Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

PC Running Slower & Slower


  • Please log in to reply

#1
need2no

need2no

    Member

  • Member
  • PipPip
  • 32 posts

Hi,

 

My PC has been running slower & slower each day. I've noticed this starting about 3 months ago. It's now gotten to the point where it takes more than a minute to open any app, sometimes two. It also takes forever to refresh my emails.

 

I've run Malwarebytes & SUPERAntiSpyware numerous times. I don't feel it has helped any.

 

Any help will be much appreciated.

 

Thanks!

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-11-2021
Ran by Joe (administrator) on JOE (Dell Inc. OptiPlex 9020) (29-11-2021 23:18:13)
Running from C:\Users\jotot_000\Desktop
Loaded Profiles: Joe
Platform: Microsoft Windows 10 Pro Version 21H1 19043.1348 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2>
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 14 Organizer\PhotoshopElementsFileAgent.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Advanced Micro Devices, Inc. -> ) C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(FUJIFILM Corporation.) [File not signed] C:\Program Files (x86)\FUJIFILM\FUJIFILM PC AutoSave\PCAutoSaveSv.exe
(GoPro, Inc. -> ) C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(Intel® pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ecb9604542bb4ba6\RstMwService.exe
(Intuit Inc.) [File not signed] C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
(Intuit, Inc. -> ) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBWebConnector3.0\Intuit.QBDT.Webconnector.Application.exe
(Intuit, Inc. -> ) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBWebConnector3.0\Intuit.QBDT.Webconnector.QBWCMonitor.exe
(Intuit, Inc. -> Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Intuit, Inc. -> Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Memeo Inc. -> Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(Memeo Inc. -> Memeo) C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2110.13603.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.10202.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.10202.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.21102.11411.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <6>
(OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(PDFescape -> Red Software) C:\Program Files\PDFescape Desktop\creator\common\creator-ws.exe
(PDFescape -> Red Software) C:\Program Files\PDFescape Desktop\updater-ws.exe
(PDFescape -> Red Software) C:\Program Files\PDFescape Desktop\ws.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNMON.EXE
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Starfield Technologies, LLC -> Starfield Technologies) C:\Program Files (x86)\Workspace\offSyncService.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Support.com Inc -> SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8538872 2016-01-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1415928 2016-01-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [GoPro Tray App] => C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe [866224 2017-03-16] (GoPro, Inc. -> )
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-11-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [340440 2021-04-16] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [3800328 2018-04-27] (Intuit, Inc. -> Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) [File not signed]
HKLM-x32\...\Run: [Memeo Instant Backup] => C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe [137088 2012-10-11] (Memeo Inc. -> Memeo Inc.)
HKLM-x32\...\Run: [Seagate Dashboard] => C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe [79776 2012-10-15] (Memeo Inc. -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [779448 2021-05-10] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5267168 2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1318024 2020-07-10] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [11224432 2021-08-19] (Support.com Inc -> SUPERAntiSpyware)
HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\Run: [Starfield Updater] => C:\Users\jotot_000\AppData\Local\Workspace\WorkspaceUpdate.exe [35008 2016-01-27] (Starfield Technologies, Inc. -> Starfield Technologies)
HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\Run: [wben] => C:\Users\jotot_000\AppData\Local\Workspace\wben.exe [1078896 2014-10-20] (Starfield Technologies, LLC -> Starfield Technologies, LLC)
HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\Run: [Workspace Status] => C:\Users\jotot_000\AppData\Local\Workspace\workspacestatus.exe [694760 2016-01-27] (Starfield Technologies, Inc. -> Starfield Technologies)
HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50615936 2016-01-18] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [190280 2021-11-17] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5397216 2021-10-05] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\Run: [EPSDNMON] => C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNMON.EXE [346712 2020-07-27] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5397216 2021-10-05] (Adobe Inc. -> Adobe Systems Incorporated)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65160 2021-05-28] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\EPSON WF-3520 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMJJE.DLL [120320 2015-01-19] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.45\Installer\chrmstp.exe [2021-11-15] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk [2018-05-29]
ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit, Inc. -> Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Newsflash.lnk [2015-11-23]
ShortcutTarget: Newsflash.lnk -> C:\Program Files (x86)\Common Files\MySoftware\Newsflsh.exe (Avanquest USA LLC) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2020-12-24]
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit, Inc. -> Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk [2020-12-24]
ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files (x86)\Intuit\QuickBooks 2021\QBW32.EXE (Intuit, Inc. -> Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Set FUJIFILM PC AutoSave to stby.lnk [2016-08-09]
ShortcutTarget: Set FUJIFILM PC AutoSave to stby.lnk -> C:\Program Files (x86)\FUJIFILM\FUJIFILM PC AutoSave\Manager.exe (FUJIFILM Corporation.) [File not signed]
GroupPolicy: Restriction - Chrome <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {029DEE92-B63C-4671-83D6-DB6402D7F115} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {07A5D3DA-E275-4712-B056-3BFED65BCB35} - System32\Tasks\EPSON DS-410 Update => C:\Program Files (x86)\epson\Epson Scan 2\Update\e_dtsksd.exe [690176 2019-03-26] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {0BAC6AF9-45E0-4D81-9E8E-0B3B04E52DE3} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [682936 2021-11-23] (Mozilla Corporation -> Mozilla Foundation)
Task: {198692F1-5D55-44D1-970B-892F0833324C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1A99D41F-1667-4B48-A870-2FF47FDBCEBB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {2D86FBC9-D223-4327-85DC-C8FBC1211656} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Task: {4DA29701-9247-41F8-ACD2-36C79E03467D} - System32\Tasks\QBScheduledReport => C:\Program Files (x86)\Common Files\Intuit\QuickBooks\ScheduledReports\ScheduledReports.Scheduler.exe [382672 2021-10-11] (Intuit, Inc. -> Intuit Inc.)
Task: {53E53AA2-6F49-4F1E-8FB4-B975FBB8B08A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5C9D3DFA-4106-41FE-BB34-DD73630449E9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {6166BE6D-B100-4CFB-98CB-AE5A8772EA84} - System32\Tasks\G2MUploadTask-S-1-5-21-1867227179-3748921823-2400054393-1001 => C:\Users\jotot_000\AppData\Local\GoToMeeting\19932\g2mupload.exe [31176 2021-11-10] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {616F008C-5800-435B-BBAE-CC8BA00CF787} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {64995C7B-7DA0-41EB-BC6C-0CBD7661882E} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {6B9B649C-E29F-4437-B9AC-BBB2FAC772F7} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108888 2021-11-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {816791A3-4811-4BF3-AC62-290C308EFD86} - System32\Tasks\Outlook Express => C:\Program Files (x86)\Outlook Express\tray.exe (No File)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8793A82F-25D2-4FBC-B126-D0A6531552DB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108888 2021-11-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {87F0E834-C773-43BB-B997-9FD2DCCD275D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8E813C2C-EF13-4F4C-9D89-4028532547BB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-02] (Google Inc -> Google Inc.)
Task: {9C84C4B1-BDB5-40D6-B95D-8E80FB9951D3} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1162160 2021-11-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {ABE7D929-CDE7-48A7-B776-2CDA78969139} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [38504 2021-05-11] (HP Inc. -> HP Inc.)
Task: {AF4FE8A2-6250-44C1-A10E-04CC2DD2D6D8} - System32\Tasks\G2MUpdateTask-S-1-5-21-1867227179-3748921823-2400054393-1001 => C:\Users\jotot_000\AppData\Local\GoToMeeting\19932\g2mupdate.exe [31176 2021-11-10] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D28B67D0-BC6C-4708-B40C-D68CC2F099EE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D7D9C867-03F2-4A17-B740-AA81896A713B} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {E0440421-DE51-4D65-9415-5E8C7B17FA9C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {EB482E52-87E2-40EF-80E1-B7AEE77F2F6D} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [38504 2021-05-11] (HP Inc. -> HP Inc.)
Task: {F0A12BC8-E204-4512-8F65-04342B30DB13} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-02] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\EPSON DS-410 Update.job => C:\Program Files (x86)\epson\Epson Scan 2\Update\e_dtsksd.exe/EXE_S:EPSON DS-410,ES0159.DAT /F:UpdateJOE\JoeĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1867227179-3748921823-2400054393-1001.job => C:\Users\jotot_000\AppData\Local\GoToMeeting\19932\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1867227179-3748921823-2400054393-1001.job => C:\Users\jotot_000\AppData\Local\GoToMeeting\19932\g2mupload.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{469b0b08-473a-41ff-a6da-1e3bc03494a9}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{93c88401-f7b1-4dd7-8a17-fa3bcc99a41e}: [DhcpNameServer] 172.20.10.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\jotot_000\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-17]
Edge Extension: (McAfee® WebAdvisor) - C:\Users\jotot_000\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdhgeoginicibhagdmblfikbgbkahibd [2021-10-29]

FireFox:
========
FF DefaultProfile: 9ddwzvzd.default-1598568816359
FF ProfilePath: C:\Users\jotot_000\AppData\Roaming\Mozilla\Firefox\Profiles\tnu8utwl.default-release [2021-11-29]
FF Notifications: Mozilla\Firefox\Profiles\tnu8utwl.default-release -> hxxps://www.smithsonianmag.com; hxxps://www.propertyshark.com; hxxps://mail.google.com
FF Extension: (WBE Paste) - C:\Users\jotot_000\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected] [2016-01-27] [Legacy] [not signed]
FF Extension: (True Key™ by McAfee) - C:\Users\jotot_000\AppData\Roaming\Mozilla\Firefox\Profiles\tnu8utwl.default-release\Extensions\@true-key.xpi [2021-11-19] [UpdateUrl:hxxps://downloads.truekey.com/firefox/update.json]
FF Extension: (Honey) - C:\Users\jotot_000\AppData\Roaming\Mozilla\Firefox\Profiles\tnu8utwl.default-release\Extensions\[email protected] [2021-06-26]
FF Extension: (McAfee® WebAdvisor) - C:\Users\jotot_000\AppData\Roaming\Mozilla\Firefox\Profiles\tnu8utwl.default-release\Extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}.xpi [2021-07-26] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\jotot_000\AppData\Roaming\Mozilla\Firefox\Profiles\tnu8utwl.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-11-26]
FF ProfilePath: C:\Users\jotot_000\AppData\Roaming\Mozilla\Firefox\Profiles\9ddwzvzd.default-1598568816359 [2021-11-29]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25] [Legacy]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-03-05]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-05-10] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @glance.net/GlanceClient -> C:\Program Files (x86)\GlanceGuest\npglance.dll [2018-01-24] (Glance Networks Inc -> Glance Networks, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-05-10] (Adobe Inc. -> Adobe Systems)
FF Plugin HKU\S-1-5-21-1867227179-3748921823-2400054393-1001: @citrixonline.com/appdetectorplugin -> C:\Users\jotot_000\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-10-15] (Citrix Online -> Citrix Online)
FF Plugin HKU\S-1-5-21-1867227179-3748921823-2400054393-1001: @starfield.com/off -> C:\Users\jotot_000\AppData\Roaming\Mozilla\Plugins\npoff.dll [2016-01-27] (Starfield Technologies, LLC ->  Starfield Technologies, LLC.)
FF Plugin HKU\S-1-5-21-1867227179-3748921823-2400054393-1001: @starfield.com/off64 -> C:\Users\jotot_000\AppData\Roaming\Mozilla\Plugins\npoff64.dll [2016-01-27] (Starfield Technologies, LLC ->  Starfield Technologies, LLC.)
FF Plugin HKU\S-1-5-21-1867227179-3748921823-2400054393-1001: @starfield.com/wbe -> C:\Users\jotot_000\AppData\Roaming\Mozilla\Plugins\npwbe.dll [2016-01-27] (Starfield Technologies, Inc. -> Starfield Technology, LLC)
FF Plugin HKU\S-1-5-21-1867227179-3748921823-2400054393-1001: @starfield.com/wbe64 -> C:\Users\jotot_000\AppData\Roaming\Mozilla\Plugins\npwbe64.dll [2016-01-27] (Starfield Technologies, Inc. -> Starfield Technology, LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\jotot_000\AppData\Roaming\mozilla\plugins\npoff.dll [2016-01-27]
FF Plugin ProgramFiles/Appdata: C:\Users\jotot_000\AppData\Roaming\mozilla\plugins\npoff64.dll [2016-01-27]
FF Plugin ProgramFiles/Appdata: C:\Users\jotot_000\AppData\Roaming\mozilla\plugins\npwbe.dll [2016-01-27]
FF Plugin ProgramFiles/Appdata: C:\Users\jotot_000\AppData\Roaming\mozilla\plugins\npwbe64.dll [2016-01-27]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\jotot_000\AppData\Local\Google\Chrome\User Data\Default [2021-11-22]
CHR Notifications: Default -> hxxps://pdfconverterhub.com; hxxps://www.facebook.com; hxxps://zmusic-online.com
CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> duckduckgo.com
CHR DefaultNewTabURL: Default -> hxxps://duckduckgo.com/chrome_newtab
CHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
CHR Extension: (Slides) - C:\Users\jotot_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-31]
CHR Extension: (Docs) - C:\Users\jotot_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-31]
CHR Extension: (Google Drive) - C:\Users\jotot_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-17]
CHR Extension: (DuckDuckGo) - C:\Users\jotot_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2021-11-02]
CHR Extension: (YouTube) - C:\Users\jotot_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-02]
CHR Extension: (Salesforce Inbox) - C:\Users\jotot_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkgdfnjmgamkcpjdljdncfjcegpgcdg [2021-02-21]
CHR Extension: (Google Search) - C:\Users\jotot_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-02]
CHR Extension: (Yahoo Partner) - C:\Users\jotot_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\dofoafnmdocgkdphpkdooahjkhpmakjd [2020-08-27]
CHR Extension: (Adobe Acrobat) - C:\Users\jotot_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-11-17]
CHR Extension: (McAfee® Secure Search) - C:\Users\jotot_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\enppghjcblldgigemljohkgpcompnjgh [2021-05-21]
CHR Extension: (Sheets) - C:\Users\jotot_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-31]
CHR Extension: (Google Docs Offline) - C:\Users\jotot_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-11-02]
CHR Extension: (Glance Networks) - C:\Users\jotot_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gniobnbbehpgbcamkdplghfimhocklgb [2020-11-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\jotot_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-28]
CHR Extension: (Gmail) - C:\Users\jotot_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-17]
CHR HKLM\...\Chrome\Extension: [enppghjcblldgigemljohkgpcompnjgh]
CHR HKLM-x32\...\Chrome\Extension: [dofoafnmdocgkdphpkdooahjkhpmakjd]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [enppghjcblldgigemljohkgpcompnjgh]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2021-01-09] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-11-21] (Advanced Micro Devices, Inc. -> )
R2 AdobeActiveFileMonitor14.0; C:\Program Files\Adobe\Elements 14 Organizer\PhotoshopElementsFileAgent.exe [226016 2015-12-07] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842424 2021-05-10] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3833088 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3603200 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-03-16] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12034464 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [206304 2020-05-19] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 FFPCAutoSave; C:\Program Files (x86)\FUJIFILM\FUJIFILM PC AutoSave\PCAutoSaveSv.exe [94208 2013-02-28] (FUJIFILM Corporation.) [File not signed]
R2 File Backup; C:\Program Files (x86)\Workspace\offSyncService.exe [697472 2014-10-20] (Starfield Technologies, LLC -> Starfield Technologies)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [37808 2017-03-16] (GoPro, Inc. -> )
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-11] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7848632 2021-11-10] (Malwarebytes Inc -> Malwarebytes)
R3 PDFescape Desktop; C:\Program Files\PDFescape Desktop\ws.exe [2440568 2019-01-18] (PDFescape -> Red Software)
R2 PDFescape Desktop Creator; C:\Program Files\PDFescape Desktop\creator\common\creator-ws.exe [715640 2019-01-18] (PDFescape -> Red Software)
R2 PDFescape Desktop Update Service; C:\Program Files\PDFescape Desktop\updater-ws.exe [697208 2019-01-18] (PDFescape -> Red Software)
S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [65536 2015-03-17] (Intuit Inc.) [File not signed]
R2 QBVSS; C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2015-03-17] (Intuit Inc.) [File not signed]
R2 QBWCMonitor; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBWebConnector3.0\Intuit.QBDT.Webconnector.QBWCMonitor.exe [40784 2021-04-08] (Intuit, Inc. -> )
R2 SeagateDashboardService; C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [14752 2012-10-15] (Memeo Inc. -> Memeo)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6103464 2021-11-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10945776 2017-12-15] (TeamViewer GmbH -> TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210352 2021-11-10] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [193448 2021-11-10] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69040 2021-11-10] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-11-10] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [149424 2021-11-10] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2014-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2021-01-09] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2021-01-09] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-11-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-11-02] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-02] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-11-29 23:18 - 2021-11-29 23:22 - 000040256 _____ C:\Users\jotot_000\Desktop\FRST.txt
2021-11-29 23:17 - 2021-11-29 23:17 - 000000000 ____D C:\Users\jotot_000\Desktop\FRST-OlderVersion
2021-11-29 23:16 - 2021-11-29 23:17 - 002311680 _____ (Farbar) C:\Users\jotot_000\Desktop\FRST64.exe
2021-11-29 17:21 - 2021-11-29 17:50 - 001741412 _____ C:\WINDOWS\Minidump\112921-55500-01.dmp
2021-11-25 06:26 - 2021-11-25 06:26 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-11-17 11:42 - 2021-11-29 23:21 - 000000000 ____D C:\FRST
2021-11-17 11:30 - 2021-11-17 11:30 - 002299904 _____ (Farbar) C:\Users\jotot_000\Downloads\FRST64.exe
2021-11-17 10:29 - 2021-11-17 10:29 - 000000052 _____ C:\Users\jotot_000\AppData\Local\xx.ini
2021-11-17 10:29 - 2021-11-17 10:29 - 000000000 ____D C:\Users\jotot_000\AppData\Local\Alpemix
2021-11-17 10:28 - 2021-11-17 10:28 - 001776008 _____ (Teknopars Bilisim) C:\Users\jotot_000\Downloads\Alpemix.exe
2021-11-12 12:43 - 2021-11-12 12:43 - 003559920 _____ C:\Users\jotot_000\Desktop\POLICY 15 Manitou 21.22.pdf
2021-11-12 11:36 - 2021-11-12 11:36 - 000138448 _____ C:\Users\jotot_000\Desktop\WRAS BOR Shelterpoint.pdf
2021-11-12 11:35 - 2021-11-12 11:35 - 000141967 _____ C:\Users\jotot_000\Desktop\C&R BOR ShelterPoint.pdf
2021-11-11 12:13 - 2021-11-11 12:13 - 000662190 _____ C:\Users\jotot_000\Desktop\DMAS Lancer APP Tow Truck.pdf
2021-11-10 12:32 - 2021-11-10 12:32 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-11-10 12:32 - 2021-11-10 12:32 - 000210352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-11-10 12:32 - 2021-11-10 12:32 - 000193448 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-11-10 12:32 - 2021-11-10 12:32 - 000149424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-11-10 12:32 - 2021-11-10 12:32 - 000069040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-11-09 18:05 - 2021-11-09 18:05 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-11-09 18:04 - 2021-11-09 18:04 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-11-09 18:04 - 2021-11-09 18:04 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-11-09 18:03 - 2021-11-09 18:03 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-11-09 17:35 - 2021-11-09 17:35 - 000000000 ___HD C:\$WinREAgent
2021-11-09 00:45 - 2021-11-09 00:45 - 000000000 ____D C:\Users\jotot_000\AppData\Local\SaRALogs
2021-11-09 00:44 - 2021-11-09 00:44 - 000000000 ____D C:\Users\jotot_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Corporation
2021-11-09 00:43 - 2021-11-09 00:47 - 000000000 ____D C:\Users\jotot_000\AppData\Local\Deployment
2021-11-09 00:43 - 2021-11-09 00:43 - 000000000 ____D C:\Users\jotot_000\AppData\Local\Apps\2.0
2021-11-08 16:46 - 2021-11-08 17:57 - 000243282 _____ C:\Users\jotot_000\Desktop\DMAS Tow Truck POLICY 21 - 22.pdf
2021-11-08 16:45 - 2021-11-08 16:45 - 000033749 _____ C:\Users\jotot_000\Desktop\DMAS Vehicle ID Card 21 - 22.pdf
2021-11-08 11:41 - 2021-11-08 11:41 - 000052466 _____ C:\Users\jotot_000\Desktop\S&A - Dealer Plate App 1mil.pdf
2021-11-08 11:40 - 2021-11-08 11:40 - 000245517 _____ C:\Users\jotot_000\Desktop\S&A Cars QUOTE 1mil.pdf
2021-11-05 12:36 - 2021-11-05 12:36 - 000245514 _____ C:\Users\jotot_000\Desktop\S&A Cars QUOTE 100k.pdf
2021-11-05 12:35 - 2021-11-05 12:35 - 000052465 _____ C:\Users\jotot_000\Desktop\S&A - Dealer Plate App 100k.pdf
2021-11-05 10:03 - 2021-11-05 10:03 - 000013954 _____ C:\Users\jotot_000\Desktop\Mercito Refund Invoice.pdf
2021-11-05 10:02 - 2021-11-05 10:02 - 000039860 _____ C:\Users\jotot_000\Desktop\Mercito CANCELLATION NOTICE.pdf
2021-11-04 10:05 - 2021-11-04 10:05 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-11-04 10:05 - 2021-11-04 10:05 - 000000000 ____D C:\Program Files\PCHealthCheck
2021-11-03 14:53 - 2021-11-03 14:53 - 000008279 _____ C:\Users\jotot_000\Desktop\WRAS Lancer Statement.pdf
2021-11-02 12:05 - 2021-11-02 12:05 - 000141552 _____ C:\Users\jotot_000\Desktop\DMAS Tow Truck BOR.pdf
2021-11-02 11:54 - 2021-11-02 11:54 - 000391892 _____ C:\Users\jotot_000\Desktop\DMAS Tow Truck Acord 137.pdf
2021-11-02 11:53 - 2021-11-02 11:53 - 000355222 _____ C:\Users\jotot_000\Desktop\DMAS Tow Truck ACORD 127.pdf
2021-11-02 11:52 - 2021-11-02 11:52 - 001328627 _____ C:\Users\jotot_000\Desktop\DMAS Tow Truck ACORD 125.pdf
2021-11-02 11:46 - 2021-11-02 11:46 - 000000000 ____D C:\Users\jotot_000\Desktop\Guatelinda Titling App
2021-11-01 12:58 - 2021-11-29 17:01 - 000000000 ____D C:\Users\jotot_000\Documents\Outlook Files
2021-11-01 12:14 - 2021-11-01 12:14 - 000001427 _____ C:\Users\jotot_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-11-29 23:13 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-29 22:55 - 2016-02-02 10:58 - 000000000 ____D C:\Program Files (x86)\Google
2021-11-29 22:44 - 2019-02-12 20:20 - 000000000 ____D C:\ProgramData\Mozilla
2021-11-29 22:43 - 2016-11-15 16:34 - 000000000 ____D C:\Users\jotot_000\AppData\LocalLow\Mozilla
2021-11-29 21:51 - 2020-09-05 02:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-11-29 17:52 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-29 17:52 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-11-29 17:50 - 2021-05-20 13:23 - 000000000 ____D C:\WINDOWS\Minidump
2021-11-29 17:50 - 2019-12-07 04:13 - 000000000 ____D C:\WINDOWS\INF
2021-11-29 17:35 - 2020-04-07 14:41 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-11-29 17:29 - 2020-04-07 14:56 - 000000000 ___RD C:\Users\jotot_000\Creative Cloud Files
2021-11-29 17:28 - 2020-09-05 05:59 - 000792922 _____ C:\WINDOWS\system32\perfh00C.dat
2021-11-29 17:28 - 2020-09-05 05:59 - 000150378 _____ C:\WINDOWS\system32\perfc00C.dat
2021-11-29 17:28 - 2020-09-05 02:50 - 001778710 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-29 17:24 - 2021-07-08 10:26 - 000000000 ____D C:\Users\jotot_000\AppData\LocalLow\IGDump
2021-11-29 17:23 - 2017-06-09 23:06 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-11-29 17:21 - 2021-09-25 09:01 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-11-29 17:21 - 2020-09-05 03:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-11-29 17:21 - 2020-09-05 02:28 - 000008192 ___SH C:\DumpStack.log.tmp
2021-11-29 17:21 - 2020-04-09 08:56 - 1516993256 _____ C:\WINDOWS\MEMORY.DMP
2021-11-29 17:21 - 2015-11-30 11:00 - 000000654 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1867227179-3748921823-2400054393-1001.job
2021-11-29 17:21 - 2015-11-30 11:00 - 000000558 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1867227179-3748921823-2400054393-1001.job
2021-11-29 17:21 - 2015-10-14 21:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-11-29 17:00 - 2019-02-01 11:16 - 000000000 ____D C:\Users\jotot_000\AppData\Local\A11E13BE-94F8-4773-855B-43D51C40C866.aplzod
2021-11-25 04:45 - 2020-06-23 18:31 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-23 08:42 - 2021-10-11 11:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-11-23 08:42 - 2020-08-27 18:24 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-11-22 19:42 - 2021-04-29 09:43 - 000002428 _____ C:\Users\jotot_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-22 19:42 - 2020-09-05 03:01 - 000003352 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1867227179-3748921823-2400054393-1001
2021-11-22 16:06 - 2020-12-18 17:01 - 000000000 ____D C:\Users\jotot_000\AppData\Local\CrashDumps
2021-11-19 11:47 - 2018-07-19 16:58 - 000000000 ____D C:\ProgramData\Packages
2021-11-19 10:09 - 2015-10-16 10:42 - 000000000 ____D C:\Program Files\Adobe
2021-11-17 05:39 - 2020-09-05 03:01 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-11-17 05:39 - 2020-09-05 03:01 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-11-15 12:45 - 2016-02-02 10:59 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-11-12 12:10 - 2015-10-15 23:50 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-11-12 12:06 - 2020-07-27 10:52 - 000014679 _____ C:\Users\jotot_000\Desktop\Comission.xlsx
2021-11-12 11:28 - 2021-04-27 09:01 - 000000000 ____D C:\Users\jotot_000\Desktop\Joe 4 Insure BOR
2021-11-11 12:15 - 2018-02-01 14:51 - 000000000 ____D C:\Users\jotot_000\AppData\Local\Packages
2021-11-10 14:45 - 2020-09-05 03:01 - 000003796 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-1867227179-3748921823-2400054393-1001
2021-11-10 14:45 - 2020-09-05 03:01 - 000003700 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-1867227179-3748921823-2400054393-1001
2021-11-10 14:45 - 2017-07-09 10:36 - 000000000 ____D C:\Users\jotot_000\AppData\Local\GoToMeeting
2021-11-10 14:25 - 2015-10-15 15:14 - 000000090 _____ C:\WINDOWS\QBChanUtil_Trigger.ini
2021-11-09 19:24 - 2020-09-05 02:29 - 000514744 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-11-09 19:23 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-11-09 19:22 - 2019-12-07 04:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-11-09 19:22 - 2017-06-09 23:07 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-11-09 19:20 - 2019-12-07 04:54 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-11-09 19:20 - 2019-12-07 04:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-11-09 19:20 - 2019-12-07 04:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-11-09 19:20 - 2019-12-07 04:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-11-09 19:20 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-11-09 19:20 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-11-09 19:20 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-09 19:20 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-11-09 19:20 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-09 19:20 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-11-09 19:20 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-11-09 19:20 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-11-09 19:20 - 2019-12-07 04:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-09 19:20 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\servicing
2021-11-09 18:13 - 2019-12-07 04:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-09 17:29 - 2015-10-15 11:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-11-09 17:24 - 2015-10-15 11:07 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-11-09 09:01 - 2015-10-15 00:29 - 000000000 ___RD C:\Users\jotot_000\OneDrive
2021-11-09 00:35 - 2016-11-15 16:37 - 000000000 ____D C:\Users\jotot_000\Downloads\NetworkRepairTool
2021-11-09 00:34 - 2019-12-05 14:37 - 000000000 ____D C:\Users\jotot_000\Downloads\rempnp
2021-11-09 00:29 - 2016-01-27 11:34 - 000000000 ____D C:\Users\jotot_000\Documents\Workspace Logs
2021-11-08 23:13 - 2018-07-19 13:27 - 000000000 ____D C:\Users\jotot_000\AppData\Local\PlaceholderTileLogoFolder
2021-11-04 12:30 - 2015-10-16 10:42 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-11-03 09:56 - 2021-10-29 13:03 - 000347099 _____ C:\Users\jotot_000\Desktop\Mercito LPR.pdf
2021-11-02 14:38 - 2017-04-03 14:06 - 001807200 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2021-11-02 13:54 - 2015-11-23 11:33 - 000000000 ____D C:\Users\jotot_000\AppData\Local\LogMeIn Rescue Applet
2021-11-02 12:40 - 2018-02-20 17:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-11-02 12:26 - 2020-09-05 02:31 - 000000000 ____D C:\Users\jotot_000

==================== Files in the root of some directories ========

2017-03-06 15:14 - 2017-03-06 15:14 - 000001456 _____ () C:\Users\jotot_000\AppData\Local\Adobe Save for Web 13.0 Prefs
2020-04-07 14:58 - 2020-04-07 14:58 - 000000000 _____ () C:\Users\jotot_000\AppData\Local\oobelibMkey.log
2021-11-17 10:29 - 2021-11-17 10:29 - 000000052 _____ () C:\Users\jotot_000\AppData\Local\xx.ini
2017-01-03 15:25 - 2016-07-14 04:09 - 000010240 _____ () C:\Users\jotot_000\AppData\Local\[email protected]!-50796960-5d90-4787-ab9e-84ae443b2d9f.tmp
2017-01-03 15:25 - 2016-07-14 04:09 - 000009216 _____ () C:\Users\jotot_000\AppData\Local\[email protected]!-335b5983-63e4-49a4-bc2d-4f07790fd948.tmp

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-11-2021
Ran by Joe (29-11-2021 23:24:12)
Running from C:\Users\jotot_000\Desktop
Microsoft Windows 10 Pro Version 21H1 19043.1348 (X64) (2020-09-05 08:02:09)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1867227179-3748921823-2400054393-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1867227179-3748921823-2400054393-503 - Limited - Disabled)
Guest (S-1-5-21-1867227179-3748921823-2400054393-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1867227179-3748921823-2400054393-1005 - Limited - Enabled)
Joe (S-1-5-21-1867227179-3748921823-2400054393-1001 - Administrator - Enabled) => C:\Users\jotot_000
WDAGUtilityAccount (S-1-5-21-1867227179-3748921823-2400054393-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.4.5.550 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version:  - Adobe)
Adobe Photoshop Elements 14 (HKLM-x32\...\{49F8D229-3E0E-4F43-8429-EB8F2583DB19}) (Version: 14.1 - Adobe Systems Incorporated)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{74CC99EB-7DC0-4CB0-847A-F8C2FE39690C}) (Version: 14.5.0.7 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Avanquest update (HKLM-x32\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.09 - Avanquest Software)
BitRecover TIFF Converter Wizard (HKLM-x32\...\BitRecover TIFF Converter Wizard_is1) (Version:  - BitRecover)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Citrix Online Launcher (HKLM-x32\...\{678753E6-E526-4AE5-A144-00240772543A}) (Version: 1.0.393 - Citrix)
Document Capture Pro (HKLM-x32\...\{5476CDBF-2F6C-4384-BCCF-B0AC4E21FEAA}) (Version: 3.00.1400 - Seiko Epson Corporation)
Epson DS-410 User’s Guide version 1.0 (HKLM-x32\...\UsersGuideEpson DS-410 User’s Guide_is1) (Version: 1.0 - Epson America, Inc.)
Epson Event Manager (HKLM-x32\...\{C837E9B0-B92F-4C5A-BE14-C48FF53DD343}) (Version: 3.11.0057 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version:  - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
Epson Scan OCR Component Pro (HKLM-x32\...\{7C3DDC52-B63F-463D-B41E-9D619EF93823}) (Version: 1.0.7 - Seiko Epson Corporation)
EPSON Scan PDF EXtensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.02 - SEIKO EPSON Corp.)
Epson Software Updater (HKLM-x32\...\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}) (Version: 4.6.1 - Seiko Epson Corporation)
EPSON WF-3520 Series Printer Uninstall (HKLM\...\EPSON WF-3520 Series) (Version:  - SEIKO EPSON Corporation)
FUJIFILM PC AutoSave (HKLM-x32\...\{872F1306-0DB6-45EC-832E-2F5D3A56CF99}) (Version: 1.0.0 - FUJIFILM)
GlanceGuest version 4.2.0.38 (HKLM-x32\...\{F5AC5408-CC29-47C0-AD53-1BBBF268B364}_is1) (Version: 4.2.0.38 - Glance Networks, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.45 - Google LLC)
Google Earth Pro (HKLM\...\{9BFB06CD-3925-49E2-BAB7-EA695821CE4C}) (Version: 7.3.4.8248 - Google)
GoPro Studio (HKLM-x32\...\{BE06FF1A-83A0-42F2-913E-6E405393145C}) (Version: 5.12.5383 - GoPro, Inc.) Hidden
GoToMeeting 10.18.0.19932 (HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\GoToMeeting) (Version: 10.18.0.19932 - LogMeIn, Inc.)
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
iTunes (HKLM\...\{653C59E1-B78D-4D82-9259-C14DFD9F6EFC}) (Version: 12.11.3.17 - Apple Inc.)
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Malwarebytes version 4.4.10.144 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.10.144 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.6448.1 - Waves Audio Ltd.) Hidden
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7955 - Memeo Inc.)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.14527.20276 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.34 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 96.0.1054.34 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft Support and Recovery Assistant (HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\0527a644a4ddd31d) (Version: 17.0.7440.13 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 94.0.2 (x64 en-US)) (Version: 94.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 80.0 - Mozilla)
Mozilla Thunderbird (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 91.2.1 (x86 en-US)) (Version: 91.2.1 - Mozilla)
MyLabel Designer Deluxe (HKLM-x32\...\{856CD2A4-9BCE-4ED2-B7F5-A96C960081C1}) (Version: 9.0.0.0 - Avanquest Publishing USA, Inc.)
Newsflash (HKLM-x32\...\{1A722192-4AEA-4911-9F71-EBECEDC970B5}) (Version: 1.0.0.7 - )
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14527.20276 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20276 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Outlook Express 6 (HKLM-x32\...\Outlook Express 6) (Version:  - )
PDFescape Desktop (HKLM-x32\...\PDFescape Desktop) (Version: 3.0.26.634 - RedSoftware)
PDFescape Desktop Asian Fonts Pack (HKLM\...\{9C203993-F3BE-4BFC-A254-CB216829D42A}) (Version: 3.1.16.2121 - Red Software) Hidden
PDFescape Desktop Convert Module (HKLM\...\{824918B9-04A8-443B-B512-081E759C4A55}) (Version: 3.1.16.2121 - Red Software) Hidden
PDFescape Desktop Create Module (HKLM\...\{5797860C-821C-48FA-A7C0-B78B89A841C0}) (Version: 3.1.16.2121 - Red Software) Hidden
PDFescape Desktop Edit Module (HKLM\...\{E4554E04-278B-4A1E-AC60-F2B70D38EB6E}) (Version: 3.1.16.2121 - Red Software) Hidden
PDFescape Desktop Forms Module (HKLM\...\{E8EE3BDD-8FD5-4198-9DBD-93DBAE6AEA84}) (Version: 3.1.16.2121 - Red Software) Hidden
PDFescape Desktop Insert Module (HKLM\...\{AD066E45-9601-433B-AB97-6FD927DE7A5D}) (Version: 3.1.16.2121 - Red Software) Hidden
PDFescape Desktop Review Module (HKLM\...\{0F869EA9-0E13-429B-8BA0-B4ACEA3141F2}) (Version: 3.1.16.2121 - Red Software) Hidden
PDFescape Desktop Secure Module (HKLM\...\{8043C225-A362-485A-A9E9-BFBCF3D1F738}) (Version: 3.1.16.2121 - Red Software) Hidden
PDFescape Desktop View Module (HKLM\...\{50E88EA2-1DF3-4769-9753-B5F8C26FE0CC}) (Version: 3.1.16.2121 - Red Software) Hidden
QBIDPServiceInstall (HKLM-x32\...\{C639494E-FAF1-47FB-9EB3-AA296040F456}) (Version: 1.24.4000 - Intuit, Inc.)
QuickBooks (HKLM-x32\...\{4120AF20-BA58-49D1-8CFA-11F166E73945}) (Version: 29.0.4011.2901 - Intuit Inc.) Hidden
QuickBooks (HKLM-x32\...\{48011BF6-E0BC-4B49-9DCA-C7144EF0C01E}) (Version: 28.0.4010.2806 - Intuit Inc.) Hidden
QuickBooks (HKLM-x32\...\{4D29DF3C-1A3F-42F7-A565-136F3E5EBD59}) (Version: 31.0.4008.3103 - Intuit Inc.) Hidden
QuickBooks Pro 2018 (HKLM-x32\...\{92254DF4-E735-4B1F-9E61-D1EE5FAAC03D}) (Version: 28.0.4006.2806 - Intuit Inc.)
QuickBooks Pro 2019 (HKLM-x32\...\{FD44271B-DAFF-4C50-8E9B-998AA008606A}) (Version: 29.0.4003.2901 - Intuit Inc.)
QuickBooks Pro 2021 (HKLM-x32\...\{F9E2B890-E921-43AF-AB40-B9D8072CD7E4}) (Version: 31.0.4003.3103 - Intuit Inc.)
QuickBooks Runtime Redistributable (HKLM\...\{F2A4F809-2DE6-4D27-888B-4D2BB8DAF20E}) (Version: 1.00.0000 - Intuit Inc.)
QuickBooks Tool Hub (HKLM-x32\...\{5A43047E-1ACD-4F89-99E6-69988300E6AB}) (Version: 1.4.0.0 - Intuit Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Quik (HKLM\...\{DF7EE9CB-0369-44F3-9B91-BF05A2D4891D}) (Version: 0.1.5383 - GoPro, Inc.) Hidden
Quik (HKLM-x32\...\{b15a4fb5-7637-45ca-b230-33d94af786a7}) (Version: 2.3.0.5383 - GoPro, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6086 - Realtek Semiconductor Corp.)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Seagate Dashboard (HKLM-x32\...\{C3A11907-930D-41AC-A135-CC3B12F92011}) (Version: 1.1.0.1554 - Memeo Inc.)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.109 - Skype Technologies S.A.)
SpywareBlaster 6.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 6.0.0 - BrightFort LLC)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 10.0.1230 - SUPERAntiSpyware.com)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.0.6447 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
VC12X64Redist (HKLM\...\{B573CC21-AE24-4BC5-9B0B-15CF29A3F982}) (Version: 1.00.0000 - Intuit Inc.)
VC12X86Redist (HKLM-x32\...\{EA9886ED-21F8-4867-A049-CE6817291EE6}) (Version: 1.00.0000 - Intuit Inc.)
VFW_Codec32 (HKLM-x32\...\{ECDB3455-70F4-4EE6-B89E-3B4C5E9FF592}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden
VFW_Codec64 (HKLM\...\{AE4073DE-7596-4E3B-9DE3-18BE2C3EFAA6}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden
Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Workspace Desktop (HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\workspacedesktop) (Version:  - Starfield Technologies)
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version:  - Yahoo Inc.)
Zoom (HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\ZoomUMX) (Version: 5.6.1 (617) - Zoom Video Communications, Inc.)

Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-04-07] (Adobe Systems Incorporated)
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2020-07-10] (Adobe Systems Incorporated)
Age of Empires: Definitive Edition -> C:\Program Files\WindowsApps\Microsoft.MSDallas_1.3.27374.2_x64__8wekyb3d8bbwe [2019-08-20] (Microsoft Studios)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_132.4.265.0_x64__v10z8vjag6ke6 [2021-11-29] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-27] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-27] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-10-30] (Microsoft Studios) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2016-01-29] (Microsoft Corporation) [MS Ad]
Passbook Converter -> C:\Program Files\WindowsApps\60967wertzui.PassbookConverter_3.0.0.0_x64__fj0k61qv743vg [2018-07-19] (wertzui)
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-13] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-01] (Microsoft Corporation)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-08-04] (Adobe Systems Incorporated)
Total PC Cleaner - Free Disk Space Clean Up, Optimize Memory & Windows System -> C:\Program Files\WindowsApps\64404Softuna.TotalDiskCleaner_2.1.5.0_x64__r1b4jsc7ddp3p [2021-11-08] (Total PC Cleaner)
Unpacker -> C:\Program Files\WindowsApps\AFF540DC.Unpacker_1.1.14.24_x64__v7353qx4kg3sa [2016-01-29] (Jujuba Software) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1867227179-3748921823-2400054393-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-1867227179-3748921823-2400054393-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-53889B4FA3EA} -> [Creative Cloud Files] => C:\Users\jotot_000\Creative Cloud Files [2020-04-07 14:56]
CustomCLSID: HKU\S-1-5-21-1867227179-3748921823-2400054393-1001_Classes\CLSID\{1BFB1268-6353-495A-AB78-97BF7CAB4D59}\InprocServer32 -> C:\Users\jotot_000\AppData\Local\Workspace\gdeditwrapperax64.dll (Starfield Technologies, LLC -> Starfield Technologies)
CustomCLSID: HKU\S-1-5-21-1867227179-3748921823-2400054393-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-1867227179-3748921823-2400054393-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\jotot_000\AppData\Local\Citrix\GoToMeeting\4007\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-1867227179-3748921823-2400054393-1001_Classes\CLSID\{B5B8593C-89BC-44a7-BCE3-32FE4FED7C5C}\InprocServer32 -> C:\Users\jotot_000\AppData\Local\Workspace\wbetoolsax64.dll (Starfield Technologies, Inc. -> Starfield Technology, LLC)
CustomCLSID: HKU\S-1-5-21-1867227179-3748921823-2400054393-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [off0] -> {8E33AEC3-C5F2-43C4-B048-9E3EB19B1DD5} => C:\Program Files (x86)\Workspace\offsyncext64.dll [2016-01-27] (Starfield Technologies, Inc. -> Starfield Technologies, LLC)
ShellIconOverlayIdentifiers: [off1] -> {8E33AEC4-C5F2-43C4-B048-9E3EB19B1DD5} => C:\Program Files (x86)\Workspace\offsyncext64.dll [2016-01-27] (Starfield Technologies, Inc. -> Starfield Technologies, LLC)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-09-09] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [PDFescapeDesktop_ManagerExt] -> {D3C28D54-72B8-4B8D-B204-157EFA9BF3E7} => C:\Program Files\PDFescape Desktop\context-menu.dll [2019-01-18] (PDFescape -> Red Software)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-11-21] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-09-15] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-09-09] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.CFHD] => C:\WINDOWS\system32\CFHD.dll [1334784 2017-03-16] (CineForm Inc.) [File not signed]
HKLM\...\Drivers32: [VIDC.CFHD] => C:\Windows\SysWOW64\CFHD.dll [1119744 2017-03-16] (CineForm Inc.) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2013-02-28 18:14 - 2013-02-28 18:14 - 000188416 _____ () [File not signed] [File is in use] C:\Program Files (x86)\FUJIFILM\FUJIFILM PC AutoSave\FFWB.dll
2013-02-28 18:14 - 2013-02-28 18:14 - 000118784 _____ () [File not signed] C:\Program Files (x86)\FUJIFILM\FUJIFILM PC AutoSave\libFFIR.dll
2013-02-28 18:14 - 2013-02-28 18:14 - 000135168 _____ () [File not signed] C:\Program Files (x86)\FUJIFILM\FUJIFILM PC AutoSave\libFTLPTPIP.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2006-01-18 15:06 - 2006-01-18 15:06 - 001017856 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\dbghelp.dll
2020-07-10 11:23 - 2020-07-10 11:23 - 000132096 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll
2020-05-26 19:20 - 2020-05-26 19:20 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll
2018-03-30 18:48 - 2018-03-30 18:48 - 000428032 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Program Files\PDFescape Desktop\libcurl.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [136]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKLM -> DefaultScope {1A95DC8F-4A6D-4938-B715-50B59B516306} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {1A95DC8F-4A6D-4938-B715-50B59B516306} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=DCJB
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKU\S-1-5-21-1867227179-3748921823-2400054393-1001 -> DefaultScope {1A95DC8F-4A6D-4938-B715-50B59B516306} URL =
SearchScopes: HKU\S-1-5-21-1867227179-3748921823-2400054393-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
SearchScopes: HKU\S-1-5-21-1867227179-3748921823-2400054393-1001 -> {1A95DC8F-4A6D-4938-B715-50B59B516306} URL =
SearchScopes: HKU\S-1-5-21-1867227179-3748921823-2400054393-1001 -> {37B9F5B8-4AB3-412B-9850-CF242FA4831D} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: PDFescape Desktop Helper -> {9AF15867-1D90-423B-9853-E99761714165} -> C:\Program Files\PDFescape Desktop\creator\plugins\IEAddin\creator-ie-helper.dll [2019-01-18] (PDFescape -> Red Software)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-01-15] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: PDFescape Desktop Helper -> {9AF15867-1D90-423B-9853-E99761714165} -> C:\Program Files (x86)\PDFescape Desktop\creator\plugins\IEAddin\creator-ie-helper.dll [2019-01-18] (PDFescape -> Red Software)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-15] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - PDFescape Desktop Toolbar - {A6D4ADF0-4C82-4712-B9B8-69EE9CF06462} - C:\Program Files\PDFescape Desktop\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-01-18] (PDFescape -> Red Software)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - PDFescape Desktop Toolbar - {A6D4ADF0-4C82-4712-B9B8-69EE9CF06462} - C:\Program Files (x86)\PDFescape Desktop\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-01-18] (PDFescape -> Red Software)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler-x32: intu-help-qb11 - {5AFDE6E8-AD0F-450B-818F-21D1CDC2E3EE} - C:\Program Files (x86)\Intuit\QuickBooks 2018\HelpAsyncPluggableProtocol.dll [2018-12-03] (Intuit, Inc. -> Intuit, Inc.)
Handler-x32: intu-help-qb12 - {665F2BD4-8216-400B-9706-865D2B771E27} - C:\Program Files (x86)\Intuit\QuickBooks 2019\HelpAsyncPluggableProtocol.dll [2019-11-27] (Intuit, Inc. -> Intuit, Inc.)
Handler: intu-help-qb13 - {75EC4BB0-9AC5-4AF7-A9CE-38A34557E27C} -  No File
Handler-x32: intu-help-qb14 - {C854407F-AA78-4036-A9C1-54EBA9BD3608} - C:\Program Files (x86)\Intuit\QuickBooks 2021\HelpAsyncPluggableProtocol.dll [2021-10-11] (Intuit, Inc. -> Intuit, Inc.)
Handler: intu-help-qb8 - {CD17C364-2EC8-4929-91A9-C4839A20E909} -  No File
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\SysWOW64\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\1001movie.com -> 1001movie.com

There are 6091 more sites.


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2021-05-21 14:19 - 000334861 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
0.0.0.0 fr.a2dfp.net
0.0.0.0 mfr.a2dfp.net
0.0.0.0 ad.a8.net
0.0.0.0 asy.a8ww.net
0.0.0.0 static.a-ads.com
0.0.0.0 abcstats.com
0.0.0.0 track.acclaimnetwork.com
0.0.0.0 csh.actiondesk.com
0.0.0.0 ads.activepower.net
0.0.0.0 app.activetrail.com
0.0.0.0 ad2games.com
0.0.0.0 adadvisor.net
0.0.0.0 www.adchimp.com
0.0.0.0 pixel.adcrowd.com
0.0.0.0 ct1.addthis.com
0.0.0.0 static.uk.addynamo.com
0.0.0.0 adexc.net
0.0.0.0 static.adfclick1.com
0.0.0.0 server.adformdsp.net
0.0.0.0 s.adframesrc.com
0.0.0.0 media.adfrontiers.com
0.0.0.0 www.adgitize.com
0.0.0.0 www.ad-groups.com #[Ban Man Pro Banner Code]
0.0.0.0 adgrx.com
0.0.0.0 adhall.com
0.0.0.0 adhitzads.com
0.0.0.0 aj.adjungle.com
0.0.0.0 adserver-e7.com
0.0.0.0 n.admagnet.net

There are 8702 more lines.


==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Common Files\Intuit\QBPOSSDKRuntime;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\jotot_000\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "Set FUJIFILM PC AutoSave to stby.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Newsflash.lnk"
HKLM\...\StartupApproved\Run: => "GoPro Tray App"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "Memeo Instant Backup"
HKLM\...\StartupApproved\Run32: => "Seagate Dashboard"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\StartupApproved\Run: => "Workspace Status"
HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\StartupApproved\Run: => "Starfield Updater"
HKU\S-1-5-21-1867227179-3748921823-2400054393-1001\...\StartupApproved\Run: => "wben"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{FF2D9E81-6FBE-4D1D-80D2-2D32D2474550}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B8BA946F-60B4-4D31-A268-F5DD75524510}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{74573347-C908-40D5-B900-0BD343885DEC}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe (GoPro, Inc. -> )
FirewallRules: [{AB23CF5D-A715-4370-8C6A-80905AD5AB2A}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe (GoPro, Inc. -> )
FirewallRules: [{3B568426-690B-4464-AD48-2487343015F7}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe (GoPro, Inc. -> )
FirewallRules: [{4DFC08BB-1163-4458-95CF-CA5D81E31CF3}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoPro Quik.exe (GoPro, Inc. -> )
FirewallRules: [{78DFE748-E16E-4351-A2EC-3C7D1F398230}] => (Allow) LPort=54925
FirewallRules: [{C0FBF500-0685-4BAF-A8F5-D7736F375DE9}] => (Allow) C:\Program Files (x86)\Brother\Brmfl12d\FAXRX.exe => No File
FirewallRules: [{16D5E111-6413-4D4D-9625-81D1F6E0077D}] => (Allow) C:\Program Files (x86)\Brother\Brmfl12d\FAXRX.exe => No File
FirewallRules: [{548B3138-D2B7-420E-8910-100BBCB11CD2}] => (Allow) C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe (Axentra Corporation) [File not signed]
FirewallRules: [UDP Query User{CE125F92-7108-4CFD-B605-6B054E29BCDA}C:\users\jotot_000\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\jotot_000\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe (LogMeIn, Inc. -> LogMeIn, Inc.)
FirewallRules: [TCP Query User{11BD614B-D286-4893-B2BB-B92A4F4A01B1}C:\users\jotot_000\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\jotot_000\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe (LogMeIn, Inc. -> LogMeIn, Inc.)
FirewallRules: [{9E9DB471-C4F7-4B1B-9E33-D10CEE9D30BB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{22E4CEA1-8D68-46AB-BFFC-9F88270567F9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{1B44FE03-4E15-43A5-AF74-CBFA6A60F585}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D54D2481-6900-4753-9B8D-1913455141FC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{15BFB4BB-0E45-4D6B-B486-2A9B644BCAD5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{117E393E-7828-4683-93C4-9ED39F522740}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5F7D9FF8-012D-48CE-87DC-3DEF8094DE16}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{576D3DFF-216F-4D49-B67E-42FF2AB5143D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{F0640770-A0F9-403D-A5DD-37623F4DC05B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{0BCFAA23-1A5D-4CE9-8CF0-2C6137A16313}C:\users\jotot_000\appdata\local\temp\joidae9.tmp\join.me.exe] => (Allow) C:\users\jotot_000\appdata\local\temp\joidae9.tmp\join.me.exe => No File
FirewallRules: [UDP Query User{40BE9436-207C-4E44-8914-F19AA2E6D967}C:\users\jotot_000\appdata\local\temp\joidae9.tmp\join.me.exe] => (Allow) C:\users\jotot_000\appdata\local\temp\joidae9.tmp\join.me.exe => No File
FirewallRules: [{839672FE-FF0D-4BA6-B1CC-7826AD29D75F}] => (Allow) C:\Program Files (x86)\FUJIFILM\FUJIFILM PC AutoSave\PairingWizard.exe (FUJIFILM Corporation.) [File not signed]
FirewallRules: [{E5929727-7809-4324-A237-0FE101D81D93}] => (Allow) C:\Program Files (x86)\FUJIFILM\FUJIFILM PC AutoSave\PairingWizard.exe (FUJIFILM Corporation.) [File not signed]
FirewallRules: [{39B58CAF-3780-43B3-9610-1823198930DA}] => (Allow) C:\Program Files (x86)\FUJIFILM\FUJIFILM PC AutoSave\PCAutoSaveSv.exe (FUJIFILM Corporation.) [File not signed]
FirewallRules: [{4060716F-90F7-4835-BD7E-FAA1FD8F5870}] => (Allow) C:\Program Files (x86)\FUJIFILM\FUJIFILM PC AutoSave\PCAutoSaveSv.exe (FUJIFILM Corporation.) [File not signed]
FirewallRules: [{4D35C7C8-CD43-4215-9782-21C8DD94901B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{BD34B93C-3052-4BA1-987C-2B6893993409}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{2AB3B57E-00EE-4417-A442-C60A5272A580}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{6624C76C-77A6-43FD-A285-1F7D52E4C196}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{3416BE92-DD60-4E05-90C3-6E533D224042}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{21734E20-4A6D-4E73-A54B-BF6EF2289138}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{76482A60-BA93-4E05-9F43-154F2E4565B3}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{FC6A7572-476E-43C2-84C0-BF250A23C3F0}] => (Allow) C:\Users\jotot_000\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{71C7F2AA-6180-4445-9D1E-4B607E5BC6ED}] => (Allow) C:\Users\jotot_000\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{8402EBE1-A551-432B-9C60-1F4DA8914E59}] => (Allow) C:\Users\jotot_000\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{EB9C6D8A-9077-46BD-9CCD-D0A1822DEED2}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1B4E26B3-F0EB-4180-91CB-E3B42DA575D7}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks 2021\CefSharp.BrowserSubprocess.exe (The CefSharp Authors) [File not signed]
FirewallRules: [{A588D94F-2ECB-4BB2-ADE7-BD0AEE41A2AD}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks 2021\CefSharp.BrowserSubprocess.exe (The CefSharp Authors) [File not signed]
FirewallRules: [{CCBE6C51-B7FC-46EA-ACE8-1D08BA41E354}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2EA24E3C-8F0D-44DC-86E3-7AB3470673B7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B8364911-3721-496D-B1EC-432010236354}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DC0727F7-0FBE-4869-B453-A119707491A2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2E55042D-F15B-418B-808A-D2936518CA28}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{78887D19-6446-4EC4-9C01-936070B0FF73}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks 2021\CefSharp.BrowserSubprocess.exe (The CefSharp Authors) [File not signed]
FirewallRules: [{D9110405-8724-4D8F-990C-1A05ADBF82FA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{95F86449-3393-4CA1-8B3C-0A0251FD7533}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.34\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

27-11-2021 03:05:22 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/29/2021 09:52:41 PM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed

Error: (11/29/2021 05:12:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31547

Error: (11/29/2021 05:12:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 31547

Error: (11/29/2021 05:12:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/29/2021 05:12:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15797

Error: (11/29/2021 05:12:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15797

Error: (11/29/2021 05:12:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/28/2021 09:17:02 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on (C:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)


System errors:
=============
Error: (11/29/2021 10:41:00 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.

Error: (11/29/2021 10:41:00 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.

Error: (11/29/2021 10:17:00 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.

Error: (11/29/2021 10:17:00 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.

Error: (11/29/2021 10:07:46 PM) (Source: DCOM) (EventID: 10005) (User: JOE)
Description: DCOM got error "1053" attempting to start the service camsvc with arguments "Unavailable" in order to run the server:
Windows.Internal.CapabilityAccess.CapabilityAccess

Error: (11/29/2021 10:07:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Capability Access Manager Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (11/29/2021 10:07:46 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Capability Access Manager Service service to connect.

Error: (11/29/2021 10:05:00 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.


Windows Defender:
================
Date: 2021-11-29 13:24:25
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-11-28 13:16:56
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-11-27 13:20:14
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-11-26 13:03:25
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-11-24 13:39:22
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===============
Date: 2021-10-01 10:54:16
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2021-09-11 04:35:01
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

BIOS: Dell Inc. A07 04/25/2014
Motherboard: Dell Inc. 06X1TJ
Processor: Intel® Core™ i7-4790 CPU @ 3.60GHz
Percentage of memory in use: 67%
Total physical RAM: 8100.18 MB
Available physical RAM: 2653.46 MB
Total Virtual: 13732.18 MB
Available Virtual: 6466.07 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:919.74 GB) (Free:606.28 GB) NTFS

\\?\Volume{885190b7-72f6-11e5-824c-806e6f6e6963}\ () (Fixed) (Total:11.73 GB) (Free:10.97 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: A71DED74)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=11.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=919.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================


  • 0

Advertisements







Similar Topics

5 user(s) are reading this topic

1 members, 4 guests, 0 anonymous users


    DR M

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP