It is painfully slow for my computer to start up and when opening programs. I have run malwarebytes with little change. My logs are pasted below.
Thanks! Miles
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.04.2024 01
Ran by miles (administrator) on 2020WS07 (Dell Inc. Precision 5820 Tower) (16-05-2024 07:58:17)
Running from C:\Users\Miles\Desktop\FRST64.exe
Loaded Profiles: miles
Platform: Microsoft Windows 10 Pro for Workstations Version 22H2 19045.4412 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBWebConnector3.0\Intuit.QBDT.Webconnector.QBWCMonitor.exe ->) (Intuit, Inc. -> ) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBWebConnector3.0\Intuit.QBDT.Webconnector.Application.exe
(C:\Program Files (x86)\GeoComply\PlayerLocationCheck\Application\com.geocomply.process-scanner-microservice.exe ->) (GeoComply Solutions Inc. -> ) C:\Program Files (x86)\GeoComply\PlayerLocationCheck\crash_handler.exe <5>
(C:\Program Files (x86)\GeoComply\PlayerLocationCheck\Application\service.exe ->) (GeoComply Solutions Inc. -> ) C:\Program Files (x86)\GeoComply\PlayerLocationCheck\PlayerLocationIcon.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserProcess.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.DCF.UA.Bradbury.API.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DiagnosticsSubAgent\Dell.TechHub.Diagnostics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.CoreServices.Client.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\AnalyticsSubAgent\Dell.TechHub.Analytics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.97\msedgewebview2.exe <7>
(C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ai.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(C:\Program Files\TeamViewer\TeamViewer.exe ->) (TeamViewer Germany GmbH -> ) C:\Program Files\TeamViewer\crashpad_handler.exe <2>
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\tv_x64.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa\iCloud\iCloudHome.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa\iCloud\iCloudDrive.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa\iCloud\iCloudHome.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa\iCloud\iCloudPhotos.exe
(cmd.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc) C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa\iCloud\iCloudCKKS.exe
(explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa\iCloud\iCloudHome.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <11>
(explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(explorer.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(ONELAUNCH TECHNOLOGIES INC. -> OneLaunch) [File not signed] C:\Users\Miles\AppData\Local\OneLaunch\5.12.8\chromium\chromium.exe <8>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\PPO\dpoMonitorSvc.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\PPO\poaService.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\PPO\poaSmSrv.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\PPO\poaTaServ.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\PPO\Telemetry\dpoTelemetrySvc.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe
(services.exe ->) (GeoComply Solutions Inc. -> ) C:\Program Files (x86)\GeoComply\PlayerLocationCheck\Application\com.geocomply.internal-updater-microservice.exe
(services.exe ->) (GeoComply Solutions Inc. -> ) C:\Program Files (x86)\GeoComply\PlayerLocationCheck\Application\com.geocomply.process-scanner-microservice.exe
(services.exe ->) (GeoComply Solutions Inc. -> ) C:\Program Files (x86)\GeoComply\PlayerLocationCheck\Application\com.geocomply.vm-detector-microservice.exe
(services.exe ->) (GeoComply Solutions Inc. -> ) C:\Program Files (x86)\GeoComply\PlayerLocationCheck\Application\com.geocomply.wifi-scanner-microservice.exe
(services.exe ->) (GeoComply Solutions Inc. -> ) C:\Program Files (x86)\GeoComply\PlayerLocationCheck\Application\service.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_53ed758d7f7447bb\WMIRegistrationService.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intuit Inc.) [File not signed] C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe
(services.exe ->) (Intuit, Inc. -> ) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBWebConnector3.0\Intuit.QBDT.Webconnector.QBWCMonitor.exe
(services.exe ->) (Intuit, Inc. -> Intuit Inc.) C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(services.exe ->) (Intuit, Inc. -> Intuit Inc.) C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdateMonitorService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdw.inf_amd64_ac602ca6281a790b\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdw.inf_amd64_ac602ca6281a790b\NVWMI\nvWmi64.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa\iCloud\ApplePhotoStreams.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa\iCloud\iCloudOutlookConfig64.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple, Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa\iCloud\secd.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2403.5.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mmgaserver.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102808 2021-05-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618080 2021-05-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4096992 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1236688 2020-12-04] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [DellPoaEvents] => C:\Program Files\Dell\PPO\DellPoaEvents\DellPoaEventsLauncher.exe [179904 2021-05-24] (Dell Inc -> )
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [781552 2022-01-31] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3979886858-3466003010-52152672-1117\...\Run: [Intermedia Unite] => C:\Users\Miles\AppData\Local\Programs\Intermedia Unite\Intermedia Unite.exe [126224496 2022-02-28] (SystemServer -> Intermedia.net, Inc.)
HKU\S-1-5-21-3979886858-3466003010-52152672-1117\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [8508832 2024-05-11] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3979886858-3466003010-52152672-1117\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45380000 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3979886858-3466003010-52152672-1117\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Miles\AppData\Local\Microsoft\Teams\Update.exe [2589872 2023-11-06] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3979886858-3466003010-52152672-1117\...\Run: [GoogleChromeAutoLaunch_B351F70873A92F189CFAEEC3C22BF2D2] => C:\Users\Miles\AppData\Local\OneLaunch\5.12.8\chromium\chromium.exe [2077912 2023-05-01] (ONELAUNCH TECHNOLOGIES INC. -> OneLaunch) [File not signed]
HKU\S-1-5-21-3979886858-3466003010-52152672-1117\...\Run: [OneLaunchChromium] => C:\Users\Miles\AppData\Local\OneLaunch\5.12.8\ChromiumStartupProxy.exe [190464 2023-06-14] (OneLaunch) [File not signed]
HKU\S-1-5-21-3979886858-3466003010-52152672-1117\...\Run: [MicrosoftEdgeAutoLaunch_25B39A34BD6531F2C5CA23A3294073C4] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4081192 2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4000711494-3036214982-4089320913-1001\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\bob\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" [37832560 2020-10-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4000711494-3036214982-4089320913-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\bob\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Google\Chrome\Application\chrome.exe --restore-last-session [2790176 2024-05-10] (Google LLC -> Google LLC)
HKLM\...\Windows x64\Print Processors\hpcpp250: C:\Windows\System32\spool\prtprocs\x64\hpcpp250.dll [850024 2020-08-20] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [203936 2021-12-24] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HP Universal Print Monitor: C:\Windows\system32\HPMPW082.DLL [127592 2020-08-20] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\HPMLM225: C:\Windows\system32\hpmlm225.dll [315496 2020-08-20] (HP Inc. -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\124.0.6367.207\Installer\chrmstp.exe [2024-05-13] (Google LLC -> Google LLC)
Startup: C:\Users\Miles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneLaunchChromium.lnk [2023-08-23]
ShortcutTarget: OneLaunchChromium.lnk -> C:\Users\Miles\AppData\Local\OneLaunch\5.12.8\ChromiumStartupProxy.exe (OneLaunch) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk [2024-03-06]
ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit, Inc. -> Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2024-03-06]
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit, Inc. -> Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk [2024-03-06]
ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files\Intuit\QuickBooks 2024\QBW.EXE (Intuit, Inc. -> Intuit Inc.)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
"C:\Windows\System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202}" was unlocked. <==== ATTENTION
"C:\Windows\System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA}" was unlocked. <==== ATTENTION
Task: {2550036A-1E4B-425E-9595-C3F03F8185D0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {8CD466D2-7FEE-45F9-B26D-A6F32E819BCB} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4096992 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {2BF23A31-9250-4059-97E9-9F55B0D0001F} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [4434400 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {F66EFACC-F9B2-47A9-A474-A69A061C4F14} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {4817F67E-74C5-4FC9-8EFB-2CA5926C330B} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5074848 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "e25ae0b1-a2b5-450e-a08e-82a6c2ef80e5" --version "6.23.11010" --silent
Task: {A2566B59-CF25-4770-A465-BBFF74609FD1} - System32\Tasks\CCleanerSkipUAC - miles => C:\Program Files\CCleaner\CCleaner.exe [39118752 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {B11A31C0-17BF-4647-9F58-FF32A742F4E9} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5672240 2024-05-15] (Microsoft Windows -> Microsoft Corporation)
Task: {34C7DF82-30DD-4884-B4ED-871E710D8AA1} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\FrameworkAgents\SupportAssistInstaller.exe [964936 2024-04-25] (Dell Technologies Inc. -> Dell Inc.) -> C:\Program Files\Dell\SupportAssistAgent\bin\AutoUpdate
Task: {0AA35DB4-3702-4F98-BCBC-120461891E67} - System32\Tasks\GeoComply Service Check => C:\Program Files (x86)\GeoComply\PlayerLocationCheck\Application\PlayerLocationCheckTask.cmd [1642 2024-02-21] () [File not signed] ->
Task: {32F79499-DF45-4BA2-AFEE-C77291F9FA9A} - System32\Tasks\GeoComply Update Task => C:\Program Files (x86)\GeoComply\PlayerLocationCheck\Update\GeoComplyUpdate.exe [6324928 2024-04-16] (GeoComply Solutions Inc. -> GeoComply)
Task: {B6124CE6-43EF-4FF8-8A56-0ACE24067C4D} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem126.0.6462.0{AA586E46-941D-43D6-BC2B-C9606B3AC5A9} => C:\Program Files (x86)\Google\GoogleUpdater\126.0.6462.0\updater.exe [4794656 2024-05-05] (Google LLC -> Google LLC)
Task: {370F529A-5860-4D83-985A-145AA5D0967E} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64464 2024-05-09] (HP Inc. -> HP Inc.)
Task: {349D9153-F3AD-421E-BCC9-E95C8A604B75} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64464 2024-05-09] (HP Inc. -> HP Inc.)
Task: {F2DB04CF-7045-4589-B501-8EA9B680C158} - System32\Tasks\Intel\Intel® Management and Security Status => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [235208 2022-01-27] (Intel Corporation -> Intel Corporation) -> "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe" 60
Task: {4ADF01A0-9ABB-48FC-9F40-F765CFB5C1A7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28435936 2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {7F3221A4-139A-41E2-9432-EFF4A71FFA89} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28435936 2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {144F8674-32BE-4E6B-AB8A-EA6DAEED09D4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309832 2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {F0B542E1-128A-4006-8BDA-7DB6591656CD} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309832 2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {90956053-4D1C-4CBF-BBE6-D3450F0D28CE} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [168928 2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {A33747C7-2068-4A72-A5A3-3B020E006088} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\Windows\system32\gpupdate.exe [30720 2024-03-13] (Microsoft Windows -> Microsoft Corporation)
Task: {2FAA0475-1414-4052-9567-68601DD30D8D} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\Windows\system32\gpupdate.exe [30720 2024-03-13] (Microsoft Windows -> Microsoft Corporation)
Task: {8F525495-BD56-45AA-9855-4CEEE4E05035} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {69B219CB-3089-4734-90CE-FBD345B27F69} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {562CD7F5-9996-4868-8F4C-4A541525DCDC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EC3E3423-89D2-40E3-8B65-E44D13A1B04C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {26BE1317-5AD7-4E49-802E-CA1934E89821} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2097648 2019-10-24] (NVIDIA Corporation -> ) -> C:\Program Files\NVIDIA Corporation\nview\/installquiet
Task: {F8C63AD2-6EB5-482D-991E-DF6D37A1062A} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-18 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {307D3D3D-FCA0-42DA-A1EB-051EDC4CBFB1} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3979886858-3466003010-52152672-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {03F30A59-7087-40D7-8E87-D90C5AADF1A1} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4000711494-3036214982-4089320913-1001 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {AA53DD63-64E3-46A6-B95A-ED24B5FFE050} - System32\Tasks\QBScheduledReport => C:\Program Files (x86)\Common Files\Intuit\QuickBooks\ScheduledReports\ScheduledReports.Scheduler.exe [386112 2023-10-16] (Intuit, Inc. -> Intuit Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{505e0f30-0c62-4f8c-8222-02527eff4f33}: [NameServer] 192.168.254.2
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Miles\AppData\Local\Microsoft\Edge\User Data\Default [2024-05-16]
Edge Notifications: Default -> hxxps://teams.microsoft.com
Edge Extension: (Google Docs Offline) - C:\Users\Miles\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-01]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Miles\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-04-13]
Edge Extension: (Edge relevant text changes) - C:\Users\Miles\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-09-11]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2022-01-31] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-04-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-05-11] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2022-01-31] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Miles\AppData\Local\Google\Chrome\User Data\Default [2024-05-16]
CHR Notifications: Default -> hxxps://3.basecamp.com; hxxps://allevents.in; hxxps://app.zoom.us; hxxps://athlonsports.com; hxxps://budgetblinds.com; hxxps://buildertrend.net; hxxps://draftwizard.fantasypros.com; hxxps://drive.google.com; hxxps://feelgoodfoodie.net; hxxps://football.fantasysports.yahoo.com; hxxps://humanaservice.my.salesforce-sites.com; hxxps://lionfishsd.com; hxxps://my.iccsafe.org; hxxps://mydupr.com; hxxps://opencaptchahere.top; hxxps://science.howstuffworks.com; hxxps://sevenpaperprints.com; hxxps://shop.iccsafe.org; hxxps://shop.skghoshassociates.com; hxxps://teams.microsoft.com; hxxps://thespun.com; hxxps://tickets-center.com; hxxps://utovacation.cdn.pagesense.io; hxxps://www.3dayblinds.com; hxxps://www.ashleyfurniture.com; hxxps://www.banggood.com; hxxps://www.bestbuy.com; hxxps://www.betonline.ag; hxxps://www.bhg.com; hxxps://www.blinds.com; hxxps://www.cbssports.com; hxxps://www.chargers.com; hxxps://www.cheapprice.sale; hxxps://www.eatingwell.com; hxxps://www.ehow.com; hxxps://www.forbes.com; hxxps://www.gayot.com; hxxps://www.lavishvegas.com; hxxps://www.netflix.com; hxxps://www.overstock.com; hxxps://www.pinterest.com; hxxps://www.pinterest.es; hxxps://www.rd.com; hxxps://www.reddit.com; hxxps://www.runesmith.top; hxxps://www.si.com; hxxps://www.spectrum.net; hxxps://www.ticketmaster.com; hxxps://www.tomsguide.com; hxxps://www.usatoday.com; hxxps://www.volaris.com; hxxps://www.youtube.com
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Miles\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-05-16]
CHR Extension: (iCloud Bookmarks) - C:\Users\Miles\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2022-11-25]
CHR Extension: (FantasyPros: Win your Fantasy League) - C:\Users\Miles\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfbepnlhpkbgbkcebjnfhgjckibfdfkc [2024-05-16]
CHR Extension: (Google Docs Offline) - C:\Users\Miles\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-22]
CHR Extension: (Office - Enable Copy and Paste) - C:\Users\Miles\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbmcpbgkhlpfcodhjhdbllhiaomkdej [2022-02-12]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Miles\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2022-12-19]
CHR Extension: (Zoom Chrome Extension) - C:\Users\Miles\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgjfgplpablkjnlkjmjdecgdpfankdle [2024-05-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Miles\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-10]
CHR Extension: (Amazon Assistant for Chrome) - C:\Users\Miles\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2023-04-30]
CHR HKU\.DEFAULT\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-3979886858-3466003010-52152672-1117\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [844528 2022-01-31] (Adobe Inc. -> Adobe Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1085856 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14248016 2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
R2 com.geocomply.internal-updater-microservice; C:\Program Files (x86)\GeoComply\PlayerLocationCheck\Application\com.geocomply.internal-updater-microservice.exe [11492528 2024-02-21] (GeoComply Solutions Inc. -> )
R2 com.geocomply.process-scanner-microservice; C:\Program Files (x86)\GeoComply\PlayerLocationCheck\Application\com.geocomply.process-scanner-microservice.exe [11494064 2024-02-21] (GeoComply Solutions Inc. -> )
R2 com.geocomply.vm-detector-microservice; C:\Program Files (x86)\GeoComply\PlayerLocationCheck\Application\com.geocomply.vm-detector-microservice.exe [11534000 2024-02-21] (GeoComply Solutions Inc. -> )
R2 com.geocomply.wifi-scanner-microservice; C:\Program Files (x86)\GeoComply\PlayerLocationCheck\Application\com.geocomply.wifi-scanner-microservice.exe [11514544 2024-02-21] (GeoComply Solutions Inc. -> )
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [458128 2023-12-07] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [159632 2023-12-07] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [481680 2023-12-07] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [57760 2023-12-20] (Dell Inc -> )
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [49880 2023-12-11] (Dell Inc -> )
R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [159664 2023-12-22] (Dell Technologies Inc. -> Dell)
R2 DpoMonitorSvc; C:\Program Files\Dell\PPO\dpoMonitorSvc.exe [1383616 2021-05-24] (Dell Inc -> Dell Inc.)
R2 dpoTelemetrySvc; C:\Program Files\Dell\PPO\Telemetry\dpoTelemetrySvc.exe [242880 2021-05-24] (Dell Inc -> Dell Inc.)
S2 GoogleUpdaterInternalService126.0.6462.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6462.0\updater.exe [4794656 2024-05-05] (Google LLC -> Google LLC)
S2 GoogleUpdaterService126.0.6462.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6462.0\updater.exe [4794656 2024-05-05] (Google LLC -> Google LLC)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [241104 2024-05-09] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8887264 2024-04-26] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpDefenderCoreService.exe [1459968 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 MicrosoftSearchInBing; C:\Program Files (x86)\Microsoft\Microsoft Search in Bing\MicrosoftSearchInBing.exe [21376 2020-04-20] (Microsoft Corporation -> )
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2019-02-02] (HP Inc.) [File not signed]
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvdw.inf_amd64_ac602ca6281a790b\Display.NvContainer\NVDisplay.Container.exe [1275000 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NVWMI; C:\Windows\System32\DriverStore\FileRepository\nvdw.inf_amd64_ac602ca6281a790b\NVWMI\nvWmi64.exe [4518536 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation)
R2 Player Location Check; C:\Program Files (x86)\GeoComply\PlayerLocationCheck\Application\service.exe [11440816 2024-02-21] (GeoComply Solutions Inc. -> )
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2019-02-02] (HP Inc.) [File not signed]
R2 poaService; C:\Program Files\Dell\PPO\poaService.exe [1750208 2021-05-24] (Dell Inc -> Dell Inc.)
R2 PoaSMSrv; C:\Program Files\Dell\PPO\poaSmSrv.exe [426176 2021-05-24] (Dell Inc -> Dell Inc.)
R2 poaTaServ; C:\Program Files\Dell\PPO\poaTaServ.exe [1509056 2021-05-24] (Dell Inc -> Dell Inc.)
S3 QBFCService; C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [65536 2023-11-10] (Intuit Inc.) [File not signed]
R2 QBUpdateMonitorService; C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdateMonitorService.exe [52800 2023-11-10] (Intuit, Inc. -> Intuit Inc.)
R2 QBVSS; C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe [1570816 2023-11-10] (Intuit Inc.) [File not signed]
R2 QBWCMonitor; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBWebConnector3.0\Intuit.QBDT.Webconnector.QBWCMonitor.exe [47392 2024-02-26] (Intuit, Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522200 2024-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [159048 2024-04-25] (Dell Technologies Inc. -> Dell Inc.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [21605176 2024-05-03] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe [3199648 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe [133576 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 avgWintun; C:\Windows\System32\drivers\avgWintun.sys [51712 2023-02-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 DDDriver; C:\Windows\System32\drivers\dddriver64Dcsa.sys [35208 2020-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
R3 DellInstrumentation; C:\Windows\System32\drivers\DellInstrumentation.sys [46640 2023-08-29] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
R3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [44480 2011-05-17] (Akeo Consulting -> hxxp://libusb-win32.sourceforge.net)
R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223296 2024-05-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-04-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239576 2024-02-08] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 POADrvr; C:\Windows\system32\drivers\POADrvr.sys [40872 2019-09-08] (DellDPO(driver) -> Dell Computer Corporation)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc. -> SafeNet, Inc.)
R0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [20936 2024-04-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [601376 2024-04-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105760 2024-04-10] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-05-16 07:58 - 2024-05-16 08:01 - 000041693 _____ C:\Users\Miles\Desktop\FRST.txt
2024-05-16 07:58 - 2024-05-16 07:58 - 000000000 ____D C:\Users\Miles\Desktop\FRST-OlderVersion
2024-05-16 07:57 - 2024-05-16 07:59 - 000000000 ____D C:\FRST
2024-05-16 07:42 - 2024-05-16 07:58 - 002394112 _____ (Farbar) C:\Users\Miles\Desktop\FRST64.exe
2024-05-15 14:30 - 2024-05-15 14:30 - 000001933 _____ C:\Users\Miles\Desktop\Zoom.lnk
2024-05-15 14:28 - 2024-05-15 14:28 - 000000000 ____D C:\Users\Miles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2024-05-15 07:17 - 2024-05-15 07:17 - 000000000 ___HD C:\$WinREAgent
2024-04-30 14:24 - 2024-04-10 18:40 - 002031360 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2024-04-30 14:24 - 2024-04-10 18:40 - 002031360 _____ C:\Windows\system32\vulkaninfo.exe
2024-04-30 14:24 - 2024-04-10 18:40 - 001578856 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-04-30 14:24 - 2024-04-10 18:40 - 001578856 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2024-04-30 14:24 - 2024-04-10 18:40 - 001487904 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2024-04-30 14:24 - 2024-04-10 18:40 - 001445120 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2024-04-30 14:24 - 2024-04-10 18:40 - 001445120 _____ C:\Windows\system32\vulkan-1.dll
2024-04-30 14:24 - 2024-04-10 18:40 - 001295208 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2024-04-30 14:24 - 2024-04-10 18:40 - 001295208 _____ C:\Windows\SysWOW64\vulkan-1.dll
2024-04-30 14:24 - 2024-04-10 18:40 - 001227296 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2024-04-30 14:24 - 2024-04-10 18:37 - 001046152 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2024-04-30 14:24 - 2024-04-10 18:37 - 000669816 _____ (NVIDIA Corporation) C:\Windows\system32\nvofapi64.dll
2024-04-30 14:24 - 2024-04-10 18:37 - 000505464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvofapi.dll
2024-04-30 14:24 - 2024-04-10 18:36 - 002173448 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2024-04-30 14:24 - 2024-04-10 18:36 - 001625096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2024-04-30 14:24 - 2024-04-10 18:36 - 001541752 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2024-04-30 14:24 - 2024-04-10 18:36 - 001199112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2024-04-30 14:24 - 2024-04-10 18:36 - 001024032 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2024-04-30 14:24 - 2024-04-10 18:36 - 000842376 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2024-04-30 14:24 - 2024-04-10 18:36 - 000786952 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2024-04-30 14:24 - 2024-04-10 18:35 - 016033824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2024-04-30 14:24 - 2024-04-10 18:35 - 012928032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2024-04-30 14:24 - 2024-04-10 18:35 - 006780424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2024-04-30 14:24 - 2024-04-10 18:35 - 005773344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2024-04-30 14:24 - 2024-04-10 18:35 - 000459272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2024-04-30 14:24 - 2024-04-10 18:34 - 005912608 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2024-04-30 14:24 - 2024-04-10 18:34 - 000853000 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2024-04-30 14:24 - 2024-04-10 18:33 - 006030568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2024-04-30 14:24 - 2024-04-10 17:56 - 000119184 _____ C:\Windows\system32\nvinfo.pb
2024-04-23 19:32 - 2024-04-23 19:32 - 000000097 _____ C:\QBUpdateUtility.bat
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-05-16 08:01 - 2020-08-31 21:14 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2024-05-16 08:00 - 2020-10-23 11:07 - 000000000 ____D C:\Users\Miles\AppData\Local\ClassicShell
2024-05-16 07:59 - 2019-12-07 02:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-05-16 06:38 - 2022-10-12 09:04 - 000002116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk
2024-05-16 06:38 - 2022-10-12 09:04 - 000002105 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-05-16 06:28 - 2022-02-12 16:36 - 000000000 ___RD C:\Users\Miles\iCloudDrive
2024-05-16 06:24 - 2023-04-30 16:26 - 000000000 ____D C:\Users\Miles\AppData\Local\Malwarebytes
2024-05-16 06:24 - 2020-11-11 09:41 - 000000000 ____D C:\Users\Miles\AppData\Roaming\Microsoft\Teams
2024-05-16 06:22 - 2022-04-11 12:50 - 000000000 ____D C:\Program Files\CCleaner
2024-05-16 06:20 - 2020-10-09 14:22 - 000000128 _____ C:\Windows\system32\config\netlogon.ftl
2024-05-16 06:20 - 2020-08-01 20:36 - 000795742 _____ C:\Windows\system32\PerfStringBackup.INI
2024-05-16 06:20 - 2019-12-07 02:13 - 000000000 ____D C:\Windows\INF
2024-05-16 06:14 - 2022-02-14 10:07 - 000000000 ____D C:\Program Files\TeamViewer
2024-05-16 06:13 - 2021-10-18 04:29 - 000000000 ____D C:\ProgramData\NVIDIA
2024-05-16 06:13 - 2020-08-01 20:26 - 000008192 ___SH C:\DumpStack.log.tmp
2024-05-16 06:13 - 2020-08-01 20:26 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-05-16 06:11 - 2019-12-07 02:03 - 000786432 _____ C:\Windows\system32\config\BBI
2024-05-16 05:57 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\AppReadiness
2024-05-16 05:52 - 2020-08-01 20:26 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-05-15 19:58 - 2020-08-01 20:29 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-05-15 19:58 - 2019-12-07 02:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-05-15 18:04 - 2020-08-01 20:30 - 000000000 ____D C:\Program Files\Microsoft Office
2024-05-15 18:00 - 2023-05-06 12:23 - 000470392 _____ C:\Windows\system32\FNTCACHE.DAT
2024-05-15 17:58 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\ServiceState
2024-05-15 17:52 - 2019-12-07 02:14 - 000000000 ___SD C:\Windows\SysWOW64\F12
2024-05-15 17:52 - 2019-12-07 02:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2024-05-15 17:52 - 2019-12-07 02:14 - 000000000 ___SD C:\Windows\system32\UNP
2024-05-15 17:52 - 2019-12-07 02:14 - 000000000 ___SD C:\Windows\system32\F12
2024-05-15 17:52 - 2019-12-07 02:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2024-05-15 17:52 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-05-15 17:52 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2024-05-15 17:52 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2024-05-15 17:52 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-05-15 17:52 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\SystemResources
2024-05-15 17:52 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2024-05-15 17:52 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2024-05-15 17:52 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\system32\ShellExperiences
2024-05-15 17:52 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\system32\setup
2024-05-15 17:52 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2024-05-15 17:52 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\system32\oobe
2024-05-15 17:52 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\system32\migwiz
2024-05-15 17:52 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\system32\Dism
2024-05-15 17:51 - 2020-08-31 21:30 - 000000000 __SHD C:\Windows\BitLockerDiscoveryVolumeContents
2024-05-15 17:51 - 2020-08-31 21:30 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-05-15 17:51 - 2019-12-07 02:52 - 000000000 ____D C:\Program Files\Windows Portable Devices
2024-05-15 17:51 - 2019-12-07 02:52 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2024-05-15 17:51 - 2019-12-07 02:52 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2024-05-15 17:51 - 2019-12-07 02:52 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2024-05-15 17:51 - 2019-12-07 02:14 - 000000000 ___RD C:\Windows\PrintDialog
2024-05-15 17:51 - 2019-12-07 02:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-05-15 17:51 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\ShellExperiences
2024-05-15 17:51 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\ShellComponents
2024-05-15 17:51 - 2019-12-07 02:14 - 000000000 ____D C:\Windows\bcastdvr
2024-05-15 17:51 - 2019-12-07 02:03 - 000000000 ____D C:\Windows\servicing
2024-05-15 14:32 - 2020-10-26 08:00 - 000000000 ____D C:\Users\Miles\AppData\Local\D3DSCache
2024-05-15 14:28 - 2020-11-24 11:00 - 000000000 ____D C:\Users\Miles\AppData\Roaming\Zoom
2024-05-15 13:34 - 2020-10-26 16:33 - 000000000 ____D C:\Users\Miles\AppData\Local\ENERCALC
2024-05-15 09:23 - 2022-03-07 06:31 - 000000000 ____D C:\Users\Miles\AppData\Local\CrashDumps
2024-05-15 08:53 - 2020-10-23 14:48 - 000000000 ____D C:\Users\Miles\AppData\Roaming\Microsoft\Excel
2024-05-15 08:42 - 2019-12-07 02:03 - 000000000 ____D C:\Windows\CbsTemp
2024-05-15 08:38 - 2020-10-26 12:32 - 000000000 ____D C:\Users\Miles\AppData\Roaming\Microsoft\Word
2024-05-15 08:28 - 2020-10-31 10:55 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2024-05-15 08:03 - 2020-08-01 20:32 - 003017216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-05-15 07:14 - 2023-05-23 20:47 - 000000000 ____D C:\Program Files\RUXIM
2024-05-15 06:50 - 2020-10-24 08:15 - 000000000 ____D C:\Windows\system32\MRT
2024-05-15 06:33 - 2020-10-24 08:15 - 196465576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-05-14 15:18 - 2020-10-23 10:20 - 000000000 ____D C:\Users\Miles\AppData\Local\Packages
2024-05-14 07:13 - 2020-10-23 11:19 - 000000000 ____D C:\Users\Miles\AppData\Roaming\Microsoft\Outlook
2024-05-13 22:22 - 2021-12-14 19:53 - 000000000 ____D C:\Windows\SystemTemp
2024-05-13 22:22 - 2020-10-09 14:21 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-05-13 22:22 - 2020-10-09 14:21 - 000002208 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-05-13 08:46 - 2020-10-26 13:48 - 000046053 _____ C:\Users\Miles\Desktop\Standard responses.txt
2024-05-11 14:33 - 2020-10-23 14:43 - 000000000 ____D C:\Users\Miles\AppData\Roaming\Microsoft\Access
2024-05-09 04:33 - 2021-05-07 02:55 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-05-07 08:51 - 2020-08-01 20:29 - 000003536 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-05-07 08:51 - 2020-08-01 20:29 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-05-06 21:08 - 2020-10-09 14:05 - 000000000 ____D C:\ProgramData\Packages
2024-05-03 14:06 - 2020-08-31 21:09 - 000000000 ____D C:\Program Files\Dell
2024-05-03 14:04 - 2020-10-09 14:20 - 000003950 _____ C:\Windows\system32\Tasks\Dell SupportAssistAgent AutoUpdate
2024-05-03 14:02 - 2020-08-31 21:09 - 000000000 ____D C:\Program Files (x86)\Dell
2024-04-30 18:02 - 2022-11-08 18:49 - 000000666 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2024-04-30 14:28 - 2022-03-24 05:30 - 000000000 ____D C:\Users\Miles\AppData\LocalLow\NVIDIA
2024-04-27 15:53 - 2020-10-23 11:22 - 000000000 ____D C:\Users\Miles\AppData\Roaming\Microsoft\Office
2024-04-23 19:41 - 2021-01-26 11:10 - 000000090 _____ C:\Windows\QBChanUtil_Trigger.ini
2024-04-17 07:03 - 2022-11-08 18:50 - 000003378 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2024-04-17 07:03 - 2022-04-11 12:50 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2024-04-16 06:05 - 2022-03-05 16:57 - 000003442 _____ C:\Windows\system32\Tasks\GeoComply Update Task
==================== Files in the root of some directories ========
2023-01-25 10:08 - 2023-01-25 10:08 - 000235248 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Miles\avg_antivirus_free_setup.exe
2020-11-09 09:49 - 2020-11-09 09:49 - 075707656 _____ (Basecamp, LLC) C:\Users\Miles\basecamp3setup.exe
2022-06-13 06:08 - 2022-06-13 06:12 - 828613856 _____ (ENERCALC, INC.) C:\Users\Miles\ECSEL20_SETUP_20_22_04_26.EXE
2021-02-18 17:16 - 2021-02-18 17:18 - 126630496 _____ (Intermedia.net, Inc.) C:\Users\Miles\intermedia-unite.exe
2023-05-03 14:57 - 2023-05-03 14:57 - 061934296 _____ () C:\Users\Miles\MFSetup.exe
2022-04-22 04:08 - 2022-04-22 04:08 - 001420648 _____ () C:\Users\Miles\MSTeamsSetup_c_l_.exe
2022-04-22 03:40 - 2022-04-22 03:46 - 008171184 _____ (Microsoft Corporation) C:\Users\Miles\OfficeSetup.exe
2021-03-01 12:01 - 2021-03-01 12:02 - 061943816 _____ (Retain Pro Software, div. ENERCALC, INC.) C:\Users\Miles\RP10_SETUP.exe
2023-05-03 14:58 - 2023-05-03 15:08 - 000808080 _____ () C:\Users\Miles\setup.exe
2023-11-10 16:05 - 2023-11-10 16:05 - 000514112 _____ (Intuit Inc.) C:\Program Files\Common Files\GraphSeriesCol.dll
2024-02-29 11:46 - 2024-02-29 11:56 - 000149999 _____ () C:\Users\Miles\AppData\Roaming\QBFileDrTool_2020WS07.log
2022-02-16 12:20 - 2022-02-16 12:20 - 000142912 _____ () C:\Users\Miles\AppData\Local\Excel.CVS
2022-02-16 12:20 - 2022-02-16 12:20 - 000142917 _____ () C:\Users\Miles\AppData\Local\Excel.DLL
2022-02-16 12:20 - 2022-02-16 12:20 - 000142933 _____ () C:\Users\Miles\AppData\Local\Excel.DTL
2022-02-16 12:20 - 2022-02-16 12:20 - 000142924 _____ () C:\Users\Miles\AppData\Local\Excel.OFF
2022-02-16 12:20 - 2022-02-16 12:20 - 000142923 _____ () C:\Users\Miles\AppData\Local\Excel.VBA
2020-10-31 11:11 - 2020-10-31 11:11 - 000000000 _____ () C:\Users\Miles\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19.04.2024 01
Ran by miles (16-05-2024 08:05:16)
Running from C:\Users\Miles\Desktop
Microsoft Windows 10 Pro for Workstations Version 22H2 19045.4412 (X64) (2020-10-09 21:02:57)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-4000711494-3036214982-4089320913-500 - Administrator - Disabled)
bob (S-1-5-21-4000711494-3036214982-4089320913-1001 - Administrator - Enabled) => C:\Users\bob
DefaultAccount (S-1-5-21-4000711494-3036214982-4089320913-503 - Limited - Disabled)
Guest (S-1-5-21-4000711494-3036214982-4089320913-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-4000711494-3036214982-4089320913-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (HKLM\...\{50229C72-539F-4E65-BEB5-F0491C5074B7}) (Version: 22.2.1 - HP Inc.) Hidden
Adobe Acrobat (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 24.002.20759 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.6.5.58 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.4.0.63 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601067}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Anchor Pro v2 version 2.0.1 (HKLM-x32\...\{9555813A-EC72-4E2C-88B4-04EE1FEF789E}_is1) (Version: 2.0.1 - S. K. Ghosh Associates Inc.)
AVG Update Helper (HKLM-x32\...\{EDB7AEE7-E932-4836-AE50-D3B0B7766CB5}) (Version: 1.8.1582.3 - AVG Technologies) Hidden
Basecamp 3 (HKU\S-1-5-21-3979886858-3466003010-52152672-1117\...\basecamp3) (Version: 2.2.3 - Basecamp, LLC)
CCleaner (HKLM\...\CCleaner) (Version: 6.23 - Piriform)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
DefaultPackMSI (HKLM-x32\...\{D066B018-448B-40C5-9034-259BBCC49351}) (Version: 4.6.2.0 - Microsoft) Hidden
Dell Data Vault (64 bit) (HKLM\...\{4F2BFA60-E4F6-4BC4-9DAC-19E5A5E01ACA}) (Version: 5.5.1.906 - Dell) Hidden
Dell Digital Delivery Services (HKLM-x32\...\{16AE9E0C-0E0C-4AD6-82B4-D0F8AB94082F}) (Version: 5.0.86.0 - Dell Inc.)
Dell Precision Optimizer Application (HKLM-x32\...\{D66A3355-FEA4-4F60-8BAF-D6CBEDB396D8}) (Version: 6.5.1 - Dell Inc.)
Dell SupportAssist (HKLM\...\{A1FC489C-7909-4E08-9685-6C77BA2053DE}) (Version: 4.0.3.61632 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{39BF0E71-7A16-4A80-BBCE-FBDD2D1CC2D5}) (Version: 5.5.9.18923 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{f6a4df94-48f2-459a-8d40-16b1fbed13c5}) (Version: 5.5.9.18923 - Dell Inc.)
Dot4 (HKLM\...\{3EEDA265-C6F3-4EC1-A317-1C9315DEDDDE}) (Version: 1.0.0.0 - HP)
ENERCALC - Build 20.23.2.14 (HKLM-x32\...\{4E7C8500-3D69-11DB-390C-1F56BA3C7E87}) (Version: 20.23.2.14 - ENERCALC Engineering Software, LLC)
Google Chrome (HKLM\...\{5855610A-61B6-3325-AAA6-DED6B90CEF8D}) (Version: 124.0.6367.207 - Google LLC)
iCloud Outlook (HKLM\...\{F054257C-600A-4918-B730-F6829E491781}) (Version: 13.0.0.201 - Apple Inc.)
Intel® Chipset Device Software (HKLM\...\{19D17223-0F9C-4155-8057-AA6F49A26E69}) (Version: 10.1.17861.8101 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{fcfc894b-0d54-4d39-826f-dcb39ce5dde7}) (Version: 10.1.17861.8101 - Intel® Corporation)
Intel® Management Engine Components (HKLM\...\{1A9FE6B4-801A-4AF0-AEDB-EA49BD80C9F2}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2205.15.0.2623 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{B52CA235-45C5-46FE-A183-B7D2FD4966AA}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{B7F27296-F1AE-46BB-8BD7-5E0EED0EA1AC}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Driver (HKLM\...\{9EB5F95A-335A-414D-BECE-BA2CE114A856}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.63.1155.2 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.63.1155.2 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{5f9b06c7-aa5d-482b-a7e6-5355a325f465}) (Version: 1.63.1155.2 - Intel Corporation) Hidden
Intermedia Unite 2.7.364 (HKU\S-1-5-21-3979886858-3466003010-52152672-1117\...\9962f338-b12b-54d0-a4f5-eba7ff612061) (Version: 2.7.364 - Intermedia.net, Inc.)
KeyWallPRO (HKLM-x32\...\{C7BAA320-04DD-4421-AD91-30D265955744}_is1) (Version: 1.40 - )
Locklizard Safeguard - PDF Viewer (HKLM-x32\...\Locklizard Safeguard - PDF Viewer_sf) (Version: 3.0.2.230 - Locklizard Ltd.)
Malwarebytes version 4.6.13.324 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.13.324 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.13058.0 - Waves Audio Ltd.) Hidden
Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.28 (x64) (HKLM\...\{CA84969C-64F9-4606-A998-E692A5DA9B9F}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.20 (x64) (HKLM\...\{76FA02FF-603F-48BB-9E3F-17ED5DB861E8}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.28 (x64) (HKLM\...\{7C4254A1-17EE-4840-B9D3-7CA9B34C75CD}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM-x32\...\{a699b48e-5748-4980-ad92-0b61b1d9d718}) (Version: 5.0.17.31213 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.20 (x64) (HKLM\...\{6CE8AD8C-E6D5-4BF7-91C3-7F8106A5CD93}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.20 (x64) (HKLM-x32\...\{403b0cfe-5969-462d-8eb2-aafde344360e}) (Version: 6.0.20.32620 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.28 (x64) (HKLM\...\{4BCC5DFD-5D10-4ACC-AAA9-8A1578A9F0C6}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.17531.20152 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 124.0.2478.105 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 124.0.2478.97 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4000711494-3036214982-4089320913-1001\...\OneDriveSetup.exe) (Version: 20.143.0716.0003 - Microsoft Corporation)
Microsoft Search in Bing (HKLM-x32\...\{C17F6DEF-D34C-4B75-97E1-D81062408B4A}) (Version: 2.0.2 - Microsoft Corporation)
Microsoft Support and Recovery Assistant (HKU\S-1-5-21-3979886858-3466003010-52152672-1117\...\a1a734b8150c1d83) (Version: 17.0.8149.12 - Microsoft Corporation)
Microsoft Teams classic (HKU\S-1-5-21-3979886858-3466003010-52152672-1117\...\Teams) (Version: 1.6.00.29964 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.13005 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{6ACED991-1E65-4D16-8F6A-1AA1A0B97596}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{7465FCB9-1918-4438-9337-47BAF1902684}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30704 (HKLM-x32\...\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.23.27820 (HKLM-x32\...\{86BE78D9-65A1-4E69-86F8-C1F5281F8553}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.23.27820 (HKLM-x32\...\{00AC3934-26B4-406E-807C-1692AC7329EC}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.30.30704 (HKLM\...\{6DB765A8-05AF-49A1-A71D-6F645EE3CE41}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.30.30704 (HKLM\...\{662A0088-6FCD-45DD-9EA7-68674058AED5}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.28 (x64) (HKLM\...\{443A7BE8-E5BE-4514-BDAB-0A872E3E846B}) (Version: 48.112.10435 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.28 (x64) (HKLM-x32\...\{bd3c5800-9256-43b9-97a7-eb349fc38d78}) (Version: 6.0.28.33420 - Microsoft Corporation)
NVIDIA Graphics Driver 551.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 551.61 - NVIDIA Corporation)
NVIDIA nView 149.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 149.77 - NVIDIA Corporation)
NVIDIA WMI 2.35.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.35.0 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17425.20146 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17531.20152 - Microsoft Corporation) Hidden
OneLaunch 5.12.8 (HKU\S-1-5-21-3979886858-3466003010-52152672-1117\...\{4947c51a-26a9-4ed0-9a7b-c21e5ae0e71a}_is1) (Version: 5.12.8 - OneLaunch)
Player Location Check (HKLM-x32\...\{F0753064-8D66-41A7-9F23-7691290387BF}) (Version: 4.0.0.7 - GeoComply)
Quick Anchor v3 version 3.9.4 (HKLM-x32\...\{06FEBA81-7C68-4082-9272-A306805D7B81}_is1) (Version: 3.9.4 - S. K. Ghosh Associates LLC)
QuickBooks (HKLM\...\{0A88B9C9-D3AE-4BC9-8DAB-44587CED8FF5}) (Version: 34.0.4006.3401 - Intuit Inc.) Hidden
QuickBooks (HKLM-x32\...\{4D29DF3C-1A3F-42F7-A565-136F3E5EBD59}) (Version: 31.0.4016.3103 - Intuit Inc.) Hidden
QuickBooks Premier: Professional Services Edition 2021 (HKLM-x32\...\{06367C29-D56B-425D-BBA9-199B9201355F}) (Version: 31.0.4016.3103 - Intuit Inc.)
QuickBooks Premier: Professional Services Edition 2024 (HKLM\...\{1B93E68F-2E73-47A1-9B55-B44667C480B2}) (Version: 34.0.4004.3401 - Intuit Inc.)
QuickBooks Runtime Redistributable (HKLM\...\{F2A4F809-2DE6-4D27-888B-4D2BB8DAF20E}) (Version: 1.00.0000 - Intuit Inc.)
Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9175.1 - Realtek Semiconductor Corp.)
RetainPro (HKLM-x32\...\{5EFB3290-9DD2-11DB-6784-0029022B18BE}) (Version: 11.20.3.31 - Retain Pro Software)
RISA-3D (HKLM\...\{12ccffc9-d167-4c38-b48d-5e958b699737}) (Version: 21.0.1.18199 - RISA Tech, Inc.) Hidden
RISA-3D 21.0 (HKLM\...\RISA-3D 21.0.1.18199) (Version: 21.0.1.18199 - RISA Tech, Inc.)
Sentinel System Driver Installer 7.6.0 (HKLM-x32\...\{E3E2618F-9C21-4B5F-BC85-837899D470C7}) (Version: 7.6.0 - SafeNet, Inc.)
Simpson Strong-Tie® Anchor Designer™ CAP (HKLM-x32\...\AnchorDesignerCAP_is1) (Version: 3.0.7947.14191 - Simpson Strong-Tie®)
Strong Frame Selector (HKLM-x32\...\{A4F125B8-8D09-4191-8836-CE76AA18A22A}) (Version: 5.2.3 - Simpson Strong-Tie)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.53.7 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{85C69797-7336-4E83-8D97-32A7C8465A3B}) (Version: 8.94.0.0 - Microsoft Corporation)
ZiWu-Soft LiveUpdate (HKLM-x32\...\LiveUpdateCommon_is1) (Version: 1.4.7695.20315 - ZiWu-Soft EDV Systeme GmbH)
Zoom (HKU\S-1-5-21-3979886858-3466003010-52152672-1117\...\ZoomUMX) (Version: 5.17.11 (34827) - Zoom Video Communications, Inc.)
Zoom Outlook Plugin (HKLM-x32\...\{D61D6D96-3472-4486-BFD3-49E7CE32BDEC}) (Version: 5.7.3 - Zoom)
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-10-31] (Adobe Systems Incorporated)
Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC [2024-03-15] ()
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2020-10-31] (Adobe Systems Incorporated)
AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.61781.0_x64__8wekyb3d8bbwe [2023-07-20] (Microsoft Corporation)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_5.0.86.0_x64__htrsf667h5kn2 [2024-03-02] (Dell Inc)
Dell Precision Optimizer -> C:\Program Files\WindowsApps\DellInc.DellPrecisionOptimizer_6.5.1.0_x64__htrsf667h5kn2 [2023-04-18] (Dell Inc)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_4.0.16.0_x64__htrsf667h5kn2 [2024-05-15] (Dell Inc)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_153.1.1137.0_x64__v10z8vjag6ke6 [2024-05-09] (HP Inc.)
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa [2024-02-20] (Apple Inc.) [Startup Task]
Intel® Management and Security Status -> C:\Program Files\WindowsApps\AppUp.IntelManagementandSecurityStatus_2328.5.2.0_x64__8j3eq9eme6ctt [2024-04-03] (INTEL CORP) [Startup Task]
Intel® Virtual RAID on CPU -> C:\Program Files\WindowsApps\AppUp.IntelVirtualRAIDonCPUIntelVROC_7.5.1984.0_x64__8j3eq9eme6ctt [2023-04-18] (INTEL CORP)
Microsoft Copilot -> C:\Program Files\WindowsApps\Microsoft.Windows.Ai.Copilot.Provider_1.0.3.0_neutral__8wekyb3d8bbwe [2024-03-28] (Microsoft Corporation)
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.3012.0_x64__8wekyb3d8bbwe [2023-06-12] (Microsoft Corporation)
Microsoft Teams -> C:\Program Files\WindowsApps\MSTeams_24102.2223.2870.9480_x64__8wekyb3d8bbwe [2024-05-13] (Microsoft) [Startup Task]
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-08-17] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-04-23] (NVIDIA Corp.)
Partner Promo -> C:\Program Files\WindowsApps\DellInc.PartnerPromo_1.0.18.0_x64__htrsf667h5kn2 [2023-04-18] (Dell Inc)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-11-02] (Microsoft Corporation)
Web Search from Microsoft Bing -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-02-15] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{05EC5C13-D255-4592-9CCB-98615172F0D6}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{0ADF9C35-0D5E-4B75-88DD-B64868907E17}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{123FAF7F-3FB1-4B8F-AD18-0047401D436A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Miles\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.24.13005\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{1B3210AF-E236-46D4-83EF-6421F2FF543C}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBDTVIEW.OCx => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{1E78DD72-771E-42BF-8B4B-363CEB18E07B}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBDTVIEW.OCx => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{22664BE2-0806-4BA4-8643-DE40C9149176}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\BbfDepCalc.ocx => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{2A9EBDB5-0600-4E8C-B910-4001BEB2DD8C}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\BbfDepCalc.ocx => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{349D777D-F7A2-4AAE-967F-A54F05A7FF3B}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBFinder.dll => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{37A2FC00-1795-4679-94A3-A153F1A8BB54}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{37A2FC02-1795-4679-94A3-A153F1A8BB54}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{38F58721-5F93-11D5-9F94-0008C7AA5BD9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\COMObjectFactory.dll => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{38F58742-5F93-11D5-9F94-0008C7AA5BD9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\ViewSrcColumns.dll => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{38F58743-5F93-11D5-9F94-0008C7AA5BD9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\ViewSrcColumns.dll => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{38F58744-5F93-11D5-9F94-0008C7AA5BD9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\ViewSrcColumns.dll => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{40d89b2c-0ffe-4d59-a2db-031a0033d713}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2024\qbw.exe (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{4716D3CE-55DB-4D2A-818C-87D912895890}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{4844F3F7-2161-4AC4-B219-B3B4311782AA}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{4E5E74B5-8EB5-4859-A335-837EED412620}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{5249684A-D7A2-4DBE-94F4-B90923A7BC64}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\BbfDepCalc.ocx => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{547C8F00-5567-4AE3-8BB0-CC3CE2AB9070}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{57D590F1-91EB-44CE-8088-AE4AE19D30A1}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{596801D8-2C9D-4627-9C67-195CB81B655A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{61B76A32-6422-11D5-A590-0050DABD6B8C}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{61B76A34-6422-11D5-A590-0050DABD6B8C}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{63B5B272-1760-4A4F-922B-57F274900044}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{70478C56-E77F-4134-B3E3-3B18EE036D71}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBDTRatios.dll => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{7DBF8260-30AD-4D1B-876A-8032B87B809F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{828E5386-74CF-4019-B356-C857CD028A7D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{82CC31B3-53B4-4161-A4E9-6B4F1290A6C8}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{8572570D-12D9-4F2C-8BB8-EB8848178B94}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{8E4BF0BC-3800-47B3-910A-9F918EC11A06} -> [iCloud Photos] => C:\Users\Miles\Pictures\iCloud Photos\Photos [2022-02-12 16:36]
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{8E590317-1329-11D1-B70B-00805F29CD16}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2024\qbw.exe (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{9D9B61F2-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{9D9B61F3-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{9D9B61F4-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{9D9B61F5-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{9D9B61F6-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{9D9B61F7-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{A14A674B-E0BE-48C1-BAB2-6ACBA33CA8CF}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\qfill.dll => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{A58C4EAB-2DB8-445E-9CAE-2AE197A5C708}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\BbfDepCalc.ocx => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{A63E42D0-9C63-47B5-ABF2-0C839EC20778}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{A63E42D2-9C63-47B5-ABF2-0C839EC20778}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{AF5E0A13-CEAB-47CE-991D-77E82CD1BF3F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{B10BFAC3-EFF1-40D9-ADA0-BEBE037C24CA}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{B66F2BF1-91EB-44CE-8088-AE4AE19D30A1}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{BCD594EA-15C3-4FD8-B92B-114BB9694537}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBCtrIPMDS2.dll => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{CBEF1FB5-78FF-4B14-9B0F-275493FB589C}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{CE18240D-F3F8-43AE-9EA0-A0DC85A95375}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBDTRatios.dll => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{D14FD6B3-6A9F-4537-9460-07B836707127}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\Miles\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{D4A12AAF-E15E-470B-A6B6-63032186F91F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{D9B9C060-0954-11D3-9E07-00104BD2BE34}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\ViewSource.dll (Intuit, Inc. -> Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{D9BC6F81-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc. -> Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{D9BC6F84-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc. -> Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{D9BC6F87-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc. -> Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{D9BC6FA1-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{D9BC6FA3-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{D9BC6FA5-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{D9BC6FA6-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{D9BC6FB2-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\StorageClasses.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{D9BC6FC1-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\ViewSrcColumns.dll => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{DCB2B478-EFF6-48F6-B718-13E98876854E}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{DFD0AF10-B86C-4AF3-B609-1348D513E565}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{E1A173E1-D957-4C3E-A098-43756A3DB454}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{E1A173E3-D957-4C3E-A098-43756A3DB454}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{E6E4DF8B-17CE-43ED-B2C7-2CE10457552D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\BbfDepCalc.ocx => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{E7D2D0F6-B754-438D-B5C9-BF848D311A0F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBDTRatios.dll => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{EADA914E-5B08-4E85-8440-5A087504DF87}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{EAEF733D-5B08-4E85-8440-5A087504DF87}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{F9EF917A-E55E-4242-B205-E778395AC313}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\BbfDepCalc.ocx => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{F9FA1B5F-2739-4880-A1B3-2E1CD426F306} -> [iCloud Drive] => C:\Users\Miles\iCloudDrive [2022-02-12 16:36]
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{FAC93D42-FFC2-11d1-9DEB-0008C7A08EBA}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2024\qbw.exe (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{FB17915F-06D1-4214-A902-CC5EE05186E9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1117_Classes\CLSID\{FB359C2A-6927-4AD7-8F1B-B6472CA7CDE7}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-03-10] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-03-10] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-03-10] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-03-10] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2024-03-11] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-02] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers5: [00nView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2019-10-24] (NVIDIA Corporation -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvdw.inf_amd64_ac602ca6281a790b\nvshext.dll [2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-03-10] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2024-03-11] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-02] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Miles\Desktop\Work - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\Miles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube TV.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nlmaamaoahjiilibgbafebhafkeccjac
ShortcutWithArgument: C:\Users\Miles\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\8bb47c5e24b897e\OneLaunch.lnk -> C:\Users\Miles\AppData\Local\OneLaunch\5.10.0\chromium\chromium.exe (OneLaunch) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2019-02-02 00:42 - 2019-02-02 00:42 - 000050688 _____ (HP Inc.) [File not signed] c:\windows\system32\hpzinw12.dll
2019-02-02 00:42 - 2019-02-02 00:42 - 000066048 _____ (HP Inc.) [File not signed] c:\windows\system32\hpzipm12.dll
2017-08-13 08:49 - 2017-08-13 08:49 - 003664184 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2017-08-13 08:49 - 2017-08-13 08:49 - 000291128 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Windows\system32\StartMenuHelper64.dll
2020-08-01 20:30 - 2020-08-01 20:30 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Client\AppVIsvSubsystems64.dll
2020-08-01 20:30 - 2020-08-01 20:30 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppvIsvSubsystems64.dll
2020-08-01 20:30 - 2020-08-01 20:30 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2020-08-01 20:30 - 2020-08-01 20:30 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\c2r64.dll
2018-03-08 07:18 - 2018-03-08 07:18 - 000015360 _____ (NHibernate community) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Iesi.Collections.dll
2023-06-20 14:21 - 2023-05-01 12:06 - 000363224 _____ (ONELAUNCH TECHNOLOGIES INC. -> ) [File not signed] C:\Users\Miles\AppData\Local\OneLaunch\5.12.8\chromium\libegl.dll
2023-06-20 14:21 - 2023-05-01 12:06 - 005621464 _____ (ONELAUNCH TECHNOLOGIES INC. -> ) [File not signed] C:\Users\Miles\AppData\Local\OneLaunch\5.12.8\chromium\libglesv2.dll
2023-06-20 14:21 - 2023-05-01 12:06 - 003638488 _____ (ONELAUNCH TECHNOLOGIES INC. -> ) [File not signed] C:\Users\Miles\AppData\Local\OneLaunch\5.12.8\chromium\vk_swiftshader.dll
2023-06-20 14:21 - 2023-05-01 12:06 - 174634712 _____ (ONELAUNCH TECHNOLOGIES INC. -> OneLaunch) [File not signed] C:\Users\Miles\AppData\Local\OneLaunch\5.12.8\chromium\chrome.dll
2023-06-20 14:21 - 2023-05-01 12:06 - 000932568 _____ (ONELAUNCH TECHNOLOGIES INC. -> OneLaunch) [File not signed] C:\Users\Miles\AppData\Local\OneLaunch\5.12.8\chromium\chrome_elf.dll
2018-02-06 17:25 - 2018-02-06 17:25 - 000176640 _____ (rubicon IT GmbH) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.dll
2018-03-23 12:10 - 2018-03-23 12:10 - 000028160 _____ (rubicon IT GmbH) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.EagerFetching.dll
2021-02-17 04:19 - 2021-02-17 04:19 - 000124928 _____ (Stateless Contributors) [File not signed] [File is in use] C:\Program Files\Dell\SupportAssistAgent\bin\stateless.dll
2021-12-17 05:45 - 2021-12-17 05:45 - 000258048 _____ (The Apache Software Foundation) [File not signed] [File is in use] C:\Program Files\Dell\SupportAssistAgent\bin\log4net.dll
2016-12-18 08:55 - 2016-12-18 08:55 - 000097280 _____ (Tunnel Vision Laboratories, LLC) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Antlr3.Runtime.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
SearchScopes: HKU\S-1-5-21-3979886858-3466003010-52152672-1117 -> DefaultScope {8F121BAE-4E9A-4DA1-9D6C-5B73903C018A} URL =
SearchScopes: HKU\S-1-5-21-3979886858-3466003010-52152672-1117 -> {8F121BAE-4E9A-4DA1-9D6C-5B73903C018A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2024-04-09] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-05-11] (Adobe Inc. -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-05-11] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-04-09] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-05-11] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-05-11] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-05-11] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-05-11] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3979886858-3466003010-52152672-1117 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-05-11] (Adobe Inc. -> Adobe Systems Incorporated)
Handler-x32: intu-help-qb14 - {C854407F-AA78-4036-A9C1-54EBA9BD3608} - C:\Program Files (x86)\Intuit\QuickBooks 2021\HelpAsyncPluggableProtocol.dll [2023-10-16] (Intuit, Inc. -> Intuit, Inc.)
Handler: intu-help-qb17 - {2E3EE4ED-2928-4123-9975-20206B8E4B1C} - C:\Program Files\Intuit\QuickBooks 2024\HelpAsyncPluggableProtocol.dll [2024-03-12] (Intuit, Inc. -> Intuit, Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\SysWOW64\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3979886858-3466003010-52152672-1117\...\sharepoint.com -> hxxps://lovelaceeng-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 02:14 - 2019-12-07 02:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3979886858-3466003010-52152672-1117\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Dell\Win LTBLUE 1920x1200.jpg
HKU\S-1-5-21-4000711494-3036214982-4089320913-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Dell\Win LTBLUE 1920x1200.jpg
DNS Servers: 192.168.254.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "Intuit Data Protect.lnk"
HKLM\...\StartupApproved\StartupFolder: => "QuickBooks_Standard_21.lnk"
HKLM\...\StartupApproved\StartupFolder: => "QuickBooks Update Agent.lnk"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Classic Start Menu"
HKLM\...\StartupApproved\Run: => "DellPoaEvents"
HKLM\...\StartupApproved\Run: => "RtHDVBg_PushButton"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "WavesSvc"
HKLM\...\StartupApproved\Run: => "TuneupUI.exe"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-3979886858-3466003010-52152672-1117\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-3979886858-3466003010-52152672-1117\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3979886858-3466003010-52152672-1117\...\StartupApproved\Run: => "Intermedia Unite"
HKU\S-1-5-21-3979886858-3466003010-52152672-1117\...\StartupApproved\Run: => "AVGBrowserAutoLaunch_DF14735D7F9D882FA231854896F40F7A"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{E3902B03-49F4-4FFF-99DC-73148E01D34A}] => (Allow) C:\Program Files (x86)\ENERCALC_6\ec6.exe (ENERCALC INC -> )
FirewallRules: [{14072B25-FC04-4597-920F-03EE5CB731A5}] => (Allow) C:\Program Files (x86)\ENERCALC_6\EC6WebUpdate.EXE (ENERCALC INC -> ENERCALC, INC.)
FirewallRules: [{F56E479B-22B5-453B-B9C4-AE6FD0D459AF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CD2450C6-8AC0-4E1C-B3A2-9F3D3565CAA0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{069CB08B-0DB3-40B9-8A65-993E07E1B846}C:\users\miles\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\miles\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{58C08156-55E9-41BD-AF50-002B5E653CF6}C:\users\miles\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\miles\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{0EA18B66-D6A4-4B02-AEA5-F5ACE7CCE2B6}] => (Allow) C:\Program Files (x86)\RetainPro_10\RP10.exe (ENERCALC INC -> )
FirewallRules: [{AAFA020E-CC57-4CF1-A4DF-36B68CB5D979}] => (Allow) C:\Program Files (x86)\RetainPro_10\RP10WebUpdate.EXE (ENERCALC -> Retain Pro Software, div. ENERCALC, INC)
FirewallRules: [{B267C340-1678-4D60-B9F3-C77E63666E8A}] => (Allow) C:\Program Files (x86)\RetainPro_10\RP10WebUpdateCheck.exe (ENERCALC INC -> )
FirewallRules: [{18288C1C-192C-4AEB-B187-18EB9115227C}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks 2021\CefSharp.BrowserSubprocess.exe (The CefSharp Authors) [File not signed]
FirewallRules: [{D3AB1E2A-B438-4A8F-A331-35ED774B9ABA}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks 2021\CefSharp.BrowserSubprocess.exe (The CefSharp Authors) [File not signed]
FirewallRules: [{2CE0FF06-29AE-4D53-8AD0-40E28C8196A0}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks 2021\CefSharp.BrowserSubprocess.exe (The CefSharp Authors) [File not signed]
FirewallRules: [{6113E25B-4179-41DA-A876-1F836E05C573}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{53E0A91F-E699-469F-9966-083B4B5951BB}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks 2021\CefSharp.BrowserSubprocess.exe (The CefSharp Authors) [File not signed]
FirewallRules: [TCP Query User{C628164A-3011-4339-B9AF-BA9649004F58}C:\users\miles\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\miles\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{04C6BE8E-980F-404B-AAB8-9003BD4C7FA4}C:\users\miles\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\miles\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4AAF759D-0014-4595-95D4-20A54F7693E4}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{80014C18-5F87-4771-9768-1B6C331F3BD9}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A85533FD-4851-4B4D-8757-A59064165C56}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{61DF4CE1-4683-4F31-AFFE-5FB2A825FD26}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B61AC456-5819-4552-A861-88B0FF98FE8A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.102.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{E8301D52-D490-466D-8B7D-9D3849AE8CBC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.102.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{0B3379C3-0591-4480-BA8F-3AAFAE09EC88}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.102.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{BEBC82FF-0E22-4A12-B14B-36337B1B59FF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.102.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{A0811F82-46E7-44F0-A8F6-2B3C2D3681F6}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks 2021\CefSharp.BrowserSubprocess.exe (The CefSharp Authors) [File not signed]
FirewallRules: [{D4E68A3E-C369-4B7F-A743-4615328B0BCC}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks 2021\CefSharp.BrowserSubprocess.exe (The CefSharp Authors) [File not signed]
FirewallRules: [TCP Query User{0E1721F4-DD51-4D52-B715-21B94495AD82}C:\users\miles\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\miles\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{6FBBC570-6F12-4B51-AC3B-27C9FEFF5905}C:\users\miles\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\miles\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{32CEA10A-D3DF-47D2-B5F7-535912A492FD}] => (Allow) C:\Program Files\Intuit\QuickBooks 2024\CefSharp.BrowserSubprocess.exe (The CefSharp Authors) [File not signed]
FirewallRules: [{C4E63565-3D76-467A-AFC1-350159F4A2E1}] => (Allow) C:\Program Files\Intuit\QuickBooks 2024\CefSharp.BrowserSubprocess.exe (The CefSharp Authors) [File not signed]
FirewallRules: [{BD5F0E79-03AD-4FE3-B790-F9862BBD8CC2}] => (Allow) C:\Program Files (x86)\Intuit\QuickBooks 2021\CefSharp.BrowserSubprocess.exe (The CefSharp Authors) [File not signed]
FirewallRules: [{FFF7F5B8-E94C-4927-92E6-4FD85E158B12}] => (Allow) C:\Program Files\Intuit\QuickBooks 2024\CefSharp.BrowserSubprocess.exe (The CefSharp Authors) [File not signed]
FirewallRules: [{CBA2BF45-46CA-408E-97AB-92A8BA6E2DE5}] => (Allow) C:\Program Files\Intuit\QuickBooks 2024\CefSharp.BrowserSubprocess.exe (The CefSharp Authors) [File not signed]
FirewallRules: [{4B6FEA9F-18B6-454F-A2A5-7CD358938F9D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D49F86ED-1F42-419E-9E57-635E7DA9C83C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{986AEE06-2161-455B-84AD-457E71A4EC90}] => (Allow) C:\Program Files\Intuit\QuickBooks 2024\CefSharp.BrowserSubprocess.exe (The CefSharp Authors) [File not signed]
FirewallRules: [{5E577727-0F5C-47FD-8311-66357E637923}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.97\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D8A02345-F9A8-4D2D-A917-3AC637A064D8}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C9BE1A97-381C-49F2-8104-03912D4FDF60}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{88C98A2B-E19C-4536-87CD-2765CB503B07}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{251C7D62-51C4-4A35-9F33-D5B9C6AD1F9C}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{627685A1-A854-4B62-9531-184FEA8990A6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.119.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{520DF50F-E13B-48D9-A7E3-1C2C227B55DA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.119.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1CD77C56-AED9-411A-B8F6-F34C38989838}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.119.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8F84ADA1-4419-4BEC-A204-6F4F1C342123}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.119.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CA250C6C-9CEF-4B25-9F56-8032509BDA9A}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24102.2223.2870.9480_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{133F647B-7CC7-4829-81B5-2DC206110053}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24102.2223.2870.9480_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{462D78CB-D4A6-4DE1-8073-E53DD3FA33F7}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (05/16/2024 06:14:06 AM) (Source: PlayerLocationCheck) (EventID: 1) (User: )
Description: Event-ID 1
Error: (05/16/2024 06:14:01 AM) (Source: com.geocomply.vm-detector-microservice) (EventID: 1) (User: )
Description: Event-ID 1
Error: (05/16/2024 06:14:01 AM) (Source: com.geocomply.wifi-scanner-microservice) (EventID: 1) (User: )
Description: Event-ID 1
Error: (05/16/2024 06:14:00 AM) (Source: com.geocomply.internal-updater-microservice) (EventID: 1) (User: )
Description: Event-ID 1
Error: (05/16/2024 06:13:59 AM) (Source: com.geocomply.process-scanner-microservice) (EventID: 1) (User: )
Description: Event-ID 1
Error: (05/15/2024 06:10:12 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: Recovery phase failed.
Context: Application, SystemIndex Catalog
Details:
The gatherer is shutting down. (HRESULT : 0x80040d23) (0x80040d23)
Error: (05/15/2024 06:10:12 PM) (Source: Windows Search Service) (EventID: 3602) (User: )
Description: Error ID 1 happened in Windows Search recovery stage, please restart the service. If this error persists, please recreate the index.
Context: Application, SystemIndex Catalog
Details:
The gatherer is shutting down. (HRESULT : 0x80040d23) (0x80040d23)
Error: (05/15/2024 05:59:28 PM) (Source: PlayerLocationCheck) (EventID: 1) (User: )
Description: Event-ID 1
System errors:
=============
Error: (05/16/2024 06:14:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Microsoft Search in Bing service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (05/16/2024 06:14:56 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (60000 milliseconds) while waiting for the Microsoft Search in Bing service to connect.
Error: (05/16/2024 06:11:24 AM) (Source: DCOM) (EventID: 10010) (User: LOVELACE)
Description: The server {283EDD52-69B2-473D-BEB6-2C0B4C01FD73} did not register with DCOM within the required timeout.
Error: (05/16/2024 06:06:13 AM) (Source: DCOM) (EventID: 10010) (User: LOVELACE)
Description: The server {283EDD52-69B2-473D-BEB6-2C0B4C01FD73} did not register with DCOM within the required timeout.
Error: (05/16/2024 02:18:06 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (05/16/2024 02:18:04 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (05/16/2024 02:18:01 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (05/16/2024 02:17:58 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Windows Defender:
================
Date: 2024-05-15 02:07:36
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-05-14 02:07:33
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-05-13 02:07:32
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-05-12 10:40:39
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-05-11 02:07:32
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:
Date: 2024-01-17 03:12:27
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.403.2262.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.23110.2
Error code: 0x80240438
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2023-09-13 17:41:21
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence and will attempt to revert to a previous version.
Security intelligence Attempted: Current
Error Code: 0x80501102
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.
Security intelligence Version: 1.397.619.0;1.397.619.0
Engine Version: 1.1.23080.2005
Date: 2023-09-10 08:59:50
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.397.619.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.23080.2005
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2023-09-10 08:59:50
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.397.619.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.23080.2005
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2023-09-10 08:59:50
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.397.619.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.23080.2005
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
CodeIntegrity:
===============
Date: 2024-04-17 06:11:14
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2024-03-12 11:16:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.
Date: 2024-03-12 09:05:02
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbamsi32.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. 2.20.0 05/26/2022
Motherboard: Dell Inc. 06JWJY
Processor: Intel® Xeon® W-2223 CPU @ 3.60GHz
Percentage of memory in use: 46%
Total physical RAM: 16068.47 MB
Available physical RAM: 8517.86 MB
Total Virtual: 23748.47 MB
Available Virtual: 13570.55 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:464.52 GB) (Free:262.57 GB) (Model: TOSHIBA MQ01ACF050) NTFS
Drive d: (My Passport) (Fixed) (Total:1862.98 GB) (Free:545.45 GB) (Model: WD My Passport 0820 USB Device) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{c842310a-87b1-42be-b16b-7b96e6526c6d}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.39 GB) NTFS
\\?\Volume{f4f03920-0cda-4e62-b36f-25f41b56d7d8}\ (ESP) (Fixed) (Total:0.14 GB) (Free:0.1 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: CCBEB6F5)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: E05CEDA7)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================