[RESOLVED] Long loading time
Results 1 to 7 of 7

Thread: [RESOLVED] Long loading time

  1. #1
    Join Date
    Jan 2003
    Location
    Idaho
    Posts
    631

    Resolved [RESOLVED] Long loading time

    I think I need some help. Web pages take a really long time to load. If I go to my laptop, they load fast. So can I get a checkup?

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-02-2020 02
    Ran by Rod (administrator) on DESKTOP-C18C8T4 (04-02-2020 19:53:30)
    Running from C:\Users\Rod\Desktop
    Loaded Profiles: Rod (Available Profiles: defaultuser0 & Rod)
    Platform: Windows 10 Pro Version 1909 18363.592 (X64) Language: English (United States)
    Default browser: Chrome
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
    (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
    (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
    (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
    (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
    (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.30\aaHMSvc.exe
    (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe
    (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\DiscoverySrv.exe
    (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
    (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
    (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
    (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
    (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
    (Glarysoft LTD -> Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
    (GuinpinSoft inc) [File not signed] C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.0.0_x64.exe
    (Intel(R) Network Platform Group -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
    (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
    (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
    (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
    (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\userinit.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.590_none_5efc551459114cb9\TiWorker.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

    ==================== Registry (Whitelisted) ===================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
    HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [824240 2019-11-18] (Acronis International GmbH -> Acronis International GmbH)
    HKLM-x32\...\Run: [ToolboxFX] => C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe [58936 2010-10-25] (Hewlett-Packard Company -> Hewlett-Packard Company)
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard Company -> Hewlett-Packard)
    HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5048456 2019-11-19] (Acronis International GmbH -> )
    HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe [441448 2019-11-18] (Acronis International GmbH -> Acronis International GmbH)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
    HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
    HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
    HKU\S-1-5-21-1939575683-919345172-1765011989-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44024 2020-01-18] (Glarysoft LTD -> Glarysoft Ltd)
    HKU\S-1-5-21-1939575683-919345172-1765011989-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4164464 2020-01-21] (Tonec Inc. -> Tonec Inc.)
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-19] (Google LLC -> Google LLC)
    BootExecute: autocheck autochk *
    GroupPolicy: Restriction ? <==== ATTENTION
    GroupPolicy\User: Restriction ? <==== ATTENTION
    FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

    ==================== Scheduled Tasks (Whitelisted) ============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {0555CDE5-6A12-4EC4-A4D7-EA9F287DD841} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24629104 2020-01-08] (Microsoft Corporation -> Microsoft Corporation)
    Task: {1FFD9CB3-D746-44D5-9422-054DD8DC0223} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-21] (Google Inc -> Google Inc.)
    Task: {2044AA26-F576-4909-AED1-220503C0C67D} - System32\Tasks\SS3Svc32Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3Svc32.exe
    Task: {22688B90-50E8-4782-B33F-2E0DD1A8E523} - \BlueStacksHelper -> No File <==== ATTENTION
    Task: {5B8A9B38-D05D-452C-B8FB-76DA04F1ED10} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [525120 2019-12-13] (Bitdefender SRL -> Bitdefender)
    Task: {60F52B66-EE95-40B7-93AC-E80EC69506E0} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_270_pepper.exe [1453112 2019-10-12] (Adobe Inc. -> Adobe)
    Task: {6A9EC3E1-0A0F-4FB3-941C-7C0E37A6D3B4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115032 2020-01-30] (Microsoft Corporation -> Microsoft Corporation)
    Task: {7027B44F-BEE7-41E6-A18C-F407389B8699} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-21] (Google Inc -> Google Inc.)
    Task: {858002BD-EE77-4194-A9F3-44A17C4CBEEF} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [42808 2010-09-22] (Hewlett-Packard Company -> Hewlett Packard)
    Task: {87158144-0375-49CB-ABEA-294050461A25} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [488760 2019-07-15] (Bitdefender SRL -> Bitdefender)
    Task: {8C539F3F-F34B-4F82-BA79-458C5A4F43DC} - System32\Tasks\SS3Svc64Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3Svc64.exe
    Task: {971C911C-E958-4DF0-B228-DD0E4FB3DD97} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
    Task: {9CA54710-6BF1-434D-9197-95238D36C7E2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1376144 2020-01-30] (Microsoft Corporation -> Microsoft Corporation)
    Task: {A2AB23B6-F2C8-43A0-BA33-41BE5439BD1C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1376144 2020-01-30] (Microsoft Corporation -> Microsoft Corporation)
    Task: {A5DDA643-2B94-44A0-B655-83ACE8DC81FA} - \CMPCUAC -> No File <==== ATTENTION
    Task: {BE8B2863-CDC6-43C2-994E-0A0273A47687} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-10-12] (Adobe Inc. -> Adobe)
    Task: {CEA56064-0167-4F3A-981F-E8B5FBA0545B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115032 2020-01-30] (Microsoft Corporation -> Microsoft Corporation)
    Task: {DFB494B8-09A6-4C68-A65D-B54E98F4B7BB} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1551520 2015-05-14] (ASUSTeK Computer Inc. -> ) [File not signed]
    Task: {EB5A25CD-A29F-4674-A01C-07B73AB54D31} - System32\Tasks\{A732E346-CAA9-4EF6-9322-597385A48AEC} => C:\Windows\system32\pcalua.exe -a H:\SETUP.EXE -d H:\
    Task: {F0244DA2-17C7-4D0A-B426-C36A003F4712} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [136696 2020-01-18] (Glarysoft LTD -> Glarysoft Ltd)
    Task: {F35ADAAC-EB0D-41FF-8475-FED824DC3FAE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24629104 2020-01-08] (Microsoft Corporation -> Microsoft Corporation)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 24.116.0.53 24.116.2.50
    Tcpip\..\Interfaces\{3d884dbe-254c-48ae-b41a-8f9d16b53f70}: [DhcpNameServer] 24.116.0.53 24.116.2.50

    Internet Explorer:
    ==================
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\S-1-5-21-1939575683-919345172-1765011989-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES000&pc=UE00
    SearchScopes: HKU\S-1-5-21-1939575683-919345172-1765011989-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
    SearchScopes: HKU\S-1-5-21-1939575683-919345172-1765011989-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
    BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2020-01-20] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
    BHO: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\bdtbie.dll [2019-12-13] (Bitdefender SRL -> Bitdefender)
    BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2019-12-13] (Bitdefender SRL -> Bitdefender)
    BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-10] (Microsoft Corporation -> Microsoft Corporation)
    BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
    BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
    BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2020-01-20] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
    BHO-x32: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll [2019-12-13] (Bitdefender SRL -> Bitdefender)
    BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2019-12-13] (Bitdefender SRL -> Bitdefender)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll [2020-01-17] (Oracle America, Inc. -> Oracle Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-01-17] (Oracle America, Inc. -> Oracle Corporation)
    Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2019-12-13] (Bitdefender SRL -> Bitdefender)
    Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2019-12-13] (Bitdefender SRL -> Bitdefender)
    Toolbar: HKU\S-1-5-21-1939575683-919345172-1765011989-1001 -> No Name - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - No File
    Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2019-01-25] (Belarc, Inc. -> Belarc, Inc.)
    Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-10] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-10] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-10] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-10] (Microsoft Corporation -> Microsoft Corporation)

    FireFox:
    ========
    FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
    FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi [2019-12-13]
    FF HKLM\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
    FF Extension: (Bitdefender Anti-tracker) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi [2019-11-21]
    FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
    FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2019-07-16] [Legacy] [not signed]
    FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
    FF HKLM-x32\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
    FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
    FF HKU\S-1-5-21-1939575683-919345172-1765011989-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Rod\AppData\Roaming\IDM\idmmzcc5
    FF Extension: (IDM CC) - C:\Users\Rod\AppData\Roaming\IDM\idmmzcc5 [2018-06-27] [Legacy] [not signed]
    FF HKU\S-1-5-21-1939575683-919345172-1765011989-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
    FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
    FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
    FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
    FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
    FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
    FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
    FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
    FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
    FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-12-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-12-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-12-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-12-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-01-17] (Oracle America, Inc. -> Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-01-17] (Oracle America, Inc. -> Oracle Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-10] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
    FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]

    Chrome:
    =======
    CHR DefaultProfile: Default
    CHR Profile: C:\Users\Rod\AppData\Local\Google\Chrome\User Data\Default [2020-02-04]
    CHR Notifications: Default -> hxxps://www.facebook.com
    CHR HomePage: Default -> hxxp://www.msn.com/?OCID=AVRES000&pc=UE00
    CHR StartupUrls: Default -> "hxxp://www.msn.com/?OCID=AVRES000&pc=UE00"
    CHR Extension: (Google Drive) - C:\Users\Rod\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-21]
    CHR Extension: (YouTube) - C:\Users\Rod\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-21]
    CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Rod\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-22]
    CHR Extension: (Dragon Web Extension) - C:\Users\Rod\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddaloccgjfibfpkalenodgehlhkgoahe [2019-01-23]
    CHR Extension: (Volume Controller) - C:\Users\Rod\AppData\Local\Google\Chrome\User Data\Default\Extensions\dikemolgkkmhlgpgnmndjekbbckmgfmh [2019-11-14]
    CHR Extension: (AdBlock best ad blocker) - C:\Users\Rod\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-01-22]
    CHR Extension: (Bitdefender Anti-tracker) - C:\Users\Rod\AppData\Local\Google\Chrome\User Data\Default\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2019-11-14]
    CHR Extension: (Google Play) - C:\Users\Rod\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2018-09-02]
    CHR Extension: (IDM Integration Module) - C:\Users\Rod\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2020-01-14]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Rod\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
    CHR Extension: (Gmail) - C:\Users\Rod\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-15]
    CHR Extension: (Chrome Media Router) - C:\Users\Rod\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-10]
    CHR Profile: C:\Users\Rod\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-04-02]
    CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2020-01-21]
    CHR HKU\S-1-5-21-1939575683-919345172-1765011989-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
    CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl]
    CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]
    CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2020-01-21]

    ==================== Services (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [10316304 2019-11-18] (Acronis International GmbH -> )
    R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe [382424 2018-02-06] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
    R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.30\aaHMSvc.exe [975832 2017-01-24] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
    R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-23] (ASUSTeK Computer Inc. -> ) [File not signed]
    R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [803576 2019-12-13] (Bitdefender SRL -> Bitdefender)
    R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [803576 2019-12-13] (Bitdefender SRL -> Bitdefender)
    S2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2195320 2018-03-22] (Bitdefender SRL -> Bitdefender)
    R2 CdRomArbiterService; C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.0.0_x64.exe [8704 2019-06-23] (GuinpinSoft inc) [File not signed]
    R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11164232 2020-01-07] (Microsoft Corporation -> Microsoft Corporation)
    S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-25] (HP) [File not signed]
    R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6960640 2019-11-25] (Malwarebytes Inc -> Malwarebytes)
    R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2018-09-20] (Acronis International GmbH -> Acronis International GmbH)
    S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2018-09-20] (Acronis International GmbH -> Acronis International GmbH)
    S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1916824 2019-11-18] (Acronis International GmbH -> )
    R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
    R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
    R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1291888 2019-07-15] (Bitdefender SRL -> Bitdefender)
    S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-12] (Microsoft Windows Publisher -> Microsoft Corporation)
    S3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [7095824 2019-11-18] (Acronis International GmbH -> Acronis International GmbH)
    R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [151656 2019-12-13] (Bitdefender SRL -> Bitdefender)
    R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [803576 2019-12-13] (Bitdefender SRL -> Bitdefender)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-18] (Microsoft Corporation -> Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-18] (Microsoft Corporation -> Microsoft Corporation)
    S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [X]
    R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
    R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

    ===================== Drivers (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [45832 2019-10-01] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc)
    R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [33144 2017-10-16] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
    S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [95080 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
    R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [31592 2018-04-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
    R0 amdpsp; C:\WINDOWS\System32\drivers\amdpsp.sys [137496 2018-09-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
    R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-08] (ASUSTeK Computer Inc. -> )
    R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [1693368 2019-11-21] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA)
    R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [739264 2019-11-21] (Bitdefender SRL -> Bitdefender)
    S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22960 2019-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
    R0 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [46056 2019-06-21] (Bitdefender SRL -> Bitdefender SRL)
    R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [96448 2018-04-27] (Bitdefender SRL -> BitDefender)
    S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [36280 2019-05-28] (CHENGDU YIWO Tech Development Co., Ltd. -> )
    R0 EPMVolFl; C:\WINDOWS\System32\drivers\EPMVolFl.sys [30136 2019-04-12] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider)
    R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-02-01] (Malwarebytes Corporation -> Malwarebytes)
    R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [687768 2019-12-26] (Acronis International GmbH -> Acronis International GmbH)
    R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [390592 2019-12-26] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
    R0 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [564112 2019-11-21] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
    R1 GSVDRIVE; C:\WINDOWS\system32\DRIVERS\GSVDRIVE.sys [30816 2017-11-09] (Pepstyle International Limited -> GiliSoft International LLC.)
    R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [28936 2018-08-04] (Glarysoft LTD -> Glarysoft Ltd)
    R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [188384 2018-11-28] (Bitdefender SRL -> BitDefender LLC)
    S3 HPFXBULKLEDM; C:\WINDOWS\system32\drivers\hppdbulkio.sys [30752 2016-01-06] (Hewlett-Packard Company -> Hewlett Packard)
    R2 Ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [196392 2019-07-04] (Bitdefender SRL -> Bitdefender)
    R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-02-01] (Malwarebytes Inc -> Malwarebytes)
    S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-11-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
    R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [226448 2020-02-02] (Malwarebytes Inc -> Malwarebytes)
    R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2020-02-04] (Malwarebytes Corporation -> Malwarebytes)
    R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-02-04] (Malwarebytes Inc -> Malwarebytes)
    R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [119960 2020-02-02] (Malwarebytes Inc -> Malwarebytes)
    R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_77e6900053c33f6f\nvlddmkm.sys [23231744 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
    S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [36168 2019-04-25] (McAfee, Inc. -> The OpenVPN Project)
    S3 tbhsd; C:\WINDOWS\system32\drivers\tbhsd.sys [57648 2016-10-20] (Audials AG -> RapidSolution Software AG)
    S3 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [883256 2019-12-26] (Acronis International GmbH -> Acronis International GmbH)
    R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [171968 2019-12-26] (Acronis International GmbH -> Acronis International GmbH)
    S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [693768 2019-12-26] (Acronis International GmbH -> Acronis International GmbH)
    R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [610640 2019-01-14] (Bitdefender SRL -> Bitdefender)
    U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
    S3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [235832 2019-01-28] (Oracle Corporation -> Oracle Corporation)
    R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [330176 2019-12-26] (Acronis International GmbH -> Acronis International GmbH)
    R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [243472 2019-12-26] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
    S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
    S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
    S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
    U3 aswbdisk; no ImagePath
    S3 EuGdiDrv; \SystemRoot\system32\EuGdiDrv.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One month (created) ===================

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2020-02-04 19:53 - 2020-02-04 19:54 - 000033943 _____ C:\Users\Rod\Desktop\FRST.txt
    2020-02-04 19:33 - 2020-02-04 19:54 - 000000000 ____D C:\FRST
    2020-02-04 19:32 - 2020-02-04 19:32 - 009718621 _____ C:\Users\Rod\Downloads\Downloading Farbar Recovery Scan Tool.mp4
    2020-02-04 19:32 - 2020-02-04 19:32 - 002279424 _____ (Farbar) C:\Users\Rod\Desktop\FRST64.exe
    2020-02-04 06:15 - 2020-02-04 06:26 - 3923562505 _____ C:\Users\Rod\Downloads\dragonheart.vengeance.2020.1080p.bluray.x264-rovers.mkv
    2020-02-02 21:05 - 2020-02-02 21:05 - 000000000 ____D C:\Users\Rod\Documents\Outlook Files
    2020-02-02 20:46 - 2020-02-04 19:52 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
    2020-02-02 20:46 - 2020-02-04 19:52 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
    2020-02-02 20:46 - 2020-02-02 20:46 - 000226448 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
    2020-02-02 20:46 - 2020-02-02 20:46 - 000119960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
    2020-02-02 12:16 - 2020-02-02 12:16 - 067430707 _____ C:\Users\Rod\Downloads\Toto - Africa.mkv
    2020-02-01 13:17 - 2020-02-01 13:17 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
    2020-02-01 07:44 - 2020-02-01 07:44 - 001510372 _____ C:\Users\Rod\Downloads\39acef50-9f0e-4ec0-bbf4-489e97179939.pdf
    2020-01-31 19:37 - 2020-01-31 19:37 - 000042904 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
    2020-01-30 19:31 - 2020-01-30 19:31 - 000001181 _____ C:\Users\Rod\Desktop\Downloads - Shortcut.lnk
    2020-01-30 19:31 - 2020-01-30 19:31 - 000001179 _____ C:\Users\Rod\Downloads - Shortcut.lnk
    2020-01-22 19:03 - 2020-01-22 19:03 - 000000000 ___RD C:\Users\Rod\3D Objects
    2020-01-22 13:56 - 2020-01-22 14:01 - 000000000 ____D C:\Users\Rod\Documents\win10
    2020-01-22 13:54 - 2020-01-22 13:54 - 000000000 ___HD C:\$Windows.~WS
    2020-01-21 10:15 - 2018-12-20 01:05 - 000229296 _____ (Tonec Inc.) C:\WINDOWS\system32\Drivers\idmwfp.sys
    2020-01-19 19:55 - 2020-01-19 19:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
    2020-01-19 15:53 - 2020-01-19 15:53 - 000000000 ____D C:\Users\Rod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MakeMKV
    2020-01-19 15:53 - 2020-01-19 15:53 - 000000000 ____D C:\Program Files (x86)\MakeMKV
    2020-01-15 08:46 - 2020-01-15 08:46 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
    2020-01-15 08:46 - 2020-01-15 08:46 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2020-01-15 08:46 - 2020-01-15 08:46 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
    2020-01-15 08:46 - 2020-01-15 08:46 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2020-01-15 08:46 - 2020-01-15 08:46 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
    2020-01-15 08:46 - 2020-01-15 08:46 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
    2020-01-15 08:46 - 2020-01-15 08:46 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
    2020-01-15 08:46 - 2020-01-15 08:46 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
    2020-01-15 08:46 - 2020-01-15 08:46 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
    2020-01-15 08:46 - 2020-01-15 08:46 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
    2020-01-15 08:46 - 2020-01-15 08:46 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
    2020-01-15 08:46 - 2020-01-15 08:46 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
    2020-01-15 08:46 - 2020-01-15 08:46 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
    2020-01-15 08:45 - 2020-01-15 08:46 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2020-01-15 08:45 - 2020-01-15 08:45 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2020-01-15 08:45 - 2020-01-15 08:45 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
    2020-01-15 08:45 - 2020-01-15 08:45 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2020-01-15 08:45 - 2020-01-15 08:45 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
    2020-01-15 08:45 - 2020-01-15 08:45 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
    2020-01-15 08:45 - 2020-01-15 08:45 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
    2020-01-15 08:45 - 2020-01-15 08:45 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
    2020-01-15 08:45 - 2020-01-15 08:45 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
    2020-01-15 08:45 - 2020-01-15 08:45 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
    2020-01-15 08:45 - 2020-01-15 08:45 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
    2020-01-15 08:45 - 2020-01-15 08:45 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
    2020-01-15 08:45 - 2020-01-15 08:45 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
    2020-01-15 08:45 - 2020-01-15 08:45 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
    2020-01-15 08:45 - 2020-01-15 08:45 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
    2020-01-15 08:45 - 2020-01-15 08:45 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
    2020-01-15 08:45 - 2020-01-15 08:45 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tsusbhub.sys
    2020-01-15 08:45 - 2020-01-15 08:45 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll

  2. #2
    Join Date
    Jan 2003
    Location
    Idaho
    Posts
    631
    2020-01-15 08:45 - 2020-01-15 08:45 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
    2020-01-15 08:45 - 2020-01-15 08:45 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
    2020-01-15 08:45 - 2020-01-15 08:45 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
    2020-01-15 08:36 - 2019-12-09 22:15 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
    2020-01-15 08:36 - 2019-12-09 21:59 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
    2020-01-13 06:01 - 2020-01-13 06:01 - 000010382 _____ C:\Users\Rod\Desktop\Vaccines.xlsx
    2020-01-11 22:05 - 2020-01-11 22:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 13.8
    2020-01-11 22:05 - 2020-01-11 22:05 - 000000000 ____D C:\Program Files (x86)\EaseUS
    2020-01-11 22:05 - 2019-12-09 21:39 - 000169128 _____ C:\WINDOWS\system32\setupempdrvx64.exe
    2020-01-11 22:05 - 2019-12-09 21:37 - 005310120 _____ C:\WINDOWS\system32\BootMan.exe
    2020-01-11 22:05 - 2019-12-09 21:37 - 003596456 _____ C:\WINDOWS\SysWOW64\BootMan.exe
    2020-01-11 22:05 - 2019-12-09 21:37 - 000022184 _____ C:\WINDOWS\SysWOW64\EuEpmGdi.dll
    2020-01-11 22:05 - 2019-12-09 21:37 - 000018600 _____ C:\WINDOWS\system32\EuEpmGdi.dll
    2020-01-11 22:05 - 2019-05-28 15:23 - 000036280 _____ C:\WINDOWS\system32\epmntdrv.sys
    2020-01-11 22:05 - 2019-05-27 15:36 - 000000057 _____ C:\WINDOWS\system32\setupepmdrv.ini
    2020-01-11 22:05 - 2019-04-12 14:16 - 000030136 _____ (Windows (R) Codename Longhorn DDK provider) C:\WINDOWS\system32\EPMVolFl.sys
    2020-01-11 22:05 - 2019-04-12 14:16 - 000030136 _____ (Windows (R) Codename Longhorn DDK provider) C:\WINDOWS\system32\Drivers\EPMVolFl.sys
    2020-01-11 19:27 - 2020-01-11 19:27 - 000000000 ____D C:\Users\Rod\AppData\Roaming\QtProject
    2020-01-11 19:26 - 2020-01-11 19:33 - 000000000 ____D C:\Program Files\MiniTool Partition Wizard 11
    2020-01-11 19:26 - 2019-05-29 15:20 - 003600896 _____ C:\WINDOWS\system32\pwNative.exe
    2020-01-11 15:05 - 2020-01-11 19:14 - 000000000 ____D C:\Users\Rod\reports
    2020-01-10 19:46 - 2020-01-10 19:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ KillDisk Professional 11
    2020-01-10 19:46 - 2020-01-10 19:46 - 000000000 ____D C:\Program Files\LSoft Technologies
    2020-01-06 08:46 - 2020-01-11 19:14 - 000000000 ____D C:\Users\Rod\certificates
    2020-01-05 13:33 - 2020-01-05 13:33 - 000000519 _____ C:\Users\Rod\Desktop\INT 2 TB (F) - Shortcut.lnk

    ==================== One month (modified) ==================

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2020-02-04 19:55 - 2019-06-24 22:37 - 000004162 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{F213A65B-ABFE-42D8-A10F-D23CC87C7C12}
    2020-02-04 19:53 - 2019-06-24 22:05 - 000000000 ____D C:\Users\Rod
    2020-02-04 19:53 - 2019-03-18 21:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2020-02-04 19:53 - 2018-06-12 19:21 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5
    2020-02-04 19:53 - 2017-03-12 21:17 - 000000000 ____D C:\ProgramData\NVIDIA
    2020-02-04 19:52 - 2019-06-24 22:37 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2020-02-04 19:52 - 2019-03-18 21:37 - 000065536 _____ C:\WINDOWS\system32\config\ELAM
    2020-02-04 19:51 - 2019-06-24 22:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
    2020-02-04 19:47 - 2019-03-18 21:37 - 000000000 ____D C:\WINDOWS\CbsTemp
    2020-02-04 19:40 - 2017-11-21 20:43 - 000000000 ____D C:\Users\Rod\AppData\Local\ClassicShell
    2020-02-04 19:02 - 2018-08-26 13:45 - 000000000 ____D C:\Users\Rod\AppData\Roaming\vlc
    2020-02-04 18:42 - 2018-06-24 19:55 - 000000000 ____D C:\Users\Rod\AppData\Roaming\DMCache
    2020-02-04 14:10 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\AppReadiness
    2020-02-03 20:13 - 2018-06-24 19:55 - 000000000 ____D C:\Users\Rod\AppData\Roaming\IDM
    2020-02-03 20:12 - 2017-03-18 16:40 - 000000000 ____D C:\Users\Rod\AppData\Roaming\Hoyle
    2020-02-03 07:04 - 2017-03-14 16:18 - 000000000 ____D C:\Users\Rod\Documents\My Kindle Content
    2020-02-02 20:52 - 2019-06-24 22:38 - 000840852 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2020-02-02 20:52 - 2019-03-18 21:50 - 000000000 ____D C:\WINDOWS\INF
    2020-02-02 20:45 - 2019-03-18 21:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
    2020-02-02 13:10 - 2017-03-14 11:20 - 000000000 ___HD C:\Users\Rod\Documents\Firegraphic 11
    2020-02-01 14:39 - 2017-03-18 19:03 - 000000000 ____D C:\Users\Rod\AppData\Roaming\Hoyle Puzzle and Board Games
    2020-02-01 13:17 - 2019-07-06 07:05 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
    2020-01-31 19:58 - 2019-03-18 21:52 - 000000000 ___HD C:\Program Files\WindowsApps
    2020-01-30 20:08 - 2016-07-16 04:47 - 000000167 _____ C:\WINDOWS\win.ini
    2020-01-30 18:45 - 2017-03-12 23:59 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
    2020-01-24 18:38 - 2018-06-24 19:55 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager
    2020-01-22 17:01 - 2019-11-24 19:20 - 000000000 ____D C:\WINDOWS\Panther
    2020-01-21 20:31 - 2017-05-09 16:37 - 000191893 _____ C:\Users\Rod\Documents\The Adult Vaccine Quiz Results _ CDC.pdf
    2020-01-21 20:30 - 2017-03-18 10:53 - 000000000 ____D C:\ProgramData\Foxit Software
    2020-01-19 19:53 - 2019-06-24 22:37 - 000003288 _____ C:\WINDOWS\system32\Tasks\GlaryInitialize 5
    2020-01-19 19:53 - 2018-06-12 19:21 - 000001168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
    2020-01-19 19:52 - 2017-03-21 06:34 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2020-01-19 15:53 - 2019-09-09 19:11 - 000001067 _____ C:\Users\Rod\Desktop\MakeMKV.lnk
    2020-01-19 13:20 - 2017-08-12 13:16 - 000000000 ____D C:\Users\Rod\Documents\Recipes
    2020-01-17 21:32 - 2019-02-22 18:49 - 000000000 ____D C:\Program Files (x86)\Java
    2020-01-17 21:32 - 2018-05-23 19:36 - 000000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2020-01-17 21:31 - 2019-02-22 18:50 - 000114232 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
    2020-01-16 06:46 - 2018-07-04 08:23 - 000001274 _____ C:\Users\Rod\Desktop\cmd.exe - Shortcut.lnk
    2020-01-15 23:40 - 2019-06-24 22:30 - 000610216 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2020-01-15 23:39 - 2019-03-18 21:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
    2020-01-15 23:39 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\SystemResources
    2020-01-15 23:39 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
    2020-01-15 23:39 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\bcastdvr
    2020-01-15 08:51 - 2017-03-14 10:52 - 000000000 ____D C:\WINDOWS\system32\MRT
    2020-01-15 08:48 - 2017-03-14 10:52 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2020-01-12 10:35 - 2018-01-27 10:19 - 000000000 ____D C:\Program Files (x86)\Driver Magician
    2020-01-11 19:26 - 2019-03-18 21:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
    2020-01-11 18:48 - 2017-04-25 12:31 - 000002032 _____ C:\Users\Rod\Desktop\Run.lnk
    2020-01-05 06:50 - 2017-10-21 20:41 - 000000000 ____D C:\ProgramData\Nero

    ==================== Files in the root of some directories ========

    2017-07-15 19:56 - 2017-07-15 19:56 - 000000087 _____ () C:\Users\Rod\AppData\Roaming\1de0de73-de3e-46c6-81b0-f6455f081644
    2017-08-20 08:07 - 2017-08-20 08:07 - 000000173 _____ () C:\Users\Rod\AppData\Roaming\r.cmd
    2018-12-01 13:48 - 2019-05-27 14:14 - 000001315 _____ () C:\Users\Rod\AppData\Roaming\SAS7_000.DAT
    2018-04-06 21:00 - 2019-11-28 17:59 - 000007597 _____ () C:\Users\Rod\AppData\Local\Resmon.ResmonCfg

    ==================== SigCheck ============================

    (There is no automatic fix for files that do not pass verification.)

