Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-08.2024
Ran by mason (administrator) on BYRON-ACER (Acer Aspire A515-54) (24-08-2024 13:16:01)
Running from C:\Users\mason\Desktop\FRST64.exe
Loaded Profiles: mason
Platform: Microsoft Windows 10 Home Version 22H2 19045.4780 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(C:\Program Files (x86)\Real\RealPlayer\downloader2.exe ->) (RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\realdownloader264.exe
(C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAdminAgent.exe
(C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAgent.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxCUIService.exe ->) (Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxEM.exe
(explorer.exe ->) (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(explorer.exe ->) (HP Inc -> HP Inc.) C:\Program Files\HP\HP OfficeJet Pro 9010 series\Bin\ScanToPCActivationApp.exe
(explorer.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2407.18001.0_x64__8wekyb3d8bbwe\MicrosoftSecurityApp\MicrosoftSecurityApp.exe
(explorer.exe ->) (RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe
(explorer.exe ->) (SweetLabs Inc -> SweetLabs, Inc) C:\Users\mason\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <6>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Mixbyte Inc -> ) C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Users\mason\AppData\Local\Mozilla Firefox\firefox.exe <16>
(RealNetworks, Inc. -> ) C:\Program Files (x86)\Real\RealPlayer\downloader2.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QASvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Endpoint Protection SDK\endpointprotection.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_3cbddcc68b1c0da2\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_31a8dbbf39dcdc3b\jhi_service.exe
(services.exe ->) (Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxCUIService.exe
(services.exe ->) (Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ea63d1eddd5853b5\IntelCpHDCPSvc.exe
(services.exe ->) (Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ea63d1eddd5853b5\IntelCpHeciSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (NortonLifeLock Inc. -> NortonLifelock Inc.) C:\Program Files\Norton Security\Engine\22.24.2.6\NortonSecurity.exe <2>
(services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.24.2.6\nsWscSvc.exe
(services.exe ->) (RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(services.exe ->) (RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\Intel® Audio Service\IntelAudioService.exe
(svchost.exe ->) (83564403-0B26-46B8-9D84-040F43691D31 -> Realtek Semiconductor) C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.9.205.0_x64__dt26b99r8h8gj\RtkUWP.exe
(svchost.exe ->) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(svchost.exe ->) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe
(svchost.exe ->) (Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxext.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\mason\AppData\Local\Microsoft\OneDrive\24.156.0804.0002\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2406.13.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (RealDefense LLC -> RealDefense LLC) C:\Program Files\iolo technologies\System Mechanic\ioloTrayApp.exe
(svchost.exe ->) (RealDefense LLC -> RealDefense LLC) C:\Program Files\iolo technologies\System Mechanic\LBGovernor.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [953120 2019-12-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [353064 2020-06-12] (RealNetworks, Inc. -> RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\Real\RealPlayer\downloader2.exe [1278248 2020-06-12] (RealNetworks, Inc. -> )
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [241448 2020-05-30] (Mixbyte Inc -> )
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3432338355-1889630694-583200658-1001\...\Run: [HP OfficeJet Pro 9010 series (NET)] => C:\Program Files\HP\HP OfficeJet Pro 9010 series\Bin\ScanToPCActivationApp.exe [4071840 2019-11-17] (HP Inc -> HP Inc.)
HKU\S-1-5-21-3432338355-1889630694-583200658-1001\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-3432338355-1889630694-583200658-1001\...\Run: [MicrosoftEdgeAutoLaunch_A63FDC39720E41B02CBAF0CFE9BA9509] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3741224 2024-08-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3432338355-1889630694-583200658-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\mason\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" [70770192 2024-08-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3432338355-1889630694-583200658-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\mason\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3432338355-1889630694-583200658-1001\...\RunOnce: [Uninstall 24.151.0728.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\mason\AppData\Local\Microsoft\OneDrive\24.151.0728.0003" [0 2024-08-22] () <==== ATTENTION [zero byte File/Folder]
HKLM\...\Print\Monitors\HP 5912 Status Monitor: C:\WINDOWS\system32\hpinksts5912LM.dll [331664 2012-06-18] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Officejet Pro 8600): C:\WINDOWS\system32\HPDiscoPM5912.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\127.0.6533.120\Installer\chrmstp.exe [2024-08-15] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2020-06-12]
ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1E219E98-4BF7-4D45-8AE3-2090AAD532E9} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2971808 2021-12-30] (Acer Incorporated -> ) -> C:\Program Files (x86)\Acer\Care Center\-auto
Task: {91BC3C49-05AD-413A-B0C4-986598FE71DF} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41632 2021-12-30] (Acer Incorporated -> )
Task: {DC798AE4-F345-45EE-9175-A079C5623CF6} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4836512 2021-12-30] (Acer Incorporated -> )
Task: {DAE8899D-0C2A-454F-94E6-E3B0D50E6364} - System32\Tasks\AcerCMUpdateTask2.5.22250 => C:\Program Files (x86)\Acer\Amundsen\2.5.22250\awc.exe [96904 2022-09-25] (Acer Incorporated -> )
Task: {E494AEBE-6DDE-4FB6-B0C5-B7AF6255FB12} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1563080 2024-07-31] (Adobe Inc. -> Adobe Inc.)
Task: {69C6A386-18C0-4C0B-811F-224C07941C3D} - System32\Tasks\App Explorer => C:\Users\mason\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [8794648 2024-08-15] (SweetLabs Inc -> SweetLabs, Inc) <==== ATTENTION
Task: {6B9C3E34-CF0B-48F3-B535-1CD50E4D7019} - System32\Tasks\G2MUpdateTask-S-1-5-21-3432338355-1889630694-583200658-1001 => C:\Users\mason\AppData\Local\GoToMeeting\19992\g2mupdate.exe [34872 2024-05-03] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {1F8E273F-F5D0-45A3-B3CE-5FDA2CB391FA} - System32\Tasks\G2MUploadTask-S-1-5-21-3432338355-1889630694-583200658-1001 => C:\Users\mason\AppData\Local\GoToMeeting\19992\g2mupload.exe [34872 2024-05-03] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {F0FB351E-DF18-403D-99D2-CB82B0930D7B} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem129.0.6651.0{352A24D8-20DE-4F30-BC73-7C6A873B991A} => C:\Program Files (x86)\Google\GoogleUpdater\129.0.6651.0\updater.exe [4906600 2024-08-11] (Google LLC -> Google LLC)
Task: {EE2CD468-260F-4ACB-889B-32B29FE58C93} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64472 2024-08-07] (HP Inc. -> HP Inc.)
Task: {6DD584BA-4149-4BA3-9142-2ACCC23907CA} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64472 2024-08-07] (HP Inc. -> HP Inc.)
Task: {69952FBF-0486-4C97-BAAB-9779A16B1564} - System32\Tasks\iolo\ActiveMessenger => C:\Program Files\iolo technologies\System Mechanic\ActiveBridge.exe [3637672 2024-03-27] (RealDefense LLC -> RealDefense LLC) -> C:\Program Files\iolo technologies\System Mechanic\\-appexecutable iolo.exe -ammode
Task: {3D1E6E02-1FC1-4A3B-B7F5-574BCE549A0D} - System32\Tasks\iolo\iolo Tray app => C:\Program Files\iolo technologies\System Mechanic\ioloTrayApp.exe [1795496 2024-03-27] (RealDefense LLC -> RealDefense LLC)
Task: {BB00918B-A040-44FB-BC6B-ED39BCB9E2FA} - System32\Tasks\iolo\Live Boost Process Governor => C:\Program Files\iolo technologies\System Mechanic\LBGovernor.exe [1067944 2024-03-27] (RealDefense LLC -> RealDefense LLC)
Task: {3AEBC560-87BC-4FF6-8276-616C3812E197} - System32\Tasks\iolo\Multi Product Notification Service => C:\Program Files\iolo technologies\System Mechanic\mpns.exe [28584 2024-03-27] (RealDefense LLC -> RealDefense LLC)
Task: {A51AE65B-D2C4-4311-B412-44174DC303CE} - System32\Tasks\iolo\SmartScan => C:\Program Files\iolo technologies\System Mechanic\smartscan.exe [95144 2024-03-27] (RealDefense LLC -> )
Task: {554977C3-9ABB-413D-A8A3-C9A5DA2C6426} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28584424 2024-08-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {F945976C-F830-4D56-87A2-1557DEFDA76B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28584424 2024-08-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {4ED628D5-BC6F-423E-998C-053A6FD811EF} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312288 2024-08-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {B57CBC44-544B-4DC6-8FD3-EF67400CEDD9} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312288 2024-08-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {8D4CFF21-4E06-4A03-BA4C-C88348672168} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [182240 2024-08-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {C26081F0-434D-4627-89A2-A5FE12D4A538} - System32\Tasks\Mozilla\Firefox Background Update A2D7726C0C38172D => C:\Users\mason\AppData\Local\Mozilla Firefox\firefox.exe [676936 2024-08-22] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\A2D7726C0C38172D\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\A2D7726C0C38172D\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {76684A8F-886A-4B7C-9E79-A006E0C91179} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3432338355-1889630694-583200658-1001 A2D7726C0C38172D => C:\Users\mason\AppData\Local\Mozilla Firefox\firefox.exe [676936 2024-08-22] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\A2D7726C0C38172D\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\A2D7726C0C38172D\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {B7142DA5-3AB5-4221-B30E-F971557F7E05} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-27] (Mozilla Corporation -> Mozilla Foundation)
Task: {562D28A5-2F56-453F-9651-23D4D6692B8F} - System32\Tasks\Mozilla\Firefox Default Browser Agent A2D7726C0C38172D => C:\Users\mason\AppData\Local\Mozilla Firefox\default-browser-agent.exe [34376 2024-08-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {635B76C8-AD4E-417E-BD7B-FE3F70766F0D} - System32\Tasks\Norton Security Ultra\Norton Security Ultra Autofix => C:\Program Files\Norton Security\Engine\22.24.2.6\symerr.exe [379024 2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
Task: {D380EAAC-200D-4606-B014-120AACB7D1A4} - System32\Tasks\Norton Security Ultra\Norton Security Ultra Error Analyzer => C:\Program Files\Norton Security\Engine\22.24.2.6\symerr.exe [379024 2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
Task: {575C59EF-ED1E-452F-9AAC-61F56F05E4C3} - System32\Tasks\Norton Security Ultra\Norton Security Ultra Error Processor => C:\Program Files\Norton Security\Engine\22.24.2.6\symerr.exe [379024 2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
Task: {551E8463-C6AA-457C-9EFC-FB0C990E5879} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.24.2.6\WSCStub.exe [646520 2024-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {9019A18B-F76E-46AC-88E8-AE2CBB0DB4BB} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [70792 2022-08-15] (Acer Incorporated -> )
Task: {17512EED-ED65-4F04-8A70-FBF8351C4F82} - System32\Tasks\Oem\wlanBrokerTask => C:\Program Files (x86)\Acer\ExpressVPN\wlanBroker.exe [17688 2019-11-16] (Acer Incorporated -> )
Task: {734D199C-A08B-4C43-B931-3B3CA17D6698} - System32\Tasks\Power Button => C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe [2771616 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {5B997CED-E1BA-4F52-ABE5-8AF90AE757C7} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [446624 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {1C644CD5-058D-4D20-ABA9-A9A71886D87E} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\Real\RealPlayer\downloader2.exe [1278248 2020-06-12] (RealNetworks, Inc. -> )
Task: {8442F653-9A3C-4678-BAA0-0793E0F4735B} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3432338355-1889630694-583200658-1001 => C:\Program Files (x86)\Real\RealPlayer\realupgrade.exe [135464 2020-06-12] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {4A32558D-FC64-4040-81AD-EEB982B8BBB6} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3432338355-1889630694-583200658-1001 => C:\Program Files (x86)\Real\RealPlayer\realupgrade.exe [135464 2020-06-12] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {5697EEAF-CBEB-431E-9B1D-79D31685CC35} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security Ultra\Upgrade.exe [2353000 2024-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {D8F517AB-284D-4351-9E32-63E5E9763E44} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {B934EAD6-1BC9-41C5-AF5B-E27ED334ACD5} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\TriggerFramework.exe [268096 2019-01-09] (Acer Incorporated -> Acer Incorporated)
Task: {CD2A34C3-564F-4916-9E26-C7A4A215F2CE} - System32\Tasks\UEIPInvitation => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UEIPOOBECheck.exe [2211136 2019-01-09] (Acer Incorporated -> Acer Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3432338355-1889630694-583200658-1001.job => C:\Users\mason\AppData\Local\GoToMeeting\19992\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3432338355-1889630694-583200658-1001.job => C:\Users\mason\AppData\Local\GoToMeeting\19992\g2mupload.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{637757f7-c310-4e32-99d1-6474f1ff1270}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{637757f7-c310-4e32-99d1-6474f1ff1270}\759627470284F6D6560223: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{637757f7-c310-4e32-99d1-6474f1ff1270}\75966496D27457563747D214C6C6572756: [DhcpNameServer] 172.27.4.14
Tcpip\..\Interfaces\{637757f7-c310-4e32-99d1-6474f1ff1270}\75966496D27457563747D214C6C6572756: [DhcpDomain] allure.internal
Tcpip\..\Interfaces\{637757f7-c310-4e32-99d1-6474f1ff1270}\A4F65727E65697: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{637757f7-c310-4e32-99d1-6474f1ff1270}\A4F65727E65697: [DhcpDomain] hsd1.ca.comcast.net
Tcpip\..\Interfaces\{637757f7-c310-4e32-99d1-6474f1ff1270}\D6F647F602760207572756F543037393: [DhcpNameServer] 192.168.17.207
Tcpip\..\Interfaces\{d71c2be5-fc06-437c-a8fe-280a4fa06e3b}: [DhcpNameServer] 40.30.1.66
Edge:
=======
Edge Profile: C:\Users\mason\AppData\Local\Microsoft\Edge\User Data\Default [2024-08-24]
Edge HomePage: Default -> hxxp://www.msn.com/?pc=ACTE
Edge Extension: (Google Docs Offline) - C:\Users\mason\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-16]
Edge Extension: (Edge relevant text changes) - C:\Users\mason\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-23]
FireFox:
========
FF DefaultProfile: 1etzpml1.default
FF ProfilePath: C:\Users\mason\AppData\Roaming\Mozilla\Firefox\Profiles\qqoxv75z.default-release-1-1713907621762 [2024-08-24]
FF Homepage: Mozilla\Firefox\Profiles\qqoxv75z.default-release-1-1713907621762 -> hxxps://www.google.com/
FF Extension: (AdGuard AdBlocker) - C:\Users\mason\AppData\Roaming\Mozilla\Firefox\Profiles\qqoxv75z.default-release-1-1713907621762\Extensions\[email protected] [2024-07-10]
FF ProfilePath: C:\Users\mason\AppData\Roaming\Mozilla\Firefox\Profiles\1etzpml1.default [2020-11-16]
FF ProfilePath: C:\Users\mason\AppData\Roaming\Mozilla\Firefox\Profiles\07xs93tw.default-release [2024-08-24]
FF Homepage: Mozilla\Firefox\Profiles\07xs93tw.default-release -> www.google.com
FF HomepageOverride: Mozilla\Firefox\Profiles\07xs93tw.default-release -> Disabled: [email protected]
FF NewTabOverride: Mozilla\Firefox\Profiles\07xs93tw.default-release -> Disabled: [email protected]
FF NewTabOverride: Mozilla\Firefox\Profiles\07xs93tw.default-release -> Enabled: [email protected]
FF Extension: (Amazon Assistant for Firefox) - C:\Users\mason\AppData\Roaming\Mozilla\Firefox\Profiles\07xs93tw.default-release\Extensions\[email protected] [2020-06-12] [UpdateUrl:hxxps://s3-us-west-2.amazonaws.com/ubp-ubpextension-us-prod/vendor-update/firefox/acer1/updates.json]
FF Extension: (Norton Password Manager) - C:\Users\mason\AppData\Roaming\Mozilla\Firefox\Profiles\07xs93tw.default-release\Extensions\[email protected] [2020-12-01]
FF Extension: (English (US) Language Pack) - C:\Users\mason\AppData\Roaming\Mozilla\Firefox\Profiles\07xs93tw.default-release\Extensions\[email protected] [2021-08-04]
FF Extension: (Norton Home Page) - C:\Users\mason\AppData\Roaming\Mozilla\Firefox\Profiles\07xs93tw.default-release\Extensions\[email protected] [2020-12-01] [UpdateUrl:hxxps://static.nortoncdn.com/idscp/firefox/nsss/hp/updates.json]
FF Extension: (Norton Safe Search) - C:\Users\mason\AppData\Roaming\Mozilla\Firefox\Profiles\07xs93tw.default-release\Extensions\[email protected] [2020-12-01] [UpdateUrl:hxxps://static.nortoncdn.com/idscp/firefox/nsss/ds_modified/updates.json]
FF Extension: (Norton Safe Web) - C:\Users\mason\AppData\Roaming\Mozilla\Firefox\Profiles\07xs93tw.default-release\Extensions\[email protected] [2020-12-01]
FF ProfilePath: C:\Users\mason\AppData\Roaming\Mozilla\Firefox\Profiles\pwlb8vin.default-release-2 [2024-08-24]
FF Extension: (Amazon Assistant for Firefox) - C:\Program Files\Mozilla Firefox\distribution\extensions\[email protected] [2019-05-14] [UpdateUrl:hxxps://s3-us-west-2.amazonaws.com/ubp-ubpextension-us-prod/vendor-update/firefox/acer1/updates.json]
FF Extension: (English (US) Language Pack) - C:\Program Files\Mozilla Firefox\distribution\extensions\[email protected] [2019-05-20]
FF Extension: (Mozilla Partner Defaults) - C:\Program Files\Mozilla Firefox\distribution\extensions\[email protected] [2021-01-27] [Legacy]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-08-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=20.0.0.314 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2020-06-12] (RealNetworks, Inc. -> RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=20.0.0.314 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2020-06-12] (RealNetworks, Inc. -> RealPlayer)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\mason\AppData\Local\Google\Chrome\User Data\Default [2024-08-22]
CHR Extension: (Google Docs Offline) - C:\Users\mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-25]
CHR Extension: (DocHub - Sign PDF from Gmail) - C:\Users\mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjgcgnfikekladnkhnimljcalfibijha [2024-08-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\mason\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]
CHR Profile: C:\Users\mason\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-08-22]
CHR Notifications: Profile 1 -> hxxps://mytime-kroger.me
CHR Extension: (Google Docs Offline) - C:\Users\mason\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\mason\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-11]
CHR Profile: C:\Users\mason\AppData\Local\Google\Chrome\User Data\Profile 3 [2024-04-22]
CHR Extension: (Google Docs Offline) - C:\Users\mason\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\mason\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-08]
CHR Profile: C:\Users\mason\AppData\Local\Google\Chrome\User Data\Profile 4 [2024-04-22]
CHR Extension: (Google Docs Offline) - C:\Users\mason\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\mason\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-08]
CHR Profile: C:\Users\mason\AppData\Local\Google\Chrome\User Data\Profile 5 [2024-05-12]
CHR Extension: (Cruise Control) - C:\Users\mason\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\amomjacbbleicjnplhioginaekbgfbik [2023-11-06]
CHR Extension: (Google Docs Offline) - C:\Users\mason\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-11-06]
CHR Extension: (Cruise Fastpass) - C:\Users\mason\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lgojiobijaofmnncgdnmnagbihmohpoi [2023-11-06]
CHR Extension: (Google Verified Access by Duo) - C:\Users\mason\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lojeokmpinkpmpbakfkfpgfhpapbgdnd [2023-11-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\mason\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-11-06]
CHR Profile: C:\Users\mason\AppData\Local\Google\Chrome\User Data\Profile 6 [2024-05-12]
CHR Extension: (Google Docs Offline) - C:\Users\mason\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\mason\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-04-23]
CHR Profile: C:\Users\mason\AppData\Local\Google\Chrome\User Data\System Profile [2024-08-22]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [259232 2021-12-30] (Acer Incorporated -> Acer Incorporated)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-07-31] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13995624 2024-08-06] (Microsoft Corporation -> Microsoft Corporation)
R2 EndpointProtectionService; C:\Program Files\Endpoint Protection SDK\endpointprotection.exe [11774296 2024-07-19] (Avira Operations GmbH -> Avira Operations GmbH)
S3 EndpointProtectionService2; C:\Program Files\Endpoint Protection SDK\endpointprotection.exe [11774296 2024-07-19] (Avira Operations GmbH -> Avira Operations GmbH)
S3 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [82216 2020-05-30] (Mixbyte Inc -> Freemake)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [241104 2024-08-07] (HP Inc. -> HP Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8887344 2024-05-10] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-04-11] (Malwarebytes Inc. -> Malwarebytes)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe [1505416 2024-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.24.2.6\NortonSecurity.exe [344888 2024-03-04] (NortonLifeLock Inc. -> NortonLifelock Inc.)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.24.2.6\nsWscSvc.exe [1059176 2024-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [466080 2022-01-03] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [504480 2022-01-03] (Acer Incorporated -> Acer Incorporated)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [38536 2020-05-22] (RealNetworks, Inc. -> RealNetworks, Inc.)
R2 RealTimes Desktop Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [990856 2020-06-12] (RealNetworks, Inc. -> RealNetworks, Inc.)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe [305984 2019-01-10] (Acer Incorporated -> Acer Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe [3236728 2024-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe [133704 2024-06-04] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated -> Acer Incorporated)
S3 AppleIPod; C:\WINDOWS\System32\drivers\AppleIPod.sys [30096 2021-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R0 BdNet; C:\WINDOWS\System32\DRIVERS\BdNet.sys [176712 2024-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Avira Operations GmbH)
R1 BdSentry; C:\WINDOWS\System32\DRIVERS\BdSentry.sys [233560 2024-05-20] (Avira Operations GmbH -> Avira Operations GmbH)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.17.1.50\Definitions\BASHDefs\20210929.011\BHDrvx64.sys [2018784 2021-09-14] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1618020.006\ccSetx64.sys [198288 2024-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [516168 2021-02-02] (Symantec Corporation -> Broadcom)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.17.1.50\Definitions\IPSDefs\20211001.061\IDSvia64.sys [1480144 2021-09-28] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223184 2024-06-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-04-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 MpKslaa07328c; C:\WINDOWS\system32\MpEngineStore\MpKslDrv.sys [137464 2022-04-02] (Microsoft Windows -> Microsoft Corporation)
S3 nsvst_NGC; C:\WINDOWS\System32\drivers\NGCx64\1618020.006\nsvst.sys [57120 2024-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R1 pgfilter; C:\WINDOWS\System32\drivers\pgfilter.sys [96280 2024-03-27] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider)
R1 rtp1; C:\WINDOWS\System32\DRIVERS\rtp1.sys [417608 2024-07-19] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp2; C:\WINDOWS\System32\DRIVERS\rtp2.sys [417720 2024-07-19] (Avira Operations GmbH -> Avira Operations GmbH)
S0 rtp_elam; C:\WINDOWS\System32\DRIVERS\rtp_elam.sys [28768 2024-05-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH)
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1618020.006\SRTSP64.SYS [960640 2024-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1618020.006\SRTSPX64.SYS [52864 2024-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1618020.006\SYMEFASI64.SYS [2180248 2024-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1618020.006\SymELAM.sys [36016 2024-03-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [100320 2022-05-22] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.17.1.50\SymPlatform\SymEvnt.sys [712432 2021-07-13] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1618020.006\Ironx64.SYS [306872 2024-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1618020.006\symnets.sys [492720 2024-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2018-02-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [22080 2024-06-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [602520 2024-06-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105880 2024-06-04] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1618020.006\wpCtrlDrv.sys [1016792 2024-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 AppleKmdfFilter; \SystemRoot\System32\drivers\AppleKmdfFilter.sys [X]
S3 AppleLowerFilter; \SystemRoot\System32\drivers\AppleLowerFilter.sys [X]
S1 netprotection_network_filter; System32\drivers\netprotection_network_filter.sys [X]
S3 netprotection_network_filter2; System32\drivers\netprotection_network_filter2.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-08-24 13:16 - 2024-08-24 13:16 - 000038945 _____ C:\Users\mason\Desktop\FRST.txt
2024-08-24 13:15 - 2024-08-24 13:16 - 000000000 ____D C:\FRST
2024-08-24 13:15 - 2024-08-24 13:15 - 000000000 ____D C:\Users\mason\Desktop\FRST-OlderVersion
2024-08-24 12:45 - 2024-08-24 13:15 - 002397184 _____ (Farbar) C:\Users\mason\Desktop\FRST64.exe
2024-08-24 11:09 - 2024-08-24 11:09 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2024-08-24 10:50 - 2024-08-24 10:50 - 000000000 ____D C:\WINDOWS\LastGood
2024-08-24 10:50 - 2024-06-03 05:50 - 000168976 _____ (TODO: <Company name>) C:\WINDOWS\system32\HPWIAExtensionUI.dll
2024-08-24 10:50 - 2024-06-03 05:49 - 005382560 _____ (HP Inc.) C:\WINDOWS\SysWOW64\HPScanTEDrv.dll
2024-08-24 10:50 - 2024-06-03 05:49 - 000992160 _____ (HP Inc.) C:\WINDOWS\SysWOW64\DiscoveryLibDyn.dll
2024-08-22 10:25 - 2024-08-22 10:26 - 013185766 _____ C:\Users\mason\Downloads\FullPdf-The Plain Dealer-22-08-2024.pdf
2024-08-22 09:26 - 2024-08-24 10:50 - 000000000 ____D C:\Users\mason\AppData\Local\Mozilla Firefox
2024-08-16 22:47 - 2024-08-16 22:47 - 026575087 _____ C:\Users\mason\Downloads\FullPdf-The Plain Dealer-16-08-2024.pdf
2024-08-15 14:09 - 2024-08-15 14:09 - 012948882 _____ C:\Users\mason\Downloads\FullPdf-The Plain Dealer-15-08-2024.pdf
2024-08-14 05:22 - 2024-08-14 05:22 - 000000000 ___HD C:\$WinREAgent
2024-08-08 15:46 - 2024-08-08 15:46 - 001506813 _____ C:\Users\mason\Downloads\Receipt_2024-08-08_153056.pdf
2024-08-07 23:14 - 2024-08-07 23:14 - 002523018 _____ C:\Users\mason\Downloads\Flight info for August 2024 cruise.pdf
2024-08-07 11:59 - 2024-08-07 11:59 - 000062839 _____ C:\Users\mason\Downloads\Registration Document.pdf
2024-08-07 09:09 - 2024-08-07 09:09 - 037689093 _____ C:\Users\mason\Downloads\Iconma - Cruise Documents for Byron Mason.pdf
2024-08-06 22:28 - 2024-08-06 22:28 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-08-06 22:27 - 2024-08-06 22:27 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Notes (Preview).lnk
2024-08-03 10:59 - 2024-08-03 10:59 - 023685163 _____ C:\Users\mason\Downloads\FullPdf-The Plain Dealer-03-08-2024.pdf
2024-08-02 15:51 - 2024-08-02 15:51 - 000329755 _____ C:\Users\mason\Downloads\MASON_RETPKGA5_000031.pdf
2024-08-02 11:35 - 2024-08-02 11:35 - 027029582 _____ C:\Users\mason\Downloads\FullPdf-The Plain Dealer-02-08-2024.pdf
2024-08-01 01:18 - 2024-08-01 01:18 - 028947721 _____ C:\Users\mason\Downloads\FullPdf-The Plain Dealer-31-07-2024.pdf
2024-07-29 10:08 - 2024-07-29 10:08 - 015435288 _____ C:\Users\mason\Downloads\FullPdf-The Plain Dealer-29-07-2024.pdf
2024-07-26 17:16 - 2024-07-26 17:16 - 000148730 _____ C:\Users\mason\Downloads\DuckFlyer.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-08-24 12:33 - 2019-12-07 02:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-08-24 12:32 - 2023-08-15 08:32 - 000000000 ____D C:\Users\mason\Desktop\Job search stuff
2024-08-24 12:32 - 2020-06-16 14:26 - 000000000 ____D C:\Users\mason\Desktop\Personal
2024-08-24 12:31 - 2021-10-31 13:31 - 000000000 ____D C:\Users\mason\Desktop\Food
2024-08-24 12:30 - 2023-12-14 13:05 - 000000000 ____D C:\Users\mason\Desktop\Food stand or truck items
2024-08-24 12:28 - 2021-03-29 05:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-08-24 11:48 - 2019-12-07 02:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-08-24 11:48 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-08-24 11:29 - 2020-06-13 07:19 - 000000000 ____D C:\Users\mason\AppData\Local\Host App Service
2024-08-24 10:51 - 2022-02-10 12:50 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-08-24 10:51 - 2020-07-14 03:45 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-08-24 10:51 - 2020-07-14 03:45 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-08-24 10:50 - 2021-12-16 01:54 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-08-24 10:50 - 2019-12-07 02:13 - 000000000 ____D C:\WINDOWS\INF
2024-08-22 21:00 - 2021-03-29 05:13 - 000003578 _____ C:\WINDOWS\system32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3432338355-1889630694-583200658-1001
2024-08-22 21:00 - 2021-03-29 05:13 - 000003516 _____ C:\WINDOWS\system32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3432338355-1889630694-583200658-1001
2024-08-22 17:25 - 2020-06-13 07:23 - 000000000 ____D C:\Users\mason\AppData\Local\Packages
2024-08-22 16:45 - 2021-12-11 13:14 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3432338355-1889630694-583200658-1001
2024-08-22 16:45 - 2021-03-29 05:13 - 000003368 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3432338355-1889630694-583200658-1001
2024-08-22 16:45 - 2021-03-29 05:06 - 000002383 _____ C:\Users\mason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-08-22 16:45 - 2020-06-12 15:24 - 000000000 ___RD C:\Users\mason\OneDrive
2024-08-22 16:39 - 2021-03-29 05:13 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2024-08-22 16:39 - 2020-06-12 15:34 - 000000831 _____ C:\Users\mason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-08-22 09:37 - 2020-12-24 23:35 - 000000000 ____D C:\Users\mason\AppData\Local\CrashDumps
2024-08-22 09:22 - 2020-06-13 07:23 - 000000000 __SHD C:\Users\mason\IntelGraphicsProfiles
2024-08-18 06:25 - 2021-03-29 05:06 - 000000000 ____D C:\Users\mason
2024-08-18 06:21 - 2020-06-12 16:52 - 000000000 ____D C:\Users\mason\AppData\Roaming\vlc
2024-08-18 01:25 - 2020-06-12 15:27 - 000000000 ____D C:\Users\mason\AppData\Roaming\Mozilla
2024-08-18 01:23 - 2020-07-28 22:03 - 000000000 ____D C:\Users\mason\dwhelper
2024-08-17 09:58 - 2024-04-09 12:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton Security Ultra
2024-08-16 08:58 - 2021-03-29 05:15 - 000840602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-08-16 08:54 - 2024-06-07 22:34 - 000000000 ____D C:\Program Files\Endpoint Protection SDK
2024-08-16 08:53 - 2021-03-29 05:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-08-16 08:53 - 2021-03-29 05:05 - 000008192 ___SH C:\DumpStack.log.tmp
2024-08-16 08:53 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\ServiceState
2024-08-16 02:06 - 2022-01-11 10:13 - 000000000 ____D C:\Users\mason\Downloads\New folder
2024-08-15 22:41 - 2020-06-22 22:54 - 000000000 ____D C:\Users\mason\.cache
2024-08-15 17:19 - 2020-06-14 19:06 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-08-15 01:47 - 2019-12-07 02:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-08-15 01:44 - 2021-03-29 05:05 - 000474848 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-08-15 01:43 - 2024-06-07 22:35 - 005863824 _____ C:\WINDOWS\system32\rtp.db
2024-08-15 01:43 - 2019-12-07 02:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2024-08-15 01:42 - 2019-12-07 02:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-08-15 01:42 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-08-15 01:42 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-08-15 01:42 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-08-15 01:42 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-08-15 01:42 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-08-15 01:42 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-08-15 01:42 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-08-15 01:42 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-08-15 01:42 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-08-15 01:42 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-08-15 01:42 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\schemas
2024-08-15 01:42 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\Provisioning
2024-08-15 01:42 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-08-14 05:32 - 2019-12-07 02:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-08-14 05:28 - 2021-03-29 05:05 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-08-14 05:16 - 2020-06-14 00:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-08-14 05:14 - 2020-06-14 00:06 - 197093640 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-08-11 21:34 - 2023-08-13 16:41 - 000000000 ____D C:\Users\mason\Documents\Outlook Files
2024-08-08 22:56 - 2022-10-13 13:49 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-08-08 22:56 - 2022-10-13 13:49 - 000002065 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-08-08 22:56 - 2021-03-29 05:13 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-08-07 12:00 - 2023-04-13 14:54 - 000000000 _____ C:\Users\mason\Documents\HPOJ8710_Fax_Port
2024-08-07 06:28 - 2022-03-22 19:46 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2024-08-07 06:28 - 2021-12-23 14:24 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-08-06 22:26 - 2020-03-07 16:23 - 000000000 ____D C:\Program Files\Microsoft Office
2024-08-01 21:16 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-07-28 20:50 - 2021-03-29 05:13 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-07-28 20:50 - 2021-03-29 05:13 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-08.2024
Ran by mason (24-08-2024 13:17:57)
Running from C:\Users\mason\Desktop
Microsoft Windows 10 Home Version 22H2 19045.4780 (X64) (2021-03-29 12:13:52)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3432338355-1889630694-583200658-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3432338355-1889630694-583200658-503 - Limited - Disabled)
Guest (S-1-5-21-3432338355-1889630694-583200658-501 - Limited - Disabled)
mason (S-1-5-21-3432338355-1889630694-583200658-1001 - Administrator - Enabled) => C:\Users\mason
WDAGUtilityAccount (S-1-5-21-3432338355-1889630694-583200658-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: System Shield (Disabled - Up to date) {CFD1F43D-7501-B54F-88CE-D3F6D5EF8990}
AV: Norton Security Ultra (Enabled - Up to date) {1122B19A-E671-38EC-8EAC-87048FD4528D}
AV: Norton Security Ultra (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: iolo Antivirus (Enabled - Out of date) {7AF0579C-34E6-B3A7-1F85-37043455CEFE}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security Ultra (Disabled - Out of date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0}
AV: Norton Security Ultra (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
FW: Norton Security Ultra (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
FW: Norton Security Ultra (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}
FW: Norton Security Ultra (Disabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB}
FW: Norton Security Ultra (Enabled) {291930BF-AC1E-39B4-A5F3-2E31710715F6}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Configuration Manager (HKLM-x32\...\{8CB1A03C-9849-4744-AD56-341A18F9E3E2}) (Version: 2.5.22250 - Acer)
Acer Jumpstart (HKLM-x32\...\{0C5ED25A-B8D1-4E71-BFCB-6B370A4EA19C}) (Version: 3.5.22220.20 - Acer)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 24.002.20991 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601078}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
App Explorer (HKU\S-1-5-21-3432338355-1889630694-583200658-1001\...\Host App Service) (Version: 0.273.4.874 - SweetLabs) <==== ATTENTION
Care Center Service (HKLM\...\{AFB52E98-7597-4484-9202-58F0FD3512ED}) (Version: 4.00.3042 - Acer Incorporated)
Clean Streams version 1.2 (HKLM-x32\...\{1A9FABEC-169D-4401-87EC-4E82F0430454}_is1) (Version: 1.2 - Clean Streams)
DownloadHelper CoApp (HKLM-x32\...\DownloadHelper CoApp) (Version: 2.0.19.0 - ACLAP)
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3026 - Acer Incorporated)
Endpoint Protection SDK (HKLM\...\{68E1CCB4-4965-4713-BDEB-77F6D6C9BF9D}_is1) (Version: 1.0.2405.2972 - Avira Operations GmbH) Hidden
ExpressVPN (HKLM-x32\...\{878F6EB4-73BF-4A1E-9A92-6DDF9EDC8A8B}) (Version: 2.2.19325.10 - Acer)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.8.4 - Ellora Assets Corporation)
Gateway (HKLM-x32\...\{3225D30A-29E0-492F-8DC4-4503DC3A1EBC}) (Version: 2.1.1 - RBC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 127.0.6533.120 - Google LLC)
GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.)
GoToMeeting 10.20.0.19992 (HKU\S-1-5-21-3432338355-1889630694-583200658-1001\...\GoToMeeting) (Version: 10.20.0.19992 - LogMeIn, Inc.)
HP Dropbox Plugin (HKLM-x32\...\{D12BC084-97D6-438A-AA7C-5962608D17A0}) (Version: 36.0.41.58587 - HP)
HP Google Drive Plugin (HKLM-x32\...\{BFA42100-DB54-467A-BB87-CF70732B4065}) (Version: 36.0.41.58587 - HP)
HP Officejet Pro 8600 Basic Device Software (HKLM\...\{77d93eea-f5c2-4db5-9c2d-25bc5a2e0ec9}) (Version: 28.0.1316.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Help (HKLM-x32\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard)
HP OfficeJet Pro 8710 Basic Device Software (HKLM\...\{0A7A52B9-7D10-4286-A423-A589919D6880}) (Version: 40.12.1161.1896 - HP Inc.)
HP OfficeJet Pro 8710 Help (HKLM-x32\...\{92B8A892-1D92-407A-BF5E-26DCE71B9B12}) (Version: 38.0.0 - HP)
HP OfficeJet Pro 9010 series Basic Device Software (HKLM\...\{054E1B87-E52B-4B86-92B6-2FCA44090110}) (Version: 49.6.4502.206 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{11ED31EC-7EFA-4D56-B71D-E0214C8984CC}) (Version: 12.3.7.0 - HP)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iPod Support (HKLM\...\{4B5933A1-A781-400E-B4A2-3ECC375375E4}) (Version: 120.7.3.55 - Apple Inc.)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.40 - PandoraTV)
Malwarebytes version 5.1.4.112 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.1.4.112 - Malwarebytes)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.17830.20138 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 128.0.2739.42 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 127.0.2651.105 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3432338355-1889630694-583200658-1001\...\OneDriveSetup.exe) (Version: 24.156.0804.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23026 (HKLM-x32\...\{BE960C1C-7BAD-3DE6-8B1A-2616FE532845}) (Version: 14.0.23026 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23026 (HKLM-x32\...\{A2563E55-3BEC-3828-8D67-E5E8B9E8B675}) (Version: 14.0.23026 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.25.28508 (HKLM\...\{7D0B74C2-C3F8-4AF1-940F-CD79AB4B2DCE}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.25.28508 (HKLM\...\{EEA66967-97E2-4561-A999-5C22E3CDE428}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 en-US) (HKU\S-1-5-21-3432338355-1889630694-583200658-1001\...\Mozilla Firefox 129.0.2 (x64 en-US)) (Version: 129.0.2 - Mozilla)
Mozilla Firefox 84.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 84.0.2 (x64 en-US)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0.3 - Mozilla)
Norton Security Ultra (HKLM-x32\...\NGC) (Version: 22.24.2.6 - Symantec Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17830.20138 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17830.20138 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
OpenOffice 4.1.10 (HKLM-x32\...\{D909483F-780E-4232-9313-4C24A1B09BE8}) (Version: 4.110.9807 - Apache Software Foundation)
Quick Access Service (HKLM\...\{AB25551C-74EF-4BAB-9989-891517FCF9FF}) (Version: 3.00.3038 - Acer Incorporated)
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM-x32\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 20.0) (Version: 20.0.0 - RealNetworks)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
RescuePRO Deluxe 7.0.0.7 (HKLM-x32\...\{38D9AAB8-116B-40BB-A801-50B71DF82D24}_is1) (Version: 7.0.0.7 - LC Technology International, Inc.)
RescuePRO SSD 7.0.0.5 (HKLM-x32\...\{6BD4BA00-19BA-499C-A5AB-6C13F7C8DDF6}_is1) (Version: 7.0.0.5 - LC Technology International, Inc.)
System Mechanic (HKLM\...\{95129D61-FF52-4FA8-A403-3E31FC5D9696}) (Version: 24.3.0.57 - RealDefense LLC)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{85C69797-7336-4E83-8D97-32A7C8465A3B}) (Version: 8.94.0.0 - Microsoft Corporation)
UpdateService (HKLM-x32\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
User Experience Improvement Program Service (HKLM\...\{E9495FD3-F73D-4D33-A104-047F9E8BE6C7}) (Version: 4.00.3106 - Acer Incorporated)
vc2012_redist (HKLM-x32\...\{9402AEF2-5981-4097-8BE2-6501DAC4DBFD}) (Version: 1.0.0.0 - Realnetworks) Hidden
VdhCoApp 1.5.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.10 - VideoLAN)
vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-3432338355-1889630694-583200658-1001\...\ZoomUMX) (Version: 5.15.7 (20303) - Zoom Video Communications, Inc.)
Chrome apps:
============
Docs (HKU\S-1-5-21-3432338355-1889630694-583200658-1001\...\42d12322dce8962c0f4064316fc1f170) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-3432338355-1889630694-583200658-1001\...\7a7cc9bc0d565a2a33a7e7d6179326dd) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-3432338355-1889630694-583200658-1001\...\82233d0f84338a13bffd8e0e9e2190a7) (Version: 1.0 - Google\Chrome)
Sheets (HKU\S-1-5-21-3432338355-1889630694-583200658-1001\...\2cbd34840a125bab9f5632b924e4bb11) (Version: 1.0 - Google\Chrome)
Slides (HKU\S-1-5-21-3432338355-1889630694-583200658-1001\...\a8724e37b4245666360c2b28c047d6e2) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-3432338355-1889630694-583200658-1001\...\e0ee8f56fc8e79ba2ee435e63e9c76d7) (Version: 1.0 - Google\Chrome)
Packages:
=========
Acer Collection S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCollectionS_1.0.3004.0_x64__48frkmn4z8aw4 [2020-03-07] (Acer Incorporated)
Acer Product Registration -> C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4 [2023-06-01] (Acer Incorporated)
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-06-15] ()
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_4.3.1.0_x64__kgqvnymyfvs32 [2024-08-15] (king.com)
Care Center S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCareCenterS_4.0.3042.0_x64__48frkmn4z8aw4 [2022-01-14] (Acer Incorporated)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.27.0_x64__xbfy0k16fey96 [2024-08-04] (Dropbox Inc.)
Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_10.102.4.0_x64__q4d96b2w5wcc2 [2024-08-24] (Evernote) [Startup Task]
Farm Heroes Saga -> C:\Program Files\WindowsApps\king.com.FarmHeroesSaga_6.46.12.0_x64__kgqvnymyfvs32 [2024-08-22] (king.com)
GoTrust ID -> C:\Program Files\WindowsApps\GOTrustTechnologyInc.GO-TrustAuthenticator_3.1.21.0_x64__0r04f53sqacg6 [2024-07-11] (GoTrustID Inc.)
Hearts Deluxe -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.HeartsDeluxe_6.13.112.0_x64__kx24dqmazqk8j [2024-07-11] (Random Salad Games LLC)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_155.1.1088.0_x64__v10z8vjag6ke6 [2024-08-07] (HP Inc.)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1041.0_x64__8j3eq9eme6ctt [2024-07-11] (INTEL CORP)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa [2024-06-06] (Apple Inc.) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_3.0.34.0_x64__w1wdnht996qgy [2024-08-22] (LinkedIn) [Startup Task]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x64__8wekyb3d8bbwe [2021-03-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x86__8wekyb3d8bbwe [2021-03-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-29] (Microsoft Corporation) [MS Ad]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2407.18001.0_x64__8wekyb3d8bbwe [2024-08-08] (Microsoft Corporation) [Startup Task]
Movie & Audio Studio -> C:\Program Files\WindowsApps\MAGIXSoftwareGmbH.MovieAudioStudio_1.1.4.0_x64__awcgk3qbzve1y [2020-03-07] (MAGIX Software GmbH)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_7.0.8.0_neutral__mcm4njqhnhss8 [2024-07-15] (Netflix, Inc.)
PhotoDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PhotoDirectorforacerDesktop_8.0.5229.0_x64__ypz87dpxkv292 [2020-03-07] (CYBERLINK COM CORP)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-09-26] (Microsoft Corporation)
PowerDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PowerDirectorforacerDesktop_14.0.4304.0_x64__ypz87dpxkv292 [2020-03-07] (CYBERLINK COM CORP)
QuickAccess -> C:\Program Files\WindowsApps\AcerIncorporated.QuickAccess_3.0.3038.0_x64__48frkmn4z8aw4 [2022-02-09] (Acer Incorporated)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.9.205.0_x64__dt26b99r8h8gj [2020-06-16] (Realtek Semiconductor Corp)
Simple Mahjong -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleMahjong_6.5.15.0_x64__kx24dqmazqk8j [2024-08-09] (Random Salad Games LLC)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.5.18.0_x64__kx24dqmazqk8j [2024-08-09] (Random Salad Games LLC)
Spades -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.Spades_6.1.137.0_x64__kx24dqmazqk8j [2024-07-21] (Random Salad Games LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.244.405.0_x64__zpdnekdrzrea0 [2024-08-16] (Spotify AB) [Startup Task]
User Experience Improvement Program -> C:\Program Files\WindowsApps\AcerIncorporated.UserExperienceImprovementProgram_4.0.3106.0_x64__48frkmn4z8aw4 [2020-03-07] (Acer Incorporated)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3432338355-1889630694-583200658-1001_Classes\CLSID\{21866f4d-2117-4b95-a17f-c63288a36e3d}\InprocServer32 -> E:\FirefoxPortable\App\firefox64\notificationserver.dll => No File
CustomCLSID: HKU\S-1-5-21-3432338355-1889630694-583200658-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3432338355-1889630694-583200658-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\mason\AppData\Local\GoToMeeting\17956\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-3432338355-1889630694-583200658-1001_Classes\CLSID\{93acf5c5-31b3-4c31-b49b-9ed6ad265b25}\InprocServer32 -> E:\Firefox II\App\firefox64\notificationserver.dll => No File
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.24.2.6\buShell.dll [2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.24.2.6\buShell.dll [2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.24.2.6\buShell.dll [2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.24.2.6\buShell.dll [2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.24.2.6\buShell.dll [2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.24.2.6\buShell.dll [2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.24.2.6\buShell.dll [2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.24.2.6\NavShExt.dll [2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.24.2.6\NavShExt.dll [2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-04-11] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpcontextmenu.dll [2020-06-12] (RealNetworks, Inc. -> RealNetworks, Inc.)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.24.2.6\buShell.dll [2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-04-11] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.24.2.6\NavShExt.dll [2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\mason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 4" --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\mason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 4" --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\mason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 4" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\mason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 4" --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\mason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 4" --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\mason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 4" --app-id=agimnkijcaahngcdmfeangaknmldooml
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
SearchScopes: HKU\S-1-5-21-3432338355-1889630694-583200658-1001 -> DefaultScope {ABFF4D2C-EA5C-4C9E-B9EA-FB9B77D438C3} URL =
SearchScopes: HKU\S-1-5-21-3432338355-1889630694-583200658-1001 -> {ABFF4D2C-EA5C-4C9E-B9EA-FB9B77D438C3} URL =
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\Real\RealPlayer\BrowserRecordPlugin\IE\rndlbrowserrecordplugin64.dll [2020-06-12] (RealNetworks, Inc. -> RealPlayer)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\Real\RealPlayer\BrowserRecordPlugin\IE\rndlbrowserrecordplugin.dll [2020-06-12] (RealNetworks, Inc. -> RealPlayer)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-08-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-08-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-08-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-08-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-08-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-08-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-08-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-08-06] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-18 21:49 - 2019-03-18 21:49 - 000000824 ____N C:\WINDOWS\system32\drivers\etc\hosts
2021-07-03 10:06 - 2024-07-19 21:47 - 000000512 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.201 amazon-50cfd33a2.mshome.net # 2024 7 6 27 4 47 4 161
192.168.137.1 Byron-Acer.mshome.net # 2029 7 4 19 4 47 4 161
97
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3432338355-1889630694-583200658-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\mason\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalCache\Microsoft\IrisService\976792044243164049\133689992833640025.jpg
DNS Servers: 68.105.28.11 - 68.105.29.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys
Bluetooth Network Connection: Bluetooth Device (Personal Area Network) -> bthpan.sys
Wi-Fi: Intel® Wireless-AC 9560 160MHz -> Netwtw10.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: Freemake Improver => 2
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{F00E50DB-6D5E-4BC1-9756-AFB14B46C194}] => (Allow) C:\Users\mason\AppData\Local\Temp\7zS3C6D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{D9EAEE84-39FC-47B9-9A5C-4F95C24B5309}] => (Allow) C:\Users\mason\AppData\Local\Temp\7zS3C6D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{5886DEA5-4E1B-41DB-BB46-E6712E7FCFCA}] => (Allow) C:\Users\mason\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4C187242-A7D1-4433-8DA8-6D55E3169655}] => (Allow) C:\Users\mason\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{B95D2CD2-91EB-4091-AA51-430D042EC24C}] => (Allow) C:\Users\mason\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{0B24E53B-6FDA-4B76-9639-B5051191F6E5}] => (Allow) C:\Users\mason\AppData\Local\Temp\7zS2F95\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{3D5E5F49-C857-47CC-B881-656B14F05E5D}] => (Allow) C:\Users\mason\AppData\Local\Temp\7zS2F95\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{79243511-9A30-481A-8B88-90BD80AD2FCA}] => (Allow) C:\Users\mason\AppData\Local\Temp\7zS2F02\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{CBAA0608-9C06-4780-B170-78DBB319A215}] => (Allow) C:\Users\mason\AppData\Local\Temp\7zS2F02\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{C7347A40-EF94-4C5F-A92E-7A9297CFC2C7}] => (Allow) C:\Users\mason\AppData\Local\Temp\7zS3771\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{80F63C33-55C9-4C2C-844D-77275D46A4F6}] => (Allow) C:\Users\mason\AppData\Local\Temp\7zS3771\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{C1F63BD4-C22A-4308-8219-BA60F9DAFDF7}] => (Allow) C:\Users\mason\AppData\Local\Temp\7zS0358\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{3293EF57-9FC4-496F-B1FA-83D99BAE7393}] => (Allow) C:\Users\mason\AppData\Local\Temp\7zS0358\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{453169EF-40DB-406F-A280-043716C81044}] => (Allow) C:\Users\mason\AppData\Local\Temp\7zS3BDF\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{8FF7B386-CCA2-478C-923F-28A30CD2EFA9}] => (Allow) C:\Users\mason\AppData\Local\Temp\7zS3BDF\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{653FEBBA-FD10-4D3B-A0BD-E5F102293114}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{9D57F245-B56A-47C2-B012-CE2AA17B3116}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{EEBD597D-B42F-45F0-BD52-DE5729A747C2}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{A3CA82F0-3E95-454E-AD28-C1C106EA58D5}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{8E8999C1-E11D-4242-89B1-8AA8533A04A7}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{DF378217-9AA9-43AE-B6BA-5B80E8C11FC0}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [UDP Query User{A4F9DE3C-D73D-49E7-A93D-404A612D3C9C}C:\program files (x86)\clean streams\clean streams_data\streamingassets\vlc\vlc.exe] => (Allow) C:\program files (x86)\clean streams\clean streams_data\streamingassets\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{E559061E-DA7C-4EC3-8FFB-C3AC2ED646CD}C:\program files (x86)\clean streams\clean streams_data\streamingassets\vlc\vlc.exe] => (Allow) C:\program files (x86)\clean streams\clean streams_data\streamingassets\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{C60A8765-A958-4175-9F62-2D1CCB63E2EB}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 9010 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc -> HP Inc.)
FirewallRules: [{0CF43463-D86B-4FA3-8132-87F402419E26}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 9010 series\Bin\DeviceSetup.exe (HP Inc -> HP Inc.)
FirewallRules: [{8EDEE764-B3B6-4DD6-B3C5-A4943B756E24}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 9010 series\bin\FaxPrinterUtility.exe (HP Inc -> HP Inc.)
FirewallRules: [{9E7FCA09-0E90-47CD-9801-44B31E2A0231}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 9010 series\bin\SendAFax.exe (HP Inc -> HP Inc.)
FirewallRules: [{E832C8E3-5086-446D-8DD8-618122C5CE40}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 9010 series\bin\DigitalWizards.exe (HP Inc -> HP Inc.)
FirewallRules: [{E8BAF46E-A121-483A-808D-79C6774EC51C}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 9010 series\bin\FaxApplications.exe (HP Inc -> HP Inc.)
FirewallRules: [UDP Query User{310E1A50-8997-42AA-AA15-DD74EA8D9597}C:\users\mason\appdata\local\mozilla firefox\firefox.exe] => (Allow) C:\users\mason\appdata\local\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{100065B1-B57F-4A3F-93D0-51FD21102673}C:\users\mason\appdata\local\mozilla firefox\firefox.exe] => (Allow) C:\users\mason\appdata\local\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{18EBA174-FE05-4231-BAD8-766C0C7685B0}C:\program files (x86)\clean streams\clean streams_data\streamingassets\vlc\vlc.exe] => (Allow) C:\program files (x86)\clean streams\clean streams_data\streamingassets\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{F5EA3D98-7672-496A-AA6E-E3E7B8DAC77A}C:\program files (x86)\clean streams\clean streams_data\streamingassets\vlc\vlc.exe] => (Allow) C:\program files (x86)\clean streams\clean streams_data\streamingassets\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{656A9636-C76C-41CE-8A5E-8196461F690D}] => (Allow) LPort=5357
FirewallRules: [{1F81F3E5-D319-4DBB-A2B9-2482E555070C}] => (Allow) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
FirewallRules: [{EC030B5F-02FF-4779-84F8-B5378005407A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E29960E8-9E57-41FF-80BC-7F962547A8FD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{633DFBFD-05CD-4EA3-9FDF-D0B1A6677EB9}] => (Allow) C:\Users\mason\AppData\Local\Temp\7zS07AE\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{D482D86D-6F16-43BF-BFA5-3EA7934D46AB}] => (Allow) C:\Users\mason\AppData\Local\Temp\7zS07AE\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{B0491D01-9B0F-4A43-B2AD-2E561309C64F}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{AED565B9-A87E-4595-943F-05328491AD9C}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{DC115EBE-CFC3-433F-9B73-8AC37C8B31E9}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{BF93738C-6301-4AFA-B987-A833841983D5}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [TCP Query User{2799CCD9-4C3A-4171-8991-FA7C22F81322}C:\users\mason\appdata\local\mozilla firefox\firefox.exe] => (Allow) C:\users\mason\appdata\local\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{96D9EC1C-8D18-45F5-AE75-B5B88F7239DC}C:\users\mason\appdata\local\mozilla firefox\firefox.exe] => (Allow) C:\users\mason\appdata\local\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{E418D16D-21F3-4A64-A032-C335F2C897C3}C:\users\mason\appdata\local\temp\7zs412f\enterprisedu.exe] => (Allow) C:\users\mason\appdata\local\temp\7zs412f\enterprisedu.exe => No File
FirewallRules: [UDP Query User{339BAA0D-35DA-461E-95AF-CC9D69D4E941}C:\users\mason\appdata\local\temp\7zs412f\enterprisedu.exe] => (Allow) C:\users\mason\appdata\local\temp\7zs412f\enterprisedu.exe => No File
FirewallRules: [TCP Query User{AF709C7F-A440-4784-8193-690750A8EAB3}C:\users\mason\appdata\local\temp\7zs7ce5\enterprisedu.exe] => (Allow) C:\users\mason\appdata\local\temp\7zs7ce5\enterprisedu.exe => No File
FirewallRules: [UDP Query User{3276B96F-63B5-4592-9208-7323D0ECF14B}C:\users\mason\appdata\local\temp\7zs7ce5\enterprisedu.exe] => (Allow) C:\users\mason\appdata\local\temp\7zs7ce5\enterprisedu.exe => No File
FirewallRules: [{7A4C9225-BBF9-470E-B064-536B774C16A3}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\bin\FaxApplications.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{2053E5A9-ED6D-4E1D-8E7A-10ABDD508DC8}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{2B2B70C0-2BD6-4AC5-BFFE-F9D67DF28081}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\bin\SendAFax.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{BF36BBA0-0243-4DFC-AC24-AAF749B1FBBF}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\bin\FaxPrinterUtility.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{2274F5BB-3778-43CA-A152-345B993CEBA2}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{129BE3B5-39B2-4FFC-9102-4BAD4CC4442A}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{7ABEF247-9C8D-436E-A703-836F3ECAB153}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{7EB7494C-F806-4A01-9061-ABA7B19A44FB}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{38FE5D14-72AE-4E4E-AD40-70EB3B5F7598}] => (Allow) C:\Program Files\iolo technologies\System Mechanic\ioloTrayApp.exe (RealDefense LLC -> RealDefense LLC)
FirewallRules: [{E075C1CE-EDCA-4DB7-AE30-039FF21AE68B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{42EB051F-F2DB-49F5-9FDE-F467C6EED1BC}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{FABEECE8-7749-401F-B558-337B3B751BB0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{A02162AC-6951-48E3-B05F-B3BFC8A6A485}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{01A748E3-85BD-4105-986C-B83AA9046FF5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{A8E91085-D51C-46CE-8AB0-942CD78FD3A8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{ACFE0F88-0AEC-4210-9E7C-2B29FBD963AA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{FD57169F-023C-41CA-ADFC-A732BF711804}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{F13AABFD-A5D6-4761-BACE-BE6B30F7C6FD}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3E5267E2-4540-4C0D-96D7-FFFAB9987DB8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{01DF8305-38E2-41E6-8375-25226B54879D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.244.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3D3C8D33-F996-4FFC-B331-5A5158F8A680}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.244.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3C5478D1-5790-4A95-B124-515F2C63E23E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.244.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6D41B970-576A-443F-988B-9086BAC1FFB0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.244.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{ADEF62B9-303B-4C24-B96B-30C0A461D481}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.244.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{30132B85-D3A0-4D3A-B042-7E67C3FD3199}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.244.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E06907C5-5EBE-456D-BA42-60129187F518}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.244.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6EED39DB-0587-480D-AF2E-2113D01F7E64}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.244.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{56037205-15D1-4695-A475-39D7010F415B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.244.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8EDCD586-7713-48FC-99A7-A5A37F76101E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.244.405.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{853FC12C-EBE2-473A-9E03-33EDD1339858}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\127.0.2651.105\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A0697894-6AC1-4896-8798-C6609E340623}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.126.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{485A65E2-E06C-42A7-9DC9-45338A28ECAE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.126.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{00C7275C-D800-4ACF-9BAD-D32457FC6897}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.126.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AECB9017-A16D-4F8B-B205-0FD69DAE77B2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.126.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
24-08-2024 11:48:32 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (08/22/2024 09:37:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AcerRegistrationBackGroundTask.exe, version: 1.0.0.0, time stamp: 0x64375ffb
Faulting module name: KERNELBASE.dll, version: 10.0.19041.4780, time stamp: 0xc4a0381f
Exception code: 0xc000041d
Fault offset: 0x00141072
Faulting process id: 0x7720
Faulting application start time: 0x01daf4b19d130c7d
Faulting application path: C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4\DesktopApp\AcerRegistrationBackGroundTask.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 5171cb3a-f632-4c16-b355-07a7e1aca938
Faulting package full name: AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4
Faulting package-relative application ID: Acer.AcerRegistration
Error: (08/22/2024 09:37:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AcerRegistrationBackGroundTask.exe, version: 1.0.0.0, time stamp: 0x64375ffb
Faulting module name: KERNELBASE.dll, version: 10.0.19041.4780, time stamp: 0xc4a0381f
Exception code: 0xc0020001
Fault offset: 0x00141072
Faulting process id: 0x7720
Faulting application start time: 0x01daf4b19d130c7d
Faulting application path: C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4\DesktopApp\AcerRegistrationBackGroundTask.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: f8ce3232-42fa-49d4-b593-229a01d5bd68
Faulting package full name: AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4
Faulting package-relative application ID: Acer.AcerRegistration
Error: (08/22/2024 09:37:45 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: AcerRegistrationBackGroundTask.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0020001, exception address 76E71072
Stack:
at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
at System.Environment._Exit(Int32)
at System.Environment.Exit(Int32)
at AcerRegistrationBackGroundTask.MainWindow+<closeBackGroundTask>d__24.MoveNext()
at System.Runtime.CompilerServices.AsyncVoidMethodBuilder.Start[[AcerRegistrationBackGroundTask.MainWindow+<closeBackGroundTask>d__24, AcerRegistrationBackGroundTask, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null]](<closeBackGroundTask>d__24 ByRef)
at AcerRegistrationBackGroundTask.MainWindow.closeBackGroundTask()
at AcerRegistrationBackGroundTask.MainWindow.Window_Loaded(System.Object, System.Windows.RoutedEventArgs)
at System.Windows.RoutedEventHandlerInfo.InvokeHandler(System.Object, System.Windows.RoutedEventArgs)
at System.Windows.EventRoute.InvokeHandlersImpl(System.Object, System.Windows.RoutedEventArgs, Boolean)
at System.Windows.UIElement.RaiseEventImpl(System.Windows.DependencyObject, System.Windows.RoutedEventArgs)
at System.Windows.UIElement.RaiseEvent(System.Windows.RoutedEventArgs)
at System.Windows.BroadcastEventHelper.BroadcastEvent(System.Windows.DependencyObject, System.Windows.RoutedEvent)
at System.Windows.BroadcastEventHelper.BroadcastLoadedEvent(System.Object)
at MS.Internal.LoadedOrUnloadedOperation.DoWork()
at System.Windows.Media.MediaContext.FireLoadedPendingCallbacks()
at System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks()
at System.Windows.Media.MediaContext.RenderMessageHandlerCore(System.Object)
at System.Windows.Media.MediaContext.RenderMessageHandler(System.Object)
at System.Windows.Media.MediaContext.Resize(System.Windows.Media.ICompositionTarget)
at System.Windows.Interop.HwndTarget.OnResize()
at System.Windows.Interop.HwndTarget.HandleMessage(MS.Internal.Interop.WindowMessage, IntPtr, IntPtr)
at System.Windows.Interop.HwndSource.HwndTargetFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.ShowWindow(System.Runtime.InteropServices.HandleRef, Int32)
at System.Windows.Window.ShowHelper(System.Object)
at System.Windows.Window.Show()
at System.Windows.Application+<>c.<RunInternal>b__105_0(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.DispatcherOperation.InvokeImpl()
at System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
at MS.Internal.CulturePreservingExecutionContext.CallbackWrapper(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Windows.Threading.DispatcherOperation.Invoke()
at System.Windows.Threading.Dispatcher.ProcessQueue()
at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
at System.Windows.Application.RunDispatcher(System.Object)
at System.Windows.Application.RunInternal(System.Windows.Window)
at System.Windows.Application.Run(System.Windows.Window)
at AcerRegistrationBackGroundTask.Startup.Main(System.String[])
Error: (08/22/2024 09:25:37 AM) (Source: Firefox Default Browser Agent) (EventID: 12002) (User: )
Description: Event-ID 12002
Error: (08/22/2024 09:25:37 AM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0
Error: (08/17/2024 08:28:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ACCStd.exe, version: 4.0.3042.0, time stamp: 0x61cc5d9c
Faulting module name: KERNELBASE.dll, version: 10.0.19041.4717, time stamp: 0x16b0a901
Exception code: 0xe0434352
Fault offset: 0x000000000003b699
Faulting process id: 0x2d40
Faulting application start time: 0x01daeff4ccf8ef8b
Faulting application path: C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: bf2d0d4f-ba94-4e29-b1b1-1936c5a88531
Faulting package full name:
Faulting package-relative application ID:
Error: (08/17/2024 03:05:37 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: ACCStd.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.InvalidOperationException
at System.ThrowHelper.ThrowInvalidOperationException(System.ExceptionResource)
at System.Collections.Generic.List`1+Enumerator[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].MoveNextRare()
at Acer.CareCenter.Diagnostic.MultiDevicesTests..ctor(DiagnosticPlugin.DeviceManager)
at Acer.CareCenter.Diagnostic.DiagnosticController.GetAllTestItems()
at Acer.CareCenter.ACCStd.DiagnosticManager_ACCStd.GetSpecificTestItems(DeviceType)
at Acer.CareCenter.ACCStd.DiagnosticManager_ACCStd.DeviceInfoUpdate(System.Object, Acer.CareCenter.Diagnostic.DeviceInfoUpdateEventArgs)
at Acer.CareCenter.Diagnostic.ADSPlgSimpleCtl.InfoUpdate(System.Object, DiagnosticEvent.InformationUpdateEventArgs)
at EthernetDevice.EthernetManager.NetworkChange_NetworkAddressChanged(System.Object, System.EventArgs)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Net.NetworkInformation.NetworkChange+AddressChangeListener.AddressChangedCallback(System.Object, Boolean)
at System.Threading._ThreadPoolWaitOrTimerCallback.PerformWaitOrTimerCallback(System.Object, Boolean)
Error: (08/16/2024 09:08:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AcerRegistrationBackGroundTask.exe, version: 1.0.0.0, time stamp: 0x64375ffb
Faulting module name: KERNELBASE.dll, version: 10.0.19041.4780, time stamp: 0xc4a0381f
Exception code: 0xc000041d
Fault offset: 0x00141072
Faulting process id: 0x974
Faulting application start time: 0x01daeff68c8699c3
Faulting application path: C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4\DesktopApp\AcerRegistrationBackGroundTask.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 5c83638a-a2bc-4666-8e6a-476efd8eb6c8
Faulting package full name: AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4
Faulting package-relative application ID: Acer.AcerRegistration
System errors:
=============
Error: (08/24/2024 11:48:22 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9P6PMZTM93LR-Microsoft.6365217CE6EB4.
Error: (08/22/2024 10:03:00 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
Error: (08/16/2024 08:53:03 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:48:08 AM on 8/16/2024 was unexpected.
Error: (08/16/2024 08:52:55 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684A fatal error occurred processing the restoration data.
Error: (08/08/2024 03:43:08 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 3:37:55 PM on 8/8/2024 was unexpected.
Error: (08/08/2024 03:42:59 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684A fatal error occurred processing the restoration data.
Error: (08/08/2024 08:12:01 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9P6PMZTM93LR-Microsoft.6365217CE6EB4.
Error: (08/07/2024 06:27:47 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9P6PMZTM93LR-Microsoft.6365217CE6EB4.
Windows Defender:
================
Date: 2024-06-07 22:22:51
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-06-06 23:13:08
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-06-06 23:01:01
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-06-06 22:07:51
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-06-05 21:35:39
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:
Date: 2024-08-05 20:30:12
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.413.165.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.24050.5
Error code: 0x80240017
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2024-04-21 22:10:45
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.409.203.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.24030.4
Error code: 0x80070643
Error description: Fatal error during installation.
Date: 2024-04-21 22:10:44
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.409.436.0
Previous security intelligence Version: 1.409.203.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.24030.4
Previous Engine Version: 1.1.24030.4
Error code: 0x80004004
Error description: Operation aborted
Date: 2024-04-21 22:10:44
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.409.436.0
Previous security intelligence Version: 1.409.203.0
Update Source: User
Security intelligence Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.24030.4
Previous Engine Version: 1.1.24030.4
Error code: 0x80004004
Error description: Operation aborted
CodeIntegrity:
===============
Date: 2024-08-24 12:49:19
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Endpoint Protection SDK\wsc_agent.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.24.2.6\symamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2024-08-24 12:49:19
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Endpoint Protection SDK\amsi\x64\avamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: Insyde Corp. V1.16 12/11/2019
Motherboard: CML Doc_WC
Processor: Intel® Core i5-10210U CPU @ 1.60GHz
Percentage of memory in use: 67%
Total physical RAM: 7908.93 MB
Available physical RAM: 2543.63 MB
Total Virtual: 14820.93 MB
Available Virtual: 6029.69 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:475.83 GB) (Free:49.51 GB) (Model: HFM512GDJTNG-8310A) NTFS
\\?\Volume{9ee5527a-b581-4082-9daa-7bd12ccac72a}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.15 GB) NTFS
\\?\Volume{86c883d1-e40f-4015-83c4-323d74e37997}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
==================== MBR & Partition Table ====================
==================== End of Addition.txt =======================
Thank you to whomever takes a look at this. Much appreciated.
System slow...not responding properly. [Closed]
Started by
ByronM1759
, Aug 24 2024 02:56 PM
#1
Posted 24 August 2024 - 02:56 PM
#2
Posted 25 August 2024 - 11:49 PM
Hi, ByronM1759.
I'm closing this topic, since you are getting assistance here: Not experienced enough to know what's wrong, but something is. Please help. - Virus, Trojan, Spyware, and Malware Removal Help (bleepingcomputer.com)
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users