpdate (HKLM\...\LiveUpdate) (Version: - )
Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4044866103-2329573634-2605357377-1000\...\OneDriveSetup.exe) (Version: 17.3.5907.0716 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169\...\OneDriveSetup.exe) (Version: 17.3.5907.0716 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x86) ENU (HKLM\...\{FF63121D-91C6-42CC-B341-F1AA729728E7}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x86) ENU (HKLM\...\{D3A80508-CD83-4CA3-8671-914A1BC78B61}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
MKVToolNix 37.0.0 (32-bit) (HKLM\...\MKVToolNix) (Version: 37.0.0 - Moritz Bunkus)
MOBZync (HKLM\...\{417FF61C-66A9-4A76-8AF7-0E3994AC8C31}) (Version: 0.9.2 - MOBZystems)
Movie Maker (HKLM\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 66.0.4 (x86 en-US) (HKLM\...\Mozilla Firefox 66.0.4 (x86 en-US)) (Version: 66.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.4 - Mozilla)
Mozilla Thunderbird 45.7.1 (x86 en-US) (HKLM\...\Mozilla Thunderbird 45.7.1 (x86 en-US)) (Version: 45.7.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Potplayer (HKLM\...\PotPlayer) (Version: - Daum Communications Corp.)
QuickTime (HKLM\...\{EB900AF8-CC61-4E15-871B-98D1EA3E8025}) (Version: 7.67.75.0 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - )
Seagate Manager Installer (HKLM\...\{2A30052B-831C-41D3-8044-3C0388066350}) (Version: 2.01.0600 - Seagate) Hidden
Seagate Manager Installer (HKLM\...\InstallShield_{2A30052B-831C-41D3-8044-3C0388066350}) (Version: 2.01.0600 - Seagate)
SeaTools for Windows 1.4.0.4 (HKLM\...\SeaTools for Windows) (Version: 1.4.0.4 - Seagate Technology)
Skype™ 7.3 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Sophos Virus Removal Tool (HKLM\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.6.1 - Sophos Limited)
Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SyncToy 2.1 (x86) (HKLM\...\{A066194B-DC8F-449A-8E0F-B57BDD3A2072}) (Version: 2.1.0 - Microsoft)
THE NAG HAMMADI LIBRARY.topx version 0 (HKLM\...\{D7F1A6E9-5A60-4573-AFBD-4A047A57635E}_is1) (Version: 0 - BibleSupport.com)
Unchecky v1.2 (HKLM\...\Unchecky) (Version: 1.2 - Reason Software Company Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Movie Maker 2017 (HKLM\...\{3CC29C1A-B5FE-457B-8F22-32A3667A92C7}}_is1) (Version: - windows-movie-maker.org)
WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> "C:\Users\Scott\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateOnDemand.exe" => No File
CustomCLSID: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> "C:\Users\Scott\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateOnDemand.exe" => No File
CustomCLSID: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\Scott\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\Scott\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateOnDemand.exe" => No File
CustomCLSID: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.33.7\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\Scott\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll => No File
CustomCLSID: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll => No File
CustomCLSID: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> "C:\Users\Scott\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateOnDemand.exe" => No File
CustomCLSID: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.33.7\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> "C:\Users\Scott\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateOnDemand.exe" => No File
CustomCLSID: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> "C:\Users\Scott\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateOnDemand.exe" => No File
CustomCLSID: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\Scott\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\Scott\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateOnDemand.exe" => No File
CustomCLSID: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.33.7\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\Scott\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll => No File
CustomCLSID: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll => No File
CustomCLSID: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> "C:\Users\Scott\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateOnDemand.exe" => No File
CustomCLSID: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Scott\AppData\Local\Google\Update\1.3.33.7\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4044866103-2329573634-2605357377-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035214301_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe => No File
CustomCLSID: HKU\S-1-5-21-4044866103-2329573634-2605357377-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035214301_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\SkyDriveShell.dll => No File
CustomCLSID: HKU\S-1-5-21-4044866103-2329573634-2605357377-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035214301_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe => No File
CustomCLSID: HKU\S-1-5-21-4044866103-2329573634-2605357377-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035214301_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\SkyDriveShell.dll => No File
CustomCLSID: HKU\S-1-5-21-4044866103-2329573634-2605357377-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035214301_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\SkyDriveShell.dll => No File
CustomCLSID: HKU\S-1-5-21-4044866103-2329573634-2605357377-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035214301_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\SkyDriveShell.dll => No File
CustomCLSID: HKU\S-1-5-21-4044866103-2329573634-2605357377-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035214301_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\FileSyncApi.dll => No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-08-28] (Igor Pavlov)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files\Spybot - Search & Destroy 2\SDECon32.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-08-28] (Igor Pavlov)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2009-09-23] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-08-28] (Igor Pavlov)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files\Spybot - Search & Destroy 2\SDECon32.dll [2014-06-24] (Safer-Networking Ltd.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01138799-A432-413E-9233-4142970467DA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4044866103-2329573634-2605357377-1000UA => C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe [2016-01-15] (Google Inc.)
Task: {055CA5F0-675D-458E-9819-A757926A19D8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-02-04] (Piriform Software Ltd)
Task: {16FEA387-FAD4-443A-B4E6-FF988F0C4AE6} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {2793D72D-CFC5-444E-9A9B-8F524FA71D11} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {2C2CB54E-0339-42F1-BB54-14553B6D61F0} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {3527F7EE-4B8E-422D-8FEE-5083930043EB} - System32\Tasks\{29D5E377-CE4A-4947-BFE7-6DDD9A5B4E48} => C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
Task: {35910534-5F45-451B-86CF-536B12FEDDC1} - System32\Tasks\{8ED34269-D355-4824-81B4-8E0CA709686C} => C:\Program Files\iTunes\iTunes.exe [2012-09-09] (Apple Inc.)
Task: {3C66B5AA-E80B-4D41-AE1B-A079372C78A8} - System32\Tasks\{8C2A7429-5BBC-4A32-ADA5-FE99F091FC16} => C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
Task: {4AD47043-4D67-4F39-91A9-D2CC29BC3ABA} - System32\Tasks\{E9D04DF9-CB1A-4CD2-812C-5092FD85C825} => C:\Program Files\GoPro\GoPro VR Player 2.0\GoProVRPlayer_win32.exe
Task: {55A8CE47-45C6-42F4-8E60-44DB95A1D460} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2017-09-14] (PC-Doctor, Inc.)
Task: {5656C4ED-3456-4135-BC27-E175548C6CE5} - System32\Tasks\{44D3594B-D2F9-4834-9AC4-F0DB2A6AF30F} => C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
Task: {5E143A35-2398-45E0-AA08-747CFD6B4E72} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {606E7679-296E-47AD-BEDC-561DB8C5C216} - System32\Tasks\{FEB863AF-49C3-4878-8B79-25D08C06B6B4} => C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
Task: {60B245A9-53E6-4893-A5B9-78C94BC324BD} - System32\Tasks\{DCC16085-21A5-4481-BCD9-1750B143EE35} => C:\Program Files\iTunes\iTunes.exe [2012-09-09] (Apple Inc.)
Task: {7768604C-8CBC-4A2B-AED0-A4F2024106D8} - System32\Tasks\{3A1EEAA2-E709-4F63-B471-039AB4F070B6} => C:\Program Files\GoPro\GoPro VR Player 2.0\GoProVRPlayer_win32.exe
Task: {82F944B0-DC1B-4832-8854-D074A94AF0F7} - System32\Tasks\{FF244946-B9B9-40C5-963E-7DDF2E841CBD} => C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
Task: {8C7185EE-DE6D-4769-9993-D38D6083431A} - System32\Tasks\{4F631F87-16B4-4E00-A335-12B11782D7AD} => msiexec.exe /package "C:\Users\Scott\Downloads\MicrosoftFixit50123.msi"
Task: {95C85358-9525-40F4-AA85-56630A07C528} - System32\Tasks\{FFF85220-D9CF-419E-B476-7CD90CAF7426} => msiexec.exe /package "C:\Users\Scott\Downloads\MicrosoftFixit50123.msi"
Task: {9CAD1C03-B916-417B-BE7B-C537DAB00942} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_270_Plugin.exe [2019-10-09] (Adobe)
Task: {A1A327C7-552B-4D71-BF2A-39631CCDB3E3} - System32\Tasks\{B9F54951-8F68-4BAD-A9D5-012EB4EAC459} => C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
Task: {A586C56D-020B-41C3-9864-2D1F53101E1C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4044866103-2329573634-2605357377-1000Core1d3ee31fee3153 => C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe [2016-01-15] (Google Inc.)
Task: {B6B422B1-9A0A-4CFD-9E16-86954AEA5927} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2018-02-14] (Dell Inc.)
Task: {B809CE6A-00DF-4AF7-9DC7-606F924952CA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-10] (Piriform Ltd)
Task: {B860E51A-F298-48AF-B95B-4DB83A4F070A} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Task: {D5341DCE-D5E5-4C44-A1AC-0E0F0EBA53EB} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {D8597A4D-A621-4012-B014-264A1A2A9049} - System32\Tasks\{B68C5D2C-97E0-4176-AE26-74584708E6FD} => C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
Task: {D86561A4-68E3-4867-B905-F0487E4BF858} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2019-10-09] (Adobe)
Task: {E397C2F9-8ADD-4316-A8FB-7B68F3812912} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4044866103-2329573634-2605357377-1000Core => C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe [2016-01-15] (Google Inc.)
Task: {EB4ED08B-2D3E-4E89-A94A-AC5A1C3C6FAB} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {EB9AABAD-A564-4055-AE59-870994CE7889} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
Task: {F43C98AE-5690-4997-B5F8-E545FFF6803E} - System32\Tasks\{50D840F2-A880-4AFE-B759-4D2B2B700A7D} => C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
Task: {F77D9B1B-3B6B-4171-AE23-6E2726E2B81E} - System32\Tasks\{5BF74C34-4AFD-43FA-A983-8364BA8DB453} => C:\Windows\system32\pcalua.exe -a C:\Users\Scott\Downloads\SupportAssistLauncher(1).exe -d C:\Users\Scott\Downloads
Task: {FED05C45-ECF3-4391-909C-0A43E4AD7866} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2017-09-14] (PC-Doctor, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2014-05-14 07:20 - 2013-10-23 13:23 - 000089136 _____ () C:\Windows\System32\cpwmon2k.dll
2012-08-27 20:33 - 2012-08-27 20:33 - 000087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-08-27 20:33 - 2012-08-27 20:33 - 001242512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-12-22 03:39 - 2014-05-13 12:04 - 000109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-12-22 03:39 - 2014-05-13 12:04 - 000416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2016-12-22 03:39 - 2014-05-13 12:04 - 000167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-12-22 03:39 - 2012-08-23 10:38 - 000574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2016-12-22 03:39 - 2012-04-03 17:06 - 000565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2016-06-08 18:04 - 2016-06-08 18:04 - 000117400 _____ () C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
2005-09-13 18:47 - 2005-09-13 18:47 - 000266240 _____ () C:\Program Files\EZ-DUB\EZ-DUB.exe
2019-07-03 11:33 - 2019-05-30 07:56 - 002360664 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2019-07-03 11:33 - 2019-06-21 05:30 - 002239848 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2015-11-11 03:41 - 2015-11-11 03:41 - 000756376 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2016-04-27 17:04 - 2016-04-27 17:04 - 004465664 _____ () C:\Program Files\DAUM\PotPlayer\Module\OpenCodec\OpenCodecUnity.dll
2014-05-28 19:40 - 2014-05-28 19:40 - 009655296 _____ () C:\Program Files\DAUM\PotPlayer\ffcodec.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKLM\...\.scr: CryptoPreventSCR => "C:\Program Files\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.CryptoPreventEXEC" "%1" /S %*
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000\...\download.microsoft.com -> hxxp://download.microsoft.com
IE trusted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000\...\internet -> internet
IE trusted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000\...\mcafee.com -> hxxp://mcafee.com
IE trusted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000\...\mcafee.com -> hxxps://mcafee.com
IE trusted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000\...\update.microsoft.com -> hxxp://update.microsoft.com
IE trusted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000\...\update.microsoft.com -> hxxps://update.microsoft.com
IE trusted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000\...\windowsupdate.microsoft.com -> hxxp://windowsupdate.microsoft.com
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000\...\123simsen.com -> www.123simsen.com
There are 7714 more sites.
IE trusted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169\...\download.microsoft.com -> hxxp://download.microsoft.com
IE trusted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169\...\internet -> internet
IE trusted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169\...\mcafee.com -> hxxp://mcafee.com
IE trusted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169\...\mcafee.com -> hxxps://mcafee.com
IE trusted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169\...\update.microsoft.com -> hxxp://update.microsoft.com
IE trusted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169\...\update.microsoft.com -> hxxps://update.microsoft.com
IE trusted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169\...\windowsupdate.microsoft.com -> hxxp://windowsupdate.microsoft.com
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169\...\123simsen.com -> www.123simsen.com
There are 7714 more sites.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 18:04 - 2019-11-07 03:26 - 000001306 _____ C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 rp.yefeneri2.com
0.0.0.0 os.yefeneri2.com
0.0.0.0 os2.yefeneri2.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4044866103-2329573634-2605357377-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-4044866103-2329573634-2605357377-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035202169\Control Panel\Desktop\\Wallpaper -> C:\Users\Scott\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-4044866103-2329573634-2605357377-1000.new-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035213988\Control Panel\Desktop\\Wallpaper -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-4044866103-2329573634-2605357377-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035214173\Control Panel\Desktop\\Wallpaper -> C:\Users\SM\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-4044866103-2329573634-2605357377-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11072019035214301\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupreg: Google Update => C:\Users\Scott\AppData\Local\Google\Update\1.3.35.342\GoogleUpdateCore.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{2909F608-F53F-4E85-8B60-3CF0C8602B50}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{A93F060F-0771-4EB6-86E8-FC7AC755986D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AC30EE5E-E2BD-413C-B10C-DF680BEFE90F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{21777E3F-4B64-4367-B448-FFA8EA997095}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{48BF5A3C-9E61-4AE4-88EE-D78D625675F6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{9B1850DF-4730-478D-9D13-8278359CF2C0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{692F9A1F-19C8-4F16-8190-FC7FBE5714FB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{0ECEB16C-69BA-425A-8C14-7D03024D715F}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{41943A4A-5F4C-40AF-B76F-8D636F80DC7F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8E528E4E-A129-43AF-9A8E-44541BAA0A5A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AAD116BE-DCE6-4CE8-AF33-4206523429DC}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{E154B2C5-F420-4BA0-88B3-37085D5C462C}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{A1C9EB16-F72A-4D10-8FC0-ADB0A0D83334}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{E814BFAD-499F-4DCF-8264-CFB3E927F226}] => (Allow) LPort=2869
FirewallRules: [{D20238AF-FF53-4DD5-A019-3F56D9D68C0F}] => (Allow) LPort=1900
FirewallRules: [{A950C91D-A62F-4BA1-BB8C-1C9714F08962}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{24EE453D-ED9E-42B7-895F-7251D40059D9}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
06-11-2019 17:58:04 Scheduled Checkpoint
07-11-2019 05:30:33 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/07/2019 06:10:59 AM) (Source: MsiInstaller) (EventID: 11404) (User: Scott-PC)
Description: Product: Google Talk Plugin -- Error 1404. Could not delete key \Software\Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\Control. System error . Verify that you have sufficient access to that key, or contact your support personnel.
Error: (11/07/2019 06:10:54 AM) (Source: MsiInstaller) (EventID: 11404) (User: Scott-PC)
Description: Product: Google Talk Plugin -- Error 1404. Could not delete key \Software\Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\Control. System error . Verify that you have sufficient access to that key, or contact your support personnel.
Error: (11/07/2019 06:10:51 AM) (Source: MsiInstaller) (EventID: 11404) (User: Scott-PC)
Description: Product: Google Talk Plugin -- Error 1404. Could not delete key \Software\Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\Control. System error . Verify that you have sufficient access to that key, or contact your support personnel.
Error: (11/07/2019 06:10:49 AM) (Source: MsiInstaller) (EventID: 11404) (User: Scott-PC)
Description: Product: Google Talk Plugin -- Error 1404. Could not delete key \Software\Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\Control. System error . Verify that you have sufficient access to that key, or contact your support personnel.
Error: (11/07/2019 06:10:45 AM) (Source: MsiInstaller) (EventID: 11404) (User: Scott-PC)
Description: Product: Google Talk Plugin -- Error 1404. Could not delete key \Software\Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\Control. System error . Verify that you have sufficient access to that key, or contact your support personnel.
Error: (11/07/2019 06:10:40 AM) (Source: MsiInstaller) (EventID: 11404) (User: Scott-PC)
Description: Product: Google Talk Plugin -- Error 1404. Could not delete key \Software\Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\Control. System error . Verify that you have sufficient access to that key, or contact your support personnel.
Error: (11/07/2019 06:10:16 AM) (Source: MsiInstaller) (EventID: 11404) (User: Scott-PC)
Description: Product: Google Talk Plugin -- Error 1404. Could not delete key \Software\Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\Control. System error . Verify that you have sufficient access to that key, or contact your support personnel.
Error: (11/07/2019 06:10:14 AM) (Source: MsiInstaller) (EventID: 11404) (User: Scott-PC)
Description: Product: Google Talk Plugin -- Error 1404. Could not delete key \Software\Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\Control. System error . Verify that you have sufficient access to that key, or contact your support personnel.
System errors:
=============
Error: (11/06/2019 07:17:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (11/06/2019 07:17:46 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
Error: (11/06/2019 07:04:06 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
The dependency service or group failed to start.
Error: (11/06/2019 07:03:24 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server:
{000C101C-0000-0000-C000-000000000046}
Error: (11/06/2019 06:52:48 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Dell Data Vault Service API service depends on the Dell Data Vault Collector service which failed to start because of the following error:
The dependency service or group failed to start.
Error: (11/06/2019 06:51:54 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
The dependency service or group failed to start.
Error: (11/06/2019 06:51:54 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
The dependency service or group failed to start.
Error: (11/06/2019 06:51:09 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
The dependency service or group failed to start.
==================== Memory info ===========================
Processor: Intel® Core2 Duo CPU E7400 @ 2.80GHz
Percentage of memory in use: 82%
Total physical RAM: 3061.18 MB
Available physical RAM: 545.49 MB
Total Virtual: 6120.71 MB
Available Virtual: 2716.9 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:81.18 GB) NTFS
Drive j: (Seagate Backup Plus Drive ) (Fixed) (Total:1863.01 GB) (Free:511.19 GB) NTFS
Drive k: (Seagate Backup Plus Drive) (Fixed) (Total:1863.01 GB) (Free:177.65 GB) NTFS
Drive l: (Seagate Backup Plus Drive) (Fixed) (Total:5588.9 GB) (Free:1057.39 GB) NTFS
Drive m: (SCOTT'S NAN) (Removable) (Total:7.34 GB) (Free:0.23 GB) FAT32
\\?\Volume{f29edfd7-c00e-11e3-a285-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 7A055C85)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 5589 GB) (Disk ID: 9A983881)
Partition: GPT.
========================================================
Disk: 6 (Size: 1863 GB) (Disk ID: 8A352DED)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 7.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 8.
==================== End of Addition.txt ============================
Thanks for Your Help