    ==================== End of FRST.txt ========================

  3. #3
    Join Date
    Jan 2003
    Location
    Idaho
    Posts
    631
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-02-2020 02
    Ran by Rod (04-02-2020 19:55:26)
    Running from C:\Users\Rod\Desktop
    Windows 10 Pro Version 1909 18363.592 (X64) (2019-06-25 05:37:14)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-1939575683-919345172-1765011989-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-1939575683-919345172-1765011989-503 - Limited - Disabled)
    defaultuser0 (S-1-5-21-1939575683-919345172-1765011989-1000 - Limited - Disabled) => C:\Users\defaultuser0
    Guest (S-1-5-21-1939575683-919345172-1765011989-501 - Limited - Disabled)
    Rod (S-1-5-21-1939575683-919345172-1765011989-1001 - Administrator - Enabled) => C:\Users\Rod
    WDAGUtilityAccount (S-1-5-21-1939575683-919345172-1765011989-504 - Limited - Disabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
    AV: Bitdefender Antivirus (Enabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318}
    AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Bitdefender Antispyware (Enabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5}
    FW: Bitdefender Firewall (Enabled) {362C5A58-E860-6396-9204-BEEEF20CA463}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
    Acronis True Image (HKLM-x32\...\{7731CFE5-70AE-4EFD-9989-0B97986B6FA9}) (Version: 24.5.22510 - Acronis) Hidden
    Acronis True Image (HKLM-x32\...\{7731CFE5-70AE-4EFD-9989-0B97986B6FA9}Visible) (Version: 24.5.22510 - Acronis)
    Acronis Universal Restore Bootable Media Builder (HKLM-x32\...\{3BC45D2C-4673-41FE-8B61-9A3402674D9C}) (Version: 11.5.40067 - Acronis)
    Active@ KillDisk Professional 11 (HKLM\...\{C932B116-1A14-400B-B0E3-81A86905FF25}_is1) (Version: 11 - LSoft Technologies Inc)
    Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.270 - Adobe)
    Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - )
    Amazon Kindle (HKU\S-1-5-21-1939575683-919345172-1765011989-1001\...\Amazon Kindle) (Version: 1.27.0.56109 - Amazon)
    AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
    Apple Application Support (32-bit) (HKLM-x32\...\{5C028510-A6A1-409A-A2BF-4DCB43B21EF9}) (Version: 7.6 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{5C7D4FCF-80C5-4520-9934-D50532AAC59C}) (Version: 7.6 - Apple Inc.)
    Appman Sequencer on amd64 (HKLM\...\{6A7C97F8-E6B6-8043-19FC-75FB7910491E}) (Version: 10.1.14393.0 - Microsoft) Hidden
    Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.38.1 - Asmedia Technology)
    Assessments on Client (HKLM-x32\...\{C1C83898-5A60-AE9D-A3AB-7534375CA453}) (Version: 8.100.26866 - Microsoft) Hidden
    Assessments on Client (HKLM-x32\...\{F8288793-51B6-47EF-2F93-D37767663FC5}) (Version: 10.1.14393.0 - Microsoft) Hidden
    ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.030 - ASUSTek Computer Inc.)
    Balanced (HKLM-x32\...\{EFD0705E-598B-46D4-8D5B-4539431764B8}) (Version: 2.02.0000 - Advanced Micro Devices, Inc.) Hidden
    Bejeweled 3 (HKLM-x32\...\Bejeweled 31.0.8.6128) (Version: 1.0.8.6128 - Popcap Games)
    Belarc Advisor 9.0 (HKLM-x32\...\Belarc Advisor) (Version: 9.0.0.0 - Belarc Inc.)
    Bitdefender Internet Security (HKLM\...\Bitdefender) (Version: 24.0.3.15 - Bitdefender)
    Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
    Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
    DesignPro 5 (HKLM-x32\...\{32821558-2C36-4FD0-A891-CA65360B0EC7}) (Version: 5.5.708 - Avery Dennison) Hidden
    DesignPro 5 (HKLM-x32\...\InstallShield_{32821558-2C36-4FD0-A891-CA65360B0EC7}) (Version: 5.5.708 - Avery Dennison)
    Driver Magician 5.22 (HKLM-x32\...\Driver Magician_is1) (Version: - GoldSolution Software, Inc.)
    EaseUS Partition Master 13.8 (HKLM-x32\...\EaseUS Partition Master Trial Edition_is1) (Version: - EaseUS)
    Far Cry (Patch 1.4) (HKLM-x32\...\{7EF15AAF-42AC-4CF6-B4B4-C4F0D1D92122}) (Version: 1.00.0000 - Ubisoft) Hidden
    Firegraphic 11 (HKLM-x32\...\Firegraphic 11) (Version: 10 - Firegraphic.com)
    FlashFXP 5 (HKLM-x32\...\FlashFXP 5) (Version: 5.4.0.3970 - OpenSight Software LLC)
    Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.7.1.29511 - Foxit Software Inc.)
    Glary Utilities PRO 5.136 (HKLM-x32\...\Glary Utilities 5) (Version: 5.136.0.162 - Glarysoft Ltd)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
    Hoyle Card Games 2011 (remove only) (HKLM-x32\...\Hoyle Card Games 2011) (Version: - )
    Hoyle Puzzle and Board Games 2011 (remove only) (HKLM-x32\...\Hoyle Puzzle and Board Games 2011) (Version: - )
    HP LaserJet Professional CP1520 Series (HKLM-x32\...\{5C069542-CA13-4f1b-B90C-28C6430F4992}) (Version: - Hewlett-Packard)
    HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
    HPLaserJetHelp_LearnCenter (HKLM-x32\...\{E15C68A1-9CA5-44AC-A7F7-6C0673F196A8}) (Version: 1.02.0000 - Hewlett-Packard)
    HPLJUT (HKLM-x32\...\{229D6185-BD7E-494B-A73B-C5215BE0690E}) (Version: 1.00.0012 - HP) Hidden
    hppCP1520LaserJetService (HKLM-x32\...\{FC5CFF48-C9B9-4666-BE72-3F9453E435DA}) (Version: 001.008.00477 - Hewlett-Packard) Hidden
    hppLaserJetService (HKLM-x32\...\{4006E354-3D24-49BA-A36F-7EB75D50D575}) (Version: 002.015.00599 - Hewlett-Packard) Hidden
    hppTLBXFXCP1520 (HKLM-x32\...\{D7708A7D-8909-4DDA-8DC7-8778570B2B44}) (Version: 001.012.00948 - Hewlett-Packard) Hidden
    hpzTLBXFX (HKLM-x32\...\{A3A18593-62BE-4AE1-AF3F-E35179CF042E}) (Version: 006.015.01163 - Hewlett-Packard) Hidden
    Imaging And Configuration Designer (HKLM-x32\...\{05935793-A34C-4272-3361-7AF9AEEE5649}) (Version: 10.1.14393.0 - Microsoft) Hidden
    Imaging Designer (HKLM-x32\...\{FB54F620-9555-3A11-26CB-B027C4DDF260}) (Version: 10.1.14393.0 - Microsoft) Hidden
    Imaging Tools Support (HKLM-x32\...\{C30A729A-E9BA-37F8-3C58-64AD9F1D4694}) (Version: 10.1.14393.0 - Microsoft) Hidden
    ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
    Intel(R) Network Connections 21.1.30.0 (HKLM\...\PROSetDX) (Version: 21.1.30.0 - Intel)
    Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
    Java 8 Update 241 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
    Kits Configuration Installer (HKLM-x32\...\{B74E65FD-CC47-41C5-4B89-791A3F61942D}) (Version: 8.100.25984 - Microsoft) Hidden
    Kits Configuration Installer (HKLM-x32\...\{C661B45B-1D2A-AF7C-27D0-B4FFD670A4FE}) (Version: 10.1.14393.0 - Microsoft) Hidden
    M4VGear 5.5.8 (HKLM-x32\...\M4VGear) (Version: 5.5.8 - M4VGear)
    MakeMKV v1.14.7 (HKLM-x32\...\MakeMKV) (Version: v1.14.7 - GuinpinSoft inc)
    Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
    Microsoft DaRT 10 (HKLM\...\{60B7DCA9-BCE9-4FBD-A550-3CC8E0F3A933}) (Version: 10.0.1021.0 - Microsoft Corporation)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Professional 2019 - en-us (HKLM\...\Professional2019Retail - en-us) (Version: 16.0.12325.20344 - Microsoft Corporation)
    Microsoft Outlook Personal Folders Backup (HKLM-x32\...\{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}) (Version: 1.10.0.0 - Microsoft Corporation)
    Microsoft Sync Framework 2.0 Core Components (x64) ENU (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
    Microsoft Sync Framework 2.0 Provider Services (x64) ENU (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
    MKVToolNix 43.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 43.0.0 - Moritz Bunkus)
    NoteBurner M4V Converter Plus 5.4.4 (HKLM-x32\...\NoteBurner M4V Converter Plus) (Version: 5.4.4 - NoteBurner)
    NVIDIA Graphics Driver 441.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.66 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
    OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
    Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12325.20344 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12325.20344 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12325.20344 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12325.20344 - Microsoft Corporation) Hidden
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
    Revo Uninstaller Pro 4.2.3 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.2.3 - VS Revo Group, Ltd.)
    SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
    Toolkit Documentation (HKLM-x32\...\{6143A694-5FE1-BDF6-F78E-4F7BF3E9419B}) (Version: 10.1.14393.0 - Microsoft) Hidden
    Toolkit Documentation (HKLM-x32\...\{6C870B12-6FF2-68FC-8C3B-DD177BBF3F92}) (Version: 8.100.26866 - Microsoft) Hidden
    UEV Tools on amd64 (HKLM\...\{1454FA4E-58BC-2EF1-9A19-147B0E499E03}) (Version: 10.1.14393.0 - Microsoft) Hidden
    Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
    Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
    User State Migration Tool (HKLM-x32\...\{F7AADEDA-233A-1079-CD15-03AEB050F0C6}) (Version: 10.1.14393.0 - Microsoft) Hidden
    VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
    Windows Assessment and Deployment Kit - Windows 10 (HKLM-x32\...\{39ebb79f-797c-418f-b329-97cfdf92b7ab}) (Version: 10.1.14393.0 - Microsoft Corporation)
    Windows Assessment and Deployment Kit for Windows 8.1 (HKLM-x32\...\{e9e06304-a604-434b-b35f-d9beb94dc06d}) (Version: 8.100.26866 - Microsoft Corporation)
    WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
    WPT Redistributables (HKLM-x32\...\{549DAD2D-2505-204C-EC58-59807FE6E037}) (Version: 10.1.14393.0 - Microsoft) Hidden
    WPT Redistributables (HKLM-x32\...\{64F3FB9A-9250-B2D6-00B4-50BE0358AEE8}) (Version: 8.100.26866 - Microsoft) Hidden
    WPTx64 (HKLM-x32\...\{97B6FAD9-6F14-CC46-3165-F1785ECCE255}) (Version: 10.1.14393.0 - Microsoft) Hidden
    WPTx64 (HKLM-x32\...\{BFF81CB5-E8C7-4184-FBB4-74ADFBC6CCCB}) (Version: 8.100.26837 - Microsoft) Hidden

    Packages:
    =========
    Audials Radio Free -> C:\Program Files\WindowsApps\AudialsAG.AudialsRadio_4.2.7.0_x64__3eby6px24ctcy [2019-10-26] (Audials AG)
    HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_110.1.660.0_x64__v10z8vjag6ke6 [2020-01-31] (HP Inc.)
    iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa [2020-01-31] (Apple Inc.) [Startup Task]
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
    MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
    Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-28] (Microsoft Corporation)
    Total PC Cleaner - Free Disk Space Clean Up, Optimize Memory & Windows System -> C:\Program Files\WindowsApps\64404Softuna.TotalDiskCleaner_2.0.6.0_x64__r1b4jsc7ddp3p [2019-09-24] (Total PC Cleaner)

