Hello,
I hope you can help me. My computer has gotten so slow that it makes it difficult to get work done. Do you have any suggestions? My text files are pasted below.
Thanks, Mary
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.06.2024
Ran by mary (administrator) on 2020WS08 (Dell Inc. OptiPlex 7070) (02-06-2024 14:35:45)
Running from C:\Users\mary\Desktop\FRST64.exe
Loaded Profiles: mary & Administrator & bob & QBDataServiceUser31 & QBDataServiceUser34
Platform: Microsoft Windows 11 Pro Version 23H2 22631.3593 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBWebConnector3.0\Intuit.QBDT.Webconnector.QBWCMonitor.exe ->) (Intuit, Inc. -> ) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBWebConnector3.0\Intuit.QBDT.Webconnector.Application.exe
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\Intuit\QuickBooks 2024\QBW.EXE ->) (Intuit, Inc. -> Intuit Inc.) C:\Program Files\Intuit\QuickBooks 2024\qbmapi64.exe
(C:\Program Files\Intuit\QuickBooks 2024\QBW.EXE ->) (Intuit, Inc. -> SAP SE or an SAP affiliate company) C:\Program Files\Intuit\QuickBooks 2024\QBDBMgr.exe
(C:\Program Files\Intuit\QuickBooks 2024\QBW.EXE ->) (The CefSharp Authors) [File not signed] C:\Program Files\Intuit\QuickBooks 2024\CefSharp.BrowserSubprocess.exe <7>
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.97\msedgewebview2.exe <7>
(C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ai.exe <2>
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.10.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe <7>
(cmd.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_b18a4e283f67c0b5\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b18a4e283f67c0b5\igfxEM.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <12>
(explorer.exe ->) (Intuit, Inc. -> Intuit Inc.) C:\Program Files\Intuit\QuickBooks 2024\QBW.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\MSACCESS.EXE <4>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(explorer.exe ->) (SystemServer -> Intermedia.net, Inc.) C:\Users\mary\AppData\Local\Programs\Intermedia Unite\Intermedia Unite.exe <7>
(Microsoft Corporation -> Microsoft Corporation) C:\Users\mary\AppData\Local\Microsoft\OneDrive\24.091.0505.0003\Microsoft.SharePoint.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b18a4e283f67c0b5\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_d6e4236a0f82e7b4\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_5fe2e31c542e0065\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_fbef37f5b63dca79\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_fbef37f5b63dca79\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_9bda45a3425e7880\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_ab7d4ea1d12c01d4\WMIRegistrationService.exe
(services.exe ->) (Intuit Inc.) [File not signed] C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe
(services.exe ->) (Intuit Inc.) [File not signed] C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
(services.exe ->) (Intuit, Inc. -> ) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBWebConnector3.0\Intuit.QBDT.Webconnector.QBWCMonitor.exe
(services.exe ->) (Intuit, Inc. -> Intuit Inc.) C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(services.exe ->) (Intuit, Inc. -> Intuit Inc.) C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdateMonitorService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe
(services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c984e9ce714075ab\RtkAudUService64.exe <2>
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo8de.inf_amd64_b4d0b189ff2aba03\WavesSysSvc64.exe
(sihost.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.238.720.0_x64__zpdnekdrzrea0\Spotify.exe <6>
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Intuit, Inc. -> Intuit Inc.) C:\Program Files\Common Files\Intuit\QuickBooks\axlbridge.exe
(svchost.exe ->) (Intuit, Inc. -> Intuit Inc.) C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_7.124.5142.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.10.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\PrintDialog\PrintDialog.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c984e9ce714075ab\RtkAudUService64.exe [1345104 2021-09-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo8de.inf_amd64_b4d0b189ff2aba03\WavesSvc64.exe [1774584 2021-02-18] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [781552 2021-10-11] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\Installer\setup.exe [7182800 2024-05-31] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\RunOnce: [ccleaner_update_helper] => C:\Program Files\CCleaner\ccleaner_update_helper.exe [813368 2024-05-28] (PIRIFORM SOFTWARE LIMITED -> Piriform)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\91.0.2.0\GoogleDriveFS.exe [60955424 2024-05-28] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\91.0.2.0\GoogleDriveFS.exe [60955424 2024-05-28] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3979886858-3466003010-52152672-1116\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [8508832 2024-05-11] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3979886858-3466003010-52152672-1116\...\Run: [Intermedia Unite] => C:\Users\mary\AppData\Local\Programs\Intermedia Unite\Intermedia Unite.exe [165999464 2024-04-05] (SystemServer -> Intermedia.net, Inc.)
HKU\S-1-5-21-3979886858-3466003010-52152672-1116\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45380000 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3979886858-3466003010-52152672-1116\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\91.0.2.0\GoogleDriveFS.exe [60955424 2024-05-28] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3979886858-3466003010-52152672-1116\...\Run: [MicrosoftEdgeAutoLaunch_D93AF75D227E4510AE1D42E181D1834B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4136896 2024-05-30] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3979886858-3466003010-52152672-1116\...\Run: [CCleanerBrowserAutoLaunch_012365C4288EC115F2F0C751243D3576] => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3163248 2024-05-16] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
HKU\S-1-5-21-3979886858-3466003010-52152672-1116\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\mary\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3979886858-3466003010-52152672-1116\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\mary\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3979886858-3466003010-52152672-1116\...\RunOnce: [Uninstall 24.086.0428.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\mary\AppData\Local\Microsoft\OneDrive\24.086.0428.0003" [0 2024-05-24] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-3979886858-3466003010-52152672-500\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\91.0.2.0\GoogleDriveFS.exe [60955424 2024-05-28] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-4211803538-2084879006-1980355138-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\91.0.2.0\GoogleDriveFS.exe [60955424 2024-05-28] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-4211803538-2084879006-1980355138-1002\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\91.0.2.0\GoogleDriveFS.exe [60955424 2024-05-28] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-4211803538-2084879006-1980355138-1003\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\91.0.2.0\GoogleDriveFS.exe [60955424 2024-05-28] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\91.0.2.0\GoogleDriveFS.exe [60955424 2024-05-28] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [203936 2021-12-24] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\FaxUpload Port Monitor: C:\WINDOWS\system32\FaxUpMn15.dll [743248 2015-08-27] (ImageMAKER Development Inc. -> ImageMAKER Development Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\124.0.25069.209\Installer\chrmstp.exe [2024-05-23] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\125.0.6422.141\Installer\chrmstp.exe [2024-05-30] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\mary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2022-05-20]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk [2024-03-01]
ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit, Inc. -> Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2024-03-01]
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk [2024-03-01]
ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files\Intuit\QuickBooks 2024\QBW.EXE (Intuit, Inc. -> Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Vista Fax Daemon.lnk [2022-11-08]
ShortcutTarget: Vista Fax Daemon.lnk -> C:\Program Files (x86)\Common Files\ImageMAKER\Vstdaemon.exe (ImageMAKER Development Inc. -> ImageMAKER Development Inc.)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
"C:\Windows\System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA}" was unlocked. <==== ATTENTION
"C:\Windows\System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202}" was unlocked. <==== ATTENTION
Task: {961B54B9-924B-4742-A0FB-FD77C10999BF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {DB184396-39A2-4C99-9B78-06110472DF6C} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {6992DA9C-F6D7-4BEA-BB9D-C4EE63D0402D} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3163248 2024-05-16] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
Task: {242C17E2-A9E0-420E-B645-569388B365A8} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3163248 2024-05-16] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
Task: {E5D60B1C-703B-43F7-B9BB-7BEC182D089B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {655B1CA2-7C3E-4E2C-95AE-F2255BDC56CD} - System32\Tasks\CCleanerBrowserProtectS-1-5-21-3979886858-3466003010-52152672-1116 => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowserProtect.exe [1717416 2024-04-23] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
Task: {2F0323EB-71EF-49F9-A9C4-767DA1BA1228} - System32\Tasks\CCleanerClean => C:\Program Files\CCleaner\CCleaner.exe [39118752 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {518A2AB6-35C2-4C5E-A010-890BDABA914B} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5074848 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "f4ad30d1-b391-4157-ac2d-d30e803a04aa" --version "6.23.11010" --silent
Task: {B8F485D1-52C1-48A4-9DDC-1EEFC74372A8} - System32\Tasks\CCleanerSkipUAC - mary => C:\Program Files\CCleaner\CCleaner.exe [39118752 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {1A0AED4A-6AD6-45F9-B352-9B62E2C9563F} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {961CA466-F0B9-4A2A-B589-2E526551DB6C} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {32FAA249-3876-4F54-854D-2029AF2A450E} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5439240 2024-05-14] (Microsoft Windows -> Microsoft Corporation)
Task: {997BF022-BFF8-43F4-B56C-4E9F7AAE12F9} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\FrameworkAgents\SupportAssistInstaller.exe [665952 2022-06-21] (Dell Inc -> Dell Inc.) -> C:\Program Files\Dell\SupportAssistAgent\bin\AutoUpdate
Task: {66465A48-3014-404F-8045-980AC8272A2E} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem127.0.6490.0{A1AF9303-C083-4C9E-83EA-D6B9B5F21709} => C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
Task: {4C0229B4-D461-4891-A5BD-024B06F88416} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28435936 2024-05-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {AB0362AC-347B-4AA5-A41D-F84AFCA83390} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28435936 2024-05-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {EDEBCD00-CDF0-4499-8EAD-429F2ED5E678} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309832 2024-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {8F05A58A-9F24-498A-9ED8-DE02FA5AA063} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309832 2024-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {4BBD5287-C140-4084-99FB-BB20C3A937A2} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [168928 2024-04-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {17CC246F-4923-428E-9212-8302E2CE9BA0} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16\OLicenseHeartbeat.exe [517112 2024-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {4E336F66-C193-4C7D-BC2E-81DD4896DBAD} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\WINDOWS\system32\gpupdate.exe [53248 2024-03-12] (Microsoft Windows -> Microsoft Corporation)
Task: {A0D0DFF6-E582-4D8E-BCD2-8152403CCC10} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\WINDOWS\system32\gpupdate.exe [53248 2024-03-12] (Microsoft Windows -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {A2BFA4C3-E046-4A9D-A0BB-BF71FED3F887} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {A0BAA87C-5CE3-4CA9-942B-82AED3D4C416} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC ReadyToReboot (No File)
Task: {B25636AC-0AED-4EFE-88FF-49BA5C141D03} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery ReadyToReboot (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {2BC53148-B7B1-4C11-82AE-12402A22745D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-05-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1E68F916-3F6B-48A2-AB8E-0B6C779E79A5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-05-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E227D19E-F257-4F12-9E72-6CF44CCFA337} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-05-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3C140B93-0609-4C7E-8B0C-7974C9E72756} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-05-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6CDD7EF7-DD58-450A-8E17-1C40D804DF55} - System32\Tasks\QBScheduledReport => C:\Program Files (x86)\Common Files\Intuit\QuickBooks\ScheduledReports\ScheduledReports.Scheduler.exe (No File)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerClean.job => C:\Program Files\CCleaner\CCleaner.exe
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{effb5a57-65fe-4a33-ace5-bc2d29cc3452}: [NameServer] 192.168.254.2,8.8.8.8
Edge:
=======
Edge Profile: C:\Users\mary\AppData\Local\Microsoft\Edge\User Data\Default [2024-05-23]
Edge Extension: (PayPal Honey: Automatic Coupons & Cash Back) - C:\Users\mary\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\amnbcmdbanbkjhnfoeceemmmdiepnbpp [2024-02-29]
Edge Extension: (Dropbox for Gmail) - C:\Users\mary\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2021-08-31]
Edge Extension: (Google Docs Offline) - C:\Users\mary\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-26]
Edge Extension: (Google Mail Checker) - C:\Users\mary\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\glbpkcehjkihaknkjifkehdpjfngbdga [2020-10-21]
Edge Extension: (Amazon Assistant) - C:\Users\mary\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hkmnokmdbkkafgmpfhhiniclfnfpmogj [2023-03-30]
Edge Extension: (Cisco Webex Extension) - C:\Users\mary\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ikdddppdhmjcdfgilpnbkdeggoiicjgo [2022-07-22]
Edge Extension: (Chrome Remote Desktop) - C:\Users\mary\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2022-12-07]
Edge Extension: (Pinterest Save Button) - C:\Users\mary\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jfcjijcigimhjjdimpghneggnegiphhh [2020-10-21]
Edge Extension: (Edge relevant text changes) - C:\Users\mary\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-08]
Edge Extension: (Zoom Chrome Extension) - C:\Users\mary\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kgjfgplpablkjnlkjmjdecgdpfankdle [2024-04-22]
Edge Extension: (ClassLink OneClick Extension) - C:\Users\mary\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\liidigofnkchhgmbdfmmbfcodpecmcii [2023-10-11]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-09-11]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-10-11] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-05-11] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-10-11] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\mary\AppData\Local\Google\Chrome\User Data\Default [2024-05-08]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\mary\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-07-06]
CHR Extension: (Google Docs Offline) - C:\Users\mary\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-11]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\mary\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-04-21]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\mary\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-03-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\mary\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-09-23]
CHR Profile: C:\Users\mary\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-05-08]
CHR Profile: C:\Users\mary\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-06-02]
CHR DownloadDir: C:\Users\mary\Desktop
CHR Notifications: Profile 1 -> hxxps://buildertrend.net; hxxps://calendar.google.com; hxxps://fsastore.com; hxxps://my.norton.com; hxxps://therecipecritic.com; hxxps://www.accuweather.com; hxxps://www.crowdcast.io; hxxps://www.facebook.com; hxxps://www.fashionholla.com; hxxps://www.harney.com; hxxps://www.marthastewart.com; hxxps://www.messenger.com; hxxps://www.netflix.com; hxxps://www.pinterest.com; hxxps://www.soundstrue.com
CHR Extension: (Norton Password Manager) - C:\Users\mary\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\admmjipmmciaobhojoghlmleefbicajg [2024-05-16]
CHR Extension: (PayPal Honey: Automatic Coupons & Cash Back) - C:\Users\mary\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2024-04-05]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\mary\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-05-28]
CHR Extension: (Google Docs Offline) - C:\Users\mary\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-20]
CHR Extension: (Save to Pinterest) - C:\Users\mary\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2024-05-23]
CHR Extension: (TiltShiftMaker) - C:\Users\mary\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hjjofhgnhekhkccpcnnloagmdpafifeo [2022-07-20]
CHR Extension: (Crackle) - C:\Users\mary\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ibfamoapbmmmlknoopmmfofgladlinic [2022-07-20]
CHR Extension: (My Downloads) - C:\Users\mary\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ienfdfooajmkbebiaplehejbamefbboi [2024-01-21]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\mary\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-05-20]
CHR Extension: (The Washington Post) - C:\Users\mary\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ilgaabojccagggalemipkfjbcdemjgee [2022-07-20]
CHR Extension: (Chrome Remote Desktop) - C:\Users\mary\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2022-12-06]
CHR Extension: (ClassLink OneClick Extension) - C:\Users\mary\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jgfbgkjjlonelmpenhpfeeljjlcgnkpe [2024-05-08]
CHR Extension: (Grammarly: AI Writing and Grammar Checker App) - C:\Users\mary\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2024-05-30]
CHR Extension: (Zoom Chrome Extension) - C:\Users\mary\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kgjfgplpablkjnlkjmjdecgdpfankdle [2024-04-22]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\mary\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-22]
CHR Extension: (Google Mail Checker) - C:\Users\mary\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2022-07-20]
CHR Extension: (Capital One Shopping: Save Now) - C:\Users\mary\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2024-05-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\mary\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-07-20]
CHR Profile: C:\Users\mary\AppData\Local\Google\Chrome\User Data\System Profile [2024-06-02]
CHR HKU\.DEFAULT\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-3979886858-3466003010-52152672-1116\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-3979886858-3466003010-52152672-1116\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3815712 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3580200 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\124.0.25069.209\elevation_service.exe [1745424 2024-05-16] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1085856 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14248016 2024-05-09] (Microsoft Corporation -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [458960 2022-05-20] (Dell Inc -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [138448 2022-05-20] (Dell Inc -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [484560 2022-05-20] (Dell Inc -> Dell Technologies Inc.)
S4 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [55712 2022-08-01] (Dell Inc -> )
S4 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [44448 2022-04-27] (Dell Inc -> )
S4 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [134560 2022-02-19] (Dell Inc -> Dell)
S2 GoogleUpdaterInternalService127.0.6490.0; C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
S2 GoogleUpdaterService127.0.6490.0; C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8887344 2024-05-07] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-05-02] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe [1505416 2024-05-28] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 MicrosoftSearchInBing; C:\Program Files (x86)\Microsoft\Microsoft Search in Bing\MicrosoftSearchInBing.exe [21376 2020-04-20] (Microsoft Corporation -> )
R3 QBFCService; C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [65536 2023-11-10] (Intuit Inc.) [File not signed]
R2 QBUpdateMonitorService; C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdateMonitorService.exe [52800 2023-11-10] (Intuit, Inc. -> Intuit Inc.)
R2 QBVSS; C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe [1570816 2023-11-10] (Intuit Inc.) [File not signed]
R2 QBWCMonitor; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBWebConnector3.0\Intuit.QBDT.Webconnector.QBWCMonitor.exe [47392 2024-02-26] (Intuit, Inc. -> )
S4 QuickBooksDB34; C:\Program Files\Intuit\QuickBooks 2024\QBDBMgrN.exe [142912 2024-03-12] (Intuit, Inc. -> SAP SE or an SAP affiliate company)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522184 2024-05-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [137056 2022-06-21] (Dell Inc -> Dell Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe [3236728 2024-05-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe [133704 2024-05-28] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 QuickBooksDB31; C:\QuickBooks Premier Edition 2021\QBDBMgrN.exe -hvQuickBooksDB31 [X]
S4 ZoomCptService; "C:\Program Files\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\mary\AppData\Roaming\Zoom"
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [532480 2023-04-12] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [184320 2023-04-12] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-06] (Microsoft Corporation) [File not signed]
R3 CyUcmClient_Device; C:\WINDOWS\System32\drivers\CyUcmClient.sys [156600 2019-01-30] (Cypress Semiconductor Corporation -> Cypress Semiconductor Corporation)
R3 DellInstrumentation; C:\WINDOWS\System32\drivers\DellInstrumentation.sys [37808 2022-05-20] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
R3 e1dexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e1d.inf_amd64_e98edae1bc7c25e7\e1d.sys [618128 2022-09-02] (Intel Corporation -> Intel Corporation)
R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2023-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223184 2024-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-05-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-05-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKslb9510bdd; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CDC75520-8012-48FC-AB65-F4ED351E8184}\MpKslDrv.sys [271648 2024-06-02] (Microsoft Windows -> Microsoft Corporation)
R0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22080 2024-05-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-06] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602520 2024-05-28] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105880 2024-05-28] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-06-02 14:35 - 2024-06-02 14:39 - 000042216 _____ C:\Users\mary\Desktop\FRST.txt
2024-06-02 14:35 - 2024-06-02 14:35 - 000000000 ____D C:\Users\mary\Desktop\FRST-OlderVersion
2024-06-02 14:34 - 2024-06-02 14:37 - 000000000 ____D C:\FRST
2024-06-02 14:33 - 2024-06-02 14:35 - 002395136 _____ (Farbar) C:\Users\mary\Desktop\FRST64.exe
2024-06-02 14:29 - 2024-06-02 14:29 - 002299904 _____ (Farbar) C:\Users\mary\Downloads\FRST64 (2).exe
2024-06-02 14:28 - 2024-06-02 14:28 - 002299904 _____ (Farbar) C:\Users\mary\Downloads\FRST64.exe
2024-06-02 14:28 - 2024-06-02 14:28 - 002299904 _____ (Farbar) C:\Users\mary\Downloads\FRST64 (1).exe
2024-05-31 12:08 - 2024-05-31 12:08 - 000155098 _____ C:\Users\mary\Desktop\INV 3938.pdf
2024-05-29 13:11 - 2024-05-29 13:11 - 000138617 _____ C:\Users\mary\Desktop\THAI TEST KITCHEN _ Online Receipt.pdf
2024-05-28 09:38 - 2024-05-28 09:38 - 007578108 _____ C:\Users\mary\Downloads\Samantha Set.pdf
2024-05-28 09:38 - 2024-05-28 09:38 - 003641426 _____ C:\Users\mary\Downloads\workshop archetect drawings.pdf
2024-05-28 09:37 - 2024-05-28 09:38 - 000686810 _____ C:\Users\mary\Downloads\Truss reciept.pdf
2024-05-24 11:57 - 2024-05-24 11:57 - 036750844 _____ C:\Users\mary\Downloads\KEVIN WHEELER SD CORRECTED 5-23-24 corrected (1).pdf
2024-05-24 09:23 - 2024-05-24 09:23 - 036750844 _____ C:\Users\mary\Downloads\KEVIN WHEELER SD CORRECTED 5-23-24 corrected.pdf
2024-05-23 09:06 - 2024-05-23 09:06 - 000019186 _____ C:\Users\mary\Downloads\15165585039_052324_0623 (1).pdf
2024-05-23 09:04 - 2024-05-23 09:05 - 000019186 _____ C:\Users\mary\Downloads\15165585039_052324_0623.pdf
2024-05-22 08:52 - 2024-05-22 08:52 - 000037128 _____ C:\Users\mary\Downloads\052124_2018.pdf
2024-05-16 16:49 - 2024-05-16 16:49 - 005383380 _____ C:\Users\mary\Downloads\Trailside-Fitness-12-Week-Training-Program.pdf
2024-05-14 22:05 - 2024-05-14 22:12 - 000000000 ___HD C:\$WinREAgent
2024-05-14 15:18 - 2024-05-14 15:18 - 036751974 _____ C:\Users\mary\Downloads\KEVIN WHEELER SD 5-14-24 CITY CORRECTED.pdf
2024-05-14 10:29 - 2024-05-14 10:29 - 005934884 _____ C:\Users\mary\Downloads\Full_Moon_in_Sagittarius_-_Color.pdf
2024-05-14 08:31 - 2024-05-14 08:31 - 034387145 _____ C:\Users\mary\Downloads\WWII Construction Drawings Set.pdf
2024-05-13 13:18 - 2024-05-13 13:19 - 017758280 _____ C:\Users\mary\Downloads\WEINGARDEN.zip
2024-05-10 13:06 - 2024-05-10 13:06 - 000438818 _____ C:\Users\mary\Downloads\Resource list for Transition 2024.pdf
2024-05-09 09:49 - 2024-05-09 09:49 - 000012132 _____ C:\Users\mary\Downloads\AF trust report (1).pdf
2024-05-09 08:06 - 2024-05-09 08:06 - 045439195 _____ C:\Users\mary\Downloads\iCloud Photos from James Fitzpatrick.zip
2024-05-06 15:48 - 2024-05-06 15:48 - 015928406 _____ C:\Users\mary\Downloads\424 Palomar west (#7463).zip
2024-05-06 08:27 - 2024-05-06 08:27 - 000029200 _____ C:\WINDOWS\system32\lc.dat
2024-05-06 08:26 - 2024-05-06 08:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoom
2024-05-03 08:44 - 2024-05-03 08:45 - 507056932 _____ C:\Users\mary\Downloads\220 East Cliff - 2024.zip
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-06-02 14:42 - 2020-10-26 13:42 - 000000000 ____D C:\Users\mary\Documents\Outlook Files
2024-06-02 14:36 - 2020-10-09 14:47 - 000000128 _____ C:\WINDOWS\system32\config\netlogon.ftl
2024-06-02 14:33 - 2024-05-02 18:07 - 000000000 ____D C:\Users\mary\AppData\Local\Malwarebytes
2024-06-02 14:16 - 2023-04-12 09:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-06-02 14:16 - 2022-05-06 22:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-06-02 08:48 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-06-02 06:42 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-06-01 11:32 - 2020-10-19 14:22 - 000000000 ____D C:\Users\mary\AppData\Local\D3DSCache
2024-05-31 20:58 - 2022-05-06 22:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-05-31 20:58 - 2020-09-11 04:41 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-05-31 15:57 - 2023-04-12 10:04 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-05-31 15:27 - 2020-10-19 14:57 - 000000000 ____D C:\Users\mary\AppData\Roaming\Microsoft\Word
2024-05-31 15:10 - 2020-10-19 16:23 - 000000000 ____D C:\Users\mary\AppData\Roaming\Microsoft\Excel
2024-05-31 15:09 - 2020-10-19 14:28 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2024-05-31 14:27 - 2020-10-19 10:58 - 000000000 ____D C:\Users\mary\AppData\Local\Packages
2024-05-31 12:36 - 2020-10-19 14:53 - 000000000 ____D C:\Users\mary\AppData\Roaming\Microsoft\Access
2024-05-31 09:31 - 2020-10-19 13:56 - 000000000 ____D C:\Users\mary\AppData\Roaming\Microsoft\Outlook
2024-05-30 17:46 - 2022-06-09 10:47 - 000000000 ____D C:\Program Files\CCleaner
2024-05-30 14:31 - 2020-10-09 14:47 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-05-30 14:31 - 2020-10-09 14:47 - 000002208 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-05-30 11:12 - 2020-10-19 13:04 - 000000000 ____D C:\Users\mary\Desktop\Letters of inspection
2024-05-30 09:29 - 2022-02-11 12:10 - 000000000 ____D C:\Users\mary\AppData\Local\CrashDumps
2024-05-29 16:41 - 2020-10-19 13:04 - 000000000 ____D C:\Users\mary\Desktop\Inspection 1-29-19
2024-05-28 18:13 - 2020-09-11 04:31 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-05-28 15:32 - 2022-07-20 12:39 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2024-05-28 15:32 - 2022-07-20 12:39 - 000002046 _____ C:\Users\mary\Desktop\Google Drive.lnk
2024-05-28 15:32 - 2020-10-09 14:46 - 000000000 ____D C:\Program Files (x86)\Google
2024-05-28 01:51 - 2023-04-12 10:04 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-05-28 01:51 - 2023-04-12 10:04 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-05-24 15:25 - 2020-10-20 10:52 - 000000000 ____D C:\Users\mary\AppData\Roaming\Intermedia Unite
2024-05-24 14:30 - 2023-04-12 10:04 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3979886858-3466003010-52152672-1116
2024-05-24 14:30 - 2023-04-12 10:04 - 000003360 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3979886858-3466003010-52152672-1116
2024-05-24 14:30 - 2020-10-19 10:59 - 000002378 _____ C:\Users\mary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-05-24 08:28 - 2020-10-19 10:58 - 000000000 __SHD C:\Users\mary\IntelGraphicsProfiles
2024-05-23 22:46 - 2022-05-06 22:22 - 000000000 ____D C:\WINDOWS\INF
2024-05-23 19:49 - 2022-05-06 22:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-05-23 19:38 - 2023-04-12 09:56 - 000804924 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-05-23 19:32 - 2023-04-12 09:38 - 000502712 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-05-23 19:31 - 2023-04-12 10:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-05-23 19:31 - 2020-09-11 04:32 - 000000000 ____D C:\Intel
2024-05-23 19:30 - 2020-09-11 04:31 - 000012288 ___SH C:\DumpStack.log.tmp
2024-05-23 19:29 - 2022-05-06 22:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-05-23 19:26 - 2023-10-10 19:01 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-05-23 19:26 - 2022-05-06 22:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-05-23 19:26 - 2022-05-06 22:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-05-23 19:26 - 2022-05-06 22:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-05-23 19:26 - 2022-05-06 22:24 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-05-23 19:26 - 2022-05-06 22:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-05-23 19:26 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\UUS
2024-05-23 19:26 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-05-23 19:26 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2024-05-23 19:26 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-05-23 19:26 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-05-23 19:26 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-05-23 19:26 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-05-23 19:26 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-05-23 19:26 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-05-23 19:26 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-05-23 19:26 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\setup
2024-05-23 19:26 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-05-23 19:26 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-05-23 19:26 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-05-23 19:26 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2024-05-23 19:26 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-05-23 19:26 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-05-23 19:25 - 2022-05-07 00:39 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2024-05-23 19:25 - 2022-05-07 00:39 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-05-23 19:25 - 2022-05-06 22:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-05-23 19:25 - 2022-05-06 22:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-05-23 19:25 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\SystemApps
2024-05-23 19:25 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-05-23 19:25 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-05-23 19:25 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-05-23 19:25 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\BrowserCore
2024-05-23 19:25 - 2022-05-06 22:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-05-23 19:25 - 2022-05-06 22:17 - 000000000 ____D C:\WINDOWS\servicing
2024-05-23 19:11 - 2020-09-11 04:50 - 000000000 ____D C:\Program Files\Microsoft Office
2024-05-23 08:28 - 2022-06-09 10:50 - 000002389 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2024-05-23 08:28 - 2022-06-09 10:50 - 000002354 _____ C:\Users\Public\Desktop\CCleaner Browser.lnk
2024-05-23 08:28 - 2022-06-09 10:49 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2024-05-16 17:12 - 2022-10-11 14:40 - 000002116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk
2024-05-16 17:12 - 2022-10-11 14:40 - 000002105 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-05-16 09:33 - 2020-10-19 13:04 - 000000000 ____D C:\Users\mary\Desktop\Mary's Documents
2024-05-14 23:04 - 2022-05-06 22:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-05-14 23:03 - 2022-05-06 22:25 - 000077312 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2024-05-14 23:03 - 2022-05-06 22:24 - 000118784 _____ (Khronos Group) C:\WINDOWS\system32\opencl.dll
2024-05-14 22:41 - 2023-04-12 09:42 - 003214336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-05-14 21:26 - 2020-10-20 02:17 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-05-14 21:10 - 2020-10-20 02:17 - 196465576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-05-11 18:02 - 2020-09-11 04:58 - 000000000 ____D C:\ProgramData\Packages
2024-05-06 08:26 - 2024-03-28 17:34 - 000000000 ____D C:\Program Files\Zoom
2024-05-06 08:26 - 2020-10-20 08:04 - 000000000 ____D C:\Users\mary\AppData\Local\SquirrelTemp
2024-05-06 08:25 - 2024-03-28 17:36 - 000002411 _____ C:\Users\mary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams classic (work or school).lnk
2024-05-06 08:25 - 2020-10-20 08:05 - 000000000 ____D C:\Users\mary\AppData\Roaming\Microsoft\Teams
==================== Files in the root of some directories ========
2024-03-01 11:08 - 2024-03-01 11:08 - 055178864 _____ (Intuit Inc.) C:\Users\mary\QuickBooksToolHub.exe
2023-11-10 16:05 - 2023-11-10 16:05 - 000514112 _____ (Intuit Inc.) C:\Program Files\Common Files\GraphSeriesCol.dll
2021-04-21 11:12 - 2021-04-21 12:33 - 000031847 _____ () C:\Users\mary\AppData\Roaming\QBFileDrTool.log
2020-10-19 14:42 - 2020-10-19 14:42 - 000000000 _____ () C:\Users\mary\AppData\Local\oobelibMkey.log
2021-12-15 10:06 - 2022-06-09 10:45 - 000007597 _____ () C:\Users\mary\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.06.2024
Ran by mary (02-06-2024 14:44:55)
Running from C:\Users\mary\Desktop
Microsoft Windows 11 Pro Version 23H2 22631.3593 (X64) (2023-04-12 17:08:58)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-4211803538-2084879006-1980355138-500 - Administrator - Disabled)
bob (S-1-5-21-4211803538-2084879006-1980355138-1001 - Administrator - Enabled) => C:\Users\bob
DefaultAccount (S-1-5-21-4211803538-2084879006-1980355138-503 - Limited - Disabled)
Guest (S-1-5-21-4211803538-2084879006-1980355138-501 - Limited - Disabled)
QBDataServiceUser31 (S-1-5-21-4211803538-2084879006-1980355138-1002 - Limited - Enabled) => C:\Users\QBDataServiceUser31
QBDataServiceUser34 (S-1-5-21-4211803538-2084879006-1980355138-1003 - Limited - Enabled) => C:\Users\QBDataServiceUser34
WDAGUtilityAccount (S-1-5-21-4211803538-2084879006-1980355138-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ABS PDF Install (HKLM-x32\...\{C42DD564-7DCD-4555-A7F3-15C0F46221D0}) (Version: 4.2.2 - Atlas Business Solutions, Inc.)
Adobe Acrobat (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 24.002.20759 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.6.5.58 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.7.0.35 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601067}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Amazon Kindle (HKU\S-1-5-21-3979886858-3466003010-52152672-1116\...\Amazon Kindle) (Version: 1.34.1.63103 - Amazon)
CCleaner (HKLM\...\CCleaner) (Version: 6.23 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 124.0.25069.209 - Gen Digital Inc.)
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1583.3 - Piriform Software) Hidden
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
DefaultPackMSI (HKLM-x32\...\{D066B018-448B-40C5-9034-259BBCC49351}) (Version: 4.6.2.0 - Microsoft) Hidden
Dell Command | Update for Windows 10 (HKLM\...\{4CCADC13-F3AE-454F-B724-33F6D4E52022}) (Version: 4.1.0 - Dell Inc.)
Dell Digital Delivery Services (HKLM-x32\...\{E530ABB7-9DCC-421B-B751-484375E8374A}) (Version: 5.0.49.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\{4F8A3BC3-641C-4B0D-AF46-EA3354016EA7}) (Version: 3.11.4.29 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{08E7C8D5-F2B5-4F09-B0EA-F28913BEFDB0}) (Version: 5.5.1.16143 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{2a8bafd6-22ae-4d0e-87a4-686b2a4a2ab0}) (Version: 5.5.1.16143 - Dell Inc.)
Dynamic Application Loader Host Interface Service (HKLM\...\{ECFC785A-9107-4259-9288-0ABC86C0F6AB}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Fax Upload (HKLM-x32\...\Fax Upload) (Version: - )
GlanceGuest version 4.17.1.19 (HKLM-x32\...\{F5AC5408-CC29-47C0-AD53-1BBBF268B364}_is1) (Version: 4.17.1.19 - Glance Networks, Inc.)
Google Chrome (HKLM\...\{5855610A-61B6-3325-AAA6-DED6B90CEF8D}) (Version: 125.0.6422.141 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 91.0.2.0 - Google LLC)
GoTo Opener (HKLM-x32\...\{C2A61D74-BB65-42AD-B81F-AC25E1F7DE02}) (Version: 1.0.536 - LogMeIn, Inc.)
Intel® Chipset Device Software (HKLM\...\{19D17223-0F9C-4155-8057-AA6F49A26E69}) (Version: 10.1.17861.8101 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{fcfc894b-0d54-4d39-826f-dcb39ce5dde7}) (Version: 10.1.17861.8101 - Intel® Corporation)
Intel® Icls (HKLM\...\{27946170-623E-45A2-9D7F-BEC95A5B78E6}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® LMS (HKLM\...\{364EE9BC-EB74-4436-B502-FA8FF2F7153F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2036.15.0.1835 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{69263849-1C5F-42A0-B973-141BA15107A0}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{DCC7FC90-C9BC-445B-A12B-ACC4278102BA}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{FEAA68D6-DA1D-4440-91B6-43906444FA49}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Driver (HKLM\...\{E34D6B17-6F86-49F8-AECB-DE7B543A5960}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Wireless Manageability Driver (HKLM\...\{29B1F6D5-A3D3-45D8-9F53-EA9F0D4FC6DF}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Wireless Manageability Driver Extension (HKLM\...\{4088EEA3-A5CC-4CEA-ACA5-4F88191D0499}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intermedia Unite 2.15.187 (HKU\S-1-5-21-3979886858-3466003010-52152672-1116\...\9962f338-b12b-54d0-a4f5-eba7ff612061) (Version: 2.15.187 - Intermedia.net, Inc.)
Malwarebytes version 5.1.4.112 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.1.4.112 - Malwarebytes)
Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM-x32\...\{a699b48e-5748-4980-ad92-0b61b1d9d718}) (Version: 5.0.17.31213 - Microsoft Corporation)
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.17531.20152 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 125.0.2535.79 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 125.0.2535.79 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3979886858-3466003010-52152672-1116\...\OneDriveSetup.exe) (Version: 24.091.0505.0003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3979886858-3466003010-52152672-500\...\OneDriveSetup.exe) (Version: 20.169.0823.0006 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4211803538-2084879006-1980355138-1001\...\OneDriveSetup.exe) (Version: 19.043.0304.0013 - Microsoft Corporation)
Microsoft Search in Bing (HKLM-x32\...\{C17F6DEF-D34C-4B75-97E1-D81062408B4A}) (Version: 2.0.2 - Microsoft Corporation)
Microsoft Teams classic (HKU\S-1-5-21-3979886858-3466003010-52152672-1116\...\Teams) (Version: 1.7.00.10152 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33135 (HKLM-x32\...\{c649ede4-f16a-4486-a117-dcc2f2a35165}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.33135 (HKLM-x32\...\{46c3b171-c15c-4137-8e1d-67eeb2985b44}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33135 (HKLM\...\{19AFE054-CA83-45D5-A9DB-4108EF4BD391}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33135 (HKLM\...\{AA0C8AB5-7297-4D46-A0D9-08096FE59E46}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.38.33135 (HKLM-x32\...\{9C19C103-7DB1-44D1-A039-2C076A633A38}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.38.33135 (HKLM-x32\...\{286DC39B-5FB7-4AFF-9DD4-22DB47664CD7}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17425.20146 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17531.20152 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
OptaneDowngradeGuard (HKLM\...\{86B0E6C1-32E0-42CC-BC4F-BF3C0730CECB}) (Version: 18.0.0.0 - Intel Corporation) Hidden
QuickBooks (HKLM\...\{0A88B9C9-D3AE-4BC9-8DAB-44587CED8FF5}) (Version: 34.0.4006.3401 - Intuit Inc.) Hidden
QuickBooks Premier Edition 2024 (HKLM\...\{0B6C7039-7D8B-4F21-A87A-8CB687908C4D}) (Version: 34.0.4004.3401 - Intuit Inc.)
QuickBooks Runtime Redistributable (HKLM\...\{F2A4F809-2DE6-4D27-888B-4D2BB8DAF20E}) (Version: 1.00.0000 - Intuit Inc.)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8940.1 - Realtek Semiconductor Corp.)
RstDowngradeGuard (HKLM\...\{13C2A26E-7AD4-4D82-BB4F-DEA6E871B958}) (Version: 18.0.0.0 - Intel Corporation) Hidden
SIP ALG Detector 1.3.0 (only current user) (HKU\S-1-5-21-3979886858-3466003010-52152672-1116\...\23b40b0e-1734-5217-b8ef-22dbe914e37b) (Version: 1.3.0 - SIP ALG Detector)
Tftpd64 Standalone Edition (remove only) (HKLM-x32\...\Tftpd64) (Version: - )
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
Zoom Outlook Plugin (HKLM-x32\...\{F4E64D16-21FD-43A3-9E5F-55D8ECC5E14B}) (Version: 5.17.10 - Zoom)
Zoom Workplace (64-bit) (HKLM\...\{57D6B477-1B0C-4C4B-8479-A89ACFDFD875}) (Version: 6.0.38135 - Zoom)
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-10-19] (Adobe Systems Incorporated)
Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC [2024-05-16] ()
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2020-10-19] (Adobe Systems Incorporated)
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5487.0_x64__8j3eq9eme6ctt [2024-05-17] (INTEL CORP) [Startup Task]
Bountiful Cottage Gardens -> C:\Program Files\WindowsApps\Microsoft.BountifulCottageGardens_1.0.0.0_neutral__8wekyb3d8bbwe [2021-01-27] (Microsoft Corporation)
Dell Command | Update -> C:\Program Files\WindowsApps\DellInc.DellCommandUpdate_4.1.17.0_x86__htrsf667h5kn2 [2021-02-04] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_5.0.86.0_x64__htrsf667h5kn2 [2024-02-29] (Dell Inc)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.11.20.0_x64__htrsf667h5kn2 [2022-07-13] (Dell Inc)
DellTypeCStatus -> C:\Program Files\WindowsApps\MSWP.DellTypeCStatus_4.2.2629.0_x64__9j0h69dmw0fzc [2022-07-05] (WISTRON CORPORATION) [Startup Task]
DTS Sound Unbound -> C:\Program Files\WindowsApps\DTSInc.DTSSoundUnbound_2024.2.0.0_x64__t5j2fzbtdg37r [2024-04-15] (DTS, Inc.)
Intel® Management and Security Status -> C:\Program Files\WindowsApps\AppUp.IntelManagementandSecurityStatus_2328.5.2.0_x64__8j3eq9eme6ctt [2024-04-25] (INTEL CORP) [Startup Task]
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1041.0_x64__8j3eq9eme6ctt [2024-04-05] (INTEL CORP)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa [2024-05-08] (Apple Inc.) [Startup Task]
Media Suite Essentials -> C:\Program Files\WindowsApps\DB6EA5DB.MediaSuiteEssentialsforDell_2.6.15823.0_x86__mcezb6ze687jp [2024-02-27] (CYBERLINK CORPORATION.)
Microsoft Teams (work or school) -> C:\Program Files\WindowsApps\MSTeams_23306.3314.2555.9628_x64__8wekyb3d8bbwe [2023-12-05] (Microsoft) [Startup Task]
Microsoft.MPEG2VideoExtension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-08-09] (Microsoft Corporation)
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24051.39.0_x64__cw5n1h2txyewy [2024-05-30] (Microsoft Windows) [Startup Task]
Partner Promo -> C:\Program Files\WindowsApps\DellInc.PartnerPromo_1.0.21.0_x64__htrsf667h5kn2 [2020-09-11] (Dell Inc)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-02-11] (Microsoft Corporation)
Power Media Player for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerMediaPlayerforDell_14.2.4925.0_x86__mcezb6ze687jp [2022-08-11] (CYBERLINK CORPORATION.)
Power2Go for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.Power2GoforDell_11.0.3920.0_x86__mcezb6ze687jp [2020-09-11] (CYBERLINK CORPORATION.) [Startup Task]
PowerDirector for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerDirectorforDell_15.0.4409.0_x64__mcezb6ze687jp [2020-10-19] (CYBERLINK CORPORATION.)
Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.3012.0_x64__8wekyb3d8bbwe [2023-06-13] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.238.720.0_x64__zpdnekdrzrea0 [2024-05-27] (Spotify AB) [Startup Task]
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2024-05-06] (Microsoft Corporation)
Waves MaxxAudio Pro for Dell 2019 -> C:\Program Files\WindowsApps\WavesAudio.MaxxAudioProforDell2019_2.0.54.0_x64__fh4rh281wavaa [2024-05-06] (Waves Audio)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.LKG_cw5n1h2txyewy [2024-05-23] (Microsoft Windows)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{00E36C5D-CFBD-364F-AA9E-CB902CB407BD}\InprocServer32 -> C:/Program Files/SecuriSync/OutlookPlugin/Sync.Desktop.Windows.OutlookPlugin.Connector.DLL => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{04271989-C4D2-EAFE-AD03-E6EC7AE4ABC1} -> [OneDrive - Lovelace Engineering] => C:\Users\mary\OneDrive - Lovelace Engineering [2022-05-20 10:05]
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{05EC5C13-D255-4592-9CCB-98615172F0D6}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{0ADF9C35-0D5E-4B75-88DD-B64868907E17}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{123FAF7F-3FB1-4B8F-AD18-0047401D436A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\mary\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.24054.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{1B3210AF-E236-46D4-83EF-6421F2FF543C}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBDTVIEW.OCx => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{1D8CB3CA-2453-3D6F-88F8-82C76023EE2C}\InprocServer32 -> C:/Program Files/SecuriSync/OfficePlugin/Sync.Desktop.Windows.OfficePlugin.Connector.DLL => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{1E78DD72-771E-42BF-8B4B-363CEB18E07B}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBDTVIEW.OCx => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{22664BE2-0806-4BA4-8643-DE40C9149176}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\BbfDepCalc.ocx => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{2A9EBDB5-0600-4E8C-B910-4001BEB2DD8C}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\BbfDepCalc.ocx => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{349D777D-F7A2-4AAE-967F-A54F05A7FF3B}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBFinder.dll => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{37A2FC00-1795-4679-94A3-A153F1A8BB54}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{37A2FC02-1795-4679-94A3-A153F1A8BB54}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{38F58721-5F93-11D5-9F94-0008C7AA5BD9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\COMObjectFactory.dll => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{38F58742-5F93-11D5-9F94-0008C7AA5BD9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\ViewSrcColumns.dll => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{38F58743-5F93-11D5-9F94-0008C7AA5BD9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\ViewSrcColumns.dll => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{38F58744-5F93-11D5-9F94-0008C7AA5BD9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\ViewSrcColumns.dll => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{3b9ec29f-6c5c-4076-9747-06c742b30185}\localserver32 -> C:\Users\mary\AppData\Local\Programs\Intermedia Unite\OfficeIntegrationServer\UniteOfficeIntegration.exe (SystemServer -> )
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{40d89b2c-0ffe-4d59-a2db-031a0033d713}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2024\QBW.EXE (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{4716D3CE-55DB-4D2A-818C-87D912895890}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{4844F3F7-2161-4AC4-B219-B3B4311782AA}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{4E5E74B5-8EB5-4859-A335-837EED412620}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{518711FA-3D8A-3A0E-BCB6-3A393B688C61}\InprocServer32 -> C:/Program Files/SecuriSync/OfficePlugin/Sync.Desktop.Windows.OfficePlugin.Connector.DLL => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{5249684A-D7A2-4DBE-94F4-B90923A7BC64}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\BbfDepCalc.ocx => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{547C8F00-5567-4AE3-8BB0-CC3CE2AB9070}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{57D590F1-91EB-44CE-8088-AE4AE19D30A1}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{596801D8-2C9D-4627-9C67-195CB81B655A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{5C156F2F-01D6-4476-A126-0DA82D7A5FC5}\InprocServer32 -> C:\Program Files\SecuriSync\OfficePlugin\adxloader64.dll => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{61B76A32-6422-11D5-A590-0050DABD6B8C}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{61B76A34-6422-11D5-A590-0050DABD6B8C}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{63B5B272-1760-4A4F-922B-57F274900044}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{63DBFA59-747B-388B-9692-51A60A35BB0F}\InprocServer32 -> C:/Program Files/SecuriSync/OfficePlugin/Sync.Desktop.Windows.OfficePlugin.Connector.DLL => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{6829D1D7-7F8C-348B-9F9F-577E78B0300C}\InprocServer32 -> C:/Program Files/SecuriSync/OutlookPlugin/Sync.Desktop.Windows.OutlookPlugin.Connector.DLL => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{70478C56-E77F-4134-B3E3-3B18EE036D71}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBDTRatios.dll => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{7C3CD4C6-7B05-3B44-91B8-6CAA54A14685}\InprocServer32 -> C:/Program Files/SecuriSync/OfficePlugin/Sync.Desktop.Windows.OfficePlugin.Connector.DLL => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{7DBF8260-30AD-4D1B-876A-8032B87B809F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{828E5386-74CF-4019-B356-C857CD028A7D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{82CC31B3-53B4-4161-A4E9-6B4F1290A6C8}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{8572570D-12D9-4F2C-8BB8-EB8848178B94}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{8E28E7CD-6B27-3BEC-8EE5-B78FFCBE75EE}\InprocServer32 -> C:/Program Files/SecuriSync/OutlookPlugin/Sync.Desktop.Windows.OutlookPlugin.Connector.DLL => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{8E590317-1329-11D1-B70B-00805F29CD16}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2024\QBW.EXE (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{9D9B61F2-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{9D9B61F3-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{9D9B61F4-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{9D9B61F5-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{9D9B61F6-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{9D9B61F7-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{9FE79C69-86D8-3CE9-AD2C-48D91AEAA9A8}\InprocServer32 -> C:/Program Files/SecuriSync/OfficePlugin/Sync.Desktop.Windows.OfficePlugin.Connector.DLL => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{A14A674B-E0BE-48C1-BAB2-6ACBA33CA8CF}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\qfill.dll => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{A58C4EAB-2DB8-445E-9CAE-2AE197A5C708}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\BbfDepCalc.ocx => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{A63E42D0-9C63-47B5-ABF2-0C839EC20778}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{A63E42D2-9C63-47B5-ABF2-0C839EC20778}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{AC9B2B25-5613-33D2-8722-1848CFE9E54A}\InprocServer32 -> C:/Program Files/SecuriSync/OfficePlugin/Sync.Desktop.Windows.OfficePlugin.Connector.DLL => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{AF5E0A13-CEAB-47CE-991D-77E82CD1BF3F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{B10BFAC3-EFF1-40D9-ADA0-BEBE037C24CA}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{B66F2BF1-91EB-44CE-8088-AE4AE19D30A1}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{B69CEB95-E384-3916-96A9-5BADA3AD385A}\InprocServer32 -> C:/Program Files/SecuriSync/OfficePlugin/Sync.Desktop.Windows.OfficePlugin.Connector.DLL => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{BCD594EA-15C3-4FD8-B92B-114BB9694537}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBCtrIPMDS2.dll => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{C8353B7E-CA5F-3678-8838-2B32E9ED2BB6}\InprocServer32 -> C:/Program Files/SecuriSync/OfficePlugin/Sync.Desktop.Windows.OfficePlugin.Connector.DLL => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{CBEF1FB5-78FF-4B14-9B0F-275493FB589C}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{CE18240D-F3F8-43AE-9EA0-A0DC85A95375}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBDTRatios.dll => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{D14FD6B3-6A9F-4537-9460-07B836707127}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\mary\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{D4A12AAF-E15E-470B-A6B6-63032186F91F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{D9B9C060-0954-11D3-9E07-00104BD2BE34}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\ViewSource.dll (Intuit, Inc. -> Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{D9BC6F81-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc. -> Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{D9BC6F84-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc. -> Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{D9BC6F87-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc. -> Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{D9BC6FA1-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{D9BC6FA3-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{D9BC6FA5-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{D9BC6FA6-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{D9BC6FB2-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\StorageClasses.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{D9BC6FC1-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\ViewSrcColumns.dll => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{DCB2B478-EFF6-48F6-B718-13E98876854E}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{DFD0AF10-B86C-4AF3-B609-1348D513E565}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{E1A173E1-D957-4C3E-A098-43756A3DB454}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{E1A173E3-D957-4C3E-A098-43756A3DB454}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{E6E4DF8B-17CE-43ED-B2C7-2CE10457552D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\BbfDepCalc.ocx => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{E7D2D0F6-B754-438D-B5C9-BF848D311A0F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBDTRatios.dll => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{EADA914E-5B08-4E85-8440-5A087504DF87}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{EAEF733D-5B08-4E85-8440-5A087504DF87}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{F9EF917A-E55E-4242-B205-E778395AC313}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\BbfDepCalc.ocx => No File
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{FAC93D42-FFC2-11d1-9DEB-0008C7A08EBA}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2024\QBW.EXE (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{FB17915F-06D1-4214-A902-CC5EE05186E9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{FB359C2A-6927-4AD7-8F1B-B6472CA7CDE7}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit, Inc. -> Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-3979886858-3466003010-52152672-1116_Classes\CLSID\{FFFD2374-413A-429C-AFD2-AED332DFBEC7}\InprocServer32 -> C:\Program Files\SecuriSync\OutlookPlugin\adxloader64.dll => No File
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\91.0.2.0\drivefsext.dll [2024-05-28] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\91.0.2.0\drivefsext.dll [2024-05-28] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\91.0.2.0\drivefsext.dll [2024-05-28] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\91.0.2.0\drivefsext.dll [2024-05-28] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-06] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-06] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-06] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_357b728ba88fb99a\OptaneShellExt.dll [2022-12-18] (Intel Corporation -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-06] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2024-03-11] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\91.0.2.0\drivefsext.dll [2024-05-28] (Google LLC -> Google, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-05-02] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_357b728ba88fb99a\OptaneShellExt.dll [2022-12-18] (Intel Corporation -> )
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\91.0.2.0\drivefsext.dll [2024-05-28] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\91.0.2.0\drivefsext.dll [2024-05-28] (Google LLC -> Google, Inc.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-06] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2024-03-11] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-05-02] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\mary\Desktop\Google Drive.lnk -> C:\Program Files\Google\Drive File Stream\launch.bat ()
ShortcutWithArgument: C:\Users\mary\Desktop\MARY - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\mary\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\MARY - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) =============
2024-03-12 14:54 - 2024-03-12 14:54 - 001161728 _____ () [File not signed] [File is in use] C:\Program Files\Intuit\QuickBooks 2024\CefSharp.BrowserSubprocess.Core.dll
2024-03-12 14:54 - 2024-03-12 14:54 - 001805824 _____ () [File not signed] [File is in use] C:\Program Files\Intuit\QuickBooks 2024\CefSharp.Core.Runtime.dll
2024-04-29 16:05 - 2024-04-05 06:55 - 000167424 _____ () [File not signed] \\?\C:\Users\mary\AppData\Local\Programs\Intermedia Unite\resources\app.asar.unpacked\node_modules\@uc-tools\rust-native\index-x64.node
2024-04-29 16:05 - 2024-04-05 06:55 - 000108544 _____ () [File not signed] \\?\C:\Users\mary\AppData\Local\Programs\Intermedia Unite\resources\app.asar.unpacked\node_modules\windows-focus-assist\build\Release\focus-assist.node
2024-04-29 16:05 - 2024-04-05 06:55 - 000128000 _____ () [File not signed] \\?\C:\Users\mary\AppData\Local\Programs\Intermedia Unite\resources\app.asar.unpacked\node_modules\windows-native-registry\build\Release\native.node
2024-04-29 16:05 - 2024-04-05 06:55 - 000644608 _____ () [File not signed] \\?\C:\Users\mary\AppData\Local\Programs\Intermedia Unite\resources\app.asar.unpacked\node_modules\zeromq\build\Release\zeromq.node
2023-11-10 13:38 - 2023-11-10 13:38 - 000861184 _____ () [File not signed] C:\Program Files\Intuit\QuickBooks 2024\boost_regex-vc142-mt-x64-1_71.dll
2023-11-10 13:38 - 2023-11-10 13:38 - 000237056 _____ () [File not signed] C:\Program Files\Intuit\QuickBooks 2024\boost_serialization-vc142-mt-x64-1_71.dll
2024-04-29 16:05 - 2024-04-05 06:55 - 002881536 _____ () [File not signed] C:\Users\mary\AppData\Local\Programs\Intermedia Unite\ffmpeg.dll
2024-04-29 16:05 - 2024-04-05 06:55 - 000480768 _____ () [File not signed] C:\Users\mary\AppData\Local\Programs\Intermedia Unite\libegl.dll
2024-04-29 16:05 - 2024-04-05 06:55 - 007493120 _____ () [File not signed] C:\Users\mary\AppData\Local\Programs\Intermedia Unite\libglesv2.dll
2024-04-29 16:05 - 2024-04-05 06:55 - 005126656 _____ () [File not signed] C:\Users\mary\AppData\Local\Programs\Intermedia Unite\vk_swiftshader.dll
2023-11-10 13:43 - 2023-11-10 13:43 - 005182464 _____ (Intuit Inc.) [File not signed] C:\WINDOWS\SYSTEM32\InetClnt.dll
2022-08-26 02:12 - 2022-08-26 02:12 - 000944128 _____ (Intuit, Inc.) [File not signed] C:\Program Files\Common Files\Intuit\Entitlement Client\v8\Client\EntitlementClientBootstrap.dll
2020-10-19 13:51 - 2020-10-19 13:51 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Client\AppVIsvSubsystems64.dll
2020-10-19 13:51 - 2020-10-19 13:51 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2020-10-19 13:51 - 2020-10-19 13:51 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2020-10-19 13:51 - 2020-10-19 13:51 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\c2r64.dll
2024-04-05 11:31 - 2024-05-29 08:52 - 001035264 _____ (SAP SE or an SAP affiliate company) [File not signed] C:\Users\mary\AppData\Local\Temp\{16AA8FB8-4A98-4757-B7A5-0FF22C0A6E33}_1704.x64_1\dbdata17.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
SearchScopes: HKU\S-1-5-21-3979886858-3466003010-52152672-1116 -> DefaultScope {0B02DCA9-42FF-4168-BC67-986B2BDAD78B} URL =
SearchScopes: HKU\S-1-5-21-3979886858-3466003010-52152672-1116 -> {0B02DCA9-42FF-4168-BC67-986B2BDAD78B} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-05-11] (Adobe Inc. -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-05-11] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-05-11] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-05-11] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-05-11] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-05-11] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3979886858-3466003010-52152672-1116 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-05-11] (Adobe Inc. -> Adobe Systems Incorporated)
Handler: intu-help-qb17 - {2E3EE4ED-2928-4123-9975-20206B8E4B1C} - C:\Program Files\Intuit\QuickBooks 2024\HelpAsyncPluggableProtocol.dll [2024-03-12] (Intuit, Inc. -> Intuit, Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-04-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-04-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-04-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-04-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-04-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-04-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-04-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-04-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\SysWOW64\mscoree.dll [2022-05-06] (Microsoft Windows -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3979886858-3466003010-52152672-1116\...\sharepoint.com -> hxxps://lovelaceeng-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 02:14 - 2019-12-07 02:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3979886858-3466003010-52152672-1116\Control Panel\Desktop\\Wallpaper -> C:\Users\mary\Desktop\Mary's Documents\A Personal Place\pngtree-purple-watercolor-sumi-vintage-floral-border-background-picture-image_1219230.jpg
HKU\S-1-5-21-3979886858-3466003010-52152672-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Dell\Win LTBLUE 1920x1200.jpg
HKU\S-1-5-21-4211803538-2084879006-1980355138-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Dell\Win LTBLUE 1920x1200.jpg
HKU\S-1-5-21-4211803538-2084879006-1980355138-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-4211803538-2084879006-1980355138-1003\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.254.2 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "Vista Fax Daemon.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Intuit Data Protect.lnk"
HKLM\...\StartupApproved\StartupFolder: => "QuickBooks_Standard_21.lnk"
HKLM\...\StartupApproved\StartupFolder: => "QuickBooks Update Agent.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Classic Start Menu"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run: => "WavesSvc"
HKLM\...\StartupApproved\Run: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerLocalAppData"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerProgramData"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKU\S-1-5-21-3979886858-3466003010-52152672-1116\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-3979886858-3466003010-52152672-1116\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3979886858-3466003010-52152672-1116\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_D93AF75D227E4510AE1D42E181D1834B"
HKU\S-1-5-21-3979886858-3466003010-52152672-1116\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-3979886858-3466003010-52152672-1116\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-3979886858-3466003010-52152672-1116\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3979886858-3466003010-52152672-1116\...\StartupApproved\Run: => "CCleanerBrowserAutoLaunch_012365C4288EC115F2F0C751243D3576"
HKU\S-1-5-21-3979886858-3466003010-52152672-1116\...\StartupApproved\Run: => "GoogleDriveFS"
HKU\S-1-5-21-3979886858-3466003010-52152672-1116\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_809B74D231354AD3DE6C5DCCAC791EFC"
HKU\S-1-5-21-3979886858-3466003010-52152672-1116\...\StartupApproved\Run: => "Intermedia Unite"
HKU\S-1-5-21-3979886858-3466003010-52152672-500\...\StartupApproved\Run: => "GoogleDriveFS"
HKU\S-1-5-21-4211803538-2084879006-1980355138-1001\...\StartupApproved\Run: => "GoogleDriveFS"
HKU\S-1-5-21-4211803538-2084879006-1980355138-1002\...\StartupApproved\Run: => "GoogleDriveFS"
HKU\S-1-5-21-4211803538-2084879006-1980355138-1003\...\StartupApproved\Run: => "GoogleDriveFS"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{4BF91C18-2520-4DCC-9322-95AF9E980E6F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{A7F69B2C-3771-4CA8-B6EE-DB5DA538AD71}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{10D8E29A-89C3-4EC1-ADD7-AA111DA9DD4D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{2BB9C59F-4152-4ECC-8EAD-D886143A0FDE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{D6FA5B1E-E987-4F83-B3A9-51A958CE4E7A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{475E7ACF-50A8-4143-8F0B-0DB9104B0779}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{303F70AA-CF3E-4DF2-86DC-267E8F29A0AD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{7378FA67-CD78-4E07-B99A-1D08AC08263B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{66ABF64F-920A-4C8E-A3EA-03915C95FA89}] => (Allow) C:\QuickBooks Premier Edition 2021\CefSharp.BrowserSubprocess.exe => No File
FirewallRules: [{7FDD70FF-322C-4019-AD55-B1EED0ACAAD4}] => (Allow) C:\QuickBooks Premier Edition 2021\CefSharp.BrowserSubprocess.exe => No File
FirewallRules: [{27AD9E22-FF8C-44BD-8728-C1DD7222D8E3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{13D51DC1-D17F-4011-8310-AABAFC27EF8E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{23A4C02A-ECF3-440F-BEBC-2F8756BD477B}C:\users\mary\appdata\local\programs\sipalgelectron\sip alg detector.exe] => (Allow) C:\users\mary\appdata\local\programs\sipalgelectron\sip alg detector.exe (Systemserver -> SIP ALG Detector)
FirewallRules: [UDP Query User{939C0A7D-9676-47BB-9C9E-DAB9DD8DA23D}C:\users\mary\appdata\local\programs\sipalgelectron\sip alg detector.exe] => (Allow) C:\users\mary\appdata\local\programs\sipalgelectron\sip alg detector.exe (Systemserver -> SIP ALG Detector)
FirewallRules: [TCP Query User{2BDC60BE-07A0-404D-A80C-51A87CA82628}C:\program files\tftpd64\tftpd64.exe] => (Allow) C:\program files\tftpd64\tftpd64.exe (Ph. Jounin) [File not signed]
FirewallRules: [UDP Query User{1AC858BA-6167-45BE-9B3A-469370FC3611}C:\program files\tftpd64\tftpd64.exe] => (Allow) C:\program files\tftpd64\tftpd64.exe (Ph. Jounin) [File not signed]
FirewallRules: [TCP Query User{C4571315-31CF-49E7-8A3B-869A0073352B}C:\users\mary\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\mary\appdata\roaming\zoom\bin\zoom.exe => No File
FirewallRules: [UDP Query User{4ABD339F-CD23-46CC-8BE9-CA0824E2C381}C:\users\mary\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\mary\appdata\roaming\zoom\bin\zoom.exe => No File
FirewallRules: [{544D392B-2809-4210-AF06-DFFCE5D63A81}] => (Allow) C:\QuickBooks Premier Edition 2021\qbw32.exe => No File
FirewallRules: [{879C848B-4E20-44FE-A25D-4B062D5DE33F}] => (Allow) C:\QuickBooks Premier Edition 2021\qbw32.exe => No File
FirewallRules: [{FA6920D5-03D6-4664-ACED-CC15D7CA2141}] => (Allow) C:\QuickBooks Premier Edition 2021\dbmanagerexe.exe => No File
FirewallRules: [{01A2881C-F194-4566-A9B1-D484B4F8EA3E}] => (Allow) C:\QuickBooks Premier Edition 2021\dbmanagerexe.exe => No File
FirewallRules: [{900EFBBC-B2A3-4B6D-963B-A342A7EE9D12}] => (Allow) C:\QuickBooks Premier Edition 2021\filemanagement.exe => No File
FirewallRules: [{CE5D6B2E-8F08-4229-9DBB-D4CA214724CB}] => (Allow) C:\QuickBooks Premier Edition 2021\filemanagement.exe => No File
FirewallRules: [{3A6051C1-3359-42BA-826A-496D19A8AA9F}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe => No File
FirewallRules: [{BFBD91C1-5850-4E7A-8F90-E62B87794B7A}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe => No File
FirewallRules: [{03D14DBD-5B05-4BE5-8E3B-DE22D266A079}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\qblaunch.exe => No File
FirewallRules: [{0F76E667-E7A7-4B9D-B4A1-8B2085536767}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\qblaunch.exe => No File
FirewallRules: [{595FDFB8-7D20-4CCA-9D2C-556C6755AA58}] => (Allow) C:\QuickBooks Premier Edition 2021\CefSharp.BrowserSubprocess.exe => No File
FirewallRules: [{8AE0B644-8A57-4246-8242-4F3C03C6AE74}] => (Allow) C:\QuickBooks Premier Edition 2021\CefSharp.BrowserSubprocess.exe => No File
FirewallRules: [{7BACCFD8-F482-475F-9B25-A379030CA7C4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{70CE0B78-3434-487E-9CAC-C9181E996F16}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{AA5F61BF-2116-4222-9948-97DC8DBA489F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{ECB5C45E-7A7B-480B-86C1-EE6306CEC6FA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{548D2CA8-FDD6-45F2-8B16-B67C406EBC14}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{C523FB76-63BA-4B52-9FD9-9B923B5334DC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{63A219B7-4578-487F-8338-C1BDF4686F47}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{E95BA31B-5A21-44DB-B736-252E8E31BF1B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{986FCA53-6ACC-4EB8-B86D-EF448AD46564}] => (Allow) C:\QuickBooks Premier Edition 2021\CefSharp.BrowserSubprocess.exe => No File
FirewallRules: [{3D44382D-2164-4DD4-97DC-38C19EC85F8E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{449104D8-A378-410C-8F54-CD8BFEB3F3CB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{E9BF53D3-5294-404E-8F4E-2938DA9EA929}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{1DCA646B-88BC-4E03-973C-8AE9E6E1F9D7}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{5CCC4114-BA4E-4B19-8A62-49BF3782176B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{294C8B69-4141-4DCA-973F-D7B40C03E3EF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{F0211EEC-9C9A-4A6D-BA4F-4B1D7D7F80BD}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{15EE2531-08D7-443E-BF0A-B972F57EE129}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [TCP Query User{392CBC4C-FA61-44A5-9FF5-96E1BB38C56F}C:\users\mary\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mary\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{71EE2DD7-6B52-4A80-81A4-6231619270A2}C:\users\mary\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mary\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{0534412A-5128-4A64-8CA2-ADC18EC8A61D}C:\users\mary\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mary\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{7E321C81-98BD-448F-BC33-40287285218B}C:\users\mary\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mary\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{30013816-28EF-4D01-880D-CB32E15DBA64}C:\users\mary\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mary\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{16173167-A240-48B5-8E23-0F132BB2A9C9}C:\users\mary\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\mary\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{020225B8-79B0-4564-8BC3-D53ED177FB06}] => (Allow) C:\QuickBooks Premier Edition 2021\CefSharp.BrowserSubprocess.exe => No File
FirewallRules: [{CC595575-5A32-4D9C-8BDF-553C11965984}] => (Allow) C:\QuickBooks Premier Edition 2021\CefSharp.BrowserSubprocess.exe => No File
FirewallRules: [{9B0508CF-A24E-4979-A89B-BA3005A7504F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8F947C6E-1EC8-4E3A-9717-302BF98C127F}] => (Allow) C:\QuickBooks Premier Edition 2021\CefSharp.BrowserSubprocess.exe => No File
FirewallRules: [{A44A462E-DFA0-46DA-8BB1-F9E75565BB39}] => (Allow) C:\QuickBooks Premier Edition 2021\CefSharp.BrowserSubprocess.exe => No File
FirewallRules: [{EDA4FD33-1C75-43CB-92A0-68A7FD670C58}] => (Allow) C:\QuickBooks Premier Edition 2021\CefSharp.BrowserSubprocess.exe => No File
FirewallRules: [{FE68E06C-0886-452D-A6BA-A8A2816B577B}] => (Allow) C:\Program Files\WindowsApps\MSTeams_23306.3314.2555.9628_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{61295796-E3D8-479A-9F1F-8F933877D75D}] => (Allow) C:\Program Files\WindowsApps\MSTeams_23306.3314.2555.9628_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1A6D0A6D-1D2C-4899-A81E-B9CCE5E271FB}] => (Allow) C:\QuickBooks Premier Edition 2021\qbdbmgrn.exe => No File
FirewallRules: [{3F79E0D3-72E1-43B2-A402-2E0AA0021859}] => (Allow) C:\QuickBooks Premier Edition 2021\qbdbmgrn.exe => No File
FirewallRules: [{C143A4ED-E934-4D79-AFDA-F78559D5F2C0}] => (Allow) C:\Program Files\Intuit\QuickBooks 2024\QBDBMgrN.exe (Intuit, Inc. -> SAP SE or an SAP affiliate company)
FirewallRules: [{2FE64E85-22E1-43F2-8893-152382B7C6C4}] => (Allow) C:\Program Files\Intuit\QuickBooks 2024\QBDBMgrN.exe (Intuit, Inc. -> SAP SE or an SAP affiliate company)
FirewallRules: [{0891A67F-5E8E-4091-BA81-27F9ECC4DB61}] => (Allow) C:\Program Files\Intuit\QuickBooks 2024\CefSharp.BrowserSubprocess.exe (The CefSharp Authors) [File not signed]
FirewallRules: [{47E09A44-0D99-41E2-B57E-A62F2EE801AB}] => (Allow) C:\Program Files\Intuit\QuickBooks 2024\CefSharp.BrowserSubprocess.exe (The CefSharp Authors) [File not signed]
FirewallRules: [{CC73527C-BB9D-4330-8FA1-087F09CE4650}] => (Allow) C:\Program Files\Intuit\QuickBooks 2024\CefSharp.BrowserSubprocess.exe (The CefSharp Authors) [File not signed]
FirewallRules: [{3A358ACA-CBBE-431A-A5A8-0EA09E1C192B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BFE68FD8-C196-447C-B94D-DFC41F39C04B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2AD3C678-850E-4CEB-94B4-9CC0E4276D49}] => (Allow) C:\Program Files\Intuit\QuickBooks 2024\CefSharp.BrowserSubprocess.exe (The CefSharp Authors) [File not signed]
FirewallRules: [{701D2F65-16DB-48BC-BC6A-49ED5A6BABBC}] => (Allow) C:\Program Files\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{1E9ACA3D-F85A-48A0-8FA8-B996CD213A50}] => (Allow) C:\Program Files\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{C8267A20-C9B7-4C6A-8A66-8A7ED47FCABF}] => (Allow) C:\Program Files\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{58522210-CAD9-4C94-994E-BB7B82060B4D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{C8505301-CD47-4D9E-8996-7EB3C11DEB09}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{01D6D90D-01D1-4929-BCCF-B072D70BB3F8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{C62A2456-3906-4810-8402-42EB10F17F46}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{0995DB68-116A-4852-A8CF-6AFDF3B0B2F4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{EC228DE4-697F-4E16-8FF7-FC36C26D7BD2}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{056F9AAA-8814-47C8-970B-BF150DE17FC3}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{2BB6D4FF-EE14-4115-AD3B-559B7B7F165B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{D7ED7AC2-CB90-4395-9D25-5266A07239B3}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.97\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{82432110-33BC-49C2-B736-34FA204FA05A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.119.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B5D74BBA-E1FA-4B74-8377-3D4B80394E8A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.119.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B5E42A8A-7E74-42A2-8D03-1A5D1CA8E811}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.119.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7CD11D10-FA44-4BDE-A37E-CB05E3F79504}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.119.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4769BACF-9103-41EB-8F66-DE860A3D5FDE}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24102.2310.2875.4487_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{85EA1881-FD29-44A1-B186-3C96E593343C}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24102.2310.2875.4487_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E0BEEF04-4BB2-4F8B-8E40-F74A71B02C48}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
FirewallRules: [{03B834FE-8DC3-4B14-886E-94442D8B6FAF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.238.720.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EB2F3BBC-F906-4CD6-B900-5BB3A8BBB314}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.238.720.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C91935BA-872E-4236-BE49-CC924798718D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.238.720.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{275203DA-DE1B-454B-B5C2-699FE2394B9F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.238.720.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{70DB954E-7838-495C-B721-E63307C223CF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.238.720.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8C2B601C-F46F-439B-8107-CB84A66F89D6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.238.720.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{FE217B51-4AAA-46D5-808E-C73593CDE9F3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.238.720.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{712D8989-CCBF-4A6F-B79C-E6B015E3D4E2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.238.720.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D758C594-FBAD-41EB-9C4B-A5272716D9AB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.238.720.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{473612FD-6E81-433B-B569-3E760F9ADBD4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.238.720.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F90199B6-B5C6-450D-A1A5-74EFCEC4B9CC}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F1CFC8A1-A431-4CC0-B304-8D33D9F72D46}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
01-06-2024 17:44:39 Windows Update
01-06-2024 17:44:39 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (05/31/2024 04:07:14 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Premier Plus Edition 2024":
WPR: calling ABORT_CLOSE
Error: (05/31/2024 01:24:47 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Premier Plus Edition 2024":
WPR: AddPrinter failed - failed to add XPS printer driver lasterror=1802OS =10.0 Printdriver name :Microsoft XPS Document Writer
Error: (05/31/2024 01:02:38 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Premier Plus Edition 2024":
WPR: AddPrinter failed - failed to add XPS printer driver lasterror=1802OS =10.0 Printdriver name :Microsoft XPS Document Writer
Error: (05/31/2024 01:01:22 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Premier Plus Edition 2024":
WPR: AddPrinter failed - failed to add XPS printer driver lasterror=1802OS =10.0 Printdriver name :Microsoft XPS Document Writer
Error: (05/31/2024 01:01:22 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Premier Plus Edition 2024":
WPR: calling ABORT_CLOSE
Error: (05/31/2024 12:14:45 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Premier Plus Edition 2024":
WPR: AddPrinter failed - failed to add XPS printer driver lasterror=1802OS =10.0 Printdriver name :Microsoft XPS Document Writer
Error: (05/31/2024 12:14:12 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Premier Plus Edition 2024":
WPR: calling ABORT_CLOSE
Error: (05/31/2024 12:11:20 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Premier Plus Edition 2024":
Data error in MasterType::CommonRead. Could not lookup view for master recnum 2147483647. Error code -6020
System errors:
=============
Error: (06/02/2024 02:19:24 PM) (Source: DCOM) (EventID: 10010) (User: LOVELACE)
Description: The server {85DE1C45-2C66-101B-B02E-04021C009402} did not register with DCOM within the required timeout.
Error: (05/31/2024 04:11:28 PM) (Source: DCOM) (EventID: 10010) (User: LOVELACE)
Description: The server {85DE1C45-2C66-101B-B02E-04021C009402} did not register with DCOM within the required timeout.
Error: (05/31/2024 01:32:01 PM) (Source: DCOM) (EventID: 10010) (User: LOVELACE)
Description: The server {85DE1C45-2C66-101B-B02E-04021C009402} did not register with DCOM within the required timeout.
Error: (05/30/2024 03:06:58 PM) (Source: DCOM) (EventID: 10010) (User: LOVELACE)
Description: The server {85DE1C45-2C66-101B-B02E-04021C009402} did not register with DCOM within the required timeout.
Error: (05/30/2024 10:17:17 AM) (Source: DCOM) (EventID: 10010) (User: LOVELACE)
Description: The server {85DE1C45-2C66-101B-B02E-04021C009402} did not register with DCOM within the required timeout.
Error: (05/29/2024 04:38:13 PM) (Source: DCOM) (EventID: 10010) (User: LOVELACE)
Description: The server {85DE1C45-2C66-101B-B02E-04021C009402} did not register with DCOM within the required timeout.
Error: (05/29/2024 04:21:23 PM) (Source: DCOM) (EventID: 10010) (User: LOVELACE)
Description: The server {85DE1C45-2C66-101B-B02E-04021C009402} did not register with DCOM within the required timeout.
Error: (05/29/2024 03:34:02 PM) (Source: DCOM) (EventID: 10010) (User: LOVELACE)
Description: The server {85DE1C45-2C66-101B-B02E-04021C009402} did not register with DCOM within the required timeout.
Windows Defender:
================
Date: 2024-06-01 19:31:25
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-05-31 18:29:20
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-05-30 19:31:22
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-05-29 19:31:22
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-05-28 13:46:07
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]
Date: 2024-03-06 17:01:00
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence and will attempt to revert to a previous version.
Security intelligence Attempted: Backup
Error Code: 0x80004004
Error description: Operation aborted
Security intelligence Version: 1.405.1133.0;1.405.1133.0
Engine Version: 1.1.24020.9
Date: 2024-03-06 17:00:54
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence and will attempt to revert to a previous version.
Security intelligence Attempted: Current
Error Code: 0x80004004
Error description: Operation aborted
Security intelligence Version: 1.405.1152.0;1.405.1152.0
Engine Version: 1.1.24020.9
Date: 2023-11-23 08:25:32
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.401.1056.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.23100.2009
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2023-11-17 08:23:38
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.401.751.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.23100.2009
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2023-09-27 23:15:24
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.397.1675.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.23090.2007
Error code: 0x80070102
Error description: The wait operation timed out.
CodeIntegrity:
===============
Date: 2024-05-31 07:31:37
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.
Date: 2024-05-31 06:54:08
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. 1.7.0 10/19/2020
Motherboard: Dell Inc. 0YNVJG
Processor: Intel® Core™ i5-9500 CPU @ 3.00GHz
Percentage of memory in use: 89%
Total physical RAM: 7973.94 MB
Available physical RAM: 799.12 MB
Total Virtual: 16858.49 MB
Available Virtual: 2293.04 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:464.51 GB) (Free:288.65 GB) (Model: WDC WD5000AZLX-75K2TA1) NTFS
\\?\Volume{fb6d99f7-c7bc-4faf-8c1c-c6b18da8f512}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.08 GB) NTFS
\\?\Volume{598a17b2-40ab-4273-9653-5160b0e748b0}\ (ESP) (Fixed) (Total:0.14 GB) (Free:0.09 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: AB689CA2)
Partition: GPT.
==================== End of Addition.txt =======================
Sign In
Create Account
