Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-02-2022 Ran by Drew (12-02-2022 11:51:22) Running from C:\Users\Drew Owens\Downloads Windows 10 Home Version 21H1 19043.1526 (X64) (2020-08-02 16:03:25) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= (If an entry is included in the fixlist, it will be removed.) Administrator (S-1-5-21-3404635299-2440590617-3582906486-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3404635299-2440590617-3582906486-503 - Limited - Disabled) Drew (S-1-5-21-3404635299-2440590617-3582906486-1001 - Administrator - Enabled) => C:\Users\Drew Owens drew_jh6knsh (S-1-5-21-3404635299-2440590617-3582906486-1015 - Limited - Disabled) drew_med8q5g (S-1-5-21-3404635299-2440590617-3582906486-1014 - Limited - Disabled) Guest (S-1-5-21-3404635299-2440590617-3582906486-501 - Limited - Disabled) QBDataServiceUser26 (S-1-5-21-3404635299-2440590617-3582906486-1011 - Limited - Enabled) => C:\Users\QBDataServiceUser26.Meridian30.001 WDAGUtilityAccount (S-1-5-21-3404635299-2440590617-3582906486-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden 64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 21.011.20039 - Adobe Systems Incorporated) Adobe Acrobat XI Pro (HKLM-x32\...\{23D3F585-AE29-4670-8E3E-64A0EFB29240}) (Version: 11.0 - Adobe Systems Incorporated) Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.23 - Adobe Systems) Adobe After Effects 2021 (HKLM-x32\...\AEFT_18_2_1) (Version: 18.2.1 - Adobe Inc.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated) Adobe Audition 2021 (HKLM-x32\...\AUDT_14_2) (Version: 14.2 - Adobe Inc.) Adobe Audition CC 2014 (HKLM-x32\...\{F3388E10-EFA9-4A80-B28E-2E647F8D00C4}) (Version: 7.2.0 - Adobe Systems Incorporated) Adobe Bridge 2021 (HKLM-x32\...\KBRG_11_1) (Version: 11.1 - Adobe Inc.) Adobe Captivate 9 (64 Bit) (HKLM-x32\...\{BF58ED42-4121-11E5-889B-DA4C38A5DEE9}) (Version: 9.0.2.1 - Adobe Systems Incorporated) Adobe Captivate Quiz Results Analyzer (HKLM-x32\...\QuizResultsAnalyzer9) (Version: 9 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.6.5.58 - Adobe Inc.) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.270 - Adobe) Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.223 - Adobe) Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.6.0.52 - Adobe Inc.) Adobe Illustrator 2021 (HKLM-x32\...\ILST_25_3_1) (Version: 25.3.1 - Adobe Inc.) Adobe InDesign 2021 (HKLM-x32\...\IDSN_16_2_1) (Version: 16.2.1 - Adobe Inc.) Adobe Media Encoder 2021 (HKLM-x32\...\AME_15_2) (Version: 15.2 - Adobe Inc.) Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_4_2) (Version: 22.4.2.242 - Adobe Inc.) Adobe Photoshop Lightroom 5.7.1 64-bit (HKLM\...\{BC86B82C-8C0E-4408-9AC1-6B0F2D636963}) (Version: 5.7.1 - Adobe Systems Incorporated) Adobe Premiere Pro 2021 (HKLM-x32\...\PPRO_15_2) (Version: 15.2 - Adobe Inc.) Adobe Reader XI (11.0.23) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.) Adobe SpeedGrade CC 2014 (HKLM-x32\...\{8EFF28F0-9DFD-4208-9E04-4D49A4812CF3}) (Version: 8.2.0 - Adobe Systems Incorporated) Adobe Touch App Plugins (HKLM-x32\...\{1EC083EE-5B76-4A2A-B95A-CAF460AA29D6}) (Version: 1.0 - Adobe Systems Incorporated) Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated) AirDroid 3.4.1.0 (HKLM-x32\...\AirDroid) (Version: 3.4.1.0 - Sand Studio) Amazon Photos (HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\Amazon Photos) (Version: 7.19.0 - Amazon.com, Inc.) Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) balenaEtcher 1.5.122 (HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.5.122 - Balena Inc.) bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Brother MFL-Pro Suite MFC-J4420DW (HKLM-x32\...\{7FC49664-DAA4-4E7C-ADD0-614ABB43691B}) (Version: 1.0.5.0 - Brother Industries, Ltd.) Brother MFL-Pro Suite MFC-J450DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.4.0 - Brother Industries, Ltd.) Canon MF731C/733C (HKLM\...\{28DD6D0E-A759-4A32-B9A8-0BC6EAB372A8}) (Version: 5.4.0.1 - CANON INC.) Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.13.50.1 - Canon Inc.) Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.1.1 - Canon Inc.) Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.13.30.0 - Canon Inc.) Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.5.2.8 - Canon Inc.) Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.) Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.13.30.0 - Canon Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform) Chief Architect Premier X9 (64 bit) (HKLM\...\{515DBD3B-DA11-4956-AB1B-AC94693BE5A3}) (Version: 19.3.1.0 - Chief Architect) Cisco Webex Meetings (HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\ActiveTouchMeetingClient) (Version: 40.2.4 - Cisco Webex LLC) Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Coolmuster Android Assistant (HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\Coolmuster Android Assistant) (Version: 1.9.165 - Coolmuster) Craftsman Software Update (HKLM-x32\...\{ED9686AC-D463-4511-8A1E-C5811B410B2D}) (Version: 3.04.0000 - Craftsman Book Company) Cura 15.04.6 (HKLM-x32\...\Cura_15.04.6) (Version: - ) CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.9.4928 - CyberLink Corp.) CyberLink MediaEspresso 6.7 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.7.4.6127 - CyberLink Corp.) Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.) CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.6.5104 - CyberLink Corp.) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.9.5009 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.6.3912 - CyberLink Corp.) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.6.5011 - CyberLink Corp.) Dealer CAR Peterbilt (HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\223ea87920a1aa13) (Version: 2017.1.19.2 - PACCAR) DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden Dragon Assistant 3 (HKLM-x32\...\{4693847A-7139-4CF4-B274-916C046C9E50}) (Version: 3.0.232 - Nuance Communications Inc.) Dragon Assistant 3 Language Data Pack en_US (HKLM-x32\...\{532A5345-1A42-4C55-B56E-CE753D0BAA02}) (Version: 3.0.232 - Nuance Communications Inc.) Easy Rafters (HKLM-x32\...\{2E8C5BD7-5308-43DF-A319-42F19BAA4364}) (Version: 4.0.0 - Attention to Detail) Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company) Evernote v. 5.8.13 (HKLM-x32\...\{A229420E-204B-11E5-B844-0050569584E9}) (Version: 5.8.13.8152 - Evernote Corp.) FastStone Photo Resizer 3.4 (HKLM-x32\...\FastStone Photo Resizer) (Version: 3.4 - FastStone Soft.) FileZilla Client 3.26.1 (HKLM-x32\...\FileZilla Client) (Version: 3.26.1 - Tim Kosse) GDR 4042 for SQL Server 2008 R2 (KB3045313) (HKLM-x32\...\KB3045313) (Version: 10.52.4042.0 - Microsoft Corporation) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 98.0.4758.82 - Google LLC) Google Drive plug-in 1.8.8.0 (HKLM-x32\...\{5BB1E962-4AF5-4DA0-A6A0-5462D0F6F18E}) (Version: 1.8.8.0 - Google Inc) Google Earth Pro (HKLM\...\{9BFB06CD-3925-49E2-BAB7-EA695821CE4C}) (Version: 7.3.4.8248 - Google) Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.) Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.) GoToMeeting 10.18.0.19932 (HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\GoToMeeting) (Version: 10.18.0.19932 - LogMeIn, Inc.) Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP Control Zone (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated) HP CoolSense (HKLM-x32\...\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}) (Version: 2.20.41 - Hewlett-Packard Company) HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Documentation (HKLM-x32\...\{ADD75863-9A69-4C44-9B43-11AE2B12BE51}) (Version: 1.1.0.0 - Hewlett-Packard) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife) HP Photosmart C309a All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{F089B734-1356-484F-A7B8-1B78F1616A15}) (Version: 14.0 - HP) HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7493.4758 - Hewlett-Packard) HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.39 - Hewlett-Packard) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.8.34.31 - Hewlett-Packard Company) HP Support Solutions Framework (HKLM-x32\...\{EBD077C6-0032-4309-AA04-C67836D717DA}) (Version: 12.18.34.21 - HP Inc.) HP System Event Utility (HKLM-x32\...\{3EDAF5B5-0CA9-4967-B103-FBFF1162C336}) (Version: 1.2.10 - Hewlett-Packard Company) HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HP Utility Center (HKLM\...\{DCD5C599-5CCC-4E37-8938-FBB548D780C6}) (Version: 2.5.3 - Hewlett-Packard Company) HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company) HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden iBackup Extractor (HKLM\...\{5A0157D5-74FB-45F0-AD09-1F22B0941FC5}) (Version: 2.20 - Wide Angle Software) Image Resizer for Windows (64 bit) (HKLM\...\{617CA6E9-D5FB-4017-8130-82E68C56C34D}) (Version: 3.0.4802.35565 - Brice Lambson) Hidden Image Resizer for Windows (HKLM-x32\...\{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson) Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.01.39 - Softex Inc.) Hidden Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.39 - Softex Inc.) Hidden Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation) Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.9.1000 - Intel Corporation) Intel(R) Smart Connect Technology (HKLM\...\{51AC86D3-C431-48AD-9195-0D6C930D07CD}) (Version: 4.2.41.2710 - Intel Corporation) Intel(R) Technology Access (HKLM-x32\...\{810dff4d-564d-47da-b8bc-a3729815aab7}) (Version: 1.9.1.1008 - Intel Corporation) Intel(R) Technology Access Software Asset Manager (HKLM-x32\...\{C1C74874-4E6F-49B8-BBCD-D43E277D8D28}) (Version: 3.4.1942 - Intel Corporation) Hidden Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation) Intel(R) Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.0.0.14 - Intel Corporation) Intel(R) Wireless Bluetooth(R) 4.0 (HKLM-x32\...\{C9324B6F-FC2B-4CA0-8C42-793D7099BDA1}) (Version: 17.0.1422.02 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation) iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.) LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass) Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version: - ) Maxon Cinema 4D 22 (HKLM\...\Maxon Cinema 4D S22) (Version: S22 - Maxon) Maxon Cinema 4D R21 (HKLM\...\Maxon Cinema 4D R21) (Version: R21 - Maxon) mBlock (HKLM-x32\...\{9E1253D2-8275-48C2-BB40-FB78B7FB04ED}_is1) (Version: 5.0.0 - Maker Works Technology Co. Ltd.,) Microsoft 365 Apps for business - en-us (HKLM\...\O365BusinessRetail - en-us) (Version: 16.0.14827.20192 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 98.0.1108.50 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 98.0.1108.43 - Microsoft Corporation) Microsoft Excel 2016 - en-us (HKLM\...\ExcelRetail - en-us) (Version: 16.0.14827.20192 - Microsoft Corporation) Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\OneDriveSetup.exe) (Version: 22.002.0103.0004 - Microsoft Corporation) Microsoft Project - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.14827.20192 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation) Microsoft SQL Server 2008 R2 (HKLM-x32\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation) Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{49860BCD-24D6-44C1-922E-AC12FE32234E}) (Version: 10.52.4042.0 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Setup (English) (HKLM-x32\...\{EFECC55D-7B0A-4D05-8487-CC2FD7C618A3}) (Version: 10.52.4042.0 - Microsoft Corporation) Microsoft SQL Server 2008 Setup Support Files (HKLM-x32\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation) Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation) Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\Teams) (Version: 1.2.00.17057 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation) Microsoft Visio - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.14827.20192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) mLink (HKLM-x32\...\{349DB249-AB70-47FA-B058-09DF5BF5BA32}_is1) (Version: 1.0.0 - Maker Works Technology Co. Ltd.,) MobiKin Assistant for Android (HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\MobiKin Assistant for Android) (Version: 1.6.146 - MobiKin) MobiKin Assistant for iOS (HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\MobiKin Assistant for iOS) (Version: 1.0.27 - MobiKin) MOD-t (HKLM-x32\...\MODt) (Version: - New Matter) Movavi Screen Capture Studio 6 (HKLM-x32\...\Movavi Screen Capture Studio 6) (Version: 6.2.1 - Movavi) Mozilla Firefox 75.0 (x64 en-US) (HKLM\...\Mozilla Firefox 75.0 (x64 en-US)) (Version: 75.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 75.0.0.7398 - Mozilla) MyHarmony (HKLM-x32\...\{2AD8F8A1-ECE5-4890-BCC2-B4396370A0D4}) (Version: 1.0.308 - Logitech) OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14827.20088 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14827.20088 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14827.20158 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden OneTouch 4 OCR Module 19.11 (HKLM-x32\...\{B7D9AC5E-BA1B-4E94-9BEA-1E2B876178DF}) (Version: 2.1.116.9200 - Visioneer Inc.) OneTouch 4 OCR Module 19.11 Combo (HKLM-x32\...\{99777236-aa90-4e2a-9011-e056a3303873}) (Version: 2.1.116.9200 - Visioneer Inc.) OneTouch 4.6 (HKLM-x32\...\{6FE022B6-8F8D-4691-93C1-BBD3E5F41C74}) (Version: 4.6.2917.9207 - Visioneer Inc.) OneTouch 4.6 4.6.2917.9207 & OP19SDK 2.1.116.9200 (HKLM-x32\...\{893fc05f-4357-457d-b3ae-388d11eb0c27}) (Version: 4.6.2917.9207 - Visioneer Inc.) OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation) ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden Pismo File Mount Audit Package (HKLM\...\PismoFileMountAuditPackage) (Version: - ) Plex Media Server (HKLM-x32\...\{6713f73b-dbfe-45da-a517-33a93ff8c390}) (Version: 1.2.7.2987 - Plex, Inc.) Plex Media Server (HKLM-x32\...\{D2C8A865-4227-46D0-AD2B-D2BDFE3CFF48}) (Version: 1.2.2987 - Plex, Inc.) Hidden PROSPECTOR® Sales Tool version 34.11(0a) (HKLM-x32\...\{7EF8D0AA-48F9-4B19-A2E5-1090C8FDB7AE}_is1) (Version: 34.11(0a) - PACCAR, Inc.) QuickBooks (HKLM-x32\...\{2B0E1E07-2F3D-4E7D-AD0A-1C74A8881B9B}) (Version: 26.0.4003.2607 - Intuit Inc.) Hidden QuickBooks (HKLM-x32\...\{401D4796-D335-4C81-9410-1D7716B4188B}) (Version: 24.0.4008.2403 - Intuit Inc.) Hidden QuickBooks Enterprise Solutions: Accountant Edition 14.0 (HKLM-x32\...\{47E586BD-3FF0-4ED2-8A0C-890F2C02A2F4}) (Version: 24.0.4008.2403 - Intuit Inc.) QuickBooks Pro 2016 (HKLM-x32\...\{4338BDE2-0035-41BC-87BE-EE0AD5D48042}) (Version: 26.0.4003.2607 - Intuit Inc.) QuickBooks Runtime Redistributable (HKLM\...\{F2A4F809-2DE6-4D27-888B-4D2BB8DAF20E}) (Version: 1.00.0000 - Intuit Inc.) QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) Raspberry Pi Imager (HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\Raspberry Pi Imager) (Version: 1.6.2 - Raspberry Pi) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.370.87 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7219 - Realtek Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform) REDRAGON IMPACT Gaming Mouse (HKLM-x32\...\{E3326E3D-34EE-4E32-AB98-56AFE2574C40}}_is1) (Version: 1.0.0.02 - REDRAGON ZONE) Revo Uninstaller Pro 3.1.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.2 - VS Revo Group, Ltd.) Roblox Player for Drew (HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\roblox-player) (Version: - Roblox Corporation) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.33.0 - SAMSUNG Electronics Co., Ltd.) Service Pack 2 for SQL Server 2008 R2 (KB2630458) (HKLM-x32\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation) Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) Sidekick for Outlook (HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\18545B70DA3FCDA141D2E3E5306ED621A7F563BB) (Version: 2.0.3.53 - HubSpot, Inc.) SketchUp 2017 (HKLM\...\{E59BD84C-169B-4F3F-AC5D-85127CF67051}) (Version: 17.2.2555 - Trimble, Inc.) Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation) Skype™ 7.41 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.41.101 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\Spotify) (Version: 1.0.88.353.g15c26ea1 - Spotify AB) SQL Server 2008 R2 SP2 Common Files (HKLM-x32\...\{CACEA8C8-3D38-4F51-953D-1E6FC3346FEF}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden SQL Server 2008 R2 SP2 Common Files (HKLM-x32\...\{FC835376-FF3B-4CAA-83E0-2148B3FB7C98}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden SQL Server 2008 R2 SP2 Database Engine Services (HKLM-x32\...\{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden SQL Server 2008 R2 SP2 Database Engine Services (HKLM-x32\...\{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden SQL Server 2008 R2 SP2 Database Engine Shared (HKLM-x32\...\{4C9D82EB-9001-4E59-8F64-0BEEE5F4A30A}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden SQL Server 2008 R2 SP2 Database Engine Shared (HKLM-x32\...\{F021CC0C-21C3-4038-AA4A-6E3CBC669CE8}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden Sql Server Customer Experience Improvement Program (HKLM-x32\...\{93998800-1608-403F-9A51-420A77D23C25}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden Stopping Plex (HKLM-x32\...\{B0ACB88E-38A1-4712-BD0C-C5463959127F}) (Version: 1.2.2987 - Plex, Inc.) Hidden Sublime Text Build 3143 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd) swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.17057 - Microsoft Corporation) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43879 - TeamViewer) The National Estimator (HKLM-x32\...\{35495A1B-B920-4F7E-84AD-9D42B9E8D1FF}) (Version: 4.09.0000 - Craftsman Book Company) Timeline Maker Pro Add-in for PowerPoint® x32 (HKLM-x32\...\{745C4415-7188-4AF9-8DBF-5B44CB40155F}) (Version: 1.1.0 - Progeny Software Inc.) Timeline Maker Pro v4 (HKLM-x32\...\{7CEDBF2A-C27D-4ED2-A116-CDDE5FFCB350}) (Version: 4.5.40.6 - Progeny Software Inc.) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH) Trigger External Graphics Family 16.06.0910.0179 (HKLM-x32\...\{81C5AD1D-C7C6-48AC-AC85-8F04293B1780}) (Version: 16.06.0910.0179 - MCT Corp) TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc) TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc) TurboTax 2014 (HKLM-x32\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc) TurboTax 2015 (HKLM-x32\...\TurboTax 2015) (Version: 2015.0 - Intuit, Inc) UE4 Prerequisites (x64) (HKLM\...\{457BE011-43FF-44A7-9FA7-B3BE181E2076}) (Version: 1.0.10.0 - Epic Games, Inc.) Hidden UE4 Prerequisites (x64) (HKLM-x32\...\{b46d36bc-2438-471e-abe8-1fbbd51754ee}) (Version: 1.0.10.0 - Epic Games, Inc.) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation) Visioneer 9520 Driver (HKLM-x32\...\{BCDA28CF-BDE3-49BE-AB50-87FD47CA4559}) (Version: 4.6.10309 - Visioneer Inc.) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation) Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation) WebSite Auditor (HKLM-x32\...\seopowersuite) (Version: - ) Windows Driver Package - Arduino LLC (www.arduino.cc) Arduino USB Driver (01/04/2013 1.0.0.0) (HKLM\...\1E3EA5624DD04BEFECF3FFF6D3A21CCE9CD70A91) (Version: 01/04/2013 1.0.0.0 - Arduino LLC (www.arduino.cc)) Windows Driver Package - New Matter (WinUSB) USBDevice (04/07/2015 1.0.0.3) (HKLM\...\40FACA9E5FA4F8267BAD7F9E29C6BACD176E4421) (Version: 04/07/2015 1.0.0.3 - New Matter) Windows Driver Package - New Matter (WinUSB) USBDevice (04/07/2015 1.0.0.3) (HKLM\...\B19577081E29020ACEC05323A77AB320AD8D6F39) (Version: 04/07/2015 1.0.0.3 - New Matter) Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) WinHTTrack Website Copier 3.48-22 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.22 - HTTrack) WinZip 25.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2412F}) (Version: 25.0.14273 - Corel Corporation) Wondershare Helper Compact 2.5.3 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare) Wondershare MobileGo(Version 8.2.0) (HKLM-x32\...\{1E04C795-7359-4E05-8A0E-5644F777AA09}_is1) (Version: 8.2.0 - Wondershare) Wondershare UniConverter(Build 11.7.1.3) (HKLM-x32\...\UniConverter_is1) (Version: 11.7.1.3 - Wondershare Software) XactRemodel 3 (HKLM-x32\...\{00271000-8116-4423-99E0-4A5D07E678E8}) (Version: 27.103.2013.417 - Xactware) Xirrus Wi-Fi Inspector (HKLM-x32\...\{BBB21AB1-2C45-435D-A05A-B563072E7B9B}) (Version: 1.2.1.4 - Xirrus) Yesware for Outlook (HKLM-x32\...\{895C8FB8-A09B-4B0A-B295-32F5485C3E7E}) (Version: 2.0.81.0 - Yesware) Yesware for Outlook Installer (HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\{8a66bcde-f68f-48b6-9080-c3284c6dbbc8}) (Version: 2.0.81.0 - ) Hidden Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.) Zoom (HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\ZoomUMX) (Version: 5.6.6 (961) - Zoom Video Communications, Inc.) Packages: ========= - Games App - -> C:\Program Files\WindowsApps\WildTangentGames.-GamesApp-_1.0.3.28_x86__qt5r5pa5dyg8m [2015-06-27] (WildTangent Games) Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2021-07-03] (Adobe Systems Incorporated) Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2021-07-15] (Adobe Systems Incorporated) Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2815.0_x64__343d40qqvtj1t [2020-03-18] (Amazon.com) Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.13.66.0_x86__kgqvnymyfvs32 [2022-01-14] (king.com) Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.210.200.0_x64__kgqvnymyfvs32 [2022-01-27] (king.com) Canon Office Printer Utility -> C:\Program Files\WindowsApps\34791E63.CanonOfficePrinterUtility_12.7.0.0_x64__6e5tt8cgb93ep [2019-06-15] (Canon Inc.) Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_6.6.12.0_x86__h6adky7gbf63m [2022-02-04] (Gameloft SE) FLV Media Player -> C:\Program Files\WindowsApps\AFF540DC.FLVMediaPlayer_1.0.10.17_x64__v7353qx4kg3sa [2015-05-27] (Jujuba Software) [MS Ad] Font Viewer -> C:\Program Files\WindowsApps\64186marco.bodoira.FontViewer_1.0.0.0_x86__279eqf56mjv2y [2015-07-20] (marco.bodoira) Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.1000_x86__8wekyb3d8bbwe [2019-06-07] (Microsoft Corporation) Getting Started with Windows 8 -> C:\Program Files\WindowsApps\AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6 [2015-03-03] (Hewlett-Packard Company) HP Connected Music -> C:\Program Files\WindowsApps\AD2F1837.HPConnectedMusic_1.5.0.253_x86__v10z8vjag6ke6 [2015-10-30] (Hewlett-Packard Company) HP Registration -> C:\Program Files\WindowsApps\AD2F1837.HPRegistration_1.2.1.166_neutral__v10z8vjag6ke6 [2015-02-08] (Hewlett-Packard Company) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_134.1.221.0_x64__v10z8vjag6ke6 [2022-01-27] (HP Inc.) Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2015-06-21] (AMZN Mobile LLC) McAfee® Central for HP -> C:\Program Files\WindowsApps\2703103D.McAfeeCentral_5.0.177.1_x64__4ehj4w4frejdr [2018-04-02] (.-McAfee Inc-.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad] Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.1.11220.0_x64__8wekyb3d8bbwe [2021-12-03] (Microsoft Studios) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-14] (Microsoft Studios) [MS Ad] MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-18] (Microsoft Corporation) MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad] MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad] MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad] Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-29] (Netflix, Inc.) Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-08-30] (Microsoft Corporation) PredictWind Offshore -> C:\Program Files\WindowsApps\PredictWind.PredictWindOffshore_5.8.4.0_x64__nxh68jknx1znp [2022-02-01] (PredictWind) RAR Opener -> C:\Program Files\WindowsApps\DeviceDoctor.RAROpener_1.3.48.0_x64__mkdtfchztkfbm [2017-09-21] (Tiny Opener) Snapfish -> C:\Program Files\WindowsApps\AD2F1837.HPConnectedPhotopoweredbySnapfish_6.1.736.0_x86__v10z8vjag6ke6 [2018-08-05] (Snapfish) Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-13] (Twitter Inc.) Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2020-12-26] (Microsoft Corporation) YouCam for HP -> C:\Program Files\WindowsApps\CyberLinkCorp.hs.YouCamforHP_1.0.2.29632_x86__06qsbagp91rvg [2015-02-08] (CYBERLINKCOM CORP) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{041F9391-C79D-44EE-AA4E-AF4E029C4B47}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Update\1.3.36.112\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{0BB081A8-ECD3-34B5-B232-00A308865649}\InprocServer32 -> C:/Users/Drew Owens/AppData/Local/Yesware/Yesware for Outlook/Yesware.Office.Outlook.Addin.DLL => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-E41FB9B54E23} -> [Creative Cloud Files] => C:\Users\Drew Owens\Creative Cloud Files [2016-10-22 19:22] CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19127.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{1A808F4F-770A-3A0F-A017-9340FC9F65B4}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Drive plugin for Office\DriveForOffice.DLL (Google LLC -> Google Inc) CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{20D0D6F8-3AC7-3AA6-9FD6-9855CAD175D0}\InprocServer32 -> C:/Users/Drew Owens/AppData/Local/Yesware/Yesware for Outlook/Yesware.Office.Outlook.Addin.DLL => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{2174CB39-6088-31F0-B0A8-19BB891F7AA1}\InprocServer32 -> C:/Users/Drew Owens/AppData/Local/Yesware/Yesware for Outlook/Yesware.Office.Outlook.Addin.DLL => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{2542B805-4FD4-325E-97E0-E5D46F3AC692}\InprocServer32 -> C:/Users/Drew Owens/AppData/Local/Yesware/Yesware for Outlook/Yesware.Office.Outlook.Addin.DLL => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.) CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{38BCD7F4-6B38-3506-9969-2066F7F8BFEE}\InprocServer32 -> C:/Users/Drew Owens/AppData/Local/Yesware/Yesware for Outlook/Yesware.Office.Outlook.Addin.DLL => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{392CBEB1-E240-32ED-A7D4-76CAEAA631D7}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Drive plugin for Office\DriveForOffice.DLL (Google LLC -> Google Inc) CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{40022DCF-934F-3568-9855-CDB4A1527594}\InprocServer32 -> C:/Users/Drew Owens/AppData/Local/Yesware/Yesware for Outlook/Yesware.Office.Outlook.Addin.DLL => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{46B7A5A5-ADDF-34EB-86F4-92880AEB1769}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Drive plugin for Office\DriveForOffice.DLL (Google LLC -> Google Inc) CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{46D23B22-925B-36F6-9FBB-4D5C6F238879}\InprocServer32 -> C:/Users/Drew Owens/AppData/Local/Yesware/Yesware for Outlook/Yesware.Office.Outlook.Addin.DLL => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{486CCA0E-AB9F-3060-9342-EDFF643D6C19}\InprocServer32 -> C:/Users/Drew Owens/AppData/Local/Yesware/Yesware for Outlook/Yesware.Office.Outlook.Addin.DLL => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{5AFDA673-BD9F-3DBC-A425-FDC14F333B28}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Drive plugin for Office\DriveForOffice.DLL (Google LLC -> Google Inc) CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{63D6035E-9E5F-4238-B4EE-42A511C4DBCF}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Yesware\Yesware for Outlook\adxloader64.dll => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{68EBD74E-DEFB-3CBE-BCCE-B85A43498327}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Drive plugin for Office\DriveForOffice.DLL (Google LLC -> Google Inc) CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{6D264B70-DA18-401D-910C-B202D89670C6}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Update\1.3.36.32\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{702AB5CF-5E4A-313E-B75F-2DFD1D41A528}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Drive plugin for Office\DriveForOffice.DLL (Google LLC -> Google Inc) CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{70B7C733-9819-30A0-ABA6-A1AE7BBF8777}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Drive plugin for Office\DriveForOffice.DLL (Google LLC -> Google Inc) CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{75399D28-E622-4973-8752-BC0F7DC47AF3}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Update\1.3.36.122\psuser_64.dll (Google LLC -> Google LLC) CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{82186AB2-1881-42D6-B945-35087B680952}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Drive plugin for Office\adxloader64.dll (Google LLC -> ) CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\GoToMeeting\16786\G2MOutlookAddin64.dll => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Update\1.3.36.122\psuser_64.dll (Google LLC -> Google LLC) CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{8B480070-D37D-4090-A063-7A429F849652}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Update\1.3.36.92\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{8B5CF381-6470-31A9-8B39-4B1703F4C0F2}\InprocServer32 -> C:/Users/Drew Owens/AppData/Local/Yesware/Yesware for Outlook/Yesware.Office.Outlook.Addin.DLL => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{8B8BE938-B5A8-343F-B524-A84FB29DC613}\InprocServer32 -> C:/Users/Drew Owens/AppData/Local/Yesware/Yesware for Outlook/Yesware.Office.Outlook.Addin.DLL => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{A2F33C7C-98FC-39EC-A698-37DB671516A6}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Drive plugin for Office\DriveForOffice.DLL (Google LLC -> Google Inc) CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{AE39D63B-CBBB-3101-9624-5FB56E9A1148}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Drive plugin for Office\DriveForOffice.DLL (Google LLC -> Google Inc) CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{AF3D772A-92D3-34B9-817F-D0D4762C9372}\InprocServer32 -> C:/Users/Drew Owens/AppData/Local/Yesware/Yesware for Outlook/Yesware.Office.Outlook.Addin.DLL => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{AFDB8763-6DFF-3E96-AC9D-1385729CEDF2}\InprocServer32 -> C:/Users/Drew Owens/AppData/Local/Yesware/Yesware for Outlook/Yesware.Office.Outlook.Addin.DLL => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{B33DAF52-1793-3B84-ACC0-AF031676DB87}\InprocServer32 -> C:/Users/Drew Owens/AppData/Local/Yesware/Yesware for Outlook/Yesware.Office.Outlook.Addin.DLL => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{B5B8593C-89BC-44a7-BCE3-32FE4FED7C5C}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Workspace\wbetoolsax64.dll => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{B8A1D4E9-C3F7-31A6-929A-2F0474E7D84F}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Drive plugin for Office\DriveForOffice.DLL (Google LLC -> Google Inc) CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{BE5C2E39-090F-46A2-AFAA-47540743B4FE}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Update\1.3.36.102\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{C4944223-FF26-379A-BC9C-8F651B872FAF}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Drive plugin for Office\DriveForOffice.DLL (Google LLC -> Google Inc) CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{C522C8D0-F685-3BFA-9149-F87ABD30E313}\InprocServer32 -> C:/Users/Drew Owens/AppData/Local/Yesware/Yesware for Outlook/Yesware.Office.Outlook.Addin.DLL => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated) CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{CA8FA699-91CD-412F-9D13-9B1222F4370E}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Update\1.3.36.82\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{CA919489-0396-4164-A6E7-94CDED45A707}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.WinZipExpressForOffice.dll (Corel Corporation -> ) CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19127.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{D6525CDE-E638-3E67-98E4-BA5710CB2964}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Drive plugin for Office\DriveForOffice.DLL (Google LLC -> Google Inc) CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{D7BBEBEB-1100-375D-9B99-87C044B536AA}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Drive plugin for Office\DriveForOffice.DLL (Google LLC -> Google Inc) CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{D80A3D92-ABE0-3F55-B6E9-7ACF0A30E039}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Drive plugin for Office\DriveForOffice.DLL (Google LLC -> Google Inc) CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{DE7819A4-8E25-386A-B5B9-6B37F7F077E5}\InprocServer32 -> C:/Users/Drew Owens/AppData/Local/Yesware/Yesware for Outlook/Yesware.Office.Outlook.Addin.DLL => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Update\1.3.36.72\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems) CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Update\1.3.36.122\psuser_64.dll (Google LLC -> Google LLC) CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{EA77EFA4-BE79-374F-8DF8-2D649A590240}\InprocServer32 -> C:/Users/Drew Owens/AppData/Local/Yesware/Yesware for Outlook/Yesware.Office.Outlook.Addin.DLL => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Update\1.3.35.302\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{F7EEBDEC-0497-3D32-9056-EA2DC1D7223D}\InprocServer32 -> C:\Users\Drew Owens\AppData\Local\Google\Drive plugin for Office\DriveForOffice.DLL (Google LLC -> Google Inc) CustomCLSID: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001_Classes\CLSID\{FC773B9D-EC1B-3F9B-87A7-7A75C26CFA73}\InprocServer32 -> C:/Users/Drew Owens/AppData/Local/Yesware/Yesware for Outlook/Yesware.Office.Outlook.Addin.DLL => No File ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-27] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-27] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-27] (Adobe Inc. -> ) ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll -> No File ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed] ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-27] (Adobe Inc. -> ) ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.) ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-08-04] (CyberLink Corp. -> Cyberlink) ContextMenuHandlers1: [Image Resizer] -> {51B4D7E5-7568-4234-B4BB-47FB3C016A69} => C:\Program Files\Image Resizer for Windows\ShellExtensions.dll [2013-02-23] (Brice Lambson) [File not signed] ContextMenuHandlers1: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-22] (MagicISO, Inc.) [File not signed] ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2020-09-25] (Corel Corporation -> WinZip Computing) ContextMenuHandlers1: [{4BBAAAE9-0001-40B5-9AA5-1BBD98C86E9B}] -> {4BBAAAE9-0001-40B5-9AA5-1BBD98C86E9B} => C:\Windows\system32\pfmshx_181.dll [2016-03-29] (Pismo Technic Inc. -> Pismo Technic Inc.) ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-08-04] (CyberLink Corp. -> Cyberlink) ContextMenuHandlers2: [{4BBAAAE9-0001-40B5-9AA5-1BBD98C86E9B}] -> {4BBAAAE9-0001-40B5-9AA5-1BBD98C86E9B} => C:\Windows\system32\pfmshx_181.dll [2016-03-29] (Pismo Technic Inc. -> Pismo Technic Inc.) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed] ContextMenuHandlers4: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-22] (MagicISO, Inc.) [File not signed] ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers4: [SetAsScanDestShellExt] -> {A05984FF-804F-4599-9814-304312F63239} => C:\Program Files (x86)\Visioneer\OneTouch 4.0\Links\SetAsScanDestShellExtx.dll [2017-09-20] (Visioneer Inc.) [File not signed] ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2020-09-25] (Corel Corporation -> WinZip Computing) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll -> No File ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-27] (Adobe Inc. -> ) ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.) ContextMenuHandlers6: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-22] (MagicISO, Inc.) [File not signed] ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2012-12-29] (VS Revo Group -> VS Revo Group) ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2020-09-25] (Corel Corporation -> WinZip Computing) ContextMenuHandlers6: [{4BBAAAE9-0001-40B5-9AA5-1BBD98C86E9B}] -> {4BBAAAE9-0001-40B5-9AA5-1BBD98C86E9B} => C:\Windows\system32\pfmshx_181.dll [2016-03-29] (Pismo Technic Inc. -> Pismo Technic Inc.) ==================== Codecs (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\SysWOW64\pdvcodec.dll [265797 2014-05-28] (Matsushita Electric Industrial Co., Ltd.) [File not signed] ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\Drew Owens\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\ff13ca23fee04978\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 5" ==================== Loaded Modules (Whitelisted) ============= 2015-01-30 18:16 - 2015-01-30 18:16 - 000864768 _____ (%CFullName%) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OpBHO64.dll 2020-02-13 12:09 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll 2020-02-13 12:09 - 2017-03-23 09:49 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll 2021-08-19 19:24 - 2017-06-16 20:32 - 000061952 _____ () [File not signed] C:\Program Files (x86)\REDRAGON IMPACT Gaming Mouse\HidDevice.dll 2016-06-26 20:15 - 2005-04-21 22:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll 2017-11-01 08:27 - 2017-11-01 08:27 - 000495203 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\Accessibility.api 2017-11-01 08:27 - 2017-11-01 08:27 - 013125731 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\AcroForm.api 2017-11-01 08:27 - 2017-11-01 08:27 - 008278627 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\Annots.api 2017-11-01 08:27 - 2017-11-01 08:27 - 001484387 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\DigSig.api 2017-11-01 08:27 - 2017-11-01 08:27 - 001758819 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\EScript.api 2017-11-01 08:27 - 2017-11-01 08:27 - 000110179 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\IA32.api 2017-11-01 08:27 - 2017-11-01 08:27 - 007368291 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\PPKLite.api 2017-11-01 08:27 - 2017-11-01 08:27 - 000174179 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\Updater.api 2017-11-01 08:27 - 2017-11-01 08:27 - 000305763 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\weblink.api 2013-02-23 10:47 - 2013-02-23 10:47 - 000166400 _____ (Brice Lambson) [File not signed] C:\Program Files\Image Resizer for Windows\ShellExtensions.dll 2016-06-26 20:15 - 2013-03-08 00:44 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll 2016-02-08 09:48 - 2016-01-11 14:45 - 000023552 _____ (Copyright© RingCentral, inc.) [File not signed] C:\WINDOWS\System32\v_localmon_rc.dll 2011-08-18 01:29 - 2011-08-18 01:29 - 001039360 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll 2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll 2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll 2021-08-19 19:24 - 2017-06-16 20:32 - 000143360 _____ (Holtek) [File not signed] C:\Program Files (x86)\REDRAGON IMPACT Gaming Mouse\HIDApi.dll 2010-11-18 22:08 - 2010-11-18 22:08 - 000086016 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll 2016-04-11 19:37 - 2008-05-22 22:25 - 000043520 _____ (MagicISO, Inc.) [File not signed] C:\Program Files (x86)\MagicISO\misosh64.dll 2020-08-02 09:00 - 2020-08-02 09:00 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL 2020-08-02 09:00 - 2020-08-02 09:00 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL 2016-07-11 09:40 - 2016-07-11 09:40 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\root\Client\AppVIsvSubsystems32.dll 2020-04-23 09:21 - 2020-04-23 09:21 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll 2020-04-23 09:21 - 2020-04-23 09:21 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll 2012-09-23 20:43 - 2012-09-23 20:43 - 000227328 _____ (RSA - The Security Division of EMC) [File not signed] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\ccme_asym.dll 2012-09-23 20:43 - 2012-09-23 20:43 - 000379904 _____ (RSA - The Security Division of EMC) [File not signed] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\ccme_base.dll 2012-09-23 20:43 - 2012-09-23 20:43 - 000208384 _____ (RSA - The Security Division of EMC) [File not signed] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\ccme_base_non_fips.dll 2012-09-23 20:43 - 2012-09-23 20:43 - 000564736 _____ (RSA - The Security Division of EMC) [File not signed] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\ccme_ecc.dll 2012-09-23 20:43 - 2012-09-23 20:43 - 000471552 _____ (RSA - The Security Division of EMC) [File not signed] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\ccme_ecdrbg.dll 2012-09-23 20:43 - 2012-09-23 20:43 - 000291328 _____ (RSA - The Security Division of EMC) [File not signed] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\cryptocme.dll 2020-02-13 12:09 - 2017-03-23 09:52 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll ==================== Alternate Data Streams (Whitelisted) ======== (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0] ==================== Safe Mode (Whitelisted) ================== ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT14/1 HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT14/1 HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://js.redirect.hp.com/jumpstation?bd=all&c=143&locale=ww_ww&pf=cnnb&s=ieHPtab&tp=iehome SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKLM -> {939F39C5-D105-4EED-BAFB-75AD39763D1B} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKLM-x32 -> {939F39C5-D105-4EED-BAFB-75AD39763D1B} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001 -> {939F39C5-D105-4EED-BAFB-75AD39763D1B} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001 -> {BE928963-A9C5-4429-A387-D89331B4928F} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2022-02-03] (Microsoft Corporation -> Microsoft Corporation) BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-01-26] (LastPass -> LastPass) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-24] (Google Inc -> Google Inc.) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-10-31] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-07-01] (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-01-26] (LastPass -> LastPass) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-24] (Google Inc -> Google Inc.) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-01-26] (LastPass -> LastPass) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-24] (Google Inc -> Google Inc.) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-01-26] (LastPass -> LastPass) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-24] (Google Inc -> Google Inc.) Toolbar: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-24] (Google Inc -> Google Inc.) Handler-x32: intu-help-qb7 - {5A03BD9D-766D-47A6-8E87-CD90F60BE245} - C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 14.0\HelpAsyncPluggableProtocol.dll [2014-12-10] (Intuit, Inc. -> Intuit, Inc.) Handler-x32: intu-help-qb9 - {C1252096-0E63-4C06-A38B-03DF9A16AA12} - C:\Program Files (x86)\Intuit\QuickBooks 2016\HelpAsyncPluggableProtocol.dll [2015-10-22] (Intuit, Inc. -> Intuit, Inc.) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\SysWOW64\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation) (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\salesforce.com -> hxxps://www.salesforce.com IE trusted site: HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\sharepoint.com -> hxxps://meridian30-files.sharepoint.com ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 07:25 - 2013-08-22 07:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Hewlett-Packard\SimplePass\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\;c:\Program Files\Intel\WiFi\bin\;c:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Common Files\Intuit\QBPOSSDKRuntime;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Drew Owens\AppData\Local\Microsoft\Windows\Themes\img5.jpg HKU\S-1-5-21-3404635299-2440590617-3582906486-1011\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg DNS Servers: 10.0.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. Network Binding: ============= Wi-Fi: Intel(R) Technology Access Filter Driver -> nt_ndisrd (enabled) Ethernet: Intel(R) Technology Access Filter Driver -> nt_ndisrd (enabled) ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: AdobeUpdateService => 2 MSCONFIG\Services: AGMService => 2 MSCONFIG\Services: AGSService => 2 MSCONFIG\Services: Apple Mobile Device => 2 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: BrYNSvc => 3 MSCONFIG\Services: cphs => 3 MSCONFIG\Services: DAMSvc => 2 MSCONFIG\Services: EvtEng => 2 MSCONFIG\Services: GManager => 2 MSCONFIG\Services: GoogleChromeElevationService => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: gusvc => 3 MSCONFIG\Services: hpqwmiex => 3 MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2 MSCONFIG\Services: HPTouchpointAnalyticsService => 2 MSCONFIG\Services: HPWMISVC => 2 MSCONFIG\Services: IAStorDataMgrSvc => 2 MSCONFIG\Services: ibtsiva => 2 MSCONFIG\Services: igfxCUIService2.0.0.0 => 2 MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2 MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3 MSCONFIG\Services: Intel(R) ME Service => 2 MSCONFIG\Services: Intel(R) TA SAM => 3 MSCONFIG\Services: Intel(R) TechnologyAccessLegacyCSLoader => 2 MSCONFIG\Services: Intel(R) TechnologyAccessService => 2 MSCONFIG\Services: IntuitUpdateServiceV4 => 2 MSCONFIG\Services: iPod Service => 3 MSCONFIG\Services: iumsvc => 3 MSCONFIG\Services: jhi_service => 2 MSCONFIG\Services: LMS => 2 MSCONFIG\Services: MlPatch => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: MyWiFiDHCPDNS => 3 MSCONFIG\Services: omniserv => 2 MSCONFIG\Services: OneTouch 4.0 Monitor => 2 MSCONFIG\Services: PlexUpdateService => 2 MSCONFIG\Services: ptsysexec => 3 MSCONFIG\Services: QBCFMonitorService => 2 MSCONFIG\Services: QBFCService => 3 MSCONFIG\Services: QBVSS => 2 MSCONFIG\Services: QuickBooksDB26 => 3 MSCONFIG\Services: RegSrvc => 2 MSCONFIG\Services: RtkAudioService => 2 MSCONFIG\Services: SynTPEnhService => 2 MSCONFIG\Services: TeamViewer => 2 MSCONFIG\Services: WsAppService => 2 MSCONFIG\Services: WsDrvInst => 3 MSCONFIG\Services: ZeroConfigService => 2 HKLM\...\StartupApproved\StartupFolder: => "Install LastPass IE RunOnce.lnk" HKLM\...\StartupApproved\StartupFolder: => "Install LastPass FF RunOnce.lnk" HKLM\...\StartupApproved\StartupFolder: => "ImageBrowser EX Agent.lnk" HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk" HKLM\...\StartupApproved\StartupFolder: => "Intuit Data Protect.lnk" HKLM\...\StartupApproved\StartupFolder: => "MobileGo Service.lnk" HKLM\...\StartupApproved\StartupFolder: => "QuickBooks_Standard_21.lnk" HKLM\...\StartupApproved\StartupFolder: => "QuickBooks Update Agent.lnk" HKLM\...\StartupApproved\StartupFolder: => "QuickBooks Web Connector.lnk" HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run: => "SimplePass" HKLM\...\StartupApproved\Run: => "OPBHOBroker" HKLM\...\StartupApproved\Run: => "OPBHOBrokerDesktop" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "TUCCDUtil" HKLM\...\StartupApproved\Run: => "ZAM" HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run32: => "ISUSPM" HKLM\...\StartupApproved\Run32: => "HPMessageService" HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKLM\...\StartupApproved\Run32: => "EgnyteDesktopSync" HKLM\...\StartupApproved\Run32: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "QuickTime Task" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKLM\...\StartupApproved\Run32: => "Intuit SyncManager" HKLM\...\StartupApproved\Run32: => "BrHelp" HKLM\...\StartupApproved\Run32: => "ControlCenter4" HKLM\...\StartupApproved\Run32: => "BrStsMon00" HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\StartupApproved\StartupFolder: => "EvernoteClipper.lnk" HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\StartupApproved\StartupFolder: => "Craftsman Software Update.lnk" HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\StartupApproved\Run: => "AdobeBridge" HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\StartupApproved\Run: => "Lync" HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\StartupApproved\Run: => "GoToMeeting" HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\StartupApproved\Run: => "join.me.launcher" HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\StartupApproved\Run: => "RingCentral for Windows" HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\StartupApproved\Run: => "Workspace Status" HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\StartupApproved\Run: => "Starfield Updater" HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\StartupApproved\Run: => "Google Update" HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\StartupApproved\Run: => "Plex Media Server" HKU\S-1-5-21-3404635299-2440590617-3582906486-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{1D3E6A82-BB99-46B8-963C-A191BB0B9292}] => (Allow) C:\Program Files (x86)\Brother\Brmfl13b\FAXRX.EXE (Brother Industries, Ltd.) [File not signed] FirewallRules: [{96F621AD-68EA-4111-8DE0-4F55D779644E}] => (Allow) C:\Users\Drew Owens\AppData\Roaming\Zoom\bin\airhost.exe => No File FirewallRules: [{FFF69FCC-F4E3-49F3-AD74-0AC5BE9B561C}] => (Allow) C:\Users\Drew Owens\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{44CBD1BE-7CAF-46BB-91BE-405DAF0CACD0}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> ) FirewallRules: [UDP Query User{F3EEF179-A586-4120-9F42-713864A62C67}C:\users\drew owens\appdata\local\temp\cp14036403330640session\cptrustfolder14036403330843\adobecaptivatews] => (Allow) C:\users\drew owens\appdata\local\temp\cp14036403330640session\cptrustfolder14036403330843\adobecaptivatews => No File FirewallRules: [TCP Query User{B80B528D-6802-4269-900F-096D5FA220C4}C:\users\drew owens\appdata\local\temp\cp14036403330640session\cptrustfolder14036403330843\adobecaptivatews] => (Allow) C:\users\drew owens\appdata\local\temp\cp14036403330640session\cptrustfolder14036403330843\adobecaptivatews => No File FirewallRules: [UDP Query User{2155B82C-592C-4DC5-8DE3-AEDCE8A58D7E}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe () [File not signed] FirewallRules: [TCP Query User{04B992EF-4127-469B-B9F6-BE613EFA6EC4}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe () [File not signed] FirewallRules: [UDP Query User{325F5824-712C-4129-87D4-AEAE34E39032}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed] FirewallRules: [TCP Query User{8ACBF6A1-3310-4424-8354-9C45480D62AB}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed] FirewallRules: [UDP Query User{CE472582-3C7A-417C-9C24-86ED38F54627}H:\xampp\apache\bin\httpd.exe] => (Allow) H:\xampp\apache\bin\httpd.exe => No File FirewallRules: [TCP Query User{40FF5DE1-2C48-4A48-98C7-DC4DD834FAF1}H:\xampp\apache\bin\httpd.exe] => (Allow) H:\xampp\apache\bin\httpd.exe => No File FirewallRules: [UDP Query User{64C0E04B-0797-40DE-80F3-C10F8B4F5A43}C:\users\drew owens\documents\hello neighbor\hello neighbor alpha 1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe] => (Allow) C:\users\drew owens\documents\hello neighbor\hello neighbor alpha 1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe (Epic Games, Inc.) [File not signed] FirewallRules: [TCP Query User{E90A46C8-9527-400C-8807-AD63A9437F53}C:\users\drew owens\documents\hello neighbor\hello neighbor alpha 1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe] => (Allow) C:\users\drew owens\documents\hello neighbor\hello neighbor alpha 1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe (Epic Games, Inc.) [File not signed] FirewallRules: [UDP Query User{A40FCAC0-2B02-46A9-8AB5-09D3C746305C}C:\users\drew owens\downloads\hello neighbor\hello neighbor alpha 1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe] => (Allow) C:\users\drew owens\downloads\hello neighbor\hello neighbor alpha 1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe => No File FirewallRules: [TCP Query User{544DA9ED-FD13-4CFC-87AD-5C2CB5514861}C:\users\drew owens\downloads\hello neighbor\hello neighbor alpha 1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe] => (Allow) C:\users\drew owens\downloads\hello neighbor\hello neighbor alpha 1\helloneighbor\helloneighborreborn\binaries\win64\helloneighborreborn-win64-shipping.exe => No File FirewallRules: [UDP Query User{9FB49D91-ECE5-4E3A-B844-74F869657A65}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (SAND STUDIO LIMITED -> Sand Studio) FirewallRules: [TCP Query User{77AF3389-6A41-4829-AFB0-9C27CD64E48E}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (SAND STUDIO LIMITED -> Sand Studio) FirewallRules: [UDP Query User{C3BCD0D4-5031-45F4-8F7D-58908849118B}C:\users\drew owens\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\drew owens\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{1BB85755-18D9-4989-BE2A-934104FBD0D7}C:\users\drew owens\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\drew owens\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{A5388BAA-C5F9-4229-B5A9-12ED3968F63E}C:\users\drew owens\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\drew owens\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{5ADA0CF2-3EA1-4B03-A9CB-ED1DF295A83D}C:\users\drew owens\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\drew owens\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{53F45409-5D75-48BF-85B6-9A9B376EE323}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe (Plex, Inc -> Plex, Inc.) FirewallRules: [{83D0918C-C3C5-4372-B944-3AE817EE3C08}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Plex, Inc -> Python Software Foundation) FirewallRules: [{4D22DE78-5DEA-4B6F-9BBC-0055C5AD4274}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc -> Plex, Inc.) FirewallRules: [UDP Query User{9252BD97-1AC7-43DA-B512-EEDECDCF0E48}C:\users\drew owens\appdata\local\temp\cp436852539484session\cptrustfolder436852539484\adobecaptivatews] => (Allow) C:\users\drew owens\appdata\local\temp\cp436852539484session\cptrustfolder436852539484\adobecaptivatews => No File FirewallRules: [TCP Query User{A5EB52CE-913D-46A1-9E93-2ECCA0DDC017}C:\users\drew owens\appdata\local\temp\cp436852539484session\cptrustfolder436852539484\adobecaptivatews] => (Allow) C:\users\drew owens\appdata\local\temp\cp436852539484session\cptrustfolder436852539484\adobecaptivatews => No File FirewallRules: [UDP Query User{124710E5-AA88-40B8-92DE-9474F229AAF4}C:\users\drew owens\appdata\local\temp\cp826017937703session\cptrustfolder826017937718\adobecaptivatews] => (Allow) C:\users\drew owens\appdata\local\temp\cp826017937703session\cptrustfolder826017937718\adobecaptivatews => No File FirewallRules: [TCP Query User{38CF2A83-1DAD-4129-A3F3-54933E994A69}C:\users\drew owens\appdata\local\temp\cp826017937703session\cptrustfolder826017937718\adobecaptivatews] => (Allow) C:\users\drew owens\appdata\local\temp\cp826017937703session\cptrustfolder826017937718\adobecaptivatews => No File FirewallRules: [UDP Query User{948D15B2-6CCA-4F8A-AC9E-39715533ED6A}C:\users\drew owens\appdata\local\temp\cp408017780328session\cptrustfolder408017780578\adobecaptivatews] => (Allow) C:\users\drew owens\appdata\local\temp\cp408017780328session\cptrustfolder408017780578\adobecaptivatews => No File FirewallRules: [TCP Query User{707B8542-3070-485C-AAAC-006B40D61361}C:\users\drew owens\appdata\local\temp\cp408017780328session\cptrustfolder408017780578\adobecaptivatews] => (Allow) C:\users\drew owens\appdata\local\temp\cp408017780328session\cptrustfolder408017780578\adobecaptivatews => No File FirewallRules: [{407B5E1D-4C91-4E26-BA3E-24427AD0632E}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.) FirewallRules: [{D2E1DC8C-CF9B-49D7-AEA3-18A8348118F1}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.) FirewallRules: [{7841A056-FB0B-4F11-8C76-13A71DC597B0}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.) FirewallRules: [{7129AC63-3544-41D6-A508-5B87BFB822A3}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.) FirewallRules: [{575C70CE-6B17-4603-96C1-08C097E8F235}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.) FirewallRules: [{6249E842-4266-4A4B-9A16-0CE536B23440}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe (Intuit, Inc. -> Intuit Inc.) FirewallRules: [{AA696F50-BBCE-4B4B-A25C-4E8EC1E15478}] => (Allow) LPort=56726 FirewallRules: [UDP Query User{357AD94B-2663-4E20-8453-DD5783FCDF4D}C:\program files (x86)\mobikin\mobikin assistant for android\bin\mobikin assistant for android.exe] => (Allow) C:\program files (x86)\mobikin\mobikin assistant for android\bin\mobikin assistant for android.exe (UUMART LIMITED -> ) [File not signed] FirewallRules: [TCP Query User{941EAC02-6FF5-4E25-8A95-0A0E74ADC8AE}C:\program files (x86)\mobikin\mobikin assistant for android\bin\mobikin assistant for android.exe] => (Allow) C:\program files (x86)\mobikin\mobikin assistant for android\bin\mobikin assistant for android.exe (UUMART LIMITED -> ) [File not signed] FirewallRules: [{8426DAE8-497A-4DEC-B59B-D4DD4D829538}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit) [File not signed] FirewallRules: [{3DE8A1F7-7915-4DA3-BB2E-F5158F5E4348}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit) [File not signed] FirewallRules: [{08090BAC-A3DB-4354-BCC6-DEE4DE84F0BE}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\qblaunch.exe (Intuit, Inc. -> Intuit Inc.) FirewallRules: [{98B820E0-194C-4762-8BB6-498DF7B066E7}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\qblaunch.exe (Intuit, Inc. -> Intuit Inc.) FirewallRules: [{0CFCC606-A614-4EC5-A4E5-B097228C196F}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks 2016\filemanagement.exe (Intuit, Inc. -> ) FirewallRules: [{FDD6B61D-7174-4752-8103-B08B975CE8C5}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks 2016\filemanagement.exe (Intuit, Inc. -> ) FirewallRules: [{1125E190-BA99-4A13-8050-34F16F27DF22}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks 2016\dbmanagerexe.exe (Intuit, Inc. -> Intuit Inc.) FirewallRules: [{FF7A2185-904D-498B-867C-6B92BAB04D3E}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks 2016\dbmanagerexe.exe (Intuit, Inc. -> Intuit Inc.) FirewallRules: [{BFF75026-BCFF-475E-87EB-08F8580B923D}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks 2016\qbw32.exe (Intuit, Inc. -> Intuit Inc.) FirewallRules: [{5F571D61-8E12-4DAB-8732-5B6F30947750}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks 2016\qbw32.exe (Intuit, Inc. -> Intuit Inc.) FirewallRules: [{15578638-D367-4799-A1F1-F1988C28B99D}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks 2016\qbdbmgrn.exe (SAP -> Intuit, Inc.) [File not signed] FirewallRules: [{B210404B-00E3-4F91-BE57-562E7551E005}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks 2016\qbdbmgrn.exe (SAP -> Intuit, Inc.) [File not signed] FirewallRules: [UDP Query User{FDE49183-119F-41C9-9424-29D0DCE47BEE}C:\program files (x86)\wondershare\mobilego\mobilego.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilego.exe (Shenzhen Wondershare Information Technology Co., Ltd. -> Wondershare) FirewallRules: [TCP Query User{C973E1CF-DBAD-4A93-B1EE-899BCF26E28A}C:\program files (x86)\wondershare\mobilego\mobilego.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilego.exe (Shenzhen Wondershare Information Technology Co., Ltd. -> Wondershare) FirewallRules: [UDP Query User{03345AF7-C721-408A-BA0D-45E7FF62B864}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe (Shenzhen Wondershare Information Technology Co., Ltd. -> Wondershare) FirewallRules: [TCP Query User{66C62376-2DAA-49C7-9753-2C73FA99D087}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe (Shenzhen Wondershare Information Technology Co., Ltd. -> Wondershare) FirewallRules: [{157405DB-205B-43BD-A35E-E422B82824C8}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard) FirewallRules: [{3D1FF2B4-2837-4116-8442-5E3B042869FF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] FirewallRules: [{38348894-CC74-4F89-B715-490167D48A28}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] FirewallRules: [{49D41770-0EDC-4133-85A3-8D79DE51CAA1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett Packard -> Hewlett-Packard) FirewallRules: [{1875DA05-D5A7-49C7-B73A-68419849F745}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{2A0DA8E4-7F92-4DA5-A98A-5719AB0C7EE0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{76947785-4E45-4964-81B1-C3DF7D6C1F2E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{4824ACD6-135F-4FDC-B703-4261B7F50A58}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{D9B5578D-9568-4BBE-85FB-3D9394E2D1C0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{6BCFE8EB-12CB-4990-9531-3DA76F9CD5A3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{E562623C-3DBE-4C96-84AD-E5639116F312}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{3490CB29-0319-4F2C-9D1F-F2122E9E5D87}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{E34366C7-DFB6-4996-8471-3AC023B2E175}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{A16AFAE5-1E84-49BD-9E82-48B8AD28E6AC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{BD5D7755-7922-4BE7-9672-44256FA01A0C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{137FBEC1-38EA-476B-AC04-821ADB728BAE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [{371CFA21-6B40-4734-856C-54784221646B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.) FirewallRules: [UDP Query User{C5FFA83C-8573-4DD6-A8F2-9ADA7EA002DE}C:\program files (x86)\ringcentral for windows\softphone.exe] => (Allow) C:\program files (x86)\ringcentral for windows\softphone.exe => No File FirewallRules: [TCP Query User{9128C39C-18E1-44FF-98BA-12848E761E0A}C:\program files (x86)\ringcentral for windows\softphone.exe] => (Allow) C:\program files (x86)\ringcentral for windows\softphone.exe => No File FirewallRules: [{04344FAA-F507-4985-B016-8D352F8E474B}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe => No File FirewallRules: [{1CE2CC39-0CBF-445E-87F4-C27E968079F6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{0CDC6576-763F-44DD-8EB5-A72AC28F2872}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{D83E347B-4CCC-4D07-965F-1CF064E93DC6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{7755DD32-3E6B-4B39-997B-CD40841D60C4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{BCC098EB-E6CB-4A19-90CE-BA46109202C0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe => No File FirewallRules: [{C827499E-9317-41FE-9031-77C75D2DF80F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (CyberLink Corp. -> CyberLink) FirewallRules: [{0F2AC4AB-BE59-4A5A-9D86-54647DE6FF73}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe => No File FirewallRules: [{BBB8C676-EB0E-4713-80B8-292EBDAE5451}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{22F0045E-E79F-4DD3-A863-61D462D8D087}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPSOCKSVC.exe (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) FirewallRules: [{884E7696-00F5-4D8C-87B8-BA020F675E67}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH) FirewallRules: [{C7987874-C619-407B-B368-D753C04D3097}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH) FirewallRules: [{B773523F-D6D1-466B-BA59-552E5748B547}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer -> TeamViewer GmbH) FirewallRules: [{E101B681-9F6B-415A-AE4F-6A3223404372}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer -> TeamViewer GmbH) FirewallRules: [{09E9D30E-5649-4B02-8F37-A78CB19C5D51}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe => No File FirewallRules: [{2B2C250C-D2ED-41C5-8AAC-8F88693DEEF5}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe => No File FirewallRules: [UDP Query User{F1E02AB5-88DE-40C5-93DE-57F3D30E8D04}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{3512FA8D-8908-4F17-88BC-B76B278C55D9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{23D8269A-4937-4FE6-AB75-08D52F762A72}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [TCP Query User{1DD9A072-F620-4743-8031-50A4EAD20379}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [UDP Query User{A867EA7F-D49C-48F0-B6C9-68E3F5EE8FC3}C:\program files (x86)\google\chrome\application\new_chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\new_chrome.exe => No File FirewallRules: [TCP Query User{5B076224-7015-4F78-A7D7-A636989510CC}C:\program files (x86)\google\chrome\application\new_chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\new_chrome.exe => No File FirewallRules: [UDP Query User{D33E36AD-1927-4891-8838-F8FA7F400AE0}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [TCP Query User{9ED0BDBF-F124-49C4-8822-5D66485E7651}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{0EF97FF4-8208-4168-A4B8-801E412E93C7}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{62613ACC-3A1E-47B6-AA25-C8DD6937CCFC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{F9C474E8-7AC7-4402-A1B6-8AEA5A8865DB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{65A00112-6DFE-4F60-BCBB-CD5EB8F3B30E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{8FC1F455-BE51-4FEC-AA62-3A789A55B9CB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{DBA2BC60-F150-4BCA-B249-F381E7161152}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{5DD30258-7601-4E79-B06A-45F905EE7D6E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{2C4A20EB-F1E6-47EE-8CE4-FBDB7FA12C62}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{F236BE10-B3C1-4CB7-97FE-8425FCBBC4AF}] => (Allow) C:\Program Files (x86)\Brother\Brmfl14e\FAXRX.EXE (Brother Industries, Ltd.) [File not signed] FirewallRules: [{FEA5D72F-18F3-4D4B-AF2F-4EADA05C106E}] => (Allow) LPort=54925 FirewallRules: [TCP Query User{EB3BD539-D98C-4EED-8A77-34BD32D95E73}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{7C965984-FA45-4A98-B89F-20676F649F9A}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{03508078-4C3E-4FBC-92A7-E1E0E148E4CC}C:\programdata\mlink\app\mlinknode.exe] => (Allow) C:\programdata\mlink\app\mlinknode.exe (Makeblock Co., Ltd. -> Node.js) FirewallRules: [UDP Query User{9CE9F2AF-4979-48C3-9E6D-C951CA429BD2}C:\programdata\mlink\app\mlinknode.exe] => (Allow) C:\programdata\mlink\app\mlinknode.exe (Makeblock Co., Ltd. -> Node.js) FirewallRules: [{9620C646-A262-46E0-AEFC-816EB7250EE2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{E5AA6462-193E-4A77-AA61-C972DB068B73}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{5E652500-7016-46F6-BD78-BB2D033E856A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{90940634-AC6F-4DC7-831F-B08D289EB56E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{FDADC914-C753-4897-8479-914C3A88974C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{802D077B-A09F-4C3A-8A41-5AFE82449648}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{0638A0C2-DF5C-401B-A76A-A88765B615F6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{FAFD6AB8-5D04-4233-9F76-A05A5E551A83}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{0A24AA15-C683-41E5-9A73-BD70C4B4E9C2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{338DE129-6117-4E0C-BBF4-1B41036E5C69}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\98.0.1108.43\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{F45C4581-317C-4AE9-B71F-AB3CE9720FEE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Restore Points ========================= 03-02-2022 11:37:56 Scheduled Checkpoint 11-02-2022 13:48:31 Scheduled Checkpoint ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (02/12/2022 10:03:06 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: FullTrustNotifier.exe, version: 0.0.0.0, time stamp: 0x5b98afb3 Faulting module name: combase.dll, version: 10.0.19041.1348, time stamp: 0xf1a7c19a Exception code: 0xc0000005 Fault offset: 0x0009fb90 Faulting process id: 0x285c Faulting application start time: 0x01d82028aa635d48 Faulting application path: C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\FullTrustNotifier.exe Faulting module path: C:\WINDOWS\System32\combase.dll Report Id: eecbea8c-1b63-4217-b718-1c368b6351ec Faulting package full name: Faulting package-relative application ID: Error: (02/12/2022 10:02:50 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: FullTrustNotifier.exe, version: 0.0.0.0, time stamp: 0x5b98afb3 Faulting module name: AppContracts.dll_unloaded, version: 10.0.19041.1466, time stamp: 0xe4387452 Exception code: 0xc00001a5 Fault offset: 0x00064709 Faulting process id: 0x285c Faulting application start time: 0x01d82028aa635d48 Faulting application path: C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\FullTrustNotifier.exe Faulting module path: AppContracts.dll Report Id: dd868db2-5f01-43f9-9151-6f7684f0e56b Faulting package full name: Faulting package-relative application ID: Error: (02/12/2022 09:59:15 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: Meridian30) Description: Windows cannot load the extensible counter DLL "C:\WINDOWS\system32\sysmain.dll" (Win32 error code 126). Error: (02/12/2022 09:59:13 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: Meridian30) Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code. Error: (02/12/2022 09:58:54 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1018) (User: Meridian30) Description: Disabled performance counter data collection for this session from the "ASP.NET_64_2.0.50727" service because the performance counter library for that service has generated one or more errors. The errors that forced this action have been written to the application event log. Error: (02/12/2022 09:58:54 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1022) (User: Meridian30) Description: Windows cannot open the 64-bit extensible counter DLL C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\aspnet_perf.dll in a 32-bit environment (Win32 error code 193). Contact the file vendor to obtain a 32-bit version. Alternatively if you are running a 64-bit native environment, you can open the 64-bit extensible counter DLL by using the 64-bit version of Performance Monitor. To use this tool, open the Windows folder, open the System32 folder, and then start Perfmon.exe. Error: (02/12/2022 09:50:40 AM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: The Windows Search Service is being stopped because there is a problem with the indexer: Recovery phase failed. Context: Application, SystemIndex Catalog Details: The gatherer is shutting down. (HRESULT : 0x80040d23) (0x80040d23) Error: (02/12/2022 09:50:40 AM) (Source: Windows Search Service) (EventID: 3602) (User: ) Description: Error ID 1 happened in Windows Search recovery stage, please restart the service. If this error persists, please recreate the index. Context: Application, SystemIndex Catalog Details: The gatherer is shutting down. (HRESULT : 0x80040d23) (0x80040d23) System errors: ============= Error: (02/12/2022 10:36:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Client License Service (ClipSVC) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (02/12/2022 10:36:39 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Client License Service (ClipSVC) service to connect. Error: (02/12/2022 10:23:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Client License Service (ClipSVC) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (02/12/2022 10:23:21 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Client License Service (ClipSVC) service to connect. Error: (02/12/2022 10:22:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Windows Camera Frame Server service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (02/12/2022 10:22:51 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Camera Frame Server service to connect. Error: (02/12/2022 10:22:03 AM) (Source: DCOM) (EventID: 10010) (User: Meridian30) Description: The server {94269C4E-071A-4116-90E6-52E557067E4E} did not register with DCOM within the required timeout. Error: (02/12/2022 10:20:38 AM) (Source: DCOM) (EventID: 10010) (User: Meridian30) Description: The server Microsoft.XboxGamingOverlay_5.721.12013.0_x64__8wekyb3d8bbwe!App.AppXpa8c6rgd3yzmnwb7kznbz0y2c2tmedk3.mca did not register with DCOM within the required timeout. Windows Defender: ================ Date: 2022-02-12 11:46:01 Description: Microsoft Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=PUADlManager:Win32/OpenDownloadManager&threatid=312003&enterprise=0 Name: PUADlManager:Win32/OpenDownloadManager Severity: Low Category: Potentially Unwanted Software Path: file:_C:\Users\Drew Owens\Downloads\Installer.exe Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection Process Name: C:\Users\Drew Owens\Downloads\FRST64.exe Security intelligence Version: AV: 1.359.84.0, AS: 1.359.84.0, NIS: 1.359.84.0 Engine Version: AM: 1.1.18900.3, NIS: 1.1.18900.3 Date: 2022-02-12 11:42:48 Description: Microsoft Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=PUABundler:Win32/FusionCore&threatid=311944&enterprise=0 Name: PUABundler:Win32/FusionCore Severity: Low Category: Potentially Unwanted Software Path: file:_C:\Users\Drew Owens\Downloads\AirDroid_Desktop_Client_3.4.1.0 (1).exe; file:_C:\Users\Drew Owens\Downloads\AirDroid_Desktop_Client_3.4.1.0.exe; file:_C:\Users\Drew Owens\Downloads\AirDroid_Desktop_Client_3.5.2.0.exe Detection Origin: Local machine Detection Type: FastPath Detection Source: Real-Time Protection Process Name: C:\Users\Drew Owens\Downloads\FRST64.exe Security intelligence Version: AV: 1.359.84.0, AS: 1.359.84.0, NIS: 1.359.84.0 Engine Version: AM: 1.1.18900.3, NIS: 1.1.18900.3 Date: 2022-02-12 11:42:38 Description: Microsoft Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=PUABundler:Win32/FusionCore&threatid=311944&enterprise=0 Name: PUABundler:Win32/FusionCore Severity: Low Category: Potentially Unwanted Software Path: file:_C:\Users\Drew Owens\Downloads\AirDroid_Desktop_Client_3.4.1.0 (1).exe; file:_C:\Users\Drew Owens\Downloads\AirDroid_Desktop_Client_3.4.1.0.exe Detection Origin: Local machine Detection Type: FastPath Detection Source: Real-Time Protection Process Name: C:\Users\Drew Owens\Downloads\FRST64.exe Security intelligence Version: AV: 1.359.84.0, AS: 1.359.84.0, NIS: 1.359.84.0 Engine Version: AM: 1.1.18900.3, NIS: 1.1.18900.3 Date: 2022-02-12 11:42:36 Description: Microsoft Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=PUABundler:Win32/FusionCore&threatid=311944&enterprise=0 Name: PUABundler:Win32/FusionCore Severity: Low Category: Potentially Unwanted Software Path: file:_C:\Users\Drew Owens\Downloads\AirDroid_Desktop_Client_3.4.1.0 (1).exe Detection Origin: Local machine Detection Type: FastPath Detection Source: Real-Time Protection Process Name: C:\Users\Drew Owens\Downloads\FRST64.exe Security intelligence Version: AV: 1.359.84.0, AS: 1.359.84.0, NIS: 1.359.84.0 Engine Version: AM: 1.1.18900.3, NIS: 1.1.18900.3 Date: 2022-02-12 11:42:22 Description: Microsoft Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/Presenoker&threatid=242420&enterprise=0 Name: PUA:Win32/Presenoker Severity: Low Category: Potentially Unwanted Software Path: file:_C:\Users\Drew Owens\Downloads\adobe_flash_setup_0437530251.exe Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection Process Name: C:\Users\Drew Owens\Downloads\FRST64.exe Security intelligence Version: AV: 1.359.84.0, AS: 1.359.84.0, NIS: 1.359.84.0 Engine Version: AM: 1.1.18900.3, NIS: 1.1.18900.3 Event[0]: Date: 2021-12-30 06:03:12 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.355.939.0 Update Source: Microsoft Malware Protection Center Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.18800.4 Error code: 0x80070102 Error description: The wait operation timed out. Date: 2021-12-17 12:16:46 Description: Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions. Date: 2021-12-17 12:15:51 Description: Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions. Date: 2021-12-17 12:12:11 Description: Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions. Date: 2021-12-17 05:05:05 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.355.400.0 Update Source: Microsoft Update Server Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.18800.4 Error code: 0x80240009 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. CodeIntegrity: =============== Date: 2022-01-08 07:18:03 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\mctux.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== BIOS: Insyde F.26 01/19/2015 Motherboard: Hewlett-Packard 22D6 Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz Percentage of memory in use: 59% Total physical RAM: 8122.15 MB Available physical RAM: 3320.91 MB Total Virtual: 8522.15 MB Available Virtual: 2777.09 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:905.83 GB) (Free:88.34 GB) NTFS Drive d: (RECOVERY) (Fixed) (Total:23.74 GB) (Free:2.37 GB) NTFS ==>[system with boot components (obtained from drive)] Drive e: (boot) (Removable) (Total:0.25 GB) (Free:0.19 GB) FAT Drive f: () (Removable) (Total:0 GB) (Free:0 GB) \\?\Volume{bd705f74-f115-49a8-a746-0b1bb4a71bb4}\ (WINRE) (Fixed) (Total:0.63 GB) (Free:0.37 GB) NTFS \\?\Volume{594e0c17-5dc4-43b7-b337-851421e96b6f}\ () (Fixed) (Total:0.93 GB) (Free:0.31 GB) NTFS \\?\Volume{dafee0aa-16e9-4cc9-8eb4-0e67bf7fccc8}\ () (Fixed) (Total:0.25 GB) (Free:0.14 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 6DA8418D) Partition: GPT. ========================================================== Disk: 1 (Size: 58.9 GB) (Disk ID: 7A0C8BB0) Partition 1: (Not Active) - (Size=255 MB) - (Type=0C) Partition 2: (Not Active) - (Size=12 GB) - (Type=83) ==================== End of Addition.txt =======================