    ==================== Custom CLSID (Whitelisted): ==============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-1939575683-919345172-1765011989-1001_Classes\CLSID\{7c25b029-7da6-419f-8c70-9af10429f4ff} -> [MKV's] => G:\MKV's [2017-11-30 05:17]
    ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2019-05-02] (Tonec Inc. -> Tonec Inc.)
    ShellIconOverlayIdentifiers: [ AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_5_22510.dll [2019-11-18] (Acronis International GmbH -> )
    ShellIconOverlayIdentifiers: [ AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_5_22510.dll [2019-11-18] (Acronis International GmbH -> )
    ShellIconOverlayIdentifiers: [ AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_5_22510.dll [2019-11-18] (Acronis International GmbH -> )
    ShellIconOverlayIdentifiers: [ AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_5_22510.dll [2019-11-18] (Acronis International GmbH -> )
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
    ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
    ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-12-26] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
    ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2020-01-02] (Glarysoft LTD -> Glarysoft Ltd)
    ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
    ContextMenuHandlers1: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => -> No File
    ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
    ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
    ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2020-01-02] (Glarysoft LTD -> Glarysoft Ltd)
    ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
    ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-14] (Empty Loop -> )
    ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
    ContextMenuHandlers4: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => -> No File
    ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
    ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-12-26] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
    ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2020-01-02] (Glarysoft LTD -> Glarysoft Ltd)
    ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
    ContextMenuHandlers6: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => -> No File
    ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
    ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group)
    ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
    ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-14] (Empty Loop -> )
    ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
    ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)

    ==================== Codecs (Whitelisted) ====================

    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)

    Shortcut: C:\Users\Rod\Desktop\free space cleaner.bat - Shortcut.lnk -> F:\G drive\Software Legal\free space cleaner.bat ()

    ==================== Loaded Modules (Whitelisted) =============

    2019-09-01 19:37 - 2015-06-05 04:00 - 000108544 ____R (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.30\ASACPI.DLL
    2009-09-16 17:44 - 2009-09-16 17:44 - 000153088 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hptcpmib.dll
    2009-09-16 17:45 - 2009-09-16 17:45 - 000331264 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\HpTcpMon.dll
    2009-09-16 10:44 - 2009-09-16 10:44 - 000132096 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hpzjrd01.dll
    2010-01-18 11:29 - 2010-01-18 11:29 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
    2010-01-18 11:29 - 2010-01-18 11:29 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
    2017-08-13 08:49 - 2017-08-13 08:49 - 000885560 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer64.dll
    2017-08-13 08:49 - 2017-08-13 08:49 - 003664184 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
    2017-08-13 08:49 - 2017-08-13 08:49 - 000291128 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\WINDOWS\System32\StartMenuHelper64.dll
    2009-09-16 17:45 - 2009-09-16 17:45 - 000317440 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\HPTcpMUI.dll
    2019-02-20 17:23 - 2019-02-20 17:23 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\AppvIsvSubsystems32.dll
    2019-02-20 17:23 - 2019-02-20 17:23 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
    2018-09-20 19:05 - 2018-09-20 19:05 - 025338368 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Acronis\TrueImageHome\icudt54.dll
    2018-09-20 19:05 - 2018-09-20 19:05 - 002056704 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Acronis\TrueImageHome\icuin54.dll
    2018-09-20 19:05 - 2018-09-20 19:05 - 001425408 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Acronis\TrueImageHome\icuuc54.dll

    ==================== Alternate Data Streams (Whitelisted) ========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [300]
    AlternateDataStreams: C:\ProgramData\TEMP:9638A27E [204]
    AlternateDataStreams: C:\ProgramData\TEMP:A5514ABC [362]

    ==================== Safe Mode (Whitelisted) ==================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

    ==================== Association (Whitelisted) =================

    ==================== Internet Explorer trusted/restricted ==========

    ==================== Hosts content: =========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2017-11-09 20:50 - 2020-02-04 19:52 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

    ==================== Other Areas ===========================

    (Currently there is no automatic fix for this section.)

    HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\Windows Kits\10\Windows Performance Toolkit\;C:\Program Files (x86)\Windows Kits\10\Microsoft Application Virtualization\Sequencer\;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile64\;C:\Program Files (x86)\Common Files\Acronis\FileProtector\;C:\Program Files (x86)\Common Files\Acronis\FileProtector64\
    HKU\S-1-5-21-1939575683-919345172-1765011989-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Rod\Documents\Firegraphic 11\Rod's Wallpaper - Firegraphic.bmp
    DNS Servers: 24.116.0.53 - 24.116.2.50
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (If an entry is included in the fixlist, it will be removed.)

    HKLM\...\StartupApproved\Run: => "SecurityHealth"
    HKLM\...\StartupApproved\Run: => "iTunesHelper"
    HKLM\...\StartupApproved\Run32: => "ISUSPM"
    HKLM\...\StartupApproved\Run32: => "DNS7reminder"
    HKU\S-1-5-21-1939575683-919345172-1765011989-1001\...\StartupApproved\Run: => "OneDrive"
    HKU\S-1-5-21-1939575683-919345172-1765011989-1001\...\StartupApproved\Run: => "20090604"
    HKU\S-1-5-21-1939575683-919345172-1765011989-1001\...\StartupApproved\Run: => "AudialsNotifier"
    HKU\S-1-5-21-1939575683-919345172-1765011989-1001\...\StartupApproved\Run: => "ISUSPM"
    HKU\S-1-5-21-1939575683-919345172-1765011989-1001\...\StartupApproved\Run: => "Speech Recognition"

    ==================== FirewallRules (Whitelisted) ================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{1492A9E2-6DB0-401E-9032-7E5AFDF797B5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{A97BBDE9-CFA4-4B05-A7AB-3F8F5A2AD25E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{5DF4B168-BAED-4115-A0B0-2F42B32A54E8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{BF8DC396-EF4E-4DFC-BCF3-63B495298D99}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{CA54159B-4F3C-4AB2-8386-F694E414B17E}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{4D6E2DEC-34BA-4DC7-8474-C0BB3E78842B}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe No File
    FirewallRules: [{E8814935-8F94-4E81-8138-8E8F1EFA739D}] => (Allow) C:\Program Files (x86)\HP\csiInstaller\5C069542-CA13-4f1b-B90C-28C6430F4992\Installer\hpbcsiInstaller.exe (Hewlett-Packard Company -> Hewlett-Packard Company)
    FirewallRules: [{D1AA7B84-8B26-453B-8FC9-DCDD12FD544E}] => (Allow) C:\Program Files (x86)\HP\csiInstaller\5C069542-CA13-4f1b-B90C-28C6430F4992\Installer\hpbcsiInstaller.exe (Hewlett-Packard Company -> Hewlett-Packard Company)
    FirewallRules: [{6EED34A1-EFD4-4B0F-B6C1-D3B34E18D830}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{9E2A8B9C-E6F6-4062-84B2-2AE474483383}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> )
    FirewallRules: [{71E65CAE-D1EB-4D1F-9D6E-599404292EF8}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (Acronis International GmbH -> Acronis International GmbH)
    FirewallRules: [{AE976FAF-5DBD-42D1-8638-1B5501AD16C4}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe (Acronis International GmbH -> )
    FirewallRules: [{2D28F596-F98A-4677-8435-5F004C00DCFA}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis International GmbH -> )
    FirewallRules: [{1573D9E5-375B-4C59-8696-68DF032755AC}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageTools.exe (Acronis International GmbH -> )
    FirewallRules: [{173C07D8-8356-47D7-AACB-29A73B034DD5}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe (Acronis International GmbH -> )
    FirewallRules: [{DDB631CD-D8F5-438B-A12F-1FF6D7590D56}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\MediaBuilder.exe (Acronis International GmbH -> )
    FirewallRules: [{3DFA230B-D3DD-4FFD-AFC9-6D7FC2EB7150}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\SystemReport.exe (Acronis International GmbH -> )
    FirewallRules: [{E15BD552-D89A-49AF-B1EC-5755460F844E}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\acronis_drive.exe (Acronis International GmbH -> )
    FirewallRules: [{C4926EB7-DB4C-4C19-B63D-B3B4548BC081}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe (Acronis International GmbH -> Acronis International GmbH)
    FirewallRules: [{6FC992A5-FF97-4905-8522-99CEABC7C1C6}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe (Acronis International GmbH -> )
    FirewallRules: [{55052179-D7BF-4EBD-A554-63F1D1FE0A2B}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\ga_service.exe (Acronis International GmbH -> )
    FirewallRules: [{D2E684BC-0BF8-474C-8D34-8C8AEAFC24B3}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\LicenseActivator.exe (Acronis International GmbH -> )
    FirewallRules: [{73705DAF-BF1B-4696-835E-5D3C58A5DF13}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Home\report_sender.exe (Acronis International GmbH -> )
    FirewallRules: [{1B6B6B5D-CA87-4698-8FD3-7B32461532AE}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe (Acronis International GmbH -> )
    FirewallRules: [{EA66D221-C5AB-48CE-BCCC-89E5B69523CD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
    FirewallRules: [{D1382980-FC25-44E2-9A3F-33BCB19C301A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{8D35ECD0-8C91-440C-A333-B5D2F085466C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{F9F6F60D-E844-4839-B9CF-95FC93C3956F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{483AF7C2-DDC1-4026-AC0F-2556591C6880}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{FBADF6B7-2E85-4FCE-9641-DFFADAC358B9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{01AB73A4-7B7E-4F3A-A1B7-E06BB9EE5EFC}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{EF3C263A-31D4-47C6-9227-7D729F6E6450}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{43216603-6F94-4E3A-9F65-4D13327075E1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)

    ==================== Restore Points =========================

    30-01-2020 20:07:08 Removed Windows 7 USB/DVD Download Tool
    03-02-2020 06:40:44 Windows Update

    ==================== Faulty Device Manager Devices ============

    Name: HID-compliant headset
    Description: HID-compliant headset
    Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Manufacturer: Microsoft
    Service: WUDFRd
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


    ==================== Event log errors: ========================

    Application errors:
    ==================
    Error: (02/04/2020 07:48:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program FRST64.exe version 2.2.2020.2 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

    Process ID: 1480

    Start Time: 01d5dbcccb2ce8f7

    Termination Time: 60000

    Application Path: C:\Users\Rod\Desktop\FRST64.exe

    Report Id: 55475e8e-9f41-4f16-be29-005629a00a16

    Faulting package full name:

    Faulting package-relative application ID:

    Hang type: Unknown

    Error: (02/04/2020 07:48:36 PM) (Source: ESENT) (EventID: 455) (User: )
    Description: svchost (5320,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

    Error: (02/04/2020 07:35:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program FRST64.exe version 2.2.2020.2 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

    Process ID: 23c

    Start Time: 01d5dbcc97ddcf93

    Termination Time: 60000

    Application Path: C:\Users\Rod\Desktop\FRST64.exe

    Report Id: f6e12e8f-8ec4-4f22-8dcb-884e57e83a5c

    Faulting package full name:

    Faulting package-relative application ID:

    Hang type: Unknown

    Error: (02/04/2020 07:23:57 PM) (Source: ESENT) (EventID: 455) (User: )
    Description: svchost (8448,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

    Error: (02/04/2020 07:20:03 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
    Description: The required buffer size is greater than the buffer size passed to the Collect function of the "C:\Windows\System32\perfts.dll" Extensible Counter DLL for the "LSM" service. The given buffer size was 30472 and the required size was 31016.

    Error: (02/04/2020 06:22:47 PM) (Source: ESENT) (EventID: 455) (User: )
    Description: svchost (5744,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

    Error: (02/04/2020 06:14:15 PM) (Source: ESENT) (EventID: 455) (User: )
    Description: svchost (5516,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

    Error: (02/04/2020 02:45:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 15609


    System errors:
    =============
    Error: (02/04/2020 07:53:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The RasMan service depends on the SstpSvc service which failed to start because of the following error:
    The operation completed successfully.

    Error: (02/04/2020 07:52:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Freemake Improver service failed to start due to the following error:
    The system cannot find the file specified.

    Error: (02/04/2020 07:52:31 PM) (Source: EventLog) (EventID: 6008) (User: )
    Description: The previous system shutdown at 7:29:27 PM on ‎2/‎4/‎2020 was unexpected.

    Error: (02/04/2020 06:10:08 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register with DCOM within the required timeout.

    Error: (02/04/2020 06:08:33 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
    Description: The Background Intelligent Transfer Service service terminated with the following service-specific error:
    The class is configured to run as a security id different from the caller

    Error: (02/04/2020 06:08:33 PM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16392) (User: NT AUTHORITY)
    Description: The BITS service failed to start. Error 2147500053.

    Error: (02/04/2020 05:36:32 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BFE service.

    Error: (02/04/2020 05:36:02 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FDResPub service.


    CodeIntegrity:
    ===================================

    Date: 2020-02-04 19:47:48.364
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-02-04 19:47:43.352
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-02-04 19:41:17.183
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-02-04 19:41:17.161
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-02-04 19:39:55.586
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-02-04 19:39:51.562
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-02-04 19:39:26.510
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-02-04 19:39:16.140
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

    ==================== Memory info ===========================

    BIOS: American Megatrends Inc. 7501 09/23/2019
    Motherboard: ASUSTeK COMPUTER INC. CROSSHAIR VI HERO
    Processor: AMD Ryzen 7 1700X Eight-Core Processor
    Percentage of memory in use: 23%
    Total physical RAM: 16313.21 MB
    Available physical RAM: 12432.84 MB
    Total Virtual: 18745.21 MB
    Available Virtual: 13474.96 MB

    ==================== Drives ================================

    Drive c: (C Drive) (Fixed) (Total:476.39 GB) (Free:365.1 GB) NTFS
    Drive f: (INT 2 TB) (Fixed) (Total:1863.01 GB) (Free:1504.82 GB) NTFS
    Drive g: (INT 4 TB) (Fixed) (Total:3725.9 GB) (Free:1227.89 GB) NTFS

    \\?\Volume{d67a9664-bdc8-4d1f-83ce-a4984c936028}\ () (Fixed) (Total:0.44 GB) (Free:0.04 GB) NTFS
    \\?\Volume{d89f5f91-f727-4501-b52c-bdbce6b4d1ea}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

    ==================== MBR & Partition Table ====================

    ==========================================================
    Disk: 0 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 9292A9C3)
    Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

    ==========================================================
    Disk: 1 (MBR Code: Windows 7/8/10) (Size: 3726 GB) (Disk ID: 07661ECB)

    Partition: GPT.

    ==========================================================
    Disk: 2 (MBR Code: Windows 7/8/10) (Size: 476.9 GB) (Disk ID: 0766DECD)

    Partition: GPT.

    ==================== End of Addition.txt =======================

  4. #4
    Join Date
    Jan 2003
    Location
    Idaho
    Posts
    631
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-02-2020 02
    Ran by Rod (04-02-2020 19:55:26)
    Running from C:\Users\Rod\Desktop
    Windows 10 Pro Version 1909 18363.592 (X64) (2019-06-25 05:37:14)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-1939575683-919345172-1765011989-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-1939575683-919345172-1765011989-503 - Limited - Disabled)
    defaultuser0 (S-1-5-21-1939575683-919345172-1765011989-1000 - Limited - Disabled) => C:\Users\defaultuser0
    Guest (S-1-5-21-1939575683-919345172-1765011989-501 - Limited - Disabled)
    Rod (S-1-5-21-1939575683-919345172-1765011989-1001 - Administrator - Enabled) => C:\Users\Rod
    WDAGUtilityAccount (S-1-5-21-1939575683-919345172-1765011989-504 - Limited - Disabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
    AV: Bitdefender Antivirus (Enabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318}
    AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Bitdefender Antispyware (Enabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5}
    FW: Bitdefender Firewall (Enabled) {362C5A58-E860-6396-9204-BEEEF20CA463}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
    Acronis True Image (HKLM-x32\...\{7731CFE5-70AE-4EFD-9989-0B97986B6FA9}) (Version: 24.5.22510 - Acronis) Hidden
    Acronis True Image (HKLM-x32\...\{7731CFE5-70AE-4EFD-9989-0B97986B6FA9}Visible) (Version: 24.5.22510 - Acronis)
    Acronis Universal Restore Bootable Media Builder (HKLM-x32\...\{3BC45D2C-4673-41FE-8B61-9A3402674D9C}) (Version: 11.5.40067 - Acronis)
    Active@ KillDisk Professional 11 (HKLM\...\{C932B116-1A14-400B-B0E3-81A86905FF25}_is1) (Version: 11 - LSoft Technologies Inc)
    Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.270 - Adobe)
    Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - )
    Amazon Kindle (HKU\S-1-5-21-1939575683-919345172-1765011989-1001\...\Amazon Kindle) (Version: 1.27.0.56109 - Amazon)
    AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
    Apple Application Support (32-bit) (HKLM-x32\...\{5C028510-A6A1-409A-A2BF-4DCB43B21EF9}) (Version: 7.6 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{5C7D4FCF-80C5-4520-9934-D50532AAC59C}) (Version: 7.6 - Apple Inc.)
    Appman Sequencer on amd64 (HKLM\...\{6A7C97F8-E6B6-8043-19FC-75FB7910491E}) (Version: 10.1.14393.0 - Microsoft) Hidden
    Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.38.1 - Asmedia Technology)
    Assessments on Client (HKLM-x32\...\{C1C83898-5A60-AE9D-A3AB-7534375CA453}) (Version: 8.100.26866 - Microsoft) Hidden
    Assessments on Client (HKLM-x32\...\{F8288793-51B6-47EF-2F93-D37767663FC5}) (Version: 10.1.14393.0 - Microsoft) Hidden
    ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.030 - ASUSTek Computer Inc.)
    Balanced (HKLM-x32\...\{EFD0705E-598B-46D4-8D5B-4539431764B8}) (Version: 2.02.0000 - Advanced Micro Devices, Inc.) Hidden
    Bejeweled 3 (HKLM-x32\...\Bejeweled 31.0.8.6128) (Version: 1.0.8.6128 - Popcap Games)
    Belarc Advisor 9.0 (HKLM-x32\...\Belarc Advisor) (Version: 9.0.0.0 - Belarc Inc.)
    Bitdefender Internet Security (HKLM\...\Bitdefender) (Version: 24.0.3.15 - Bitdefender)
    Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
    Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
    DesignPro 5 (HKLM-x32\...\{32821558-2C36-4FD0-A891-CA65360B0EC7}) (Version: 5.5.708 - Avery Dennison) Hidden
    DesignPro 5 (HKLM-x32\...\InstallShield_{32821558-2C36-4FD0-A891-CA65360B0EC7}) (Version: 5.5.708 - Avery Dennison)
    Driver Magician 5.22 (HKLM-x32\...\Driver Magician_is1) (Version: - GoldSolution Software, Inc.)
    EaseUS Partition Master 13.8 (HKLM-x32\...\EaseUS Partition Master Trial Edition_is1) (Version: - EaseUS)
    Far Cry (Patch 1.4) (HKLM-x32\...\{7EF15AAF-42AC-4CF6-B4B4-C4F0D1D92122}) (Version: 1.00.0000 - Ubisoft) Hidden
    Firegraphic 11 (HKLM-x32\...\Firegraphic 11) (Version: 10 - Firegraphic.com)
    FlashFXP 5 (HKLM-x32\...\FlashFXP 5) (Version: 5.4.0.3970 - OpenSight Software LLC)
    Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.7.1.29511 - Foxit Software Inc.)
    Glary Utilities PRO 5.136 (HKLM-x32\...\Glary Utilities 5) (Version: 5.136.0.162 - Glarysoft Ltd)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
    Hoyle Card Games 2011 (remove only) (HKLM-x32\...\Hoyle Card Games 2011) (Version: - )
    Hoyle Puzzle and Board Games 2011 (remove only) (HKLM-x32\...\Hoyle Puzzle and Board Games 2011) (Version: - )
    HP LaserJet Professional CP1520 Series (HKLM-x32\...\{5C069542-CA13-4f1b-B90C-28C6430F4992}) (Version: - Hewlett-Packard)
    HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
    HPLaserJetHelp_LearnCenter (HKLM-x32\...\{E15C68A1-9CA5-44AC-A7F7-6C0673F196A8}) (Version: 1.02.0000 - Hewlett-Packard)
    HPLJUT (HKLM-x32\...\{229D6185-BD7E-494B-A73B-C5215BE0690E}) (Version: 1.00.0012 - HP) Hidden
    hppCP1520LaserJetService (HKLM-x32\...\{FC5CFF48-C9B9-4666-BE72-3F9453E435DA}) (Version: 001.008.00477 - Hewlett-Packard) Hidden
    hppLaserJetService (HKLM-x32\...\{4006E354-3D24-49BA-A36F-7EB75D50D575}) (Version: 002.015.00599 - Hewlett-Packard) Hidden
    hppTLBXFXCP1520 (HKLM-x32\...\{D7708A7D-8909-4DDA-8DC7-8778570B2B44}) (Version: 001.012.00948 - Hewlett-Packard) Hidden
    hpzTLBXFX (HKLM-x32\...\{A3A18593-62BE-4AE1-AF3F-E35179CF042E}) (Version: 006.015.01163 - Hewlett-Packard) Hidden
    Imaging And Configuration Designer (HKLM-x32\...\{05935793-A34C-4272-3361-7AF9AEEE5649}) (Version: 10.1.14393.0 - Microsoft) Hidden
    Imaging Designer (HKLM-x32\...\{FB54F620-9555-3A11-26CB-B027C4DDF260}) (Version: 10.1.14393.0 - Microsoft) Hidden
    Imaging Tools Support (HKLM-x32\...\{C30A729A-E9BA-37F8-3C58-64AD9F1D4694}) (Version: 10.1.14393.0 - Microsoft) Hidden
    ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
    Intel(R) Network Connections 21.1.30.0 (HKLM\...\PROSetDX) (Version: 21.1.30.0 - Intel)
    Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
    Java 8 Update 241 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
    Kits Configuration Installer (HKLM-x32\...\{B74E65FD-CC47-41C5-4B89-791A3F61942D}) (Version: 8.100.25984 - Microsoft) Hidden
    Kits Configuration Installer (HKLM-x32\...\{C661B45B-1D2A-AF7C-27D0-B4FFD670A4FE}) (Version: 10.1.14393.0 - Microsoft) Hidden
    M4VGear 5.5.8 (HKLM-x32\...\M4VGear) (Version: 5.5.8 - M4VGear)
    MakeMKV v1.14.7 (HKLM-x32\...\MakeMKV) (Version: v1.14.7 - GuinpinSoft inc)
    Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
    Microsoft DaRT 10 (HKLM\...\{60B7DCA9-BCE9-4FBD-A550-3CC8E0F3A933}) (Version: 10.0.1021.0 - Microsoft Corporation)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Professional 2019 - en-us (HKLM\...\Professional2019Retail - en-us) (Version: 16.0.12325.20344 - Microsoft Corporation)
    Microsoft Outlook Personal Folders Backup (HKLM-x32\...\{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}) (Version: 1.10.0.0 - Microsoft Corporation)
    Microsoft Sync Framework 2.0 Core Components (x64) ENU (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
    Microsoft Sync Framework 2.0 Provider Services (x64) ENU (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
    MKVToolNix 43.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 43.0.0 - Moritz Bunkus)
    NoteBurner M4V Converter Plus 5.4.4 (HKLM-x32\...\NoteBurner M4V Converter Plus) (Version: 5.4.4 - NoteBurner)
    NVIDIA Graphics Driver 441.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.66 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
    OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
    Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12325.20344 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12325.20344 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12325.20344 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12325.20344 - Microsoft Corporation) Hidden
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
    Revo Uninstaller Pro 4.2.3 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.2.3 - VS Revo Group, Ltd.)
    SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
    Toolkit Documentation (HKLM-x32\...\{6143A694-5FE1-BDF6-F78E-4F7BF3E9419B}) (Version: 10.1.14393.0 - Microsoft) Hidden
    Toolkit Documentation (HKLM-x32\...\{6C870B12-6FF2-68FC-8C3B-DD177BBF3F92}) (Version: 8.100.26866 - Microsoft) Hidden
    UEV Tools on amd64 (HKLM\...\{1454FA4E-58BC-2EF1-9A19-147B0E499E03}) (Version: 10.1.14393.0 - Microsoft) Hidden
    Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
    Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
    User State Migration Tool (HKLM-x32\...\{F7AADEDA-233A-1079-CD15-03AEB050F0C6}) (Version: 10.1.14393.0 - Microsoft) Hidden
    VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
    Windows Assessment and Deployment Kit - Windows 10 (HKLM-x32\...\{39ebb79f-797c-418f-b329-97cfdf92b7ab}) (Version: 10.1.14393.0 - Microsoft Corporation)
    Windows Assessment and Deployment Kit for Windows 8.1 (HKLM-x32\...\{e9e06304-a604-434b-b35f-d9beb94dc06d}) (Version: 8.100.26866 - Microsoft Corporation)
    WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
    WPT Redistributables (HKLM-x32\...\{549DAD2D-2505-204C-EC58-59807FE6E037}) (Version: 10.1.14393.0 - Microsoft) Hidden
    WPT Redistributables (HKLM-x32\...\{64F3FB9A-9250-B2D6-00B4-50BE0358AEE8}) (Version: 8.100.26866 - Microsoft) Hidden
    WPTx64 (HKLM-x32\...\{97B6FAD9-6F14-CC46-3165-F1785ECCE255}) (Version: 10.1.14393.0 - Microsoft) Hidden
    WPTx64 (HKLM-x32\...\{BFF81CB5-E8C7-4184-FBB4-74ADFBC6CCCB}) (Version: 8.100.26837 - Microsoft) Hidden

    Packages:
    =========
    Audials Radio Free -> C:\Program Files\WindowsApps\AudialsAG.AudialsRadio_4.2.7.0_x64__3eby6px24ctcy [2019-10-26] (Audials AG)
    HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_110.1.660.0_x64__v10z8vjag6ke6 [2020-01-31] (HP Inc.)
    iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa [2020-01-31] (Apple Inc.) [Startup Task]
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
    MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
    Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-28] (Microsoft Corporation)
    Total PC Cleaner - Free Disk Space Clean Up, Optimize Memory & Windows System -> C:\Program Files\WindowsApps\64404Softuna.TotalDiskCleaner_2.0.6.0_x64__r1b4jsc7ddp3p [2019-09-24] (Total PC Cleaner)

    ==================== Custom CLSID (Whitelisted): ==============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-1939575683-919345172-1765011989-1001_Classes\CLSID\{7c25b029-7da6-419f-8c70-9af10429f4ff} -> [MKV's] => G:\MKV's [2017-11-30 05:17]
    ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2019-05-02] (Tonec Inc. -> Tonec Inc.)
    ShellIconOverlayIdentifiers: [ AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_5_22510.dll [2019-11-18] (Acronis International GmbH -> )
    ShellIconOverlayIdentifiers: [ AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_5_22510.dll [2019-11-18] (Acronis International GmbH -> )
    ShellIconOverlayIdentifiers: [ AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_5_22510.dll [2019-11-18] (Acronis International GmbH -> )
    ShellIconOverlayIdentifiers: [ AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_5_22510.dll [2019-11-18] (Acronis International GmbH -> )
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
    ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
    ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-12-26] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
    ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2020-01-02] (Glarysoft LTD -> Glarysoft Ltd)
    ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
    ContextMenuHandlers1: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => -> No File
    ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
    ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
    ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2020-01-02] (Glarysoft LTD -> Glarysoft Ltd)
    ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
    ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-14] (Empty Loop -> )
    ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
    ContextMenuHandlers4: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => -> No File
    ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
    ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-12-26] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
    ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2020-01-02] (Glarysoft LTD -> Glarysoft Ltd)
    ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
    ContextMenuHandlers6: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => -> No File
    ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
    ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group)
    ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
    ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-14] (Empty Loop -> )
    ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
    ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)

    ==================== Codecs (Whitelisted) ====================

    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)

    Shortcut: C:\Users\Rod\Desktop\free space cleaner.bat - Shortcut.lnk -> F:\G drive\Software Legal\free space cleaner.bat ()

    ==================== Loaded Modules (Whitelisted) =============

    2019-09-01 19:37 - 2015-06-05 04:00 - 000108544 ____R (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.30\ASACPI.DLL
    2009-09-16 17:44 - 2009-09-16 17:44 - 000153088 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hptcpmib.dll
    2009-09-16 17:45 - 2009-09-16 17:45 - 000331264 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\HpTcpMon.dll
    2009-09-16 10:44 - 2009-09-16 10:44 - 000132096 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hpzjrd01.dll
    2010-01-18 11:29 - 2010-01-18 11:29 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
    2010-01-18 11:29 - 2010-01-18 11:29 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
    2017-08-13 08:49 - 2017-08-13 08:49 - 000885560 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer64.dll
    2017-08-13 08:49 - 2017-08-13 08:49 - 003664184 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
    2017-08-13 08:49 - 2017-08-13 08:49 - 000291128 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\WINDOWS\System32\StartMenuHelper64.dll
    2009-09-16 17:45 - 2009-09-16 17:45 - 000317440 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\HPTcpMUI.dll
    2019-02-20 17:23 - 2019-02-20 17:23 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\AppvIsvSubsystems32.dll
    2019-02-20 17:23 - 2019-02-20 17:23 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
    2018-09-20 19:05 - 2018-09-20 19:05 - 025338368 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Acronis\TrueImageHome\icudt54.dll
    2018-09-20 19:05 - 2018-09-20 19:05 - 002056704 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Acronis\TrueImageHome\icuin54.dll
    2018-09-20 19:05 - 2018-09-20 19:05 - 001425408 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Acronis\TrueImageHome\icuuc54.dll

    ==================== Alternate Data Streams (Whitelisted) ========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [300]
    AlternateDataStreams: C:\ProgramData\TEMP:9638A27E [204]
    AlternateDataStreams: C:\ProgramData\TEMP:A5514ABC [362]

    ==================== Safe Mode (Whitelisted) ==================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

    ==================== Association (Whitelisted) =================

    ==================== Internet Explorer trusted/restricted ==========

    ==================== Hosts content: =========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2017-11-09 20:50 - 2020-02-04 19:52 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

    ==================== Other Areas ===========================

    (Currently there is no automatic fix for this section.)

    HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files (x86)\Windows Kits\10\Windows Performance Toolkit\;C:\Program Files (x86)\Windows Kits\10\Microsoft Application Virtualization\Sequencer\;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile64\;C:\Program Files (x86)\Common Files\Acronis\FileProtector\;C:\Program Files (x86)\Common Files\Acronis\FileProtector64\
    HKU\S-1-5-21-1939575683-919345172-1765011989-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Rod\Documents\Firegraphic 11\Rod's Wallpaper - Firegraphic.bmp
    DNS Servers: 24.116.0.53 - 24.116.2.50
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (If an entry is included in the fixlist, it will be removed.)

    HKLM\...\StartupApproved\Run: => "SecurityHealth"
    HKLM\...\StartupApproved\Run: => "iTunesHelper"
    HKLM\...\StartupApproved\Run32: => "ISUSPM"
    HKLM\...\StartupApproved\Run32: => "DNS7reminder"
    HKU\S-1-5-21-1939575683-919345172-1765011989-1001\...\StartupApproved\Run: => "OneDrive"
    HKU\S-1-5-21-1939575683-919345172-1765011989-1001\...\StartupApproved\Run: => "20090604"
    HKU\S-1-5-21-1939575683-919345172-1765011989-1001\...\StartupApproved\Run: => "AudialsNotifier"
    HKU\S-1-5-21-1939575683-919345172-1765011989-1001\...\StartupApproved\Run: => "ISUSPM"
    HKU\S-1-5-21-1939575683-919345172-1765011989-1001\...\StartupApproved\Run: => "Speech Recognition"

    ==================== FirewallRules (Whitelisted) ================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{1492A9E2-6DB0-401E-9032-7E5AFDF797B5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{A97BBDE9-CFA4-4B05-A7AB-3F8F5A2AD25E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{5DF4B168-BAED-4115-A0B0-2F42B32A54E8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{BF8DC396-EF4E-4DFC-BCF3-63B495298D99}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{CA54159B-4F3C-4AB2-8386-F694E414B17E}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{4D6E2DEC-34BA-4DC7-8474-C0BB3E78842B}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe No File
    FirewallRules: [{E8814935-8F94-4E81-8138-8E8F1EFA739D}] => (Allow) C:\Program Files (x86)\HP\csiInstaller\5C069542-CA13-4f1b-B90C-28C6430F4992\Installer\hpbcsiInstaller.exe (Hewlett-Packard Company -> Hewlett-Packard Company)
    FirewallRules: [{D1AA7B84-8B26-453B-8FC9-DCDD12FD544E}] => (Allow) C:\Program Files (x86)\HP\csiInstaller\5C069542-CA13-4f1b-B90C-28C6430F4992\Installer\hpbcsiInstaller.exe (Hewlett-Packard Company -> Hewlett-Packard Company)
    FirewallRules: [{6EED34A1-EFD4-4B0F-B6C1-D3B34E18D830}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{9E2A8B9C-E6F6-4062-84B2-2AE474483383}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> )
    FirewallRules: [{71E65CAE-D1EB-4D1F-9D6E-599404292EF8}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (Acronis International GmbH -> Acronis International GmbH)
    FirewallRules: [{AE976FAF-5DBD-42D1-8638-1B5501AD16C4}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe (Acronis International GmbH -> )
    FirewallRules: [{2D28F596-F98A-4677-8435-5F004C00DCFA}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis International GmbH -> )
    FirewallRules: [{1573D9E5-375B-4C59-8696-68DF032755AC}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageTools.exe (Acronis International GmbH -> )
    FirewallRules: [{173C07D8-8356-47D7-AACB-29A73B034DD5}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe (Acronis International GmbH -> )
    FirewallRules: [{DDB631CD-D8F5-438B-A12F-1FF6D7590D56}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\MediaBuilder.exe (Acronis International GmbH -> )
    FirewallRules: [{3DFA230B-D3DD-4FFD-AFC9-6D7FC2EB7150}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\SystemReport.exe (Acronis International GmbH -> )
    FirewallRules: [{E15BD552-D89A-49AF-B1EC-5755460F844E}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\acronis_drive.exe (Acronis International GmbH -> )
    FirewallRules: [{C4926EB7-DB4C-4C19-B63D-B3B4548BC081}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe (Acronis International GmbH -> Acronis International GmbH)
    FirewallRules: [{6FC992A5-FF97-4905-8522-99CEABC7C1C6}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe (Acronis International GmbH -> )
    FirewallRules: [{55052179-D7BF-4EBD-A554-63F1D1FE0A2B}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\ga_service.exe (Acronis International GmbH -> )
    FirewallRules: [{D2E684BC-0BF8-474C-8D34-8C8AEAFC24B3}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\LicenseActivator.exe (Acronis International GmbH -> )
    FirewallRules: [{73705DAF-BF1B-4696-835E-5D3C58A5DF13}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Home\report_sender.exe (Acronis International GmbH -> )
    FirewallRules: [{1B6B6B5D-CA87-4698-8FD3-7B32461532AE}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe (Acronis International GmbH -> )
    FirewallRules: [{EA66D221-C5AB-48CE-BCCC-89E5B69523CD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
    FirewallRules: [{D1382980-FC25-44E2-9A3F-33BCB19C301A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{8D35ECD0-8C91-440C-A333-B5D2F085466C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{F9F6F60D-E844-4839-B9CF-95FC93C3956F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{483AF7C2-DDC1-4026-AC0F-2556591C6880}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{FBADF6B7-2E85-4FCE-9641-DFFADAC358B9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{01AB73A4-7B7E-4F3A-A1B7-E06BB9EE5EFC}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{EF3C263A-31D4-47C6-9227-7D729F6E6450}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{43216603-6F94-4E3A-9F65-4D13327075E1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12104.2.43056.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)

    ==================== Restore Points =========================

    30-01-2020 20:07:08 Removed Windows 7 USB/DVD Download Tool
    03-02-2020 06:40:44 Windows Update

    ==================== Faulty Device Manager Devices ============

    Name: HID-compliant headset
    Description: HID-compliant headset
    Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Manufacturer: Microsoft
    Service: WUDFRd
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


    ==================== Event log errors: ========================

    Application errors:
    ==================
    Error: (02/04/2020 07:48:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program FRST64.exe version 2.2.2020.2 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

    Process ID: 1480

    Start Time: 01d5dbcccb2ce8f7

    Termination Time: 60000

    Application Path: C:\Users\Rod\Desktop\FRST64.exe

    Report Id: 55475e8e-9f41-4f16-be29-005629a00a16

    Faulting package full name:

    Faulting package-relative application ID:

    Hang type: Unknown

    Error: (02/04/2020 07:48:36 PM) (Source: ESENT) (EventID: 455) (User: )
    Description: svchost (5320,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

    Error: (02/04/2020 07:35:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program FRST64.exe version 2.2.2020.2 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

    Process ID: 23c

    Start Time: 01d5dbcc97ddcf93

    Termination Time: 60000

    Application Path: C:\Users\Rod\Desktop\FRST64.exe

    Report Id: f6e12e8f-8ec4-4f22-8dcb-884e57e83a5c

    Faulting package full name:

    Faulting package-relative application ID:

    Hang type: Unknown

    Error: (02/04/2020 07:23:57 PM) (Source: ESENT) (EventID: 455) (User: )
    Description: svchost (8448,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

    Error: (02/04/2020 07:20:03 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
    Description: The required buffer size is greater than the buffer size passed to the Collect function of the "C:\Windows\System32\perfts.dll" Extensible Counter DLL for the "LSM" service. The given buffer size was 30472 and the required size was 31016.

    Error: (02/04/2020 06:22:47 PM) (Source: ESENT) (EventID: 455) (User: )
    Description: svchost (5744,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

    Error: (02/04/2020 06:14:15 PM) (Source: ESENT) (EventID: 455) (User: )
    Description: svchost (5516,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

    Error: (02/04/2020 02:45:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 15609


    System errors:
    =============
    Error: (02/04/2020 07:53:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The RasMan service depends on the SstpSvc service which failed to start because of the following error:
    The operation completed successfully.

    Error: (02/04/2020 07:52:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Freemake Improver service failed to start due to the following error:
    The system cannot find the file specified.

    Error: (02/04/2020 07:52:31 PM) (Source: EventLog) (EventID: 6008) (User: )
    Description: The previous system shutdown at 7:29:27 PM on ‎2/‎4/‎2020 was unexpected.

    Error: (02/04/2020 06:10:08 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register with DCOM within the required timeout.

    Error: (02/04/2020 06:08:33 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
    Description: The Background Intelligent Transfer Service service terminated with the following service-specific error:
    The class is configured to run as a security id different from the caller

    Error: (02/04/2020 06:08:33 PM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16392) (User: NT AUTHORITY)
    Description: The BITS service failed to start. Error 2147500053.

    Error: (02/04/2020 05:36:32 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BFE service.

    Error: (02/04/2020 05:36:02 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FDResPub service.


    CodeIntegrity:
    ===================================

    Date: 2020-02-04 19:47:48.364
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-02-04 19:47:43.352
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-02-04 19:41:17.183
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-02-04 19:41:17.161
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-02-04 19:39:55.586
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-02-04 19:39:51.562
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-02-04 19:39:26.510
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

    Date: 2020-02-04 19:39:16.140
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

    ==================== Memory info ===========================

    BIOS: American Megatrends Inc. 7501 09/23/2019
    Motherboard: ASUSTeK COMPUTER INC. CROSSHAIR VI HERO
    Processor: AMD Ryzen 7 1700X Eight-Core Processor
    Percentage of memory in use: 23%
    Total physical RAM: 16313.21 MB
    Available physical RAM: 12432.84 MB
    Total Virtual: 18745.21 MB
    Available Virtual: 13474.96 MB

    ==================== Drives ================================

    Drive c: (C Drive) (Fixed) (Total:476.39 GB) (Free:365.1 GB) NTFS
    Drive f: (INT 2 TB) (Fixed) (Total:1863.01 GB) (Free:1504.82 GB) NTFS
    Drive g: (INT 4 TB) (Fixed) (Total:3725.9 GB) (Free:1227.89 GB) NTFS

    \\?\Volume{d67a9664-bdc8-4d1f-83ce-a4984c936028}\ () (Fixed) (Total:0.44 GB) (Free:0.04 GB) NTFS
    \\?\Volume{d89f5f91-f727-4501-b52c-bdbce6b4d1ea}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

    ==================== MBR & Partition Table ====================

    ==========================================================
    Disk: 0 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 9292A9C3)
    Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

    ==========================================================
    Disk: 1 (MBR Code: Windows 7/8/10) (Size: 3726 GB) (Disk ID: 07661ECB)

    Partition: GPT.

    ==========================================================
    Disk: 2 (MBR Code: Windows 7/8/10) (Size: 476.9 GB) (Disk ID: 0766DECD)

    Partition: GPT.

    ==================== End of Addition.txt =======================

  5. #5
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,464
    Did you try different browser to see if it has same issue?

  6. #6
    Join Date
    Jan 2003
    Location
    Idaho
    Posts
    631
    Quote Originally Posted by Broni View Post
    Did you try different browser to see if it has same issue?
    Boy what a simple question, but what difference it makes.
    Edge has a fast loading time. So I did a update on chrome and that seems to have fixed my problem. Improved by about 95%!

    Thanks
    Rod

  7. #7
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,464

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •