Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

HP desktop - google.com is in Norwegian [Solved]

Started by wayneman50 , Jul 23 2023 08:36 AM
internet google virus foreign language

  • This topic is locked This topic is locked

#31
RKinner
Posted 06 August 2023 - 05:30 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Never tried to remove it before but I ran the free Revo uninstaller and it can't find it either so I ran a FRST scan.  It doesn't really install.  Instead there are the two shortcuts that point to a shortcut in C:\Users\YourUserName\AppData\Roaming\Microsoft\Windows\Start Menu\Programs which points to the actual file which hides in C:\Users\YourUserName\AppData\Local\.  These can easily be removed manually tho AppData is a Hidden folder so you have to open File Explorer and then click on View and check the Hidden Items box.  Also check File Name Extensions.  Then you should be able to see AppData and its contents.

 

There is one entry in the Registry:

[HKEY_USERS\S-1-5-21-3677261696-597079364-1570214432-1000\Software\Classes\WOW6432Node\CLSID\{23A5B06E-20BB-4E7E-A0AC-6982ED6A6041}\LocalServer32]
""="C:\Users\Ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk"
But we can ignore it.

 

If you told it you wanted it to periodically scan then there is probably a new Task involved.  Search for Task Scheduler and hit Enter then look in Task Scheduler Library.

 

If you still have FRST (or want to reinstall it)  I can write you a fixlist to remove it.


  • 0

Advertisements

#32
wayneman50
Posted 06 August 2023 - 05:55 PM

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 587 posts

I'll take you up on that fixlist. I will reinstall FRST.


  • 0

#33
RKinner
Posted 07 August 2023 - 03:39 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
 
Download the attached fixlist.txt to the same location as FRST
 
Attached File  fixlist.txt   452bytes   103 downloads
 
Run FRST and press Fix
A fix log will be generated please post that 
 
If you want to run a FRST scan afterward and post it so I can make sure we got it all you can but it's optional.
 
 
 

  • 0

#34
wayneman50
Posted 07 August 2023 - 06:34 AM

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 587 posts

Fix result of Farbar Recovery Scan Tool (x64) Version: 06-08-2023
Ran by WAYNE (07-08-2023 08:18:48) Run:1
Running from C:\Users\WAYNE\Desktop
Loaded Profiles: WAYNE
Boot Mode: Normal
==============================================

fixlist content:
*****************
C:\Users\WAYNE\Downloads\esetonlinescanner.exe
C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
C:\Users\WAYNE\Desktop\ESET Online Scanner.lnk
C:\Users\WAYNE\AppData\Local\ESET

*****************

C:\Users\WAYNE\Downloads\esetonlinescanner.exe => moved successfully
C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk => moved successfully
C:\Users\WAYNE\Desktop\ESET Online Scanner.lnk => moved successfully

"C:\Users\WAYNE\AppData\Local\ESET" folder move:

C:\Users\WAYNE\AppData\Local\ESET => moved successfully


The system needed a reboot.

==== End of Fixlog 08:18:52 ====


  • 0

#35
wayneman50
Posted 07 August 2023 - 07:14 AM

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 587 posts

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-08-2023
Ran by WAYNE (administrator) on WAYNE-HP (Hewlett-Packard p6650z) (07-08-2023 08:35:29)
Running from C:\Users\WAYNE\Desktop\FRST64.exe
Loaded Profiles: WAYNE
Platform: Microsoft Windows 10 Home Version 22H2 19045.3208 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files\hp\HP Enabling Services\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\hp\HP Enabling Services\BridgeCommunication.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(explorer.exe ->) (Canon INC.) [File not signed] C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\excel.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\WAYNE\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <16>
(Panda Security S.L -> Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(services.exe ->) (American Power Conversion -> Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe
(services.exe ->) (American Power Conversion -> Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Carbonite -> Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Common Files\Foxit\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe
(services.exe ->) (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\hp\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\hp\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\hp\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\hp\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (Intuit, Inc. -> Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(services.exe ->) (Intuit, Inc. -> Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\NisSrv.exe
(services.exe ->) (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(services.exe ->) (PDF Complete -> PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(services.exe ->) (Shenzhen Moyea Software -> ) C:\Program Files (x86)\Common Files\Appkeys\yytool64.exe
(services.exe ->) (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [366944 2023-05-12] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Display] => C:\Program Files (x86)\APC\PowerChute Personal Edition\DataCollectionLauncher.exe [284024 2012-01-24] (American Power Conversion -> Schneider Electric)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11327200 2023-07-29] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1509049480\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc. -> AOL Inc.)
HKLM-x32\...\Run: [WDDiscovery] => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe [56894944 2017-12-10] (Western Digital Technologies, Inc. -> Western Digital Corporation)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2309008 2017-09-19] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [21888 2017-10-04] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [Carbonite Backup] => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1278056 2019-04-30] (Carbonite -> Carbonite, Inc.)
HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\Run: [AOL Fast Start] => C:\Program Files (x86)\AOL Desktop 9.8.2\AOL.EXE [80816 2016-09-22] (AOL Inc. -> AOL Inc.)
HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [41572768 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\Run: [BingSvc] => C:\Users\WAYNE\AppData\Local\Microsoft\BingSvc\BingSvc.exe [6638496 2022-09-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3431438650-1370896122-3677072999-1001\...\Run: [HPAdvisorDock] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1715768 2010-09-28] (Hewlett-Packard Company -> Hewlett-Packard)
HKU\S-1-5-21-3431438650-1370896122-3677072999-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Software Inc. -> Acresso Corporation)
HKLM\...\Print\Monitors\PDFC: C:\WINDOWS\system32\pdfc_port.dll [19464 2009-10-14] (PDF Complete -> PDF Complete, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\115.0.5790.171\Installer\chrmstp.exe [2023-08-04] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\APC UPS Status.lnk [2015-07-17]
ShortcutTarget: APC UPS Status.lnk -> C:\Program Files (x86)\APC\PowerChute Personal Edition\Display.exe (American Power Conversion -> Schneider Electric)
Startup: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2020-02-11]
ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.) [File not signed]

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {885633FA-5515-4091-85B0-3582CAC2B7B7} - System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} => C:\Windows\system32\WindowsPowerShell\v1.0\Powershell.exe [492032 2023-05-10] (Microsoft Windows -> Microsoft Corporation) -> -noexit -command "&{$carbProgramDataPath = $env:ProgramData + '\Carbonite\Carbonite Backup\';$upgradeExe = 'CarboniteUpgrade.exe';$upgradeFullPath = $carbProgramDataPath + $upgradeExe;$logFile = 'CarboniteUpgrade.log';$logFileFullPath = $carbProgramDataPath + $logFile;$psversion = [string]$psversio (the data entry has 1818 more characters).
Task: {737D388B-8F48-4B1B-87DB-2CC1255EA968} - System32\Tasks\{B75BA780-F5C2-489E-96D9-B441EA0F8F48} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1278056 2019-04-30] (Carbonite -> Carbonite, Inc.)
Task: {BB7E4936-8FFC-4A58-8994-E027535C3860} - System32\Tasks\{DFF6108C-8171-4724-9F72-B13C97BB0FE3} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1278056 2019-04-30] (Carbonite -> Carbonite, Inc.)
Task: {84FB6ABC-782F-4FA4-9968-2D17E33E3219} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {F44738FF-188F-43E5-8E6D-602E90C466B5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.)
Task: {9D9D4688-CC77-4284-AF37-04B616D1AEBE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {FC19DAD4-7922-4F11-9EBF-911F9DF623A7} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "b2a4b4a6-d8d4-4ab2-9965-8bc29e3b98d6" --version "6.14.10584" --silent
Task: {23315258-CBA8-4F98-BE6A-4261A9A2A147} - System32\Tasks\CCleanerSkipUAC - WAYNE => C:\Program Files\CCleaner\CCleaner.exe [34677664 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {658EC56B-2247-42EC-8B95-875579BDE074} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\Explorer.exe [5308592 2023-07-12] (Microsoft Windows -> Microsoft Corporation)
Task: {6724A5B4-790C-4CA0-B06A-65E303E20F9F} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {37B96978-7AAA-4A05-92FB-12AF041C1DA7} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {580EA44D-F35E-413E-A5AF-EE8A6063F804} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\WAYNE\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe  LOGON (No File)
Task: {E0E39677-038A-4934-AEAC-098207D46FA0} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\WAYNE\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe  SCHED (No File)
Task: {A2C5A2DE-B8C0-464C-B169-1EF68DD1DF9F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-07-10] (Google Inc -> Google Inc.)
Task: {9798FFA0-B30B-4F54-9F4F-DAE78CAB645C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-07-10] (Google Inc -> Google Inc.)
Task: {5D79C65C-A7C9-425D-B846-592825B695A7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2023-07-25] (HP Inc. -> HP Inc.)
Task: {1008F9E1-78FF-4A9A-82D6-0B5D4671EE89} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1145896 2023-07-25] (HP Inc. -> HP Inc.)
Task: {20565427-44A4-42BE-8459-96D9B2655C1E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1145896 2023-07-25] (HP Inc. -> HP Inc.)
Task: {EA91F3AD-EE61-4640-BBD7-C82099724F1B} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [973744 2022-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {68D40841-5A4E-48FF-97BF-79F8B18D41C1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [973744 2022-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {9CE3460C-8B64-4C4F-935F-0F02CA50E382} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [286088 2020-06-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {7AF4D205-4E5A-42A4-A25B-963E01964542} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [286088 2020-06-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {9F6DD27E-A2B6-4D33-A180-A05AF380ECD3} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {2518204F-8B11-4D57-A082-3E9D449CE1D7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-07-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {74AFD183-1726-43DF-9D45-B797C7F9BF82} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-07-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {155C933D-0006-4A3B-A553-15C3EC058BDD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-07-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CEA7FF31-8C0F-48E9-AC02-6E2E5C24B2F3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MpCmdRun.exe [1649976 2023-07-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2D4C0A3F-ABE8-4A7B-B99C-837E96FC154F} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [677280 2023-05-10] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {F30A6A15-C532-40C8-9B0E-9AF7A625CDDE} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [733088 2023-08-03] (Mozilla Corporation -> Mozilla Foundation)
Task: {756F341A-584A-4B34-9775-43188706D942} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [718752 2023-05-10] (Mozilla Corporation -> Mozilla Foundation)
Task: {9995EF72-A48A-4938-A1FE-F1A0E656C81A} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe [116480 2009-09-23] (Panda Security S.L -> ) -> "C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe" /resident /agreelicense

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5e6a6013-3e02-4f95-8d28-f803ea3d142d}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{f07011c9-a074-4415-a7c9-4344a2cbebd4}: [NameServer] 8.8.8.8,4.2.2.1
Tcpip\..\Interfaces\{f07011c9-a074-4415-a7c9-4344a2cbebd4}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\WAYNE\AppData\Local\Microsoft\Edge\User Data\Default [2023-08-06]
Edge Extension: (Google Docs Offline) - C:\Users\WAYNE\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-19]
Edge Extension: (Edge relevant text changes) - C:\Users\WAYNE\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-07-25]

FireFox:
========
FF DefaultProfile: utl96ugn.default-1464816063778-1546823453901
FF ProfilePath: C:\Users\WAYNE\AppData\Roaming\TomTom\HOME\Profiles\2td2jy9v.default [2016-08-07]
FF ProfilePath: C:\Users\WAYNE\AppData\Roaming\Mozilla\Firefox\Profiles\utl96ugn.default-1464816063778-1546823453901 [2023-08-07]
FF NetworkProxy: Mozilla\Firefox\Profiles\utl96ugn.default-1464816063778-1546823453901 -> type", 0
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\WAYNE\AppData\Roaming\Mozilla\Firefox\Profiles\utl96ugn.default-1464816063778-1546823453901\Extensions\[email protected] [2023-07-18]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-07-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-07-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @viewpoint.com/VMP -> C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll [No File]
FF Plugin HKU\S-1-5-21-3431438650-1370896122-3677072999-1000: @citrixonline.com/appdetectorplugin -> C:\Users\WAYNE\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-07-27] (Citrix Online -> Citrix Online)
FF Plugin HKU\S-1-5-21-3431438650-1370896122-3677072999-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101710.dll [2012-08-06] (Amazon.com, Inc.) [File not signed]

Chrome:
=======
CHR Profile: C:\Users\WAYNE\AppData\Local\Google\Chrome\User Data\Default [2023-08-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\WAYNE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-23]
CHR HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R2 APC Data Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe [21880 2012-01-24] (American Power Conversion -> Schneider Electric)
R2 APC UPS Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe [705912 2012-01-24] (American Power Conversion -> Schneider Electric)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [103264 2023-03-01] (Apple Inc. -> Apple Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3054520 2022-04-28] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2023-07-29] (Dropbox, Inc -> Dropbox, Inc.)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Common Files\Foxit\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe [2358800 2022-05-19] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [888208 2023-07-25] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [887192 2023-07-25] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [883088 2023-07-25] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [887696 2023-07-25] (HP Inc. -> HP Inc.)
R2 Leawo_service; C:\Program Files (x86)\Common Files\Appkeys\yytool64.exe [1114608 2016-01-22] (Shenzhen Moyea Software -> )
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-19] (Hewlett-Packard Company) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9278784 2023-08-02] (Malwarebytes Inc. -> Malwarebytes)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [635416 2009-10-14] (PDF Complete -> PDF Complete Inc)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
S3 WD Backup Drive Helper; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [19256 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [19256 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [355184 2017-09-19] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\NisSrv.exe [3244928 2023-07-24] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe [133576 2023-07-24] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-08-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-03-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [47632 2010-01-26] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
S3 rcmirror; C:\WINDOWS\System32\DRIVERS\rcmirror.sys [4608 2010-01-18] (Windows ® Win 7 DDK provider) [File not signed]
R3 wanatw; C:\WINDOWS\System32\drivers\wanatw64.sys [24064 2006-11-29] (Microsoft Windows Hardware Compatibility Publisher -> America Online, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2023-07-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [498944 2023-07-24] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99608 2023-07-24] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-08-07 08:35 - 2023-08-07 08:39 - 000030790 _____ C:\Users\WAYNE\Desktop\FRST.txt
2023-08-07 08:18 - 2023-08-07 08:18 - 000000958 _____ C:\Users\WAYNE\Desktop\Fixlog.txt
2023-08-07 08:09 - 2023-08-07 08:09 - 000000000 ____D C:\Users\WAYNE\Desktop\FRST-OlderVersion
2023-08-07 08:08 - 2023-08-07 08:38 - 000000000 ____D C:\FRST
2023-08-07 07:57 - 2023-08-07 08:09 - 002384896 _____ (Farbar) C:\Users\WAYNE\Desktop\FRST64.exe
2023-08-02 00:47 - 2023-08-02 00:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2023-08-01 10:13 - 2023-08-01 10:13 - 000214118 ____R C:\Users\WAYNE\Downloads\Invoice North Oaks-1.pdf
2023-08-01 10:12 - 2023-08-01 10:12 - 000214118 ____R C:\Users\WAYNE\Downloads\Invoice North Oaks.pdf
2023-07-29 17:20 - 2023-07-29 17:20 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2023-07-26 12:21 - 2023-07-26 12:21 - 003033615 ____R C:\Users\WAYNE\Downloads\BillImage-2.pdf
2023-07-25 14:07 - 2023-07-25 14:07 - 000003844 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2023-07-25 14:07 - 2023-07-25 14:07 - 000003402 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2023-07-20 09:32 - 2023-07-20 09:32 - 000001487 _____ C:\Users\Public\Desktop\Foxit PDF Reader.lnk
2023-07-20 09:32 - 2023-07-20 09:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PDF Reader
2023-07-19 13:52 - 2023-07-19 13:57 - 3337814016 _____ C:\Users\WAYNE\Downloads\Todd TV 3.iso
2023-07-19 11:51 - 2023-07-19 11:52 - 000353002 _____ C:\Users\WAYNE\Downloads\MyBill_07.15.2023.pdf
2023-07-19 08:07 - 2023-07-19 08:07 - 000000000 ____D C:\Users\WAYNE\Downloads\facebook-waynekern94
2023-07-19 07:54 - 2023-07-19 07:54 - 000188117 _____ C:\Users\WAYNE\Downloads\facebook-waynekern94.zip
2023-07-17 14:06 - 2023-07-17 14:06 - 000303278 ____R C:\Users\WAYNE\Downloads\Bykota 072123 Supplier Invoice for Senior Centers-1.pdf
2023-07-17 14:04 - 2023-07-17 14:04 - 000303278 ____R C:\Users\WAYNE\Downloads\Bykota 072123 Supplier Invoice for Senior Centers.pdf
2023-07-16 04:50 - 2023-07-16 04:50 - 000240967 ____R C:\Users\WAYNE\Downloads\paper-bill-3.pdf
2023-07-15 21:13 - 2023-07-15 21:13 - 000835474 ____R C:\Users\WAYNE\Downloads\TCM SCHEDULE 2023-08.pdf
2023-07-13 10:20 - 2023-07-13 10:20 - 000037610 ____R C:\Users\WAYNE\Downloads\BADGE L.mid
2023-07-13 10:18 - 2023-07-13 10:18 - 000350660 ____R C:\Users\WAYNE\Downloads\MedicareSummaryNotice_2023-06-30_PartB.pdf
2023-07-13 10:17 - 2023-07-13 10:17 - 000292648 ____R C:\Users\WAYNE\Downloads\MedicareSummaryNotice_2023-07-07_PartA-1.pdf
2023-07-13 10:16 - 2023-07-13 10:16 - 000292648 ____R C:\Users\WAYNE\Downloads\MedicareSummaryNotice_2023-07-07_PartA.pdf
2023-07-12 04:40 - 2023-07-12 04:40 - 000000000 ___HD C:\$WinREAgent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-08-07 08:32 - 2022-02-09 00:54 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-08-07 08:30 - 2011-04-08 20:09 - 000000000 ____D C:\Users\WAYNE\AppData\Roaming\Microsoft\Excel
2023-08-07 08:27 - 2022-09-07 23:13 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-08-07 08:25 - 2023-04-21 06:32 - 000000000 ____D C:\Users\WAYNE\AppData\Local\Malwarebytes
2023-08-07 08:25 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-08-07 08:25 - 2016-05-04 00:48 - 000000000 ____D C:\Program Files (x86)\Google
2023-08-07 08:20 - 2023-03-30 23:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-08-07 08:20 - 2021-02-22 09:11 - 000008192 ___SH C:\DumpStack.log.tmp
2023-08-07 08:19 - 2019-12-07 05:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-08-07 07:54 - 2023-03-30 23:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-08-07 07:10 - 2023-03-30 23:57 - 000004154 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{94C9F3FB-3962-4941-B144-1BF6B90ED3D0}
2023-08-06 05:11 - 2023-03-30 23:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2023-08-06 05:07 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-08-06 05:07 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-08-06 05:00 - 2014-09-17 20:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-08-05 04:37 - 2023-03-30 23:57 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3431438650-1370896122-3677072999-1000
2023-08-05 04:37 - 2023-03-30 23:57 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3431438650-1370896122-3677072999-1000
2023-08-05 04:37 - 2023-03-30 22:25 - 000002385 _____ C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-08-05 04:13 - 2023-06-10 05:16 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-08-05 04:13 - 2023-03-30 23:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-08-05 04:13 - 2015-08-15 23:34 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-08-05 04:13 - 2014-09-17 20:57 - 000000995 _____ C:\Users\Public\Desktop\Firefox.lnk
2023-08-04 04:15 - 2018-07-10 17:32 - 000002379 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-08-04 04:15 - 2018-07-10 17:32 - 000002338 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-08-03 07:52 - 2011-02-27 11:58 - 000000000 ____D C:\Users\WAYNE\AppData\Roaming\Microsoft\Word
2023-08-03 07:24 - 2023-03-26 15:41 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-08-03 07:24 - 2023-03-26 15:41 - 000002023 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-08-03 07:24 - 2018-05-01 09:34 - 000000000 ____D C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-08-03 07:24 - 2018-05-01 09:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-08-03 07:24 - 2018-05-01 09:33 - 000000000 ____D C:\Program Files\WinRAR
2023-08-02 00:48 - 2015-11-01 20:15 - 000000000 ___RD C:\Users\WAYNE\Dropbox
2023-08-02 00:48 - 2015-11-01 20:14 - 000000000 ____D C:\Users\WAYNE\AppData\Roaming\Dropbox
2023-08-02 00:48 - 2015-11-01 20:11 - 000000000 ____D C:\Users\WAYNE\AppData\Local\Dropbox
2023-08-02 00:47 - 2015-11-01 20:11 - 000000000 ____D C:\Program Files (x86)\Dropbox
2023-08-01 23:57 - 2023-03-30 23:56 - 000003714 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-08-01 23:57 - 2023-03-30 23:56 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-08-01 23:13 - 2010-12-28 18:00 - 000000000 ____D C:\Program Files\hp
2023-07-31 15:38 - 2012-03-13 09:38 - 000000000 ____D C:\Users\WAYNE\Documents\DOV
2023-07-28 17:00 - 2020-03-15 15:03 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-07-28 17:00 - 2020-03-15 15:03 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-07-27 14:46 - 2011-01-20 21:12 - 000918960 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2023-07-25 20:11 - 2011-02-27 11:58 - 000000000 ____D C:\Users\WAYNE\AppData\Roaming\Microsoft\Office
2023-07-25 18:16 - 2017-12-22 09:01 - 000000000 ____D C:\Users\WAYNE\AppData\Local\Packages
2023-07-24 16:56 - 2018-05-20 16:58 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-07-24 14:22 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-07-24 10:39 - 2011-01-20 11:30 - 000000000 ____D C:\Users\WAYNE\AppData\Local\CrashDumps
2023-07-22 21:31 - 2023-03-30 23:56 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-07-22 21:01 - 2022-10-11 10:01 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-07-22 08:37 - 2023-03-02 11:27 - 000000000 ____D C:\Users\WAYNE\AppData\LocalLow\IGDump
2023-07-21 09:04 - 2014-01-02 20:32 - 000000000 ____D C:\Program Files\VDownloader
2023-07-20 09:31 - 2013-07-02 08:02 - 000000000 ____D C:\Program Files (x86)\Foxit Software
2023-07-20 09:29 - 2023-03-30 23:56 - 000003476 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-07-20 09:29 - 2017-03-03 14:11 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2023-07-18 03:18 - 2014-07-03 08:08 - 000000000 ____D C:\Program Files\Microsoft Office 15
2023-07-13 01:06 - 2023-03-30 23:56 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-07-13 01:05 - 2023-04-27 12:10 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-07-13 01:05 - 2023-04-27 12:10 - 000002063 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-07-13 00:42 - 2023-03-30 23:40 - 000971958 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-07-13 00:42 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2023-07-13 00:39 - 2023-03-30 23:18 - 000498192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-07-13 00:33 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-07-13 00:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-07-13 00:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-07-13 00:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-07-13 00:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-07-13 00:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-07-13 00:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-07-12 05:33 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-07-12 05:21 - 2023-03-30 23:25 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-07-12 04:36 - 2013-07-11 07:20 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-07-12 04:25 - 2011-01-20 11:47 - 173351160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-07-11 21:53 - 2023-03-30 23:57 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-07-11 21:53 - 2023-03-30 23:57 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== Files in the root of some directories ========

2015-07-15 20:20 - 2015-07-17 14:25 - 000021368 _____ (Schneider Electric) C:\Users\WAYNE\en_res.dll
2015-07-15 20:20 - 2015-07-17 14:25 - 000021368 _____ (Schneider Electric) C:\Users\WAYNE\es_res.dll
2015-07-15 20:20 - 2015-07-17 14:25 - 000021880 _____ (Schneider Electric) C:\Users\WAYNE\fr_res.dll
2015-07-15 20:20 - 2015-07-17 14:25 - 000021880 _____ (Schneider Electric) C:\Users\WAYNE\grm_res.dll
2015-07-15 20:20 - 2015-07-17 14:25 - 000021368 _____ (Schneider Electric) C:\Users\WAYNE\it_res.dll
2015-07-15 20:20 - 2015-07-17 14:25 - 000020344 _____ (Schneider Electric) C:\Users\WAYNE\jp_res.dll
2015-07-15 20:20 - 2015-07-17 14:25 - 001079808 _____ (Microsoft Corporation) C:\Users\WAYNE\mfc80u.dll
2015-07-15 20:20 - 2015-07-17 14:25 - 000626688 _____ (Microsoft Corporation) C:\Users\WAYNE\msvcr80.dll
2015-07-15 20:20 - 2015-07-17 14:25 - 013923704 _____ (Schneider Electric) C:\Users\WAYNE\PCPE Setup.exe
2015-07-15 20:20 - 2015-07-17 14:25 - 000021368 _____ (Schneider Electric) C:\Users\WAYNE\pt_res.dll
2015-07-15 20:20 - 2015-07-17 14:25 - 000018808 _____ () C:\Users\WAYNE\ResourceReader.dll
2015-07-15 20:20 - 2015-07-17 14:25 - 000020856 _____ (Schneider Electric) C:\Users\WAYNE\ru_res.dll
2015-07-15 20:20 - 2015-07-17 14:25 - 000019832 _____ (Schneider Electric) C:\Users\WAYNE\zh_res.dll
2017-10-30 16:13 - 2017-10-30 16:13 - 000000171 _____ () C:\Users\WAYNE\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f
2017-10-30 16:13 - 2018-10-22 11:09 - 000000904 _____ () C:\Users\WAYNE\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf
2020-01-13 22:07 - 2020-01-13 22:07 - 000000171 _____ () C:\Users\WAYNE\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
2017-10-30 16:13 - 2017-10-30 16:13 - 000000175 _____ () C:\Users\WAYNE\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388
2011-04-05 20:39 - 2011-04-05 20:39 - 000007859 _____ () C:\Users\WAYNE\AppData\Roaming\pcouffin.cat
2011-04-05 20:39 - 2011-04-05 20:39 - 000001167 _____ () C:\Users\WAYNE\AppData\Roaming\pcouffin.inf
2011-04-05 20:40 - 2011-04-05 20:40 - 000000034 _____ () C:\Users\WAYNE\AppData\Roaming\pcouffin.log
2011-04-05 20:39 - 2011-04-05 20:39 - 000082816 _____ (VSO Software) C:\Users\WAYNE\AppData\Roaming\pcouffin.sys
2016-10-05 16:59 - 2016-10-05 16:59 - 000003584 _____ () C:\Users\WAYNE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-05-20 16:27 - 2005-05-30 22:03 - 000000136 _____ () C:\Users\WAYNE\AppData\Local\fusioncache.dat

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-08-2023
Ran by WAYNE (07-08-2023 08:44:51)
Running from C:\Users\WAYNE\Desktop
Microsoft Windows 10 Home Version 22H2 19045.3208 (X64) (2023-03-31 03:58:54)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3431438650-1370896122-3677072999-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3431438650-1370896122-3677072999-1007 - Limited - Enabled)
DefaultAccount (S-1-5-21-3431438650-1370896122-3677072999-503 - Limited - Disabled)
Guest (S-1-5-21-3431438650-1370896122-3677072999-501 - Limited - Disabled)
HP_Administrator (S-1-5-21-3431438650-1370896122-3677072999-1001 - Limited - Enabled) => C:\Users\HP_Administrator
WAYNE (S-1-5-21-3431438650-1370896122-3677072999-1000 - Administrator - Enabled) => C:\Users\WAYNE
WDAGUtilityAccount (S-1-5-21-3431438650-1370896122-3677072999-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K YouTube to MP3 (HKLM\...\{6D3F6E79-9D4B-4ABE-B559-E745B81A6142}) (Version: 4.8.3.5190 - Open Media LLC) Hidden
4K YouTube to MP3 (HKLM-x32\...\{3c2fd9ff-1132-417a-a814-05bc54016c71}) (Version: 4.8.2.5170 - Open Media LLC)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{F6FCA281-09CC-4753-990C-937B93A52C94}) (Version: 1.6 - Eyeo GmbH)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 23.003.20244 - Adobe)
Adobe AIR (HKLM-x32\...\{FE62111B-13F6-41AC-AA94-5B2CD581AFBF}) (Version: 50.2.1.1 - HARMAN International) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 50.2.1.1 - HARMAN International)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.3 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Amazing Slow Downer (remove only) (HKLM-x32\...\Amazing Slow Downer) (Version:  - )
Amazon Cloud Player (HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\Amazon Amazon Cloud Player) (Version: 2.3.0.422 - Amazon Services LLC)
Amazon Cloud Player (HKU\S-1-5-21-3431438650-1370896122-3677072999-1001\...\Amazon Amazon Cloud Player) (Version: 2.3.0.422 - Amazon Services LLC)
Amazon MP3 Downloader 1.0.17 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
AMD Accelerated Video Transcoding (HKLM\...\{8F2415FA-72F2-F029-0450-4EB2FAE484C5}) (Version: 13.30.100.41120 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (HKLM\...\{503F672D-6C84-448A-8F8F-4BC35AC83441}) (Version: 2.5.732.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (HKLM\...\{1664D45E-FA92-8C52-92E9-E8ADB04A18ED}) (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (HKLM\...\{0A2E1907-D0DE-0D01-CA64-CB0AB0BFE539}) (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (HKLM\...\{426582A8-202F-D13C-8BD5-F00551BAFC93}) (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
AOL Uninstaller (Choose which Products to Remove) (HKLM-x32\...\AOL Uninstaller) (Version:  - AOL Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{9738288C-21BC-4F54-AB4F-72F059339376}) (Version: 8.6 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{DEB339C1-2687-43AB-816A-8714F3E26846}) (Version: 8.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{CA8EDE78-7A08-4F27-9B31-D6161C095986}) (Version: 16.5.0.12 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{B292D163-23D2-4523-A699-1ABEC1875609}) (Version: 2.7.0.3 - Apple Inc.)
ATI Problem Report Wizard (HKLM\...\{5F146AD2-9F9B-5284-CD9D-40C881E3ACEC}) (Version: 3.0.821.0 - ATI Technologies) Hidden
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Audacity 3.0.2 (HKLM-x32\...\Audacity_is1) (Version: 3.0.2 - Audacity Team)
Audacity 3.3.3 (64-bit) (HKLM\...\Audacity_is1) (Version: 3.3.3 - Audacity Team)
Bing Bar (HKLM-x32\...\{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}) (Version: 7.0.609.0 - Microsoft Corporation)
Bing Rewards Client Installer (HKLM-x32\...\{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}) (Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite MFC-7360N (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
Canon Utilities Digital Photo Professional 4 (HKLM-x32\...\Digital Photo Professional 4 (x64)) (Version: 4.10.40.0 - Canon Inc.)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.10.21.0 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 0.9.0.1 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.20.0 - Canon Inc.)
Canon Utilities EOS Utility 3 (HKLM-x32\...\EOS Utility 3) (Version: 3.2.10.0 - Canon Inc.)
Canon Utilities EOS Web Service Registration Tool (HKLM-x32\...\EOS Web Service Registration Tool) (Version: 1.2.10.0 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.15.10.0 - Canon Inc.)
Carbonite (HKLM-x32\...\{9C78C26C-C5B3-4B1C-8B13-802223B2614D}) (Version: 6.3.5 build 8094 (Apr-30-2019) - Carbonite)
Catalyst Control Center - Branding (HKLM-x32\...\{11087D24-567D-7D88-69C6-D7A08B5F4C47}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.14 - Piriform)
CD Wave Editor 1.98 (HKLM-x32\...\CD Wave Editor_is1) (Version: 1.9.8.1 - MiLo Software)
Cisco WebEx Meetings (HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix Online Launcher (HKLM-x32\...\{DB014C85-A264-4BCA-A66F-6DD1FCF8EC36}) (Version: 1.0.335 - Citrix)
cloudLibrary 2.0 (HKLM-x32\...\cloudLibrary) (Version: 2.0 - Bibliotheca)
CryptoPrevent (HKLM-x32\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version:  - Foolish IT LLC)
CyberLink DVD Suite Premium (HKLM-x32\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2823 - CyberLink Corp.) Hidden
CyberLink DVD Suite Premium (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2823 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 179.4.4985 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.761.1 - Dropbox, Inc.) Hidden
DVDFab (x64) 10.2.1.7 (10/10/2018) (HKLM-x32\...\DVDFab 10(x64)) (Version: 10.2.1.7 - DVDFab Software Inc.)
DVDFab (x64) 11.0.7.2 (14/02/2020) (HKLM-x32\...\DVDFab 11(x64)) (Version: 11.0.7.2 - DVDFab Software Inc.)
DVDFab 10.0.7.8 (16/01/2018) (HKLM-x32\...\DVDFab 10) (Version: 10.0.7.8 - Fengtao Software Inc.)
DVDFab 6.2.1.8 (31/12/2009) (HKLM-x32\...\DVDFab 6_is1) (Version:  - Fengtao Software Inc.)
DVDFab 8.0.8.5 (19/03/2011) (HKLM-x32\...\DVDFab 8_is1) (Version:  - Fengtao Software Inc.)
DVDFab 8.2.2.7 (06/02/2013) Qt (HKLM-x32\...\DVDFab 8 Qt_is1) (Version:  - Fengtao Software Inc.)
DVDFab 9.3.0.7 (13/07/2016) (HKLM-x32\...\DVDFab 9_is1) (Version:  - Fengtao Software Inc.)
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version:  - )
Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 12.1.3.15356 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 115.0.5790.171 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
honestech VHS to DVD 5.0 Deluxe (HKLM-x32\...\{44FF002B-5AB3-4447-8F98-614387B63EE6}) (Version: 5.0 - honestech)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.12850.3526 - Hewlett-Packard)
HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.2.27173 - Hewlett-Packard)
Hulu Desktop (HKU\S-1-5-21-3431438650-1370896122-3677072999-1001\...\HuluDesktop) (Version: 0.9.13 - Hulu LLC)
iTunes (HKLM\...\{76420BC2-0A88-4483-BDB1-0DD97DFF3163}) (Version: 12.12.9.4 - Apple Inc.)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Leawo iTransfer version  1.9.1.0 (HKLM-x32\...\{93337CC5-9BC4-4FB0-B82E-38EC63E149F3}_is1) (Version: 1.9.1.0 - Leawo Software)
LightScribe System Software (HKLM-x32\...\{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}) (Version: 1.18.15.1 - LightScribe)
LP Recorder (HKLM-x32\...\{375DBB30-93A7-11DF-6DF1-00CE5F8B1649}) (Version: 10.1.1.0 - CFB Software)
LP Ripper (HKLM-x32\...\LP Ripper) (Version:  - )
Malwarebytes version 4.5.34.275 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.34.275 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.2 (HKLM\...\{26784146-6E05-3FF9-9335-786C7C0FB5BE}) (Version: 4.5.51209 - Microsoft Corporation) Hidden
Microsoft Bing Service (HKLM-x32\...\{27990F25-A90A-4CE5-868E-1A1BB70A58EE}) (Version: 2.0.0.7 - Microsoft Corporation)
Microsoft Camera Codec Pack (HKLM\...\{D553E8CC-5C56-4B06-AC1A-A443DFF31092}) (Version: 6.3.9723.0 - Microsoft Corporation)
Microsoft Default Manager (HKLM-x32\...\{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}) (Version: 2.2.114.0 - Microsoft Corporation) Hidden
Microsoft DVD App Installation for Microsoft.WindowsDVDPlayer_2019.6.13291.0_neutral_~_8wekyb3d8bbwe (x64) (HKLM\...\{25E80DAA-FD87-DCE5-202C-CC02F6673002}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 115.0.1901.188 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 115.0.1901.188 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM\...\{90140000-006D-0409-1000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.5571.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\OneDriveSetup.exe) (Version: 23.147.0716.0001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3431438650-1370896122-3677072999-1001\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft VC9 runtime libraries (HKLM-x32\...\{AA027AE9-DD20-4677-AA72-D760A358320B}) (Version: 1.0.0 - AOL Inc.) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.25.28508 (HKLM\...\{7D0B74C2-C3F8-4AF1-940F-CD79AB4B2DCE}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.25.28508 (HKLM\...\{EEA66967-97E2-4561-A999-5C22E3CDE428}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.25.28508 (HKLM-x32\...\{0FA68574-690B-4B00-89AA-B28946231449}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.25.28508 (HKLM-x32\...\{2BC3BD4D-FABA-4394-93C7-9AC82A263FE2}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 112.0 (x64 en-US)) (Version: 112.0 - Mozilla)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 116.0.1 (x64 en-US)) (Version: 116.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 116.0.1 - Mozilla)
MSVCRT (HKLM-x32\...\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}) (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (HKLM-x32\...\{D0B44725-3666-492D-BEF6-587A14BD9BD9}) (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5571.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5571.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.5571.1000 - Microsoft Corporation) Hidden
Panda USB Vaccine 1.0.1.4 (HKLM-x32\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version:  - Panda Security)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 3.5.111 - PDF Complete, Inc)
PhotoNow! (HKLM-x32\...\{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.28 - Hewlett-Packard Company)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PowerChute Personal Edition 3.0.2 (HKLM-x32\...\{8ED262EE-FC73-47A9-BB86-D92223246881}) (Version: 3.0.2 - Schneider Electric)
PowerDirector (HKLM-x32\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2906 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2906 - CyberLink Corp.)
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-13231864975D}) (Version: 5.10.621.0 -  NewspaperDirect Inc.)
PrivaZer (HKLM-x32\...\PrivaZer) (Version: 4.0.76.0 - Goversoft LLC)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
REAPER (x64) (HKLM\...\REAPER) (Version:  - )
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.2926 - CyberLink Corp.) Hidden
Roxio Creator Copy (HKLM-x32\...\{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}) (Version: 3.3.0 - Roxio)
Roxio Creator DE (HKLM-x32\...\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) (Version: 3.3.0 - Roxio)
SafeZone Stable 1.48.2066.101 (HKLM-x32\...\SafeZone 1.48.2066.101) (Version: 1.48.2066.101 - Avast Software) Hidden
SeaTools for Windows 1.4.0.2 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.2 - Seagate Technology)
Sonic Activation Module (HKLM-x32\...\{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}) (Version: 1.0 - Sonic Solutions) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
Spectro (HKLM-x32\...\{1F8D186D-8C5C-4589-BC28-1A8964CA74A6}) (Version: 1.0.93 - )
TurboTax 2010 (HKLM-x32\...\TurboTax 2010) (Version:  - Intuit, Inc)
TurboTax 2010 WinPerFedFormset (HKLM-x32\...\{3782EC09-4000-475E-8A59-9CABD6F03B4C}) (Version: 010.000.4012 - Intuit Inc.) Hidden
TurboTax 2010 WinPerReleaseEngine (HKLM-x32\...\{A525E00B-6609-442E-9DCD-64453C233E8D}) (Version: 010.000.0457 - Intuit Inc.) Hidden
TurboTax 2010 WinPerTaxSupport (HKLM-x32\...\{05BDC796-3451-4F81-B91D-E98F7ADA76C2}) (Version: 010.000.0213 - Intuit Inc.) Hidden
TurboTax 2010 wmdiper (HKLM-x32\...\{113AC946-0CEB-49C7-828A-230FF9EB1DBB}) (Version: 010.000.1238 - Intuit Inc.) Hidden
TurboTax 2010 wrapper (HKLM-x32\...\{4F2FCCCF-29F3-44B9-886F-6D16F8417522}) (Version: 010.000.0157 - Intuit Inc.) Hidden
TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
TurboTax 2012 WinPerFedFormset (HKLM-x32\...\{89EC099E-958D-462E-972C-385591946978}) (Version: 012.000.2309 - Intuit Inc.) Hidden
TurboTax 2012 WinPerReleaseEngine (HKLM-x32\...\{F014B696-28C5-4554-802F-A15380418F53}) (Version: 012.000.0474 - Intuit Inc.) Hidden
TurboTax 2012 WinPerTaxSupport (HKLM-x32\...\{A8B1F076-965D-4663-A9D4-C2FB58A42AE4}) (Version: 012.000.0186 - Intuit Inc.) Hidden
TurboTax 2012 wmdiper (HKLM-x32\...\{ABBE458D-C10D-4B36-8C95-92DE9D196B1B}) (Version: 012.000.1471 - Intuit Inc.) Hidden
TurboTax 2012 wrapper (HKLM-x32\...\{E83F5F27-43F3-4163-ABE5-F68C989286ED}) (Version: 012.000.0127 - Intuit Inc.) Hidden
TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
TurboTax 2013 WinPerFedFormset (HKLM-x32\...\{0A7DD94B-B746-4FB0-8688-8598C22793A0}) (Version: 013.000.1755 - Intuit Inc.) Hidden
TurboTax 2013 WinPerReleaseEngine (HKLM-x32\...\{2A4EEB5C-3BA6-4299-A87F-783861B567D9}) (Version: 013.000.0463 - Intuit Inc.) Hidden
TurboTax 2013 WinPerTaxSupport (HKLM-x32\...\{358C44FD-6943-4CDD-B947-7F7C4ADC8A8F}) (Version: 013.000.0162 - Intuit Inc.) Hidden
TurboTax 2013 wmdiper (HKLM-x32\...\{57642511-A663-44B7-9EEE-5BCEC1A44A8A}) (Version: 013.000.1110 - Intuit Inc.) Hidden
TurboTax 2013 wrapper (HKLM-x32\...\{606EB5EB-AADF-4E21-B715-1CAD291181D6}) (Version: 013.000.0135 - Intuit Inc.) Hidden
TurboTax 2014 (HKLM-x32\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc)
TurboTax 2014 WinPerFedFormset (HKLM-x32\...\{35EEDA1E-9D45-4580-8554-734F45D48A73}) (Version: 014.000.1683 - Intuit Inc.) Hidden
TurboTax 2014 WinPerReleaseEngine (HKLM-x32\...\{F2283AA1-869C-4497-8F18-09E36C67A014}) (Version: 014.000.0426 - Intuit Inc.) Hidden
TurboTax 2014 WinPerTaxSupport (HKLM-x32\...\{5FB042CB-B08A-481E-B076-DC6D0FEB0595}) (Version: 014.000.0204 - Intuit Inc.) Hidden
TurboTax 2014 wmdiper (HKLM-x32\...\{BBA89AD8-B33A-49F3-8F84-211FEE91C88B}) (Version: 014.000.1185 - Intuit Inc.) Hidden
TurboTax 2014 wrapper (HKLM-x32\...\{F5890CC6-26B7-481E-A90E-ACE938AD294F}) (Version: 014.000.0109 - Intuit Inc.) Hidden
TurboTax 2015 (HKLM-x32\...\TurboTax 2015) (Version: 2015.0 - Intuit, Inc)
TurboTax 2015 WinPerFedFormset (HKLM-x32\...\{08D0C864-211B-4095-8C3E-2D2CAB64CDA9}) (Version: 015.000.1867 - Intuit Inc.) Hidden
TurboTax 2015 WinPerFuegoContent (HKLM-x32\...\{B48A745E-B79A-417F-8775-421EF44C92D1}) (Version: 015.000.0390 - Intuit Inc.) Hidden
TurboTax 2015 WinPerReleaseEngine (HKLM-x32\...\{B0119415-6743-4707-AB4D-1928F5E81FDD}) (Version: 015.000.0463 - Intuit Inc.) Hidden
TurboTax 2015 WinPerTaxSupport (HKLM-x32\...\{BDC1955D-38D6-4747-8B0A-B2B7CFEA1E7D}) (Version: 015.000.0179 - Intuit Inc.) Hidden
TurboTax 2015 wmdiper (HKLM-x32\...\{AC70EF5F-0046-48FD-9AD9-87C711CEB994}) (Version: 015.000.1264 - Intuit Inc.) Hidden
TurboTax 2015 wrapper (HKLM-x32\...\{6FF818ED-865F-4C55-A073-DD6C9CE7B6A8}) (Version: 015.000.0126 - Intuit Inc.) Hidden
TurboTax 2016 (HKLM-x32\...\TurboTax 2016) (Version: 2016.0 - Intuit, Inc)
TurboTax 2016 WinPerFedFormset (HKLM-x32\...\{1D28A880-201A-42DD-891C-875860B17631}) (Version: 016.000.2301 - Intuit Inc.) Hidden
TurboTax 2016 WinPerReleaseEngine (HKLM-x32\...\{FD003E07-4E56-4CFC-9106-B7AAB234398E}) (Version: 016.000.0544 - Intuit Inc.) Hidden
TurboTax 2016 WinPerTaxSupport (HKLM-x32\...\{4DF70C79-FF25-4836-AEFB-899ECF4C6A30}) (Version: 016.000.0181 - Intuit Inc.) Hidden
TurboTax 2016 wmdiper (HKLM-x32\...\{DEA53540-72A1-4511-8508-D0F28B993ACC}) (Version: 016.000.1434 - Intuit Inc.) Hidden
TurboTax 2016 wrapper (HKLM-x32\...\{B6E9FEF8-5EA1-448B-9423-6683F48D5978}) (Version: 016.000.0220 - Intuit Inc.) Hidden
TurboTax 2017 (HKLM-x32\...\TurboTax 2017) (Version: 2017.0 - Intuit, Inc)
TurboTax 2017 WinPerFedFormset (HKLM-x32\...\{EBB7DFDE-A910-4678-8A9F-757B2C8A8158}) (Version: 017.000.2090 - Intuit Inc.) Hidden
TurboTax 2017 WinPerReleaseEngine (HKLM-x32\...\{859EAFFC-3640-430C-B4E2-0E6F75AF6CA9}) (Version: 017.000.0419 - Intuit Inc.) Hidden
TurboTax 2017 WinPerTaxSupport (HKLM-x32\...\{71A541CA-896C-463A-A396-DCFBA148AC48}) (Version: 017.000.0124 - Intuit Inc.) Hidden
TurboTax 2017 wmdiper (HKLM-x32\...\{DA5D74D7-B321-4863-B5B7-52B7EA8FE766}) (Version: 017.000.1123 - Intuit Inc.) Hidden
TurboTax 2017 wrapper (HKLM-x32\...\{7EEF100B-8223-4951-99C5-FEC4CEAB763E}) (Version: 017.000.0126 - Intuit Inc.) Hidden
TurboTax 2018 (HKLM-x32\...\TurboTax 2018) (Version: 2018.0 - Intuit, Inc)
TurboTax 2018 WinPerFedFormset (HKLM-x32\...\{4F5D754A-4CF7-489E-9FC7-DCF124A9C13B}) (Version: 018.000.7030 - Intuit Inc.) Hidden
TurboTax 2018 WinPerReleaseEngine (HKLM-x32\...\{3B81DEB0-2307-4542-A370-47D7B15B4EE5}) (Version: 018.000.0718 - Intuit Inc.) Hidden
TurboTax 2018 WinPerTaxSupport (HKLM-x32\...\{E9FCBA33-DB82-4992-A4FE-3A2D4C974DD7}) (Version: 018.000.0130 - Intuit Inc.) Hidden
TurboTax 2018 wmdiper (HKLM-x32\...\{29519E5A-DA64-4162-ABF6-DA2211E5EC66}) (Version: 018.000.2936 - Intuit Inc.) Hidden
TurboTax 2018 wrapper (HKLM-x32\...\{B29215FE-D5C4-4C2D-BDA1-11EBF3638653}) (Version: 018.000.0109 - Intuit Inc.) Hidden
TurboTax 2019 (HKLM-x32\...\TurboTax 2019) (Version: 2019.0 - Intuit, Inc)
TurboTax 2019 WinPerFedFormset (HKLM-x32\...\{E06C08B0-B8A7-4D16-AC3D-A9B215B4DF33}) (Version: 019.000.3918 - Intuit Inc.) Hidden
TurboTax 2019 WinPerReleaseEngine (HKLM-x32\...\{3B2774BA-9EAF-4AC6-8E06-98EA76831746}) (Version: 019.000.0812 - Intuit Inc.) Hidden
TurboTax 2019 WinPerTaxSupport (HKLM-x32\...\{7A9F6F61-D188-4851-A4B5-1766EB5295C9}) (Version: 019.000.0121 - Intuit Inc.) Hidden
TurboTax 2019 wmdiper (HKLM-x32\...\{EB84136F-C21D-43B7-BAB4-D62D911DCFE7}) (Version: 019.000.1832 - Intuit Inc.) Hidden
TurboTax 2019 wrapper (HKLM-x32\...\{DF0DB405-2E2C-4DFE-A6E7-342E7900F594}) (Version: 019.000.0127 - Intuit Inc.) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
USB2.0 VIDBOX NW03  (HKLM-x32\...\{2758691A-2CDE-4942-A4AC-0E8F61FE2067}) (Version: 3.0.2 - honestech)
vanBasco's Karaoke Player (HKLM-x32\...\VMidi) (Version:  - )
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.18 - VideoLAN)
WD Backup (HKLM-x32\...\{463d4278-a46b-4f4b-bfad-81d1c2f2fe2e}) (Version: 1.9.6485.41936 - Western Digital Technologies, Inc.)
WD Backup (HKLM-x32\...\{8295047E-9D07-487F-A836-7F9B96EDF713}) (Version: 1.9.6485.41936 - Western Digital Technologies, Inc) Hidden
WD Discovery (HKLM-x32\...\WDDiscovery) (Version: 1.3.482 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{27c7215d-df19-4095-8f6a-eba55cab35be}) (Version: 2.0.0.25 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{F413FB4C-7CFF-4737-BCC3-5EE43BFB3721}) (Version: 2.0.0.25 - Western Digital Technologies, Inc.) Hidden
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17305 - Microsoft Corporation)
Windows Live Communications Platform (HKLM-x32\...\{D45240D3-B6B3-4FF9-B243-54ECE3E10066}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}) (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (HKLM-x32\...\{0B0F231F-CE6A-483D-AA23-77B364F75917}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (HKLM\...\{027E5FAB-1476-4C59-AAB4-32EF28520399}) (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (HKLM-x32\...\{9D56775A-93F3-44A3-8092-840E3826DE30}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (HKLM-x32\...\{C66824E4-CBB3-4851-BB3F-E8CFD6350923}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (HKLM-x32\...\{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}) (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger (HKLM-x32\...\{E5B21F11-6933-4E0B-A25C-7963E3C07D11}) (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (HKLM\...\{DA54F80E-261C-41A2-A855-549A144F2F59}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (HKLM-x32\...\{19BA08F7-C728-469C-8A35-BFBD3633BE08}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (HKLM-x32\...\{92EA4134-10D1-418A-91E1-5A0453131A38}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (HKLM-x32\...\{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (HKLM-x32\...\{D436F577-1695-4D2F-8B44-AC76C99E0002}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (HKLM-x32\...\{3336F667-9049-4D46-98B6-4C743EEBC5B1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (HKLM-x32\...\{34F4D9A4-42C2-4348-BEF4-E553C84549E7}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (HKLM-x32\...\{83C292B7-38A5-440B-A731-07070E81A64F}) (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (HKLM-x32\...\{682B3E4F-696A-42DE-A41C-4C07EA1678B4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (HKLM-x32\...\{200FEC62-3C34-4D60-9CE8-EC372E01C08F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (HKLM-x32\...\{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}) (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (HKLM-x32\...\{A726AE06-AAA3-43D1-87E3-70F510314F04}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (HKLM-x32\...\{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (HKLM-x32\...\{AAF454FC-82CA-4F29-AB31-6A109485E76E}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (HKLM-x32\...\{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinRAR 6.23 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.23.0 - win.rar GmbH)
WMA 9 Lossless to PCM Conversion Tool (HKLM-x32\...\wmal2pcm) (Version:  - )

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.28.34.0_x64__v10z8vjag6ke6 [2023-08-01] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2023-03-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2023-03-30] (Microsoft Corporation) [MS Ad]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-01] (Microsoft Corporation)
Sirius XM Radio Inc. -> C:\Program Files\WindowsApps\SiriusXM.SiriusXM_4.8.3.0_x64__rb1gq5s0htdrw [2023-08-01] (Sirius XM Radio Inc)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-19] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.217.834.0_x64__zpdnekdrzrea0 [2023-08-05] (Spotify AB) [Startup Task]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2023-03-30] (Twitter Inc.)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2016-06-06] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\WAYNE\Dropbox [2015-11-01 20:15]
ShellIconOverlayIdentifiers: [    Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-04-30] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers: [    Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-04-30] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers: [    Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-04-30] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-10] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-10] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-10] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-10] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-10] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-10] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-10] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-10] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-10] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-10] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-04-30] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-04-30] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-04-30] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers: [Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-04-30] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers: [Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-04-30] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers: [Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-04-30] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [    Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-04-30] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [    Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-04-30] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [    Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-04-30] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-10] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-10] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-10] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-10] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-10] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-10] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-10] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-10] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-10] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-10] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-04-30] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-04-30] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-04-30] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-04-30] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-04-30] (Carbonite -> Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-04-30] (Carbonite -> Carbonite, Inc.)
ContextMenuHandlers1: [Carbonite] -> {FE8BD682-9A64-4740-A92B-EE7E5F7FA0A5} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-04-30] (Carbonite -> Carbonite, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-10] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2023-07-03] (Goversoft LLC -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-08-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-08-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Carbonite] -> {FE8BD682-9A64-4740-A92B-EE7E5F7FA0A5} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-04-30] (Carbonite -> Carbonite, Inc.)
ContextMenuHandlers2: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2023-07-03] (Goversoft LLC -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-26] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2023-07-03] (Goversoft LLC -> )
ContextMenuHandlers4: [Carbonite] -> {FE8BD682-9A64-4740-A92B-EE7E5F7FA0A5} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2019-04-30] (Carbonite -> Carbonite, Inc.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-10] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2023-07-03] (Goversoft LLC -> )
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.62.0.dll [2023-07-10] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-26] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2023-07-03] (Goversoft LLC -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-08-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-08-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 11 (x64)\DVDFab Online.lnk -> hxxp://www.dvdfab.cn/?s=dvdfab11&p=x64&v=11.0.7.
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 10 (x64)\DVDFab (x64) Online.lnk -> hxxp://www.dvdfab.cn/?s=dvdfab10&p=x64&v=10.2.1.
Shortcut: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 10\DVDFab Online.lnk -> hxxp://www.dvdfab.cn/?s=dvdfab10&v=10.0.7.

==================== Loaded Modules (Whitelisted) =============

2023-03-30 23:29 - 2023-03-30 23:29 - 000854016 _____ () [File not signed] [File is in use] C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll
2015-02-10 11:03 - 2015-02-10 11:03 - 000507904 _____ () [File not signed] C:\Program Files (x86)\Canon\EOS Utility\EDSDK.dll
2015-02-10 11:04 - 2015-02-10 11:04 - 001069056 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\EOS Utility\EdsImage.dll
2010-05-19 14:44 - 2010-05-19 14:44 - 000033792 _____ (Hewlett-Packard Company) [File not signed] c:\Program Files (x86)\Common Files\LightScribe\LSLog.dll
2010-05-19 14:44 - 2010-05-19 14:44 - 000110592 _____ (Hewlett-Packard Company) [File not signed] c:\Program Files (x86)\Common Files\LightScribe\LSSProxy.dll
2012-01-24 16:03 - 2012-01-24 16:03 - 001921024 _____ (Schneider Electric) [File not signed] C:\Program Files (x86)\APC\PowerChute Personal Edition\res.dll
2023-03-30 23:29 - 2023-03-30 23:29 - 000270336 _____ (The Apache Software Foundation) [File not signed] [File is in use] C:\WINDOWS\assembly\GAC_MSIL\log4net\1.2.10.0__1b44e1d426115821\log4net.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKLM\...\.scr: CryptoPreventSCR => "C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.CryptoPreventEXEC" "%1" /S %*

==================== Internet Explorer (Whitelisted) ==========

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3431438650-1370896122-3677072999-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPDSK/1
HKU\S-1-5-21-3431438650-1370896122-3677072999-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK/1
SearchScopes: HKU\S-1-5-21-3431438650-1370896122-3677072999-1001 -> {0D11E902-D1C8-47D3-A1B4-C5BB9C28A6CA} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2023-06-14] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2023-06-14] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2023-07-25] (HP Inc. -> HP Inc.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2017-01-03] (Eyeo GmbH -> Eyeo GmbH)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation) [File not signed]
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2023-06-14] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2023-07-25] (HP Inc. -> HP Inc.)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2017-01-03] (Eyeo GmbH -> Eyeo GmbH)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\100sexlinks.com -> 100sexlinks.com

There are 5317 more sites.

IE trusted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1001\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3431438650-1370896122-3677072999-1001\...\100sexlinks.com -> 100sexlinks.com

There are 5317 more sites.


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2023-07-24 05:16 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-3431438650-1370896122-3677072999-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\HP1.jpg
DNS Servers: 8.8.8.8 - 4.2.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snapfish PictureMover.lnk => C:\Windows\pss\Snapfish PictureMover.lnk.CommonStartup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: ControlCenter4 => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IndexSearch => "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: PDF5 Registry Controller => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
MSCONFIG\startupreg: PDFHook => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
MSCONFIG\startupreg: PPort12reminder => "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
HKLM\...\StartupApproved\StartupFolder: => "APC UPS Status.lnk"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "VDownloader"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "VDownloader"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "Carbonite Backup"
HKLM\...\StartupApproved\Run32: => "Microsoft Default Manager"
HKLM\...\StartupApproved\Run32: => "Display"
HKLM\...\StartupApproved\Run32: => "HostManager"
HKLM\...\StartupApproved\Run32: => "WDDiscovery"
HKLM\...\StartupApproved\Run32: => "DriveUtilitiesHelper"
HKLM\...\StartupApproved\Run32: => "WDAppManager"
HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\StartupApproved\Run: => "VDownloader"
HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\StartupApproved\Run: => "AOL Fast Start"
HKU\S-1-5-21-3431438650-1370896122-3677072999-1000\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{56B01B1A-1870-454D-9132-DDF4B7EC5073}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{26098F05-4578-4021-BF9F-331E8DC9F2AB}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{8043A209-BDC6-4C4C-8F7B-C07F47661FFB}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{4134A819-9727-4D53-A8DF-DAFA28433BD3}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{EDC3D672-A17A-4560-963B-659FFDBC905C}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{FD426A2A-BF3A-4B73-9F52-F7F85D7F777C}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{B73567B9-30D7-48DC-ADCF-EA65E98D0684}] => (Allow) C:\Users\WAYNE\AppData\Roaming\RingCentralMeetings\bin\airhost.exe => No File
FirewallRules: [{EBB34175-FBAA-4525-9701-C9D495E00D37}] => (Allow) C:\Users\WAYNE\AppData\Roaming\RingCentralMeetings\bin\RingCentralMeetings.exe => No File
FirewallRules: [{233A6A50-99BE-4F63-8260-392A1E8B10FF}] => (Block) C:\program files\dvdfab 11\dvdfab64.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [{9778CAF1-76A2-40DC-95D1-447607528C7A}] => (Block) C:\program files\dvdfab 11\dvdfab64.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [UDP Query User{3F3B7D0A-5051-4318-BDF3-D26F2FA36FE3}C:\program files\dvdfab 11\dvdfab64.exe] => (Allow) C:\program files\dvdfab 11\dvdfab64.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [TCP Query User{BF5E6CFE-76CD-49F8-9BB5-4E1013F2CA0F}C:\program files\dvdfab 11\dvdfab64.exe] => (Allow) C:\program files\dvdfab 11\dvdfab64.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [{57390CF6-2B3F-4879-AAA2-8CE703CC83C3}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{9AEE6F75-2C42-46F5-9905-8EB5CE626D92}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [UDP Query User{7E2D614B-C86B-487E-BE3B-5B928C8E3CBF}C:\program files\dvdfab 10\dvdfab64.exe] => (Block) C:\program files\dvdfab 10\dvdfab64.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [TCP Query User{D4AA74E0-0543-4136-90BD-FDB0DD8F4398}C:\program files\dvdfab 10\dvdfab64.exe] => (Block) C:\program files\dvdfab 10\dvdfab64.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [{CFE68B1D-ABFE-4E33-AEF3-71E96C97217E}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{0F2E1CC4-034B-4E65-8531-35BBCC6A47E4}C:\program files (x86)\dvdfab 10\dvdfab.exe] => (Block) C:\program files (x86)\dvdfab 10\dvdfab.exe (Fengtao Software Inc. -> FengTao Software Inc.)
FirewallRules: [TCP Query User{D877CF41-EB1E-45EF-B173-97870F5C4B36}C:\program files (x86)\dvdfab 10\dvdfab.exe] => (Block) C:\program files (x86)\dvdfab 10\dvdfab.exe (Fengtao Software Inc. -> FengTao Software Inc.)
FirewallRules: [{81845C2C-9C4E-47FA-A95F-555802947F49}] => (Allow) C:\Program Files (x86)\Common Files\AOL\System Information\sinf.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{E1495E01-697A-4628-AB94-55B780115EB7}] => (Allow) C:\Program Files (x86)\Common Files\AOL\System Information\sinf.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{5302D749-5134-46AF-AE19-363A54DAF3B4}] => (Allow) C:\Program Files (x86)\Common Files\AOL\Loader\aolload.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{3C9695CF-7F82-46FD-BD26-3E5171BC3B3E}] => (Allow) C:\Program Files (x86)\Common Files\AOL\Loader\aolload.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{88EB079B-A303-42F4-BFD9-57F690A618C2}] => (Allow) C:\Program Files (x86)\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{6C5F01AA-E571-42F8-AD56-49ACFC9EC743}] => (Allow) C:\Program Files (x86)\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{2925CB27-5E91-4220-95EE-5D139B65C519}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.8.2\waol.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{D563DCC2-47E2-4D3D-9AC1-332D4BE72560}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.8.2\waol.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{34405486-63C2-4BB5-A974-CD0BBF642A54}] => (Allow) C:\Program Files (x86)\Common Files\AOL\1509049480\ee\aolsoftware.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{09E90098-E3D3-4328-B768-EC505268D371}] => (Allow) C:\Program Files (x86)\Common Files\AOL\1509049480\ee\aolsoftware.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{FA58FDC9-032F-42D4-A616-184E20003A5A}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{36F1DA0D-74E8-4D25-8C08-BE88443F9225}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{4EE21B06-2683-4D62-946D-48D443A71DEC}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLDial.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{6E647CCE-B87F-492A-8107-0622548B8170}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLDial.exe (AOL Inc. -> AOL Inc.)
FirewallRules: [{CB294ACD-D0CF-4C64-9517-EAA1E8C82191}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [{E4C10304-B167-49A7-B8F9-EF0AEB8348AB}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\CinemaNow\CinemaNow.exe => No File
FirewallRules: [{B01C7204-5A4C-4C9C-8465-682631F1000F}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\CinemaNow\CinemaNow.exe => No File
FirewallRules: [{77830A32-BAC9-4339-8335-778B2BEC9AB1}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe => No File
FirewallRules: [{67F7F85E-CC62-4C95-8D74-1D1AA6C9051E}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Photo\HPMediaSmartPhoto.exe => No File
FirewallRules: [{7FCB2DEC-6E0D-4B3D-A3DD-9B42D3518917}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Video\HPMediaSmartVideo.exe => No File
FirewallRules: [{F400B9B3-2F3E-4462-B5EC-FB44A14053BA}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\HPTouchSmartMusic.exe => No File
FirewallRules: [{72BD1BDC-DA9E-4157-BD2D-8608190FD0C6}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7F10951C-ED22-4BAE-BFF3-25A1C2831814}] => (Allow) C:\WINDOWS\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{7C4F56A3-4AA8-475F-BD46-E05B2FD0CAE2}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{15AD9551-76A1-40F2-BEF4-80F1A5398027}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6D360B3C-04FA-47D0-A750-59718E04C8D7}] => (Allow) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite -> Carbonite, Inc.)
FirewallRules: [{D1574A07-9E09-4944-8DE0-DB54A01545CF}] => (Allow) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite -> Carbonite, Inc.)
FirewallRules: [{68B43291-7D97-4EBF-B4F9-A762C00D37F8}] => (Allow) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite -> Carbonite, Inc.)
FirewallRules: [{C22006C3-D83C-4CE2-AAFD-02449499C8F0}] => (Allow) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite -> Carbonite, Inc.)
FirewallRules: [{73308006-0A55-4313-B1A9-39094A5DC029}] => (Allow) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite -> Carbonite, Inc. (www.carbonite.com))
FirewallRules: [{77DC15B9-AB02-4A94-9549-95F54946859A}] => (Allow) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite -> Carbonite, Inc. (www.carbonite.com))
FirewallRules: [{70C0580B-EBA2-4B35-8DC8-0D5DA8DD9B70}] => (Allow) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite -> Carbonite, Inc. (www.carbonite.com))
FirewallRules: [{0869C632-DF9D-4C8B-BDED-D88AF67B8378}] => (Allow) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite -> Carbonite, Inc. (www.carbonite.com))
FirewallRules: [{BBDC9B63-4BA7-44C9-9BF4-2883A39BD742}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdater.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{3A00BBDD-B091-47C3-9B3D-452D7780CA41}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{15CB24E3-01C5-45AE-A0B5-86108859B8ED}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{97363095-2633-423D-8947-AA1CF612207E}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{075AFA60-1457-42BD-9E5D-DAB184E573C6}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{0386B9E5-7085-4EEA-B4BC-DB3BA49C6D15}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{D63FE239-F915-4AA9-B2F2-0F8DD3039D76}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe => No File
FirewallRules: [{BF8B1AD8-AE80-44AC-BD16-C2A136A43A17}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{962B06F3-87C3-4787-9061-674ED3A0EB4E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B16158EA-CFCF-463A-ACEC-4A7E082995B2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{560C430D-0D9B-4BAB-9F44-AE808FAE6A6C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D576B179-3A1C-43CE-93C5-00B41B8E9843}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{121FEF0C-34F0-4631-8670-BE99915DD229}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0D8510A3-D231-44D7-B123-AF7F7D4D1433}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{453D4BC5-EDD6-4EA2-8A67-1DAFA2AD43D8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{896E11AB-D6C5-4476-9C26-0FCADA9E4357}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{513CDA7D-4471-47B2-91C9-EBB159306A85}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{88ECE08A-C9D8-40A4-8848-526DCA75A919}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{CC6CBC5C-6E6A-41FF-9221-F5DE593AE284}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{9B8BC006-D232-4243-A802-D777E2394F52}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1F166A40-6D5E-4571-A858-97EB00641A5B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5F4CE817-0561-4193-8857-FFC674A7638D}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0E3CF7D2-72FE-4960-8D35-70B7F79991D8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CD96C2B7-2A4E-4251-ABC5-9E579396E15E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B79F46DC-E82D-4ABF-A244-59CFEE3FE52A}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{59E3FE7B-B8AC-40E1-8C4E-A46DA668DC97}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.100.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E8060023-3EAD-415B-8BCE-B77ABECABB2F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.100.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BA501374-49F6-4F8C-8775-68524BF50B59}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.100.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D9663918-2C37-49A4-BBAF-0522DCF13D12}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.100.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B19F9896-D9DA-46EB-B6C6-523875EB045F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\115.0.1901.188\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6384D051-D9FE-4F4F-98FD-34DD4743C16D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{C8EF045D-9B7B-4FE5-86B3-279FDDBA7DA1}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{96233BF1-75EE-4431-B9D8-56FC09A53E17}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{72A6F99C-1A89-4263-B875-B89928A9E198}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.217.834.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DE935692-6CE2-40E7-AA63-EC5C6BB7592B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.217.834.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5DC19FFF-BDFA-4445-8693-87E24D56F27A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.217.834.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5BC2511E-DEEB-4EFD-A721-CFF6836401AA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.217.834.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4DB71DEB-76B4-4DCD-92E1-A1EA52D9F23F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.217.834.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C2994C71-E97E-4617-81BA-B0D829A6F61C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.217.834.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4668637B-025D-492F-B3A1-49015D14CD0B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.217.834.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{73098616-5B5F-4D49-B2DF-C8BC2934250F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.217.834.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F1C965EE-E67F-418E-97AE-D57C45FFCA95}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.217.834.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3BB790CC-1BED-4527-98E8-EF8BF6C50CB2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.217.834.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)

==================== Restore Points =========================

29-07-2023 10:09:24 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (08/07/2023 04:12:42 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (08/06/2023 04:12:42 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (08/05/2023 04:50:02 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on HP_RECOVERY (D:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (08/05/2023 04:50:01 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on OS (C:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (08/05/2023 04:17:20 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on SYSTEM because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (08/05/2023 04:12:15 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (08/04/2023 04:12:15 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (08/03/2023 04:12:15 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2


System errors:
=============
Error: (08/07/2023 08:22:34 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server Windows.Internal.StateRepository.ApplicationExtension did not register with DCOM within the required timeout.

Error: (08/07/2023 06:05:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The CarboniteService service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (08/07/2023 05:31:44 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The CarboniteService service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (08/06/2023 05:30:41 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The CarboniteService service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (08/06/2023 05:02:59 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server Windows.Internal.StateRepository.ApplicationExtension did not register with DCOM within the required timeout.

Error: (08/06/2023 02:25:56 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The CarboniteService service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (08/06/2023 02:04:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The CarboniteService service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (08/05/2023 02:07:59 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone.


Windows Defender:
================
Date: 2023-08-06 03:38:17
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-08-05 17:07:07
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-08-03 17:30:17
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-08-02 17:30:15
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-08-01 17:30:14
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===============
Date: 2023-07-22 08:24:33
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 6.04 09/07/2010
Motherboard: FOXCONN 2AB1
Processor: AMD Athlon™ II X4 635 Processor
Percentage of memory in use: 38%
Total physical RAM: 12287.28 MB
Available physical RAM: 7597.19 MB
Total Virtual: 13055.28 MB
Available Virtual: 7958.3 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:583.07 GB) (Free:183.85 GB) (Model: WDC WD64 00AAKS-65Z7B0 SATA Disk Device) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:12.44 GB) (Free:1.53 GB) (Model: WDC WD64 00AAKS-65Z7B0 SATA Disk Device) NTFS ==>[system with boot components (obtained from drive)]
Drive g: (HP v125w) (Removable) (Total:3.72 GB) (Free:3.45 GB) FAT32
Drive q: () (Fixed) (Total:0 GB) (Free:0 GB) (Model: WDC WD64 00AAKS-65Z7B0 SATA Disk Device)

\\?\Volume{a3ee7c82-2453-11e0-adba-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{489ea3c9-0000-0000-0000-a0ca91000000}\ () (Fixed) (Total:0.56 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 489EA3C9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=583.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=578 MB) - (Type=27)
Partition 4: (Not Active) - (Size=12.4 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: 0CA921CF)
Partition 1: (Not Active) - (Size=3.7 GB) - (Type=FAT32)

==================== End of Addition.txt =======================


  • 0

#36
RKinner
Posted 07 August 2023 - 08:50 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

It left two dead Tasks so one more quick Fixlist.  This one should not need to reboot and should be very fast.

 

Attached File  fixlist.txt   720bytes   103 downloads


  • 0

#37
wayneman50
Posted 07 August 2023 - 09:08 AM

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 587 posts

Fix result of Farbar Recovery Scan Tool (x64) Version: 06-08-2023
Ran by WAYNE (07-08-2023 11:08:06) Run:2
Running from C:\Users\WAYNE\Desktop
Loaded Profiles: WAYNE & HP_Administrator
Boot Mode: Normal
==============================================

fixlist content:
*****************
Task: {580EA44D-F35E-413E-A5AF-EE8A6063F804} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\WAYNE\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe  LOGON (No File)
Task: {E0E39677-038A-4934-AEAC-098207D46FA0} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\WAYNE\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe  SCHED (No File)
*****************

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{580EA44D-F35E-413E-A5AF-EE8A6063F804}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{580EA44D-F35E-413E-A5AF-EE8A6063F804}" => removed successfully
C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onLogOn => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onLogOn" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0E39677-038A-4934-AEAC-098207D46FA0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0E39677-038A-4934-AEAC-098207D46FA0}" => removed successfully
C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onTime => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onTime" => removed successfully

==== End of Fixlog 11:08:06 ====


  • 0

#38
RKinner
Posted 07 August 2023 - 10:49 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Looks good.  Guess you can remove FRST again.


  • 0

#39
wayneman50
Posted 10 August 2023 - 12:35 PM

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 587 posts

Ok I uninstalled FRST. Anything else?


  • 0

#40
RKinner
Posted 10 August 2023 - 04:57 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Should be good to go.


  • 0

Advertisements

#41
wayneman50
Posted 11 August 2023 - 07:39 AM

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 587 posts

Do you take donations?


  • 0

#42
wayneman50
Posted 17 August 2023 - 01:53 PM

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 587 posts

You may close this topic. Thanks for your help.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: internet, google, virus, foreign language

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP