Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2023
Ran by PXP (30-05-2023 16:16:43)
Running from C:\Users\PXP\Downloads
Microsoft Windows 10 Home Version 22H2 19045.2965 (X64) (2020-09-15 21:21:51)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3897773426-2423068259-2451873622-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3897773426-2423068259-2451873622-503 - Limited - Disabled)
Guest (S-1-5-21-3897773426-2423068259-2451873622-501 - Limited - Disabled)
PXP (S-1-5-21-3897773426-2423068259-2451873622-1001 - Administrator - Enabled) => C:\Users\PXP
WDAGUtilityAccount (S-1-5-21-3897773426-2423068259-2451873622-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Spybot - Search and Destroy (Enabled - Up to date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 23.001.20174 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
ANT Drivers Installer x64 (HKLM\...\{FFDE93F1-4C9B-41B5-973D-015467E0B59F}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Chrome Remote Desktop Host (HKLM-x32\...\{B05732E7-300F-4AAA-A883-77C27150595C}) (Version: 112.0.5615.26 - Google LLC)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink PhotoDirector (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.6.7006 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.6.7006 - CyberLink Corp.)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.2.5829 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.5.4601 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.5.4601 - CyberLink Corp.)
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Elevated Installer (HKLM-x32\...\{F5AC76EB-5DB5-4A6D-B673-6D75B84948AC}) (Version: 7.16.1.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
EPS Viewer (HKLM-x32\...\{32E05824-A0AC-4DFE-B965-5F52C28FBE9F}_is1) (Version: - IdeaMK)
Garmin Express (HKLM-x32\...\{4143C81A-0FC9-430B-A58E-C9BF7D4915FA}) (Version: 7.16.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{c4a623d3-1300-440d-8664-b0105eab60d5}) (Version: 7.16.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 113.0.5672.127 - Google LLC)
GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.)
HP Customer Experience Enhancements (HKLM-x32\...\{C9EF1AAF-B542-41C8-A537-1142DA5D4AEC}) (Version: 6.0.3.1 - Hewlett-Packard) Hidden
HP Documentation (HKLM\...\HP_Documentation) (Version: - HP)
HP Dropbox Plugin (HKLM-x32\...\{EF65265C-816D-4992-A8CC-C91CDEC9ED33}) (Version: 36.0.102.68541 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{858E7C53-B406-4798-B4CA-761420FF2B5F}) (Version: 43.0.0.0 - HP)
HP ENVY 5000 series Help (HKLM-x32\...\{B868134D-0D88-4973-BDD8-07E2522C9102}) (Version: 44.0.0 - HP)
HP FTP Plugin (HKLM-x32\...\{07DA4F28-63FA-43F7-A554-B159E9A7E649}) (Version: 43.0.0.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{CF634681-E024-430C-AFF2-B9EE43A7E452}) (Version: 36.0.102.68541 - HP)
HP OneDrive Plugin (HKLM-x32\...\{1E191DFB-7B91-4B11-AB95-884D59ECE599}) (Version: 36.0.0.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Recovery Manager (HKLM-x32\...\{64BAA990-F1FC-4145-A7B1-E41FBBC9DA47}) (Version: 1.2.1510 - Hewlett-Packard) Hidden
HP SharePoint Plugin (HKLM-x32\...\{1ED7BE66-39E7-4A65-8EEF-68CE80F3416C}) (Version: 43.0.0.0 - HP)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.1.40.3 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{8B4EE87E-6D40-4C91-B5E8-0DC77DC412F1}) (Version: 1.4.1 - Hewlett-Packard Company)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP Welcome (HKLM\...\HPWelcome) (Version: 1.0 - HP Inc.)
HP Wireless Button Driver (HKLM-x32\...\{DD21DBC9-2A74-44DA-A543-B1F4AF3ABFCA}) (Version: 1.1.8.1 - HP)
inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)
Intel® Chipset Device Software (HKLM\...\{B685D0AD-42A8-4A39-9BFE-8C063FA9AF29}) (Version: 10.1.1.8 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel® Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4358 - Intel Corporation)
Intel® Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Intel® Trusted Execution Engine Driver (HKLM\...\{893A5D27-2E60-426C-89BA-EA2020545BFA}) (Version: 1.0.0.1064 - Intel Corporation) Hidden
Logitech Camera Settings (HKLM-x32\...\LogiUCDPP) (Version: 2.12.20.0 - Logitech Europe S.A.)
Malwarebytes version 4.5.29.268 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.29.268 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 113.0.1774.57 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 113.0.1774.57 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}) (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2010 (HKLM-x32\...\{90140000-0015-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (HKLM-x32\...\{90140000-0117-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (HKLM-x32\...\{90140000-0016-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (HKLM\...\{90140000-002A-0000-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (HKLM-x32\...\{90140000-00A1-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (HKLM-x32\...\{90140000-002C-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (HKLM-x32\...\{90140000-0019-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (HKLM\...\{90140000-002A-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (HKLM\...\{90140000-0116-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (HKLM-x32\...\{90140000-006E-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (HKLM-x32\...\{90140000-0115-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (HKLM-x32\...\{90140000-001B-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-3897773426-2423068259-2451873622-1001\...\OneDriveSetup.exe) (Version: 23.096.0507.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.23.27820 (HKLM-x32\...\{86BE78D9-65A1-4E69-86F8-C1F5281F8553}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.23.27820 (HKLM-x32\...\{00AC3934-26B4-406E-807C-1692AC7329EC}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Product Improvement Study for HP ENVY 5000 series (HKLM\...\{C5AA15B5-3E7E-43A2-BFDB-09F592DDFF08}) (Version: 44.4.2678.1977 - HP Inc.)
QuickBooks (HKLM-x32\...\{9A2F0810-369F-4E86-9072-973FBE1679C5}) (Version: 19.0.4015.705 - Intuit Inc.) Hidden
QuickBooks Pro 2009 (HKLM-x32\...\{9A2F0810-3622-4E86-9072-973FBE1679C5}) (Version: 19.0.4015.705 - Intuit Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.151 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7730 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.59 - REALTEK Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{ECC1D579-DC17-4B90-929C-B4A0BB35F7B3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{8C5A05B6-FF56-480F-A0E6-9F4BCA4B4CAC}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{E4D76E88-C65F-4003-9C71-EC4306679D17}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{03AE1408-7BF1-4AC6-A327-E32E7799BCE4}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{945F1D43-451D-4383-9BBE-241F37950B15}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{8DD50F3B-E0BD-4E39-AF1F-2F316B4FC528}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{8DD50F3B-E0BD-4E39-AF1F-2F316B4FC528}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{03AE1408-7BF1-4AC6-A327-E32E7799BCE4}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.9.82.0 - Safer-Networking Ltd.)
SpywareBlaster 6.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 6.0.0 - BrightFort LLC)
SupportSoft Assisted Service (HKLM-x32\...\{5A3F6A80-7913-475E-8B96-477A952CFA43}) (Version: 15 - SupportSoft)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.5.10.75 - Synaptics Incorporated)
UltraViewer version 6.2.97 (HKLM-x32\...\{E0FABD74-083B-47F4-AC5B-CA4237BF8913}_is1) (Version: 6.2.97 - DucFabulous)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-3897773426-2423068259-2451873622-1001\...\ZoomUMX) (Version: 5.12.2 (9281) - Zoom Video Communications, Inc.)
Packages:
=========
es for Charlie. -> C:\Program Files\WindowsApps\mail.aol.com-3B4E10F_1.0.0.1_neutral__vgzdxyyccrb56 [2022-11-20] (mail.aol.com)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_145.3.1086.0_x64__v10z8vjag6ke6 [2023-05-19] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-12-01] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-12-01] (Microsoft Corporation)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.4.14.0_x64__kx24dqmazqk8j [2022-10-18] (Random Salad Games LLC)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-18] (Microsoft Studios) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3897773426-2423068259-2451873622-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel® pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3897773426-2423068259-2451873622-1001_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2021-12-21] (Safer-Networking Limited -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2021-12-21] (Safer-Networking Limited -> Safer-Networking Ltd.)
ContextMenuHandlers2: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2021-12-21] (Safer-Networking Limited -> Safer-Networking Ltd.)
ContextMenuHandlers2: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2021-12-21] (Safer-Networking Limited -> Safer-Networking Ltd.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-03] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2021-12-21] (Safer-Networking Limited -> Safer-Networking Ltd.)
ContextMenuHandlers3: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2021-12-21] (Safer-Networking Limited -> Safer-Networking Ltd.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-03] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2021-12-21] (Safer-Networking Limited -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2021-12-21] (Safer-Networking Limited -> Safer-Networking Ltd.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\PXP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Priceline.com.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://www.priceline.com/?refid=PLHBC6240OPQ&refclickid=square
==================== Loaded Modules (Whitelisted) =============
2020-11-27 04:38 - 2020-11-27 04:38 - 000961536 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.Core.dll
2020-11-27 04:38 - 2020-11-27 04:38 - 001446400 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\CefSharp.Core.dll
2023-02-01 14:43 - 2023-02-01 14:43 - 000073216 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\FixBootSector.dll
2017-05-08 10:35 - 2017-05-08 10:35 - 000325632 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\GpsImgWrapper.dll
2020-11-18 10:14 - 2020-11-18 10:14 - 117340672 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libcef.dll
2020-11-18 08:40 - 2020-11-18 08:40 - 000323072 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libegl.dll
2020-11-18 08:40 - 2020-11-18 08:40 - 005441536 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libglesv2.dll
2005-07-19 22:18 - 2005-07-19 22:18 - 000059904 _____ () [File not signed] C:\Program Files (x86)\Intuit\QuickBooks 2009\zlib1.dll
2023-02-01 14:43 - 2023-02-01 14:43 - 001976832 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Garmin\Express\XercesLib.dll
2023-02-01 14:48 - 2023-02-01 14:48 - 000234496 _____ (Dynastream Innovations Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\ANT_WrappedLib.dll
2023-02-01 14:43 - 2023-02-01 14:43 - 002711552 _____ (Garmin International) [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\legacyio.dll
2017-05-08 10:35 - 2017-05-08 10:35 - 000343552 _____ (Garmin International, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\IMG_GPSMAP.dll
2023-02-01 14:43 - 2023-02-01 14:43 - 000425472 _____ (Garmin) [File not signed] C:\Program Files (x86)\Garmin\Express\XMLdll.dll
2013-03-19 15:30 - 2013-03-19 15:30 - 000032768 _____ (Intuit) [File not signed] [File is in use] C:\Program Files (x86)\Common Files\Intuit\QuickBooks\CFScan.dll
2008-06-13 09:00 - 2008-06-13 09:00 - 000670720 _____ (Intuit, Inc.) [File not signed] C:\Program Files (x86)\Common Files\Intuit\Entitlement Client\v5\Client\EntitlementClientBootstrap.dll
2011-09-13 01:06 - 2011-09-13 01:06 - 003214056 _____ (Microsoft Corporation (Internal Use Only) -> Microsoft Corporation) [File not signed] C:\Program Files (x86)\Microsoft Office\OFFICE14\PROOF\1033\MSGR3EN.DLL
2006-01-18 15:06 - 2006-01-18 15:06 - 001017856 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\dbghelp.dll
2006-01-18 15:06 - 2006-01-18 15:06 - 001017856 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Intuit\QuickBooks 2009\dbghelp.dll
2020-09-15 16:47 - 2020-09-15 16:47 - 000097280 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
2020-09-15 16:47 - 2020-09-15 16:47 - 001101824 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL
2020-09-15 16:47 - 2020-09-15 16:47 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL
2023-02-01 14:46 - 2023-02-01 14:46 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\DSI_SiUSBXp_3_1.DLL
2020-02-25 13:07 - 2021-06-19 01:55 - 001079909 _____ (SQLite Development Team) [File not signed] C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2020-11-18 08:39 - 2020-11-18 08:39 - 000843264 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\chrome_elf.dll
2022-10-04 10:44 - 2018-11-22 16:48 - 001374208 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Spybot - Search & Destroy 2\libeay32.dll
2022-10-04 10:44 - 2018-11-22 16:48 - 000337920 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Spybot - Search & Destroy 2\ssleay32.dll
2013-03-19 15:30 - 2013-03-19 15:30 - 000155648 _____ (Wintertree Software Inc.) [File not signed] C:\Program Files (x86)\Intuit\QuickBooks 2009\SSCE5232.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:5C321E34 [136]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\S-1-5-21-3897773426-2423068259-2451873622-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\S-1-5-21-3897773426-2423068259-2451873622-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
SearchScopes: HKLM-x32 -> {E1EFBE4B-1767-4E6F-878E-E7CE5838599F} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3897773426-2423068259-2451873622-1001 -> {E1EFBE4B-1767-4E6F-878E-E7CE5838599F} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-05-06] (Hewlett-Packard Company -> Hewlett-Packard)
Handler-x32: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll [2013-03-19] (Intuit, Inc. -> Intuit, Inc.)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\SysWOW64\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7942 more sites.
IE restricted site: HKU\S-1-5-21-3897773426-2423068259-2451873622-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3897773426-2423068259-2451873622-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3897773426-2423068259-2451873622-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3897773426-2423068259-2451873622-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3897773426-2423068259-2451873622-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3897773426-2423068259-2451873622-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3897773426-2423068259-2451873622-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3897773426-2423068259-2451873622-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3897773426-2423068259-2451873622-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3897773426-2423068259-2451873622-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-3897773426-2423068259-2451873622-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-3897773426-2423068259-2451873622-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3897773426-2423068259-2451873622-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-3897773426-2423068259-2451873622-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3897773426-2423068259-2451873622-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3897773426-2423068259-2451873622-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3897773426-2423068259-2451873622-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3897773426-2423068259-2451873622-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3897773426-2423068259-2451873622-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3897773426-2423068259-2451873622-1001\...\1-2005-search.com -> www.1-2005-search.com
There are 12764 more sites.
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 03:24 - 2023-05-19 16:01 - 000455008 ____N C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
There are 15618 more lines.
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3897773426-2423068259-2451873622-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
BITS: {4E2F05C0-174B-4EFB-8B77-E3802565B03A} - (HPCeeConnect) -> [NotifyCmdLine: C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe "C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe" HPCeeConnect (null)] [files:
http://ceement.rssx....entWA/index.jsp-> C:\Users\PXP\hpTemp.txt]
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{DA9A8033-3F57-49B1-8552-4A84314E1CC5}] => (Allow) C:\Users\PXP\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{27B7C949-5360-42E0-8F81-141AB8EFFE7E}] => (Allow) C:\Users\PXP\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{30110544-E7A3-49CC-8365-4280756399B8}] => (Allow) C:\Users\PXP\AppData\Local\Temp\7zS22D4\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{ABA85504-F99C-4EC6-A7B5-973179666372}] => (Allow) C:\Users\PXP\AppData\Local\Temp\7zS22D4\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [TCP Query User{B3B1CD88-B18D-4BC8-BC5C-FFA30057F28B}C:\program files\hp\hp envy 5000 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp envy 5000 series\bin\hpnetworkcommunicatorcom.exe => No File
FirewallRules: [UDP Query User{AC6F24B0-B241-41F3-9BB8-CFC314124CFE}C:\program files\hp\hp envy 5000 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp envy 5000 series\bin\hpnetworkcommunicatorcom.exe => No File
FirewallRules: [TCP Query User{ED77A2E6-14DA-4F72-940E-A15B1AE586BA}C:\program files\hp\hp envy 5000 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp envy 5000 series\bin\hpnetworkcommunicatorcom.exe => No File
FirewallRules: [UDP Query User{B28F5406-C592-4E0F-9A27-BE84ED57ADC9}C:\program files\hp\hp envy 5000 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp envy 5000 series\bin\hpnetworkcommunicatorcom.exe => No File
FirewallRules: [{A5C1D2F5-BE7D-4D80-9E83-F35DCDF51015}] => (Allow) C:\Program Files\CyberLink\PowerDirector12\PDR10.EXE => No File
FirewallRules: [{1FF1ADFB-9EBC-4E49-A900-A17498F6AF15}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{2B6AD786-794E-4C94-839C-AA7B87320EA0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{DE390FED-75F1-4D6F-89A0-1B5D0DF16114}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{AEEBE373-1331-447A-B6EB-2D7F559B79FE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{20901E06-A5C2-4713-8138-E2909346070C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{8E2F3645-3BB7-4D40-9144-8962BF8AD647}] => (Allow) C:\Users\PXP\AppData\Roaming\Zoom\bin_00\Zoom.exe => No File
FirewallRules: [{789CD1C5-4E4A-44AF-ADC5-A4F60C21322E}] => (Allow) C:\Users\PXP\AppData\Roaming\Zoom\bin_00\airhost.exe => No File
FirewallRules: [{7129E43E-EB79-4028-A739-72F31EA523EE}] => (Allow) C:\Users\PXP\AppData\Roaming\Zoom\bin_00\airhost.exe => No File
FirewallRules: [{030AC689-F582-4C58-83F3-30F0590B0BFF}] => (Allow) C:\Users\PXP\AppData\Local\Temp\7zS4216\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{844D2385-7CBB-4696-9505-2DE4AC1AEBE0}] => (Allow) C:\Users\PXP\AppData\Local\Temp\7zS4216\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{B71A1EB2-F0BE-4499-B713-90BCECF10269}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8C182866-31D9-498D-BD7C-1BB8461ADC9E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3206.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{23CDEF60-3BB0-476F-AC63-9CB2368675C7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3206.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B33DF872-BDAC-45ED-BA99-17DFFDDF5E47}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3206.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DDF6D67C-447D-433B-A61A-C9F822B991DF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3206.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{226385DB-2B24-4C00-B716-7FA595FD28E2}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\112.0.5615.26\remoting_host.exe (Google LLC -> Google LLC)
FirewallRules: [{9E9ECB95-771E-4FEB-BBA1-582533175C9C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\113.0.1774.57\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
18-05-2023 21:04:29 Scheduled Checkpoint
27-05-2023 17:52:08 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (05/30/2023 03:11:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchApp.exe, version: 10.0.19041.2913, time stamp: 0xb8ff82ca
Faulting module name: KERNELBASE.dll, version: 10.0.19041.2913, time stamp: 0xa1c3e870
Exception code: 0xc0000409
Fault offset: 0x000000000012d862
Faulting process id: 0x525c
Faulting application start time: 0x01d9932a3b14d6a8
Faulting application path: C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 20eac824-d2de-4a2d-97bb-f0045ba5446b
Faulting package full name: Microsoft.Windows.Search_1.14.9.19041_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: CortanaUI
Error: (05/30/2023 03:09:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SearchApp.exe version 10.0.19041.2913 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 52c8
Start Time: 01d992e119ed025c
Termination Time: 4294967295
Application Path: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Report Id: fa0115c1-25e1-48b7-af1a-2d49f629f890
Faulting package full name: Microsoft.Windows.Search_1.14.9.19041_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: ShellFeedsUI
Hang type: Quiesce
Error: (05/30/2023 08:27:26 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2009":
Unable to find the section for this mentu item!!!
Error: (05/30/2023 08:27:04 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks":
Unable to find the section for this mentu item!!!
Error: (05/30/2023 08:26:52 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle
Error: (05/30/2023 08:26:52 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle
Error: (05/30/2023 08:26:52 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle
Error: (05/30/2023 08:26:51 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle
System errors:
=============
Error: (05/29/2023 08:46:38 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: Hewlett-Packard - USB - 2/10/2017 12:00:00 AM - 44.1.2402.1741.
Error: (05/28/2023 02:45:15 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: Hewlett-Packard - USB - 2/10/2017 12:00:00 AM - 44.1.2402.1741.
Error: (05/28/2023 08:57:40 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-AR9LTIS3)
Description: The server Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe!App.AppXsaksz8g893wmfxp53kxywv7nedj5wtfh.mca did not register with DCOM within the required timeout.
Error: (05/27/2023 08:43:53 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: Hewlett-Packard - USB - 2/10/2017 12:00:00 AM - 44.1.2402.1741.
Error: (05/27/2023 08:42:21 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-AR9LTIS3)
Description: The server {283EDD52-69B2-473D-BEB6-2C0B4C01FD73} did not register with DCOM within the required timeout.
Error: (05/26/2023 08:32:15 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.
Error: (05/25/2023 08:43:48 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: Hewlett-Packard - USB - 2/10/2017 12:00:00 AM - 44.1.2402.1741.
Error: (05/24/2023 02:38:48 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: Hewlett-Packard - USB - 2/10/2017 12:00:00 AM - 44.1.2402.1741.
Windows Defender:
================
Date: 2023-04-12 20:00:24
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-04-11 20:03:31
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-04-10 20:00:39
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-04-09 20:03:55
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-10-04 08:50:43
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:
Date: 2023-04-08 17:43:18
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.387.403.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.20200.4
Error code: 0x80070643
Error description: Fatal error during installation.
Date: 2023-04-08 17:35:03
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.375.1500.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19600.3
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2023-04-08 17:29:01
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.375.1500.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19600.3
Error code: 0x80240022
Error description: The program can't check for definition updates.
Date: 2023-04-08 17:29:01
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.375.1500.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19600.3
Error code: 0x80240022
Error description: The program can't check for definition updates.
CodeIntegrity:
===============
Date: 2023-05-13 17:47:12
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDLicense.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-04-23 10:01:12
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2023-04-08 20:01:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-04-08 17:47:45
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: Insyde F.29 07/25/2016
Motherboard: Hewlett-Packard 233F
Processor: Intel® Pentium® CPU N3540 @ 2.16GHz
Percentage of memory in use: 84%
Total physical RAM: 3985.95 MB
Available physical RAM: 603.17 MB
Total Virtual: 9172.89 MB
Available Virtual: 3625.45 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:446.49 GB) (Free:365.96 GB) (Model: ST500LT012-1DG142) NTFS
Drive d: (RECOVERY) (Fixed) (Total:18.08 GB) (Free:2.1 GB) (Model: ST500LT012-1DG142) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (Windows) (RAMDisk) (Total:446.49 GB) (Free:363.93 GB) (Model: ST500LT012-1DG142) NTFS
\\?\Volume{694da13b-bdc9-4b7f-93c0-9fec318eb270}\ () (Fixed) (Total:0.91 GB) (Free:0.36 GB) NTFS
\\?\Volume{2c07a654-9d5c-478e-8e28-49d71cdec0cd}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.18 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2D12D4F7)
Partition: GPT.
==================== End of Addition.txt =======================
Thx.
Edited by Athena28, 30 May 2023 - 02:43 PM.