Need a check up, computer seems to be slowing down (Toshiba laptop, 64 bit, Win 10)
Results 1 to 11 of 11

Thread: Need a check up, computer seems to be slowing down (Toshiba laptop, 64 bit, Win 10)

  1. #1
    Join Date
    May 2005
    Posts
    122

    Need a check up, computer seems to be slowing down (Toshiba laptop, 64 bit, Win 10)

    Here is the Farbar frst.txt

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-04-2022
    Ran by c (administrator) on LLM-WIN8-LAPTOP (TOSHIBA Satellite P55t-A) (05-04-2022 07:28:29)
    Running from C:\Users\c\Desktop
    Loaded Profiles: c
    Platform: Microsoft Windows 10 Home Version 21H1 19043.1586 (X64) Language: English (United States)
    Default browser: Chrome
    Boot Mode: Normal

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Autodesk, Inc. -> Autodesk) C:\Users\c\AppData\Local\Programs\Autodesk\Genuine Service\GenuineService.exe
    (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
    (C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe <3>
    (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
    (C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe ->) (TOSHIBA CORPORATION -> ) C:\Program Files\TOSHIBA\Hotkey\Hotkey\TCrdKBB.exe
    (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCopyAccelerator.exe
    (explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\55.0.3.0\crashpad_handler.exe
    (explorer.exe ->) (Hewlett Packard -> Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 5660 series\Bin\ScanToPCActivationApp.exe
    (explorer.exe ->) (TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\System Setting\TssSrv.exe
    (explorer.exe ->) (TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
    (explorer.exe ->) (TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
    (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
    (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
    (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
    (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
    (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    (services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
    (services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
    (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (services.exe ->) (Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
    (services.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\10.1.0.3194\AdskLicensingService\AdskLicensingService.exe
    (services.exe ->) (DTS, Inc. -> ) C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
    (services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\DSDFunctionKeyCtlService.exe <2>
    (services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\RMService.exe
    (services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    (services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe
    (services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
    (services.exe ->) (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    (services.exe ->) (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    (services.exe ->) (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
    (services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    (services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    (services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
    (services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
    (services.exe ->) (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
    (services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
    (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe
    (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe
    (services.exe ->) (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe
    (services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
    (services.exe ->) (TOSHIBA CORPORATION -> ) C:\Program Files (x86)\Toshiba\PasswordUtility\GFNEXSrv.exe
    (services.exe ->) (TOSHIBA CORPORATION -> Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
    (services.exe ->) (TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe <2>
    (services.exe ->) (TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
    (services.exe ->) (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe
    (svchost.exe ->) (Hewlett Packard -> Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 5660 series\Bin\HPNetworkCommunicatorCom.exe
    (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
    (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
    (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (TOSHIBA CORPORATION -> TOSHIBA) C:\Program Files (x86)\Toshiba\PasswordUtility\readLM.exe

    ==================== Registry (Whitelisted) ===================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-11] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
    HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
    HKLM\...\Run: [ThpSrv] => C:\Windows\system32\thpsrv /logon (No File)
    HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-17] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
    HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [339000 2021-10-26] (Apple Inc. -> Apple Inc.)
    HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3163248 2022-01-09] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
    HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [383768 2002-04-12] (AlcorMicro, Corp. -> Alcor Micro Corp.)
    HKLM-x32\...\Run: [1.TPUReg] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA CORPORATION -> TOSHIBA)
    HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba) [File not signed]
    HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
    HKLM-x32\...\Run: [Win8PDF] => C:\Program Files\PDF Printer for Windows 8\PDF.exe [484352 2011-10-21] (Vivid Document Imaging Technologies) [File not signed]
    HKLM-x32\...\Run: [Adobe_ID0EYTHM] => C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe [1884160 2015-04-26] (Adobe Systems Incorporated) [File not signed]
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2015-10-10] (Hewlett-Packard Company -> Hewlett-Packard)
    HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3500056 2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
    HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [664872 2020-03-03] (Autodesk, Inc. -> Autodesk, Inc.)
    HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\Users\c\AppData\Local\Programs\Autodesk\Genuine Service\GenuineService.exe [1077864 2020-01-02] (Autodesk, Inc. -> Autodesk)
    HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2138272 2016-10-08] (Shenzhen Jia Xing Investment Co., Ltd. -> AimerSoft)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707256 2021-12-15] (Oracle America, Inc. -> Oracle Corporation)
    HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.9.0\GoogleDriveFS.exe [53662040 2022-03-24] (Google LLC -> Google, Inc.)
    HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.9.0\GoogleDriveFS.exe [53662040 2022-03-24] (Google LLC -> Google, Inc.)
    HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart (No File)
    HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\Run: [Google Update] => C:\Users\c\AppData\Local\Google\Update\1.3.36.122\GoogleUpdateCore.exe [223816 2022-01-20] (Google LLC -> Google LLC)
    HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Software Sarl -> Skype Technologies S.A.)
    HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\Run: [HP ENVY 5660 series (NET)] => C:\Program Files\HP\HP ENVY 5660 series\Bin\ScanToPCActivationApp.exe [3483656 2015-10-10] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
    HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
    HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35888256 2022-03-10] (Piriform Software Ltd -> Piriform Software Ltd)
    HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\Run: [708A6BCA9F22CC304DD693961BCF6B09DB76A694._service_run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8 [3540392 2022-04-01] (Microsoft Corporation -> Microsoft Corporation)
    HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\c\AppData\Local\WebEx\WebexHost.exe [7527248 2022-03-03] (Cisco WebEx LLC -> Cisco Webex LLC)
    HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\Run: [UCheck] => C:\Program Files\UCheck\UCheck64.exe [30230360 2021-10-07] (ADLICE (ASCOET JULIEN) -> )
    HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.9.0\GoogleDriveFS.exe [53662040 2022-03-24] (Google LLC -> Google, Inc.)
    HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\Policies\Explorer: []
    HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\MountPoints2: {a64f1824-4fa4-11ec-8440-202564469259} - "G:\WD SmartWare.exe" autoplay=true
    HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\MountPoints2: {f717e9d3-9fb5-11ec-849f-202564469259} - "E:\LaunchU3.exe" -a
    HKU\S-1-5-21-2517961349-2002184368-2333218459-1004\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart (No File)
    HKU\S-1-5-21-2517961349-2002184368-2333218459-1004\...\RunOnce: [zoommsirepair] => C:\Program Files (x86)\Zoom\bin\installer.exe [760616 2021-10-09] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
    HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.9.0\GoogleDriveFS.exe [53662040 2022-03-24] (Google LLC -> Google, Inc.)
    HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
    HKLM\...\Print\Monitors\HP DD11 Status Monitor: C:\WINDOWS\system32\hpinkstsDD11LM.dll [392192 2019-03-15] (HP Inc -> HP Inc.)
    HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP ENVY 5660 series): C:\WINDOWS\system32\HPDiscoPMDD11.dll [751624 2014-08-22] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
    HKLM\...\Print\Monitors\PDF Printer 8 Monitor: C:\WINDOWS\system32\PDFVC64.DLL [134144 2009-07-19] (Vivid Document Imaging Technologies) [File not signed]
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\99.0.4844.84\Installer\chrmstp.exe [2022-03-25] (Google LLC -> Google LLC)

    ==================== Scheduled Tasks (Whitelisted) ============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {0704FE91-F09C-411E-9D29-5FDB171E71E2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [564536 2015-10-10] (Hewlett-Packard Company -> Hewlett-Packard)
    Task: {0AB64EC2-019F-4BC7-9E11-F3A3AB91B706} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} (No File)
    Task: {1B18BF41-17F0-4F14-B499-35B20ADB7A30} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (No File)
    Task: {20679E4C-75C2-4CE9-AAE0-F19911745918} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
    Task: {217959E4-3E1C-4F10-A103-CAAAB85F2306} - System32\Tasks\CCleanerSkipUAC - c => C:\Program Files\CCleaner\CCleaner.exe [30053504 2022-03-10] (Piriform Software Ltd -> Piriform Software Ltd)
    Task: {2E21239B-9AC7-4456-9A20-CCD94F900A01} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
    Task: {2F6C63AE-A3A2-4FF9-BACA-033A04B29CE2} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe /analyze (No File)
    Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
    Task: {36CDFAA5-B546-4CBD-A51F-A843AD0E62AB} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
    Task: {48F60FB5-6C0A-488C-915B-3F8E735A6102} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (No File)
    Task: {49DE272C-639F-426C-8947-C3B5AA0890A2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
    Task: {4A521245-16AD-4C1E-A005-9B98CABE6586} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
    Task: {562DF0C9-2152-4C77-ADEB-08A90D6971BA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
    Task: {57664E51-3EC5-4956-B519-950A4A5A7910} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (No File)
    Task: {5BFCC6C3-B78F-488A-A52C-50B56428E64A} - System32\Tasks\G2MUpdateTask-S-1-5-21-2517961349-2002184368-2333218459-1001 => C:\Users\c\AppData\Local\GoToMeeting\19932\g2mupdate.exe [31176 2021-11-10] (LogMeIn, Inc. -> LogMeIn, Inc.)
    Task: {5FCBB816-4AD0-4FE7-BA32-D2653B340BDC} - System32\Tasks\HPCustParticipation HP ENVY 5660 series => C:\Program Files\HP\HP ENVY 5660 series\Bin\HPCustPartic.exe [5853704 2015-10-10] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
    Task: {6568BBDE-E827-42B3-83A3-641362C50DCF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2517961349-2002184368-2333218459-1001Core1d25803fdb326f1 => C:\Users\c\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
    Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
    Task: {74582111-DE72-4122-B0F7-16FD01B2CFB3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2517961349-2002184368-2333218459-1001UA => C:\Users\c\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
    Task: {7C7DFBF8-239A-4D57-96AA-19A39181CC31} - System32\Tasks\HP AR Program Upload - 568a98c258d343cebf9a05fa2aa4fe0f59af08290a5e4df1aecfa22536a2948a => C:\Program Files\HP\HP ENVY 5660 series\bin\HPRewards.exe [3528200 2015-10-10] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
    Task: {7EAF3850-0ED9-437C-95EE-78622F56E699} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
    Task: {8279E20B-F27C-4258-8056-C4C281FF5A5B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-03-10] (Piriform Software Ltd -> Piriform)
    Task: {85A166D5-B36B-4D6A-9148-ACA9F46BB8AC} - System32\Tasks\HP Photo Creations Communicator => C:\Users\c\AppData\Roaming\HP Photo Creations\Communicator.exe [186368 2015-10-10] (Visan Industries -> )
    Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
    Task: {87ADB64B-44BD-4BE2-8B7A-783E51675545} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
    Task: {8F8BCC9B-9D98-43D7-8E6B-D121E223D8F6} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {A6D52E4F-569B-4756-B3D8-DF217313DA85} (No File)
    Task: {96D84201-BD6A-4644-83AE-7823A900ACB0} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [655464 2013-07-31] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
    Task: {97F2C7D6-3CE2-45A5-905B-5C70FA9A0517} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [67896 2020-09-08] (Apple Inc. -> Apple Inc.)
    Task: {981424A9-1C10-4BA4-9E09-5F4D2AEBEABB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
    Task: {9C04CE76-891E-48D1-844B-60D70B0225D8} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
    Task: {A58F3D95-929F-41B1-96E0-9EE2BE7B991A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
    Task: {AB16BB19-879C-4CAB-8C8F-4DECEE589358} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2517961349-2002184368-2333218459-1001Core => C:\Users\c\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
    Task: {ABE2A860-82E7-4A15-8C94-544A371EA65D} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe /submit (No File)
    Task: {B1539294-75C7-4A0A-B29C-E76DEA6D010F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
    Task: {C4DDAE6E-75EE-42C1-B81B-1B6F048A5FBA} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [4401240 2017-06-27] (Synaptics Incorporated -> Synaptics Incorporated)
    Task: {C9CC714D-946C-484F-9158-1639D904EA9C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
    Task: {CDB446B3-573C-42C2-B5E9-F95CAD94065B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
    Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
    Task: {D1D17853-2A32-420E-BEA3-A8BCC650BA28} - System32\Tasks\G2MUploadTask-S-1-5-21-2517961349-2002184368-2333218459-1001 => C:\Users\c\AppData\Local\GoToMeeting\19932\g2mupload.exe [31176 2021-11-10] (LogMeIn, Inc. -> LogMeIn, Inc.)
    Task: {E1C32410-E96E-40E4-8341-83812571A115} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
    Task: {EFBF0FBC-7039-4716-B6B5-8E94AB2AE821} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe (No File)
    Task: {F5437C33-8B51-4DDE-880A-76549891BCFF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2517961349-2002184368-2333218459-1001UA1d25803fdc7a053 => C:\Users\c\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2517961349-2002184368-2333218459-1001.job => C:\Users\c\AppData\Local\GoToMeeting\19932\g2mupdate.exe
    Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2517961349-2002184368-2333218459-1001.job => C:\Users\c\AppData\Local\GoToMeeting\19932\g2mupload.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2517961349-2002184368-2333218459-1001Core.job => C:\Users\c\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2517961349-2002184368-2333218459-1001UA.job => C:\Users\c\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\HP Photo Creations Communicator.job => C:\Users\c\AppData\Roaming\HP Photo Creations\Communicator.exe

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
    Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
    Tcpip\..\Interfaces\{25fd4657-ac53-4290-b24a-75f5b653087e}: [DhcpNameServer] 172.20.10.1
    Tcpip\..\Interfaces\{79d92ee1-68bc-4a3b-877d-225e497e73d4}: [DhcpNameServer] 192.168.1.254
    Tcpip\..\Interfaces\{925159be-dd25-4955-a81a-2b4fe34a3082}: [DhcpNameServer] 172.20.0.1

    Edge:
    =======
    Edge HomeButtonPage: HKU\S-1-5-21-2517961349-2002184368-2333218459-1001 -> hxxp://yahoo.com/
    Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
    Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
    Edge DefaultProfile: Default
    Edge Profile: C:\Users\c\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-05]
    Edge Extension: (Open in PDF Reader) - C:\Users\c\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ciphgjdgpkhlngiadnpebblpcjcoabcp [2021-08-17]
    Edge Extension: (Malwarebytes Browser Guard) - C:\Users\c\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-03-11]
    Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

    FireFox:
    ========
    FF DefaultProfile: 7sjsvts8.default-1544474668277
    FF ProfilePath: C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\lrdbaz60.default-release [2022-04-05]
    FF Extension: (Malwarebytes Browser Guard) - C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\lrdbaz60.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-10-18]
    FF ProfilePath: C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\7sjsvts8.default-1544474668277 [2022-04-05]
    FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi => not found
    FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi => not found
    FF HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\Firefox\Extensions: [{6EBED4D8-13D9-4270-8D44-B57DDB7A787C}] - C:\Program Files (x86)\Allavsoft\Video Downloader Converter\extensions\3.24.3.8064\BVDFirefoxExt
    FF Extension: (Allavsoft Video Downloader Firefox Extension) - C:\Program Files (x86)\Allavsoft\Video Downloader Converter\extensions\3.24.3.8064\BVDFirefoxExt [2022-02-05] [Legacy]
    FF Plugin: @java.com/DTPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\dtplugin\npDeployJava1.dll [2022-03-08] (Oracle America, Inc. -> Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\plugin2\npjp2.dll [2022-03-08] (Oracle America, Inc. -> Oracle Corporation)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
    FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems)
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-01-21] (FOXIT SOFTWARE INC. -> Foxit Corporation)
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-01-21] (FOXIT SOFTWARE INC. -> Foxit Corporation)
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-01-21] (FOXIT SOFTWARE INC. -> Foxit Corporation)
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-01-21] (FOXIT SOFTWARE INC. -> Foxit Corporation)
    FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2022-01-21] (FOXIT SOFTWARE INC. -> Foxit Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel® Identity Protection Technology Software -> Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel® Identity Protection Technology Software -> Intel Corporation)
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
    FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
    FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems)
    FF Plugin HKU\S-1-5-21-2517961349-2002184368-2333218459-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\c\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-05-13] (Visan Industries -> RocketLife, LLP)
    FF Plugin ProgramFiles/Appdata: C:\Users\c\AppData\Roaming\mozilla\plugins\npatgpc.dll [2021-03-08]

  2. #2
    Join Date
    May 2005
    Posts
    122
    part 2 of Frst.txt

    Chrome:
    =======
    CHR DefaultProfile: Profile 2
    CHR Profile: C:\Users\c\AppData\Local\Google\Chrome\User Data\Default [2022-04-05]
    CHR DownloadDir: C:\Users\c\Desktop
    CHR Extension: (Docs) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
    CHR Extension: (Google Drive) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-11-11]
    CHR Extension: (YouTube) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-01]
    CHR Extension: (Honey) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2021-11-11]
    CHR Extension: (Tampermonkey) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2021-11-11]
    CHR Extension: (Adobe Acrobat) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-11-11]
    CHR Extension: (Wyzant Screen Sharing) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggbjpoaaoeklmpdfjcbgenmbdjhecjjp [2020-01-09]
    CHR Extension: (Google Docs Offline) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-11-11]
    CHR Extension: (Malwarebytes Browser Guard) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-11-11]
    CHR Extension: (Grammarly for Chrome) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2021-11-11]
    CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-11-11]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-11]
    CHR Extension: (Gmail) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-11-11]
    CHR Profile: C:\Users\c\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-04-05]
    CHR Profile: C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-04-05]
    CHR Extension: (Slides) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-09-04]
    CHR Extension: (Docs) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2020-09-04]
    CHR Extension: (Google Drive) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
    CHR Extension: (YouTube) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-09-04]
    CHR Extension: (Tampermonkey) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2021-11-11]
    CHR Extension: (Adobe Acrobat) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-11-11]
    CHR Extension: (Sheets) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-09-04]
    CHR Extension: (Google Docs Offline) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-11-11]
    CHR Extension: (Malwarebytes Browser Guard) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-11-11]
    CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-11-11]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-11]
    CHR Extension: (Gmail) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
    CHR Profile: C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 2 [2022-04-05]
    CHR HomePage: Profile 2 -> hxxp://www.google.com/
    CHR StartupUrls: Profile 2 -> "hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxp://www.google.com"
    CHR DefaultSearchURL: Profile 2 -> hxxps://duckduckgo.com/?q={searchTerms}
    CHR DefaultSearchKeyword: Profile 2 -> duckduckgo.com
    CHR DefaultSuggestURL: Profile 2 -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
    CHR Extension: (Slides) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-11-17]
    CHR Extension: (Floorplanner) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\abopacaefhbognnmeigicfpgnmpideag [2020-12-14]
    CHR Extension: (Sudoku) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\agdhembpgcpfegeigidembjopfhghnpj [2020-12-14]
    CHR Extension: (BIODIGITAL HUMAN) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2020-12-14]
    CHR Extension: (Docs) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-17]
    CHR Extension: (Google Drive) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-17]
    CHR Extension: (WOT Website Security & Browsing Protection) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2022-03-28]
    CHR Extension: (Microsoft Defender Browser Protection) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bkbeeeffjjeopflfhgeknacdieedcoml [2020-12-14]
    CHR Extension: (DuckDuckGo) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2022-03-31]
    CHR Extension: (YouTube) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-17]
    CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-03-24]
    CHR Extension: (Auto Admit for Google Meet) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\epemkdedgaoeeobdjmkmhhhbjemckmgb [2022-03-29]
    CHR Extension: (Sheets) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-11-17]
    CHR Extension: (iCloud Bookmarks) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fkepacicchenbjecpbpbclokcabebhah [2020-12-14]
    CHR Extension: (HTTPS Everywhere) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2021-07-14]
    CHR Extension: (Google Docs Offline) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-10]
    CHR Extension: (Click&Clean) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2021-05-18]
    CHR Extension: (360 Internet Protection) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\glcimepnljoholdmjchkloafkggfoijh [2021-12-14]
    CHR Extension: (Pinterest Save Button) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2022-03-02]
    CHR Extension: (Kindle Cloud Reader) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2020-12-14]
    CHR Extension: (Malwarebytes Browser Guard) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-03-17]
    CHR Extension: (Dropbox) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2020-12-14]
    CHR Extension: (WAVE Evaluation Tool) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\jbbplnpkjmmeebjpijfedlgcdilocofh [2021-10-14]
    CHR Extension: (EPUBReader) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\jhhclmfgfllimlhabjkgkeebkbiadflb [2021-08-14]
    CHR Extension: (Cisco Webex Extension) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2021-11-29]
    CHR Extension: (Grammarly for Chrome) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2022-03-31]
    CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-25]
    CHR Extension: (Capital One Shopping: Add to Chrome for Free) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2022-04-05]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
    CHR Extension: (Tv Online) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pcfeebemepipakkhapnhljbcdkagkloh [2020-12-14]
    CHR Extension: (Click&Clean App) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2020-12-14]
    CHR Extension: (Gmail) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-17]
    CHR Extension: (Cool Metronome) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\polmfiinlikaadclgdojekfaoglellgm [2020-12-14]
    CHR Profile: C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 3 [2022-04-05]
    CHR Extension: (Slides) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-11-23]
    CHR Extension: (Docs) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-23]
    CHR Extension: (Google Drive) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-23]
    CHR Extension: (YouTube) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-23]
    CHR Extension: (Tampermonkey) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2021-11-11]
    CHR Extension: (Adobe Acrobat) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-01-04]
    CHR Extension: (Sheets) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-11-23]
    CHR Extension: (Google Docs Offline) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-04]
    CHR Extension: (Malwarebytes Browser Guard) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-01-04]
    CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-01-04]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-04]
    CHR Extension: (Gmail) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-23]
    CHR Profile: C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 4 [2022-04-05]
    CHR HomePage: Profile 4 -> hxxp://www.google.com/
    CHR Extension: (Slides) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-11-23]
    CHR Extension: (Floorplanner) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\abopacaefhbognnmeigicfpgnmpideag [2020-11-23]
    CHR Extension: (Sudoku) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\agdhembpgcpfegeigidembjopfhghnpj [2020-11-23]
    CHR Extension: (BIODIGITAL HUMAN) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2020-11-23]
    CHR Extension: (Docs) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-23]
    CHR Extension: (Google Drive) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-23]
    CHR Extension: (Microsoft Defender Browser Protection) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\bkbeeeffjjeopflfhgeknacdieedcoml [2020-11-23]
    CHR Extension: (YouTube) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-23]
    CHR Extension: (Tampermonkey) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2021-11-11]
    CHR Extension: (Adobe Acrobat) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-12-27]
    CHR Extension: (Sheets) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-11-23]
    CHR Extension: (Online Security Pro) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ffjgpapimgnmibnacmeilgjefnoofefp [2020-11-23]
    CHR Extension: (iCloud Bookmarks) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\fkepacicchenbjecpbpbclokcabebhah [2020-11-23]
    CHR Extension: (HTTPS Everywhere) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2021-10-17]
    CHR Extension: (Google Docs Offline) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-27]
    CHR Extension: (Click&Clean) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2021-10-17]
    CHR Extension: (360 Internet Protection) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\glcimepnljoholdmjchkloafkggfoijh [2021-12-27]
    CHR Extension: (Pinterest Save Button) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2021-12-27]
    CHR Extension: (Kindle Cloud Reader) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2020-11-23]
    CHR Extension: (Malwarebytes Browser Guard) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-01-04]
    CHR Extension: (Dropbox) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2020-11-23]
    CHR Extension: (Grammarly for Chrome) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2022-01-04]
    CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-11-11]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-11]
    CHR Extension: (Tv Online) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pcfeebemepipakkhapnhljbcdkagkloh [2020-11-23]
    CHR Extension: (Click&Clean App) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2020-11-23]
    CHR Extension: (Gmail) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-23]
    CHR Extension: (Cool Metronome) - C:\Users\c\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\polmfiinlikaadclgdojekfaoglellgm [2020-11-23]
    CHR Profile: C:\Users\c\AppData\Local\Google\Chrome\User Data\System Profile [2022-04-05]
    CHR HKLM\...\Chrome\Extension: [hkhkiakolggnnicallabhkobalpeplpi] - <no Path/update_url>
    CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
    CHR HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
    CHR HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
    CHR HKU\S-1-5-21-2517961349-2002184368-2333218459-1004\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
    CHR HKLM-x32\...\Chrome\Extension: [aaffhmecfaelkngcbnfdkcckmillnoki]
    CHR HKLM-x32\...\Chrome\Extension: [commhkacjheiacaopdonmodahaoadoln]
    CHR HKLM-x32\...\Chrome\Extension: [dhancbnhabhandieicagelcddkdfgoif] - C:\Program Files (x86)\Allavsoft\Video Downloader Converter\extensions\3.24.3.8064\BVDChromeExt.crx [2022-02-05]
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx <not found>
    CHR HKLM-x32\...\Chrome\Extension: [hkhkiakolggnnicallabhkobalpeplpi] - <no Path/update_url>
    CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
    CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
    CHR HKLM-x32\...\Chrome\Extension: [nogdfjjfhknacchjpiccacoimeelkajb]

    ==================== Services (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1046904 2020-03-03] (Autodesk, Inc. -> Autodesk Inc.)
    S3 Adobe Version Cue CS3; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [153792 2015-04-26] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
    R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
    R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [16930616 2019-12-18] (Autodesk, Inc. -> Autodesk)
    R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
    R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-08-20] (Apple Inc. -> Apple Inc.)
    R2 DACoreService; C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe [435088 2013-07-02] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
    R2 DSDFunctionKeyCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\DSDFunctionKeyCtlService.exe [689888 2022-02-15] (Dynabook Inc. -> Dynabook Inc.)
    R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] (DTS, Inc. -> )
    R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe [2359424 2022-01-21] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
    R2 GFNEXSrv; C:\Program Files (x86)\Toshiba\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] (TOSHIBA CORPORATION -> )
    R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-10-10] (Hewlett-Packard Company -> Hewlett-Packard Company)
    R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
    R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7997112 2022-02-18] (Malwarebytes Inc -> Malwarebytes)
    S2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [14419440 2022-03-07] (ADLICE -> )
    S2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [File not signed]
    S2 TSDHDDProtectService; C:\WINDOWS\System32\DriverStore\FileRepository\thpevm.inf_amd64_975290a9f28c9a50\dynabookHDDProtection.exe [425800 2021-11-18] (Dynabook Inc. -> Dynabook Inc.)
    S2 TSDSettingService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\dynabookSystemService.exe [44786376 2022-02-15] (Dynabook Inc. -> Dynabook Inc.)
    S2 TSDTabletControlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\TOSTABSYSSVC.exe [298192 2022-02-15] (Dynabook Inc. -> Dynabook Inc.)
    R2 TSDWirelessLEDCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\RMService.exe [447296 2022-02-15] (Dynabook Inc. -> Dynabook Inc.)
    R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe [3046608 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
    R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe [132504 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
    R2 ZoomCptService; "C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\c\AppData\Roaming\Zoom"

    ===================== Drivers (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
    S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
    S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
    S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
    S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-11] (Symantec Corporation -> Symantec Corporation)
    S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-11] (Symantec Corporation -> Symantec Corporation)
    U4 googledrivefs3688; C:\WINDOWS\System32\DRIVERS\googledrivefs3688.sys [381456 2021-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
    R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
    R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [221096 2022-03-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
    S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-03-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
    R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-11-11] (Malwarebytes Inc -> Malwarebytes)
    R3 MpKsl524a25d6; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{68EB5511-7D28-4BF5-9F63-378458E580B8}\MpKslDrv.sys [137464 2022-04-05] (Microsoft Windows -> Microsoft Corporation)
    S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2015-08-20] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
    R2 PEGAGFN; C:\Program Files (x86)\Toshiba\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON CORPORATION -> PEGATRON)
    S3 STHDA; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [551936 2013-08-16] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
    R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [49120 2021-11-17] (Dynabook Inc. -> Dynabook Inc.)
    R0 Thpevm; C:\WINDOWS\System32\drivers\Thpevm.SYS [27128 2021-11-18] (Dynabook Inc. -> Dynabook Inc.)
    R3 tosrfec; C:\WINDOWS\System32\drivers\tosrfec.sys [37808 2019-04-30] (Dynabook Inc. -> Dynabook Inc.)
    R1 TosSrvCtlDrv; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\TosSrvCtlDrv.sys [26816 2022-02-15] (Dynabook Inc. -> Dynabook Inc.)
    R0 TVALZ_O; C:\WINDOWS\System32\drivers\TVALZ_O.SYS [46656 2021-11-18] (Dynabook Inc. -> Dynabook Inc.)
    S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
    S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
    R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2016-07-16] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
    R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [439544 2022-03-15] (Microsoft Windows -> Microsoft Corporation)
    R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-03-15] (Microsoft Windows -> Microsoft Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One month (created) (Whitelisted) =========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2022-04-05 07:28 - 2022-04-05 07:30 - 000058555 _____ C:\Users\c\Desktop\FRST.txt
    2022-04-05 07:27 - 2022-04-05 07:30 - 000000000 ____D C:\FRST
    2022-04-05 07:22 - 2022-04-05 07:22 - 002365440 _____ (Farbar) C:\Users\c\Desktop\FRST64.exe
    2022-04-05 06:09 - 2022-03-24 07:54 - 000384584 _____ (Google, Inc.) C:\WINDOWS\system32\Drivers\googledrivefs3758.sys
    2022-04-04 21:21 - 2022-04-02 08:48 - 096525792 _____ C:\Users\c\Desktop\I Did Push-ups & Pull-ups Every Day for 60 Days.mp4
    2022-04-04 15:06 - 2022-04-04 15:38 - 000858921 _____ C:\Users\c\Desktop\Stock Price daily 4-4-2022.xlsx
    2022-04-04 14:36 - 2022-04-04 14:37 - 000271025 _____ C:\Users\c\Desktop\development-services-case-management-service-request-form-cmu-app-25.pdf
    2022-04-04 13:25 - 2022-04-04 13:25 - 000446292 _____ C:\Users\c\Desktop\Errors and Omissions Insurance (E&O) _ Travelers Insurance.pdf
    2022-04-04 10:35 - 2022-04-04 10:35 - 000000000 ____D C:\Users\c\Desktop\Land Surveying
    2022-04-04 08:08 - 2022-04-04 08:08 - 000038032 _____ C:\WINDOWS\system32\Drivers\truesight.sys
    2022-04-02 19:07 - 2022-04-02 19:07 - 002330220 _____ C:\Users\c\Desktop\Civil Service Commission Agenda for April 6 2022.pdf
    2022-04-02 16:01 - 2022-04-04 20:40 - 000000000 ____D C:\Users\c\Desktop\41 Hermosa Av Long Beach
    2022-04-02 14:23 - 2022-04-04 20:40 - 000000000 ____D C:\Users\c\Desktop\31 Hermosa Av Long Beach
    2022-03-30 20:45 - 2022-03-30 20:45 - 000221096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
    2022-03-30 15:54 - 2022-04-04 08:20 - 000000000 ____D C:\Users\c\Desktop\S Corp
    2022-03-30 14:18 - 2022-03-30 15:54 - 000000000 ____D C:\Users\c\Desktop\2418 Louella Av SB 9
    2022-03-29 14:08 - 2022-04-04 15:05 - 000000000 ____D C:\Users\c\Desktop\13905 Olive View Dr
    2022-03-27 19:49 - 2022-03-27 19:50 - 000703146 _____ C:\Users\c\Desktop\Laurelwood Dr update.pdf
    2022-03-25 19:24 - 2022-03-25 19:24 - 000000000 ____D C:\Users\c\Desktop\BSS and road const videos
    2022-03-25 19:00 - 2022-03-25 19:00 - 002574875 _____ C:\Users\c\Desktop\The Confidence Gap - The Atlantic.pdf
    2022-03-25 11:26 - 2022-04-04 17:32 - 000000000 ____D C:\Users\c\Desktop\12127 Lucille St
    2022-03-21 21:26 - 2022-03-21 21:26 - 000375022 _____ C:\Users\c\Desktop\how-to-login-loginpage.pdf
    2022-03-21 19:30 - 2022-03-21 19:30 - 000233469 _____ C:\Users\c\Desktop\Global Teams Should Have Office Visits, Not Offsites.pdf
    2022-03-21 19:27 - 2022-03-21 19:27 - 000469156 _____ C:\Users\c\Desktop\0170840620937885.pdf
    2022-03-21 18:27 - 2022-03-21 17:46 - 376001246 _____ C:\Users\c\Desktop\Is Hybrid Work Here to Stay.mp4
    2022-03-21 16:42 - 2022-03-30 14:19 - 000000000 ___RD C:\Users\c\Desktop\Urban Lot Split
    2022-03-12 20:44 - 2022-03-12 20:45 - 000000000 ____D C:\Users\c\Desktop\Econ
    2022-03-11 14:22 - 2022-03-11 14:22 - 001343320 _____ (Google LLC) C:\Users\c\Downloads\ChromeSetup.exe
    2022-03-10 14:41 - 2022-03-10 14:41 - 000011911 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
    2022-03-10 14:40 - 2022-03-10 14:40 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
    2022-03-10 14:39 - 2022-03-10 14:39 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
    2022-03-10 14:38 - 2022-03-10 14:38 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
    2022-03-10 14:38 - 2022-03-10 14:38 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
    2022-03-10 13:56 - 2022-03-10 13:56 - 000000000 ___HD C:\$WinREAgent
    2022-03-10 11:22 - 2022-03-10 11:59 - 000000000 ____D C:\Users\c\Desktop\Ext blk
    2022-03-10 10:53 - 2022-03-14 14:35 - 000000000 ____D C:\Users\c\Desktop\382 E California Bl Pasadena
    2022-03-10 07:07 - 2022-03-10 07:12 - 000000000 ____D C:\Users\c\Desktop\Bin 2
    2022-03-09 18:29 - 2022-03-09 18:29 - 000000000 ____D C:\Users\c\Desktop\理财达人秀

    ==================== One month (modified) ==================

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2022-04-05 07:25 - 2020-09-03 12:20 - 000004160 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{C0982E36-30E1-41C9-A994-41EFFC416BD3}
    2022-04-05 07:22 - 2016-03-28 12:58 - 000000000 ____D C:\Program Files\CCleaner
    2022-04-05 07:20 - 2022-01-28 07:38 - 000000000 ____D C:\Users\c\AppData\Roaming\vlc
    2022-04-05 07:20 - 2020-09-03 11:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
    2022-04-05 07:10 - 2021-02-20 08:45 - 000000000 ____D C:\Users\c\AppData\LocalLow\IGDump
    2022-04-05 07:07 - 2014-03-06 06:01 - 000000000 ____D C:\Program Files (x86)\Google
    2022-04-05 06:11 - 2020-12-23 16:10 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
    2022-04-05 06:09 - 2021-10-16 09:17 - 000002068 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
    2022-04-05 06:08 - 2018-12-10 13:44 - 000000000 ____D C:\Users\c\AppData\LocalLow\Mozilla
    2022-04-05 06:04 - 2017-08-06 15:39 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
    2022-04-05 06:04 - 2015-08-15 09:25 - 000000000 __SHD C:\Users\c\IntelGraphicsProfiles
    2022-04-04 21:21 - 2021-10-18 19:10 - 000000000 ____D C:\Users\c\AppData\Roaming\Allavsoft
    2022-04-04 20:57 - 2017-12-01 00:33 - 000000000 ____D C:\Users\c\AppData\Local\Packages
    2022-04-04 13:02 - 2019-12-07 02:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2022-04-04 08:36 - 2019-12-07 02:14 - 000000000 ___HD C:\Program Files\WindowsApps
    2022-04-04 08:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\AppReadiness
    2022-04-04 08:07 - 2020-09-03 12:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2022-04-04 08:07 - 2020-09-03 11:43 - 000008192 ___SH C:\DumpStack.log.tmp
    2022-04-04 08:06 - 2019-12-07 02:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
    2022-04-03 16:17 - 2020-09-03 13:42 - 000000000 ____D C:\Users\c\Desktop\Bin
    2022-04-03 09:30 - 2020-09-03 11:00 - 000000000 ____D C:\Users\c
    2022-04-03 08:26 - 2020-09-08 16:53 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
    2022-04-03 08:23 - 2021-05-17 07:59 - 000000000 ____D C:\Sight Survey Jobs
    2022-04-02 07:57 - 2020-12-25 16:43 - 000000000 ____D C:\Users\c\Documents\Zoom
    2022-04-01 16:00 - 2014-04-08 20:54 - 000000000 ____D C:\Users\c\AppData\Local\CrashDumps
    2022-04-01 15:00 - 2020-12-09 13:56 - 000000000 ____D C:\Users\c\AppData\Roaming\RealtimeBoard
    2022-04-01 14:05 - 2020-12-09 13:55 - 000000000 ____D C:\Users\c\AppData\Local\RealtimeBoard
    2022-04-01 14:04 - 2020-12-09 13:56 - 000000000 ____D C:\Users\c\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Miro
    2022-03-31 16:34 - 2020-09-08 16:52 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
    2022-03-31 16:34 - 2020-09-08 16:52 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
    2022-03-28 11:15 - 2021-02-19 09:30 - 000000000 ____D C:\ProgramData\boost_interprocess
    2022-03-25 16:01 - 2014-04-12 08:04 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2022-03-24 06:53 - 2020-09-03 12:04 - 002316746 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2022-03-24 06:53 - 2020-09-03 10:39 - 000784294 _____ C:\WINDOWS\system32\perfh00A.dat
    2022-03-24 06:53 - 2020-09-03 10:39 - 000152874 _____ C:\WINDOWS\system32\perfc00A.dat
    2022-03-24 06:53 - 2020-09-03 10:29 - 000427366 _____ C:\WINDOWS\system32\prfh0804.dat
    2022-03-24 06:53 - 2020-09-03 10:29 - 000132888 _____ C:\WINDOWS\system32\prfc0804.dat
    2022-03-24 06:53 - 2019-12-07 02:13 - 000000000 ____D C:\WINDOWS\INF
    2022-03-24 06:45 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\ServiceState
    2022-03-17 21:38 - 2020-09-03 12:20 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
    2022-03-17 15:08 - 2021-03-08 19:58 - 000000000 ____D C:\Users\c\AppData\Local\WebEx
    2022-03-17 15:07 - 2021-03-08 19:58 - 000000000 ____D C:\Users\c\AppData\LocalLow\WebEx
    2022-03-15 06:41 - 2018-06-03 22:31 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
    2022-03-11 13:33 - 2021-01-28 10:01 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
    2022-03-10 17:12 - 2020-09-03 11:43 - 002541672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2022-03-10 17:08 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SystemResources
    2022-03-10 17:08 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
    2022-03-10 17:08 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\oobe
    2022-03-10 17:08 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
    2022-03-10 17:08 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
    2022-03-10 17:07 - 2019-12-07 02:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
    2022-03-10 17:07 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
    2022-03-10 17:07 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\bcastdvr
    2022-03-10 17:07 - 2019-12-07 02:03 - 000000000 ____D C:\WINDOWS\servicing
    2022-03-10 15:00 - 2019-12-07 02:03 - 000000000 ____D C:\WINDOWS\CbsTemp
    2022-03-10 14:37 - 2020-09-03 11:54 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
    2022-03-10 13:55 - 2014-04-20 06:32 - 000000000 ____D C:\WINDOWS\system32\MRT
    2022-03-10 13:39 - 2014-04-20 06:32 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2022-03-09 18:58 - 2022-02-24 15:48 - 000000000 ____D C:\Users\c\Desktop\Lisa FD Bakup 3-9-2022
    2022-03-09 07:26 - 2021-03-17 08:10 - 000000000 ____D C:\ProgramData\RogueKiller
    2022-03-08 13:42 - 2021-01-13 09:37 - 000000000 ____D C:\Users\c\AppData\Local\ElevatedDiagnostics
    2022-03-08 13:23 - 2021-04-12 07:46 - 000000000 ____D C:\Program Files\Java
    2022-03-08 13:23 - 2017-06-30 10:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2022-03-08 13:23 - 2014-04-12 08:40 - 000000000 ____D C:\Program Files (x86)\Java
    2022-03-08 13:22 - 2021-04-12 07:46 - 000192736 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
    2022-03-08 09:34 - 2021-10-16 09:20 - 000000000 ____D C:\Users\c\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.10
    2022-03-08 09:34 - 2018-04-01 16:07 - 000000000 ____D C:\Users\c\AppData\Local\Package Cache
    2022-03-08 09:28 - 2021-03-17 08:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
    2022-03-08 09:28 - 2021-03-17 08:10 - 000000000 ____D C:\Program Files\RogueKiller
    2022-03-08 09:28 - 2014-04-20 08:14 - 000001201 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
    2022-03-08 09:28 - 2014-04-20 08:14 - 000000000 ____D C:\Program Files (x86)\KeePass Password Safe 2
    2022-03-06 21:31 - 2021-03-26 21:29 - 000000000 ____D C:\Users\c\Desktop\U Michigan
    2022-03-06 09:23 - 2021-07-16 10:24 - 000000000 ____D C:\Users\c\Desktop\BA corp stmts

    ==================== Files in the root of some directories ========

    2021-10-18 21:21 - 2021-10-18 21:21 - 000000046 _____ () C:\Users\c\AppData\Roaming\Camdata.ini
    2021-10-18 21:21 - 2021-10-18 21:21 - 000000408 _____ () C:\Users\c\AppData\Roaming\CamLayout.ini
    2021-10-18 21:21 - 2021-10-18 21:21 - 000000408 _____ () C:\Users\c\AppData\Roaming\CamShapes.ini
    2021-10-18 18:54 - 2021-10-18 18:55 - 000004536 _____ () C:\Users\c\AppData\Roaming\CamStudio.cfg
    2021-10-18 18:52 - 2021-10-18 18:52 - 000000096 _____ () C:\Users\c\AppData\Roaming\version2.xml
    2021-02-16 13:21 - 2021-02-16 13:21 - 000000000 _____ () C:\Users\c\AppData\Local\oobelibMkey.log

    ==================== FLock ==============================

    2015-07-06 08:12 C:\Users\lillian3443\Google Drive

    ==================== SigCheck ============================

    (There is no automatic fix for files that do not pass verification.)

    ==================== End of FRST.txt ========================

  3. #3
    Join Date
    May 2005
    Posts
    122
    Addition.txt
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-04-2022
    Ran by c (05-04-2022 07:32:42)
    Running from C:\Users\c\Desktop
    Microsoft Windows 10 Home Version 21H1 19043.1586 (X64) (2020-09-03 19:24:01)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================


    (If an entry is included in the fixlist, it will be removed.)

    Administrator (S-1-5-21-2517961349-2002184368-2333218459-500 - Administrator - Disabled)
    c (S-1-5-21-2517961349-2002184368-2333218459-1001 - Administrator - Enabled) => C:\Users\c
    DefaultAccount (S-1-5-21-2517961349-2002184368-2333218459-503 - Limited - Disabled)
    Guest (S-1-5-21-2517961349-2002184368-2333218459-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-2517961349-2002184368-2333218459-1003 - Limited - Enabled)
    lillian3443 (S-1-5-21-2517961349-2002184368-2333218459-1004 - Limited - Enabled) => C:\Users\lillian3443
    WDAGUtilityAccount (S-1-5-21-2517961349-2002184368-2333218459-504 - Limited - Disabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    4K Video Downloader (HKLM\...\{11CAD2D3-0918-4C25-ADEA-6A2E2D8224D2}) (Version: 4.17.1.4410 - Open Media LLC) Hidden
    4K Video Downloader (HKLM-x32\...\{52c19095-d66a-43cc-a45a-ee9434df7074}) (Version: 4.15.1.4190 - Open Media LLC)
    Add or Remove Adobe Creative Suite 3 Master Collection (HKLM-x32\...\Adobe_4dcfd9b7e901b57f81f667144603236) (Version: 1.0 - Adobe Systems Incorporated)
    Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.23 - Adobe Systems)
    Adobe Connect (HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\Adobe Connect App) (Version: 11.9.985.57 - Adobe Systems Inc.)
    Adobe Flash Player 9 ActiveX (HKLM-x32\...\{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}) (Version: 9.0.45.0 - Adobe Systems, Inc.)
    Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.6.0.52 - Adobe Inc.)
    Adobe Reader XI (11.0.23) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
    AHV content for Acrobat and Flash (HKLM-x32\...\{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}) (Version: 1 - Adobe Systems Incorporated) Hidden
    Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 4.8.1245.73583 - Alcor Micro Corp.)
    Allavsoft 3.24.3.8064 (HKLM-x32\...\{6EBED4D8-13D9-4370-8D44-B57DDB7A787C}_is1) (Version: - Allavsoft Corporation)
    Apple Application Support (32-bit) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{527DD209-8A66-482F-8779-C7B3BACCA8F1}) (Version: 15.0.0.16 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
    Atom (HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\atom) (Version: 1.29.0 - GitHub Inc.)
    Authy Desktop (HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\authy) (Version: 1.8.3 - Twilio Inc.)
    AutoCAD 2021 - English (HKLM\...\{28B89EEF-4101-0409-2102-CF3F3A09B77D}) (Version: 24.0.47.0 - Autodesk) Hidden
    Autodesk App Manager 2020-2021 (HKLM-x32\...\{DB92FEA7-F78C-469E-B138-E2303220F0C4}) (Version: 3.1.0 - Autodesk)
    Autodesk AutoCAD 2021 - English (HKLM\...\AutoCAD 2021 - English) (Version: 24.0.47.0 - Autodesk)
    Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 8.0.0.46 - Autodesk)
    Autodesk Featured Apps 2020-2021 (HKLM-x32\...\{2CBD494D-0A3E-4CB3-AFB3-8CE1734613B0}) (Version: 3.1.0 - Autodesk)
    Autodesk Genuine Service (HKLM-x32\...\{54A00624-3EF9-49A2-92A9-7244EADD0212}) (Version: 3.2.18 - Autodesk)
    Autodesk Material Library 2021 (HKLM-x32\...\{6774FD60-7D4B-4D57-BE56-2702A07C9701}) (Version: 19.1.22.0 - Autodesk)
    Autodesk Material Library Base Resolution Image Library 2021 (HKLM-x32\...\{6EFAD582-86C1-4AB2-97C5-2070D0B90E08}) (Version: 19.1.22.0 - Autodesk)
    Autodesk Save to Web and Mobile (HKLM\...\{A9005AC0-4AD8-4E84-B1F7-EE38BB6BCC2D}) (Version: 3.0.26 - Autodesk)
    Autodesk Single Sign On Component (HKLM\...\{951BB060-1350-4C93-BD83-D966C51D4005}) (Version: 11.2.0.1802 - Autodesk)
    Aventail Access Manager (HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\{72552C46-944B-4E16-BBC8-0D85F31C1800}) (Version: 10.64.496 - SonicWALL Inc)
    Aventail Access Manager (HKU\S-1-5-21-2517961349-2002184368-2333218459-1004\...\{72552C46-944B-4E16-BBC8-0D85F31C1800}) (Version: 10.64.496 - SonicWALL Inc)
    Aventail Web Proxy Agent (HKLM-x32\...\{9B0B46B3-10DF-4ADA-9501-0129D784563D}) (Version: 10.64.241 - SonicWALL Inc)
    Backup and Sync from Google (HKLM\...\{696895F7-52C7-4C9E-998B-C7E0CC907092}) (Version: 3.57.4256.0809 - Google, Inc.)
    Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
    CCleaner (HKLM\...\CCleaner) (Version: 5.91 - Piriform)
    Cisco Webex Meetings (HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\ActiveTouchMeetingClient) (Version: 42.3.1 - Cisco Webex LLC)
    CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3424.05 - CyberLink Corp.)
    Dragon Assistant Application en-US version 1.5.11 (HKLM-x32\...\{1CCBE73F-4948-4711-8D12-22E2FD65D706}_is1) (Version: 1.5.11 - Nuance Communications, Inc.)
    Dragon Assistant Core Recognition Service version 1.1.12 (HKLM-x32\...\{E97BA7A6-46FC-4EBF-B24A-B8362948C696}_is1) (Version: 1.1.12 - Nuance Communications, Inc.)
    Dragon Assistant Installer version 1.5.11 (HKLM-x32\...\{D57A8269-3BE5-4D10-B882-64D0F2D448BF}_is1) (Version: 1.5.11 - Nuance Communications, Inc.)
    Dragon Assistant Language Data en-US version 1.1.4 (HKLM-x32\...\{4C0C1E4E-D3B1-4496-98EC-DA14D45EC855}_is1) (Version: 1.1.4 - Nuance Communications, Inc.)
    DTS Studio Sound (HKLM-x32\...\{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}) (Version: 1.01.2700 - DTS, Inc.)
    Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 11.2.1.53537 - Foxit Software Inc.)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 99.0.4844.84 - Google LLC)
    Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 56.0.9.0 - Google LLC)
    Google Video Support Plugin (HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 19.12.1000.0 - Google, LLC.)
    GoTo Opener (HKLM-x32\...\{0FC4261B-F502-48B3-B1CF-60021C8F7D22}) (Version: 1.0.481 - LogMeIn, Inc.)
    GoToMeeting 10.18.0.19932 (HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\GoToMeeting) (Version: 10.18.0.19932 - LogMeIn, Inc.)
    Herramientas de corrección de Microsoft Office 2016: español (HKLM-x32\...\{90160000-001F-0C0A-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
    HP ENVY 5660 series Basic Device Software (HKLM\...\{2C0721C5-0CD8-46BC-9D7D-666D3B171CFF}) (Version: 34.2.117.50647 - Hewlett-Packard Co.)
    HP ENVY 5660 series Help (HKLM-x32\...\{607F50D9-40BD-4F17-A584-152F563293B4}) (Version: 34.0.0 - Hewlett Packard)
    HP Photo Creations (HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\HP Photo Creations) (Version: 1.0.0.22192 - HP)
    HP Support Solutions Framework (HKLM-x32\...\{F6A11738-3EE4-4573-AEA5-6CD5D491C167}) (Version: 12.0.30.81 - Hewlett-Packard Company)
    HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
    IBM Lotus Forms Viewer 3.5.1 (HKLM-x32\...\{A0BBF7AB-2F47-47DC-BB02-4C826F2BC73C}) (Version: 7.6.1.333 - IBM)
    iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
    IDT Audio Driver (HKLM\...\{588A747E-CFF6-46B3-9207-CD754F9473AF}) (Version: 6.10.6491.0 - IDT)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4963 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
    Intel(R) Wireless Bluetooth(R) 4.0 (HKLM-x32\...\{38561F82-2984-4C99-ADD7-D1166BC3D552}) (Version: 3.0.1335.05 - Intel Corporation)
    Intel® PROSet/Wireless Software (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
    IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
    iTunes (HKLM\...\{0B3CC856-3A62-443A-B6CE-DED2D4495D56}) (Version: 12.12.2.2 - Apple Inc.)
    Java 8 Update 321 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180321F0}) (Version: 8.0.3210.7 - Oracle Corporation)
    KA Lite version 0.14.0 (HKLM-x32\...\KA Lite-Foundation for Learning Equality_is1) (Version: 0.14.0 - Foundation for Learning Equality)
    KeePass Password Safe 2.50 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.50 - Dominik Reichl)
    K-Lite Codec Pack 13.7.5 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.7.5 - KLCP)
    Malwarebytes version 4.5.4.168 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.4.168 - Malwarebytes)
    Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 100.0.1185.29 - Microsoft Corporation)
    Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
    Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Professional Plus 2016 (HKLM-x32\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
    Microsoft Report Viewer Redistributable 2008 (KB971119) (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 (KB971119)) (Version: - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
    Microsoft Update Health Tools (HKLM\...\{5016990D-7F61-4A20-9451-A915D6616DD9}) (Version: 3.66.0.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617 (HKLM-x32\...\{448652c1-f5f3-4230-98c6-68c10c88b1fb}) (Version: 12.0.20617.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Preview Redistributable (x86) - 12.0.20617 (HKLM-x32\...\{1f407217-9aec-4146-8504-e64ac959c534}) (Version: 12.0.20617.1 - Microsoft Corporation)
    Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
    Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
    Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
    Miro (HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\RealtimeBoard) (Version: 0.7.8 - Miro)
    Movavi Video Editor 14 Plus (x64) (HKLM\...\Movavi Video Editor 14 Plus (x64)) (Version: 14.3.0 - Movavi)
    Mozilla Firefox (x86 en-US) (HKLM-x32\...\Mozilla Firefox 93.0 (x86 en-US)) (Version: 93.0 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 93.0 - Mozilla)
    Outils de vérification linguistique 2016 de Microsoft Office*- Français (HKLM-x32\...\{90160000-001F-040C-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
    PDF Settings (HKLM-x32\...\{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
    PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
    Product Improvement Study for HP ENVY 5660 series (HKLM\...\{03EDBA70-A4E9-4AC9-A76A-8EE5172684BF}) (Version: 34.2.117.50647 - Hewlett-Packard Co.)
    Python 2.7.18 (HKLM-x32\...\{A5F504DF-2ED9-4A2D-A2F3-9D2750DD42D5}) (Version: 2.7.18150 - Python Software Foundation)
    Python 3.10.2 (64-bit) (HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\{c60fd5ac-367d-4e3a-a975-f157502ac30a}) (Version: 3.10.2150.0 - Python Software Foundation)
    Python 3.10.2 Core Interpreter (64-bit) (HKLM\...\{6475B354-B0F6-4837-8738-784937D647B2}) (Version: 3.10.2150.0 - Python Software Foundation) Hidden
    Python 3.10.2 Development Libraries (64-bit) (HKLM\...\{8277936D-8A34-4758-893C-0B29342A6F27}) (Version: 3.10.2150.0 - Python Software Foundation) Hidden
    Python 3.10.2 Documentation (64-bit) (HKLM\...\{B51A07AD-9BCE-485D-8721-C7C83992794B}) (Version: 3.10.2150.0 - Python Software Foundation) Hidden
    Python 3.10.2 Executables (64-bit) (HKLM\...\{EDEE3162-8399-42D4-9D7C-7DA21275BFD0}) (Version: 3.10.2150.0 - Python Software Foundation) Hidden
    Python 3.10.2 pip Bootstrap (64-bit) (HKLM\...\{08B7036F-0609-4634-9A5F-1688230E9D9D}) (Version: 3.10.2150.0 - Python Software Foundation) Hidden
    Python 3.10.2 Standard Library (64-bit) (HKLM\...\{D862D299-FDC2-4571-B3A1-27CEE951D2D1}) (Version: 3.10.2150.0 - Python Software Foundation) Hidden
    Python 3.10.2 Tcl/Tk Support (64-bit) (HKLM\...\{7863DF45-23BB-4D83-97B3-CF08F3192F5B}) (Version: 3.10.2150.0 - Python Software Foundation) Hidden
    Python 3.10.2 Test Suite (64-bit) (HKLM\...\{D68594E9-2F98-4EA0-8A94-5D7D9FF51960}) (Version: 3.10.2150.0 - Python Software Foundation) Hidden
    Python 3.10.2 Utility Scripts (64-bit) (HKLM\...\{300F0759-8294-4971-9FAD-7AB19FA7B270}) (Version: 3.10.2150.0 - Python Software Foundation) Hidden
    Python 3.6.5 (32-bit) (HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\{3346977b-49da-4095-8f4d-f56f103e52e9}) (Version: 3.6.5150.0 - Python Software Foundation)
    Python 3.6.5 Add to Path (32-bit) (HKLM-x32\...\{1D3BE06D-5E44-48FF-8D61-B744808EBE46}) (Version: 3.6.5150.0 - Python Software Foundation) Hidden
    Python 3.6.5 Core Interpreter (32-bit) (HKLM-x32\...\{58E1C809-82C5-4EDF-B69B-188A6C81F21F}) (Version: 3.6.5150.0 - Python Software Foundation) Hidden
    Python 3.6.5 Development Libraries (32-bit) (HKLM-x32\...\{21FD2EE0-8D55-49DC-A1B0-771696DDEE98}) (Version: 3.6.5150.0 - Python Software Foundation) Hidden
    Python 3.6.5 Documentation (32-bit) (HKLM-x32\...\{5C613D87-0AED-48A9-A216-3A3783463D6C}) (Version: 3.6.5150.0 - Python Software Foundation) Hidden
    Python 3.6.5 Executables (32-bit) (HKLM-x32\...\{9107CF1A-A09C-4035-B29E-E79B4098AB8C}) (Version: 3.6.5150.0 - Python Software Foundation) Hidden
    Python 3.6.5 pip Bootstrap (32-bit) (HKLM-x32\...\{C024F06C-0E37-4529-945F-7920A9CFFD78}) (Version: 3.6.5150.0 - Python Software Foundation) Hidden
    Python 3.6.5 Standard Library (32-bit) (HKLM-x32\...\{8C2E8A7D-95CC-491C-AB9C-DE785A137D00}) (Version: 3.6.5150.0 - Python Software Foundation) Hidden
    Python 3.6.5 Tcl/Tk Support (32-bit) (HKLM-x32\...\{052FD2FB-034D-4CDD-864E-798DE45C742A}) (Version: 3.6.5150.0 - Python Software Foundation) Hidden
    Python 3.6.5 Test Suite (32-bit) (HKLM-x32\...\{86533809-919A-4858-AFC4-4226B86C5291}) (Version: 3.6.5150.0 - Python Software Foundation) Hidden
    Python 3.6.5 Utility Scripts (32-bit) (HKLM-x32\...\{5C0C82E9-B580-4EE4-894A-4451A23B0E2C}) (Version: 3.6.5150.0 - Python Software Foundation) Hidden
    Python Launcher (HKLM-x32\...\{463B0974-B1E1-401E-8F59-B0F9F81258E4}) (Version: 3.10.7581.0 - Python Software Foundation)
    Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
    QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
    RogueKiller version 15.4.0.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 15.4.0.0 - Adlice Software)
    ScottradeELITE 2013 (HKLM-x32\...\{33B2F0C4-FBCE-4CDB-B98D-6D945068A150}) (Version: 5.2.0.0 - Scottrader)
    ScottradeELITE v5 (HKLM-x32\...\{7E94DCE4-F1F3-47AF-A2D4-8A81008D9B1F}) (Version: 5.3.0.0 - Scottrade Inc.)
    Sight Survey 2016 (HKLM-x32\...\{3D387B2D-B0C0-48FF-872A-3434AC81C6DF}) (Version: 1.0 - Carlson Software)
    Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
    SQLite ODBC Driver (remove only) (HKLM-x32\...\SQLite ODBC Driver) (Version: - )
    Stellar Data Recovery (HKLM\...\Stellar Data Recovery_is1) (Version: 10.1.0.0 - Stellar Information Technology Pvt Ltd.)
    Sublime Text Build 3143 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.38 - Synaptics Incorporated)
    Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
    TOSHIBA Application Installer (HKLM\...\{21A63CA3-75C0-4E56-B602-B7CD2EF6B621}) (Version: 9.0.2.4 - Toshiba Corporation)
    TOSHIBA Audio Enhancement (HKLM\...\{1515F5E3-29EA-4CD1-A981-032D88880F09}) (Version: 2.0.17.0 - Toshiba Corporation)
    Toshiba Book Place (HKLM-x32\...\{11244D6B-9842-440F-8579-6A4D771A0D9B}) (Version: 3.3.9661 - K-NFB Reading Technology, Inc.)
    TOSHIBA Display Utility (HKLM\...\{11955FE2-CAC6-4C3B-AA68-F787D7405400}) (Version: 1.1.9.0 - Toshiba Corporation)
    TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
    TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0002.6401 - Toshiba Corporation)
    TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.5.0003.64001 - Toshiba Corporation)
    TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 3.00.344 - Toshiba Corporation)
    TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.9.3 - TOSHIBA)
    TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation)
    TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)
    TOSHIBA Start (HKLM-x32\...\{A74C9CC1-2211-4A75-A688-6F7CFE2C2B12}) (Version: 1.00.02 - TOSHIBA America Information Systems, Inc)
    TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0032 - Toshiba Corporation)
    TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.1.2.32001 - Toshiba Corporation)
    TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
    TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.1.6 - TOSHIBA)
    UCheck version 4.1.1.0 (HKLM\...\C4E7EE54-826F-41C4-BE3C-375CC70DC1D8_is1) (Version: 4.1.1.0 - Adlice Software)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    Update for Skype for Business 2016 (KB5002106) 32-Bit Edition (HKLM-x32\...\{90160000-0011-0000-0000-0000000FF1CE}_Office16.PROPLUS_{6B44CEF7-ECA7-4132-8D18-BD92DE0DC48F}) (Version: - Microsoft)
    Update for Skype for Business 2016 (KB5002106) 32-Bit Edition (HKLM-x32\...\{90160000-002A-0000-1000-0000000FF1CE}_Office16.PROPLUS_{6B44CEF7-ECA7-4132-8D18-BD92DE0DC48F}) (Version: - Microsoft)
    Update for Skype for Business 2016 (KB5002106) 32-Bit Edition (HKLM-x32\...\{90160000-012B-0409-0000-0000000FF1CE}_Office16.PROPLUS_{6B44CEF7-ECA7-4132-8D18-BD92DE0DC48F}) (Version: - Microsoft)
    Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
    Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
    Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23072 - Microsoft Corporation)
    Windows PC Health Check (HKLM\...\{77ACFAF7-E5AB-410D-BA14-BBEBF89422DE}) (Version: 3.1.2109.29003 - Microsoft Corporation)
    WinX DVD Ripper Platinum 8.20.5 (HKLM-x32\...\WinX DVD Ripper Platinum_is1) (Version: - Digiarty Software, Inc.)
    Zoom (HKLM-x32\...\{4A8EC6EE-9A85-4A18-9C29-EC37E55CADB6}) (Version: 5.8.1435 - Zoom)

    Packages:
    =========
    9 zip -> C:\Program Files\WindowsApps\184MagikHub.9zip_3.3.75.0_x64__hvr7qkvwfhvx6 [2021-09-04] (Magik Hub) [MS Ad]
    Adobe Reader Touch -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobeReader_3.1.8.7675_x86__ynb6jyjzte8ga [2015-09-20] (Adobe Systems Incorporated)
    Amazon Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.94.0_x64__pwbj9vvecjh7j [2022-03-30] (Amazon Development Centre (London) Ltd)
    Book Place -> C:\Program Files\WindowsApps\K-NFBReadingTechnologiesI.BookPlace_2.0.3615.0_x64__vwcaa66y1ah8t [2021-04-28] (K-NFB Reading Technologies, Inc.)
    CBS Sports -> C:\Program Files\WindowsApps\2BDFC20A.CBSSports_3.5.5.0_x64__bd059sf7kn2rm [2021-12-26] (CBS Interactive Inc.)
    HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_135.1.385.0_x64__v10z8vjag6ke6 [2022-03-22] (HP Inc.)
    Hulu -> C:\Program Files\WindowsApps\HULULLC.HULUPLUS_3.7.0.0_neutral__fphbd361v8tya [2021-12-03] (Hulu.)
    iHeartRadio -> C:\Program Files\WindowsApps\ClearChannelRadioDigital.iHeartRadio_7.2.1.0_x64__a76a11dkgb644 [2021-10-12] (iHeartMedia.)
    Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.19.0_neutral__8xx8rvfyw5nnt [2021-11-05] (Instagram)
    Khan Academy -> C:\Program Files\WindowsApps\KhanAcademy.KhanAcademy_1.4.0.0_neutral__h7gxd2e83qjmg [2015-09-20] (Khan Academy)
    Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2021-04-28] (AMZN Mobile LLC)
    Media Player by sMedio TrueLink+ -> C:\Program Files\WindowsApps\sMedioforToshiba.TOSHIBAMediaPlayerbysMedioTrueLin_3.4.35.0_x64__679ekb9hp1h62 [2020-10-20] (sMedio)
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad]
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad]
    Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.3171.0_x64__8wekyb3d8bbwe [2022-03-25] (Microsoft Studios) [MS Ad]
    MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-09-20] (Microsoft Corporation) [MS Ad]
    MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-09-20] (Microsoft Corporation) [MS Ad]
    MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-09-20] (Microsoft Corporation) [MS Ad]
    My Toshiba -> C:\Program Files\WindowsApps\EnnovaResearch.ToshibaPlaces_3.2.49.0_x64__3s2an63h56yee [2016-03-28] (Ennova Research)
    Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-15] (Netflix, Inc.)
    Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-12-04] (Microsoft Corporation)
    Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-08] (Microsoft Corporation)
    RAR Opener -> C:\Program Files\WindowsApps\DeviceDoctor.RAROpener_1.3.48.0_x64__mkdtfchztkfbm [2021-09-04] (Tiny Opener)
    Toshiba Central -> C:\Program Files\WindowsApps\ToshibaAmericaInformation.ToshibaCentral_1.3.0.4_neutral__r8x1fxsdcnpjw [2015-09-20] (Toshiba America Information Systems, Inc.)
    Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-10] (Twitter Inc.)
    Xbox 360 SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe [2015-09-20] (Microsoft Corporation) [MS Ad]
    Zinio -> C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e [2014-04-21] (Zinio LLC)

    ==================== Custom CLSID (Whitelisted): ==============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-2517961349-2002184368-2333218459-1001_Classes\CLSID\{041F9391-C79D-44EE-AA4E-AF4E029C4B47}\InprocServer32 -> C:\Users\c\AppData\Local\Google\Update\1.3.36.112\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-2517961349-2002184368-2333218459-1001_Classes\CLSID\{1019ADC7-17CB-4489-AFD5-6642C7400ACE}\localserver32 -> C:\Users\c\AppData\Local\Webex\Webex\Applications\ptOIEx64.exe (Cisco WebEx LLC -> Cisco WebEx LLC)
    CustomCLSID: HKU\S-1-5-21-2517961349-2002184368-2333218459-1001_Classes\CLSID\{32E26FD9-F435-4A20-A561-35D4B987CFDC}\InprocServer32 -> C:\Users\c\AppData\Local\WebEx\WebEx64\Meetings\atucfobj.dll (Cisco WebEx LLC -> Cisco WebEx LLC)
    CustomCLSID: HKU\S-1-5-21-2517961349-2002184368-2333218459-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2021\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-2517961349-2002184368-2333218459-1001_Classes\CLSID\{75399D28-E622-4973-8752-BC0F7DC47AF3}\InprocServer32 -> C:\Users\c\AppData\Local\Google\Update\1.3.36.122\psuser_64.dll (Google LLC -> Google LLC)
    CustomCLSID: HKU\S-1-5-21-2517961349-2002184368-2333218459-1001_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\c\AppData\Local\Google\Update\1.3.36.122\psuser_64.dll (Google LLC -> Google LLC)
    CustomCLSID: HKU\S-1-5-21-2517961349-2002184368-2333218459-1001_Classes\CLSID\{8B480070-D37D-4090-A063-7A429F849652}\InprocServer32 -> C:\Users\c\AppData\Local\Google\Update\1.3.36.92\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-2517961349-2002184368-2333218459-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2021\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-2517961349-2002184368-2333218459-1001_Classes\CLSID\{BE5C2E39-090F-46A2-AFAA-47540743B4FE}\InprocServer32 -> C:\Users\c\AppData\Local\Google\Update\1.3.36.102\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-2517961349-2002184368-2333218459-1001_Classes\CLSID\{CA8FA699-91CD-412F-9D13-9B1222F4370E}\InprocServer32 -> C:\Users\c\AppData\Local\Google\Update\1.3.36.82\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-2517961349-2002184368-2333218459-1001_Classes\CLSID\{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67}\InprocServer32 -> C:\Users\c\AppData\Local\Google\Update\1.3.36.72\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-2517961349-2002184368-2333218459-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2021\en-US\acadficn.dll (Autodesk, Inc. -> Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-2517961349-2002184368-2333218459-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\c\AppData\Local\Google\Update\1.3.36.122\psuser_64.dll (Google LLC -> Google LLC)
    ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
    ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\56.0.9.0\drivefsext.dll [2022-03-24] (Google LLC -> Google, Inc.)
    ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\56.0.9.0\drivefsext.dll [2022-03-24] (Google LLC -> Google, Inc.)
    ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\56.0.9.0\drivefsext.dll [2022-03-24] (Google LLC -> Google, Inc.)
    ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\56.0.9.0\drivefsext.dll [2022-03-24] (Google LLC -> Google, Inc.)
    ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
    ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
    ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
    ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2020-01-22] (Autodesk, Inc. -> Autodesk, Inc.)
    ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2020-01-22] (Autodesk, Inc. -> Autodesk)
    ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
    ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\56.0.9.0\drivefsext.dll [2022-03-24] (Google LLC -> Google, Inc.)
    ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
    ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
    ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-03-17] (Malwarebytes Corporation -> Malwarebytes)
    ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\56.0.9.0\drivefsext.dll [2022-03-24] (Google LLC -> Google, Inc.)
    ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
    ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\56.0.9.0\drivefsext.dll [2022-03-24] (Google LLC -> Google, Inc.)
    ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2019-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
    ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
    ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-03-17] (Malwarebytes Corporation -> Malwarebytes)

    ==================== Codecs (Whitelisted) ====================

    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)

    Shortcut: C:\Users\c\Desktop\Ext blk\Files from Bl EHD\EHDD Material\Extras\Adobe Reader Download.lnk -> hxxp://get.adobe.com/reader
    ShortcutWithArgument: C:\Users\c\Desktop\Bin\Chi (cmg.smtclasses@gmail.com) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
    ShortcutWithArgument: C:\Users\c\Desktop\Bin\Chi Ming (chi.ming.gong@lacity.org) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
    ShortcutWithArgument: C:\Users\c\Desktop\Bin\Chi Ming (cmg7590@gmail.com) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 4"
    ShortcutWithArgument: C:\Users\c\Desktop\Bin\cmg7590@gmail.com - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 3"
    ShortcutWithArgument: C:\Users\c\Desktop\Bin\Tubi - Free Movies & TV.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 2" --app-id=fehabnkmajokachfhgpobflpljindncg
    ShortcutWithArgument: C:\Users\c\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Tubi - Free Movies & TV.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 2" --app-id=fehabnkmajokachfhgpobflpljindncg
    ShortcutWithArgument: C:\Users\c\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Tubi - Free Movies & TV.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 2" --app-id=fehabnkmajokachfhgpobflpljindncg
    ShortcutWithArgument: C:\Users\c\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Chi (cmg.smtclasses@gmail.com) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
    ShortcutWithArgument: C:\Users\c\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\48499db33039e897\Chi Ming (cmg7590@gmail.com) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 4"

    ==================== Loaded Modules (Whitelisted) =============

    2014-03-06 06:03 - 2013-07-02 15:29 - 000027648 _____ () [File not signed] C:\Program Files (x86)\Nuance\Dragon Assistant\Core\WASAPIResamplingStreamCOMServer.dll
    2014-03-06 06:03 - 2012-04-20 14:17 - 001888256 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Nuance\Dragon Assistant\Core\xerces-c_3_1.dll
    2014-03-06 06:03 - 2012-04-20 14:17 - 005024256 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Nuance\Dragon Assistant\Core\icudt48.dll
    2014-03-06 06:03 - 2012-04-20 14:17 - 001043456 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Nuance\Dragon Assistant\Core\icuuc48.dll
    2014-04-20 07:21 - 2009-07-19 14:48 - 000134144 _____ (Vivid Document Imaging Technologies) [File not signed] C:\WINDOWS\System32\PDFVC64.DLL

    ==================== Alternate Data Streams (Whitelisted) ========

    ==================== Safe Mode (Whitelisted) ==================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

    ==================== Association (Whitelisted) =================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)

    HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"

    ==================== Internet Explorer (Whitelisted) ==========

    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.toshiba.com
    HKU\S-1-5-21-2517961349-2002184368-2333218459-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba13.msn.com/?pc=TNJB
    HKU\S-1-5-21-2517961349-2002184368-2333218459-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TNJB
    HKU\S-1-5-21-2517961349-2002184368-2333218459-1004\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.toshiba.com
    SearchScopes: HKU\S-1-5-21-2517961349-2002184368-2333218459-1001 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = hxxp://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
    SearchScopes: HKU\S-1-5-21-2517961349-2002184368-2333218459-1001 -> {D30688FC-DCE4-4925-BDF6-DB294B4743F6} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
    SearchScopes: HKU\S-1-5-21-2517961349-2002184368-2333218459-1004 -> DefaultScope {1BCC4178-EF4F-4571-A5AE-E37AA2CD374E} URL =
    SearchScopes: HKU\S-1-5-21-2517961349-2002184368-2333218459-1004 -> {1BCC4178-EF4F-4571-A5AE-E37AA2CD374E} URL =
    BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2021-11-22] (Microsoft Corporation -> Microsoft Corporation)
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_321\bin\ssv.dll [2022-03-08] (Oracle America, Inc. -> Oracle Corporation)
    BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_321\bin\jp2ssv.dll [2022-03-08] (Oracle America, Inc. -> Oracle Corporation)
    BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-16] (Adobe Systems Incorporated.) [File not signed]
    BHO-x32: PE_IE_Helper Class -> {0941C58F-E461-4E03-BD7D-44C27392ADE1} -> C:\Program Files (x86)\IBM\Lotus Forms\Viewer\3.5\PEhelper.dll [2009-11-27] (International Business Machines Corporation -> IBM Corporation)
    BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2022-02-08] (Microsoft Corporation -> Microsoft Corporation)
    BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
    BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
    BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-16] (Adobe Systems Incorporated.) [File not signed]
    Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2021-08-18] (Microsoft Corporation -> Microsoft Corporation)

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE trusted site: HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\sharepoint.com -> hxxps://studentlaccd-files.sharepoint.com

    ==================== Hosts content: =========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2013-08-22 06:25 - 2019-01-20 13:15 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts

    2018-02-16 13:07 - 2018-02-16 13:07 - 000000443 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
    192.168.137.1 LLM-Win8-Laptop.mshome.net # 2023 2 3 15 20 7 56 742

    ==================== Other Areas ===========================

    (Currently there is no automatic fix for this section.)

    HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Python35-32;C:\Python35-32\Lib\site-packages\;C:\Python35-32\Scripts\;;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\QuickTime\QTSystem\
    HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\c\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
    HKU\S-1-5-21-2517961349-2002184368-2333218459-1004\Control Panel\Desktop\\Wallpaper ->
    DNS Servers: 192.168.1.254
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (If an entry is included in the fixlist, it will be removed.)

    HKLM\...\StartupApproved\StartupFolder: => "Avast SecureLine VPN.lnk"
    HKLM\...\StartupApproved\Run: => "IgfxTray"
    HKLM\...\StartupApproved\Run: => "iTunesHelper"
    HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
    HKLM\...\StartupApproved\Run: => "KeePass 2 PreLoad"
    HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
    HKLM\...\StartupApproved\Run32: => "AmIcoSinglun64"
    HKLM\...\StartupApproved\Run32: => "ToshibaAppPlace"
    HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
    HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad"
    HKLM\...\StartupApproved\Run32: => "Win8PDF"
    HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
    HKLM\...\StartupApproved\Run32: => "Adobe_ID0EYTHM"
    HKLM\...\StartupApproved\Run32: => "HP Software Update"
    HKLM\...\StartupApproved\Run32: => "Aimersoft Helper Compact.exe"
    HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\StartupApproved\StartupFolder: => "OneNote 2007 Screen Clipper and Launcher.lnk"
    HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_48555157F9018AAD449F1763D57508C7"
    HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\StartupApproved\Run: => "GoogleDriveSync"
    HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\StartupApproved\Run: => "Google Update"
    HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\StartupApproved\Run: => "Skype"
    HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\StartupApproved\Run: => "SlimCleaner Plus"
    HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\StartupApproved\Run: => "Spotify"
    HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\StartupApproved\Run: => "iCloudDrive"
    HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\StartupApproved\Run: => "iCloudPhotos"
    HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\StartupApproved\Run: => "iCloudServices"
    HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\StartupApproved\Run: => "OneDriveSetup"
    HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
    HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\StartupApproved\Run: => "708A6BCA9F22CC304DD693961BCF6B09DB76A694._service_run"
    HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\StartupApproved\Run: => "CiscoMeetingDaemon"
    HKU\S-1-5-21-2517961349-2002184368-2333218459-1001\...\StartupApproved\Run: => "GoogleDriveFS"

  4. #4
    Join Date
    May 2005
    Posts
    122
    part 2 Addition.txt

    ==================== FirewallRules (Whitelisted) ================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{BEE0F98F-DCB6-4574-A1DC-D3E3A0155B09}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
    FirewallRules: [{C518D753-6F95-4129-A31A-66A8C1547EB1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{79DAB9F0-EB65-44E0-8A43-318DDAD2768D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
    FirewallRules: [{78D21A4D-7FD4-4D40-9A8B-20433D883741}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
    FirewallRules: [{F750F970-6BF7-4542-9555-0663101006A2}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
    FirewallRules: [{E18F9BD0-6BF9-47F1-A4A9-F6AF19A8BBA1}] => (Allow) LPort=50901
    FirewallRules: [{5A49BF34-9E5A-45BF-9086-31DD2D37DB8A}] => (Allow) LPort=50900
    FirewallRules: [{C3C2F011-164C-4F8E-8B96-95C76C1B1FDF}] => (Allow) LPort=3704
    FirewallRules: [{BA2D35C1-868E-4F7B-8B29-0150CCAECBAF}] => (Allow) LPort=3703
    FirewallRules: [{0968D024-C3E0-47B7-A9C0-E394358C59FE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{14A3CE72-FE99-4384-ABAD-635F5584D247}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [TCP Query User{7A0ECF99-CDDF-4C43-A312-608D8A33DBD6}C:\python27\python.exe] => (Allow) C:\python27\python.exe () [File not signed]
    FirewallRules: [UDP Query User{0D417FD2-EDA2-4CCF-90BF-C5982F229714}C:\python27\python.exe] => (Allow) C:\python27\python.exe () [File not signed]
    FirewallRules: [{834452D9-7981-4CE6-8482-4E1A3B76A895}] => (Allow) C:\Program Files\HP\HP ENVY 5660 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
    FirewallRules: [{006929CD-8219-4B7F-A0AE-97D04593D25C}] => (Allow) LPort=5357
    FirewallRules: [{F1F5D1F9-46F6-4E79-8E2E-4E3FBEE4FF4A}] => (Allow) C:\Program Files\HP\HP ENVY 5660 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
    FirewallRules: [{78FF71A2-12EE-4E15-A5DF-ECB5D5240681}] => (Allow) C:\Users\c\AppData\Local\ScottradeElite\ScottradeELITELauncher.exe (Scottrade, Inc. -> Scottrade)
    FirewallRules: [{AD4CE048-DB8A-4136-89E7-E28B7948FF4E}] => (Allow) C:\Users\c\AppData\Local\ScottradeElite\ScottradeELITELauncher.exe (Scottrade, Inc. -> Scottrade)
    FirewallRules: [{96596EC8-7E9F-417F-AF78-E4B1C1B9BE3E}] => (Allow) C:\Users\c\AppData\Local\ScottradeElite\ScottradeELITELauncher.exe (Scottrade, Inc. -> Scottrade)
    FirewallRules: [{00559030-10B6-4F49-96FF-0E1B4BE6061A}] => (Allow) C:\Users\c\AppData\Local\ScottradeElite\ScottradeELITELauncher.exe (Scottrade, Inc. -> Scottrade)
    FirewallRules: [{629B5330-96A5-466C-9442-23BE4063725C}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{7B27641A-2992-40E3-AA56-98E9F745894F}] => (Allow) C:\Users\c\AppData\Roaming\Zoom\bin\Zoom.exe => No File
    FirewallRules: [{ECDD8879-CDBC-400A-80B0-5B4B23DC4DE9}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{136E9FA3-E8B4-4308-890B-694AA75DD203}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{1913DF20-0659-4CB2-B00C-50F299679D70}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{3C956F09-9960-4BE2-967A-0E05EF505404}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [TCP Query User{E78F839B-1205-45F6-BB1A-0BFBFFD7679A}C:\users\c\appdata\local\realtimeboard\app-0.4.6\miro.exe] => (Block) C:\users\c\appdata\local\realtimeboard\app-0.4.6\miro.exe => No File
    FirewallRules: [UDP Query User{EA34BE96-5177-45C3-B2EE-8AB88252F9FB}C:\users\c\appdata\local\realtimeboard\app-0.4.6\miro.exe] => (Block) C:\users\c\appdata\local\realtimeboard\app-0.4.6\miro.exe => No File
    FirewallRules: [{0F3D8B8C-00B0-48D7-AB22-F21819125B4C}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{05FBB6D5-2E03-454E-B99C-07AFBB3FAB15}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{59CEA875-26E1-4611-A659-BBC3BBA229B7}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{3392AED3-2200-4C07-8FAB-CF76141154BF}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [TCP Query User{C7D26805-6B4D-4407-BF58-6E51D3F77720}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe => No File
    FirewallRules: [UDP Query User{D649A351-E7BC-449F-A43B-C27E654CFF85}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe => No File
    FirewallRules: [{FF6C8F86-1322-4533-B88C-57EB96A23024}] => (Allow) C:\Program Files (x86)\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
    FirewallRules: [{094324E4-268E-41BB-92A9-1E4D775F70FD}] => (Allow) C:\Program Files (x86)\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
    FirewallRules: [{38EA1A4A-609E-485D-B246-A54532D0BACB}] => (Allow) C:\Program Files (x86)\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
    FirewallRules: [TCP Query User{EE86E34D-E8AD-49B8-A4F1-39920FB23199}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe => No File
    FirewallRules: [UDP Query User{0C4D5BA8-EAF6-4AEA-B855-2F45766F3841}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe => No File
    FirewallRules: [{8E2F50AB-502B-4C54-AE34-862614400117}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{B0FBFCFB-A442-4360-B6CE-FF129C4DB7BA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{378DEC0E-047C-418A-B875-46198049F501}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{13B4907F-EC5F-4704-A9D2-D5D7EB45D3A1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{309437F2-871F-417E-AB5B-509F0BEA3268}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
    FirewallRules: [{D2302819-5D35-4749-877C-A0CA3C4DD2D6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{2E82A276-72C1-447D-AB97-6C6B9F264CF2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{D1B5547D-A985-406F-9A8C-A7A9B1AE65BF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{F8835304-8EAF-4A6B-A406-3BD484D24DB3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{4BCE18B7-9281-411B-8B94-6D2E70E30B79}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

    ==================== Restore Points =========================

    18-03-2022 13:31:51 Scheduled Checkpoint
    27-03-2022 12:43:37 Scheduled Checkpoint

    ==================== Faulty Device Manager Devices ============


    ==================== Event log errors: ========================

    Application errors:
    ==================
    Error: (04/04/2022 09:26:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 15656

    Error: (04/04/2022 09:26:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 15656

    Error: (04/04/2022 09:26:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (04/04/2022 03:30:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program EXCEL.EXE version 16.0.5278.1000 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

    Process ID: d7c

    Start Time: 01d84870f25bbff1

    Termination Time: 0

    Application Path: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE

    Report Id: 65edf478-5703-4457-b23b-500137e49b70

    Faulting package full name:

    Faulting package-relative application ID:

    Hang type: Unknown

    Error: (04/04/2022 03:11:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program EXCEL.EXE version 16.0.5278.1000 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

    Process ID: 2550

    Start Time: 01d848704e601a5f

    Termination Time: 0

    Application Path: C:\Program Files (x86)\Microsoft Office\Office16\EXCEL.EXE

    Report Id: 5a4c354e-33ab-451d-823a-c9ee4db4683d

    Faulting package full name:

    Faulting package-relative application ID:

    Hang type: Unknown

    Error: (04/03/2022 08:54:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 15641

    Error: (04/03/2022 08:54:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 15641

    Error: (04/03/2022 08:54:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second


    System errors:
    =============
    Error: (04/05/2022 07:10:09 AM) (Source: disk) (EventID: 11) (User: )
    Description: The driver detected a controller error on \Device\Harddisk1\DR5.

    Error: (04/04/2022 09:26:13 PM) (Source: DCOM) (EventID: 10010) (User: LLM-WIN8-LAPTOP)
    Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

    Error: (04/04/2022 09:26:13 PM) (Source: DCOM) (EventID: 10010) (User: LLM-WIN8-LAPTOP)
    Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

    Error: (04/04/2022 09:26:12 PM) (Source: DCOM) (EventID: 10010) (User: LLM-WIN8-LAPTOP)
    Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

    Error: (04/04/2022 09:26:12 PM) (Source: DCOM) (EventID: 10010) (User: LLM-WIN8-LAPTOP)
    Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

    Error: (04/04/2022 09:26:12 PM) (Source: DCOM) (EventID: 10010) (User: LLM-WIN8-LAPTOP)
    Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

    Error: (04/04/2022 09:26:12 PM) (Source: DCOM) (EventID: 10010) (User: LLM-WIN8-LAPTOP)
    Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

    Error: (04/04/2022 09:26:12 PM) (Source: DCOM) (EventID: 10010) (User: LLM-WIN8-LAPTOP)
    Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.


    Windows Defender:
    ================
    Date: 2022-04-04 08:31:02
    Description:
    Microsoft Defender Antivirus scan has been stopped before completion.
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2022-04-03 17:31:04
    Description:
    Microsoft Defender Antivirus scan has been stopped before completion.
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2022-04-03 16:38:59
    Description:
    Microsoft Defender Antivirus scan has been stopped before completion.
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2022-04-03 09:12:34
    Description:
    Microsoft Defender Antivirus scan has been stopped before completion.
    Scan Type: Antimalware
    Scan Parameters: Quick Scan

    Date: 2022-04-02 07:21:49
    Description:
    Microsoft Defender Antivirus scan has been stopped before completion.
    Scan Type: Antimalware
    Scan Parameters: Quick Scan
    
    CodeIntegrity:
    ===============
    Date: 2022-04-05 07:37:01
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

    Date: 2022-04-05 07:20:11
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


    ==================== Memory info ===========================

    BIOS: TOSHIBA 1.60 01/16/2014
    Motherboard: TOSHIBA VG10ST
    Processor: Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz
    Percentage of memory in use: 47%
    Total physical RAM: 8104.14 MB
    Available physical RAM: 4222.19 MB
    Total Virtual: 10889.37 MB
    Available Virtual: 7023.75 MB

    ==================== Drives ================================

    Drive c: (TI10684700A) (Fixed) (Total:920.33 GB) (Free:582.95 GB) NTFS
    Drive f: () (Fixed) (Total:0.82 GB) (Free:0.25 GB) NTFS
    Drive g: (New Volume) (Fixed) (Total:9.14 GB) (Free:9.1 GB) NTFS
    Drive i: (easystore) (Fixed) (Total:931.48 GB) (Free:227.6 GB) NTFS

    \\?\Volume{0e4900f6-53b7-11e3-adbb-0c54a51af203}\ (System) (Fixed) (Total:1 GB) (Free:0.6 GB) NTFS
    \\?\Volume{0e4900fe-53b7-11e3-adbb-0c54a51af203}\ () (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32

    ==================== MBR & Partition Table ====================

    ==========================================================
    Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

    Partition: GPT.

    ==========================================================
    Disk: 1 (Size: 931.5 GB) (Disk ID: 16F2A91F)

    Partition: GPT.

    ==================== End of Addition.txt =======================

  5. #5
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Please, observe following rules:

    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.



    ======================================

    Download RogueKiller from one of the following links and save it to your Desktop:

    Link 1
    Link 2
    • Close all the running programs
    • Double click on downloaded setup.exe file to install the program.
    • Click on Start Scan button.
    • Click on another Start Scan button.
    • Wait until the Status box shows Scan Finished
    • Click on Remove Selected.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.

    Please download Malwarebytes to your desktop.
    • Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
    • Then click Finish.
    • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
    • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
    • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
    • Restart your computer when prompted to do so.
    • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.

    Please download AdwCleaner by Xplode and save to your Desktop.
    • Double click on AdwCleaner.exe to run the tool.
      Vista/Windows 7/8/10 users right-click and select Run As Administrator
    • The tool will start to update the database if one is required.
    • Click on the Scan button.
    • AdwCleaner will begin...be patient as the scan may take some time to complete.
    • After the scan has finished, click on the Logfile button.
    • A window will open which lists the logs of your scans.
    • Click on the Scan tab.
    • Double-click the most recent scan which will be at the top of the list....the log will appear.
    • Review the results...see note below
    • After reviewing the log, click on the Clean button.
    • Press OK when asked to close all programs and follow the onscreen prompts.
    • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
    • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
    • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
    • A copy of all logfiles are saved to C:\AdwCleaner.

    -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.

  6. #6
    Join Date
    May 2005
    Posts
    122
    RK:

    Program : RogueKiller Anti-Malware
    Version : 15.4.0.0
    x64 : Yes
    Program Date : Mar 7 2022
    Location : C:\Program Files\RogueKiller\RogueKiller64.exe
    Premium : No
    Company : Adlice Software
    Website : https://www.adlice.com/
    Contact : https://adlice.com/contact/
    Website : https://adlice.com/download/roguekiller/
    Operating System : Windows 10 (10.0.19043) 64-bit
    64-bit OS : Yes
    Startup : 0
    WindowsPE : No
    User : c
    User is Admin : Yes
    Date : 2022/04/06 14:33:53
    Type : Scan
    Aborted : No
    Scan Mode : Standard
    Duration : 3282
    Found items : 0
    Total scanned : 146239
    Signatures Version : 20220406_063035
    Truesight Driver : Yes
    Updates Count : 8

    ************************* Warnings *************************

    ************************* Updates *************************
    iTunes (64-bit), version 12.12.2.2
    [+] Available Version : 12.12.3.5
    [+] Size : 417 MB
    [+] Wow6432 : No
    [+] Portable : No
    [+] update_location : C:\Program Files\iTunes\

    Malwarebytes version 4.5.4.168 (64-bit), version 4.5.4.168
    [+] Available Version : 4.5.7
    [+] Wow6432 : No
    [+] Portable : No
    [+] update_location : C:\Program Files\Malwarebytes\Anti-Malware

    Google Chrome (32-bit), version 99.0.4844.84
    [+] Available Version : 100.0.4896.75
    [+] Size : 353 MB
    [+] Wow6432 : Yes
    [+] Portable : No
    [+] update_location : C:\Program Files (x86)\Google\Chrome\Application

    K-Lite Codec Pack 13.7.5 Basic (32-bit), version 13.7.5
    [+] Available Version : 16.9.5
    [+] Size : 63.9 MB
    [+] Wow6432 : Yes
    [+] Portable : No
    [+] update_location : C:\Program Files (x86)\K-Lite Codec Pack\

    Mozilla Firefox (x86 en-US) (32-bit), version 93.0
    [+] Available Version : 99.0
    [+] Size : 192 MB
    [+] Wow6432 : Yes
    [+] Portable : No
    [+] update_location : C:\Program Files (x86)\Mozilla Firefox

    Zoom (32-bit), version 5.8.1435
    [+] Available Version : 5.10.1
    [+] Size : 136 MB
    [+] Wow6432 : Yes
    [+] Portable : No

    Python 3.6.5 (32-bit) (64-bit), version 3.6.5150.0
    [+] Available Version : 3.10.4000.0
    [+] Size : 88.7 MB
    [+] Wow6432 : No
    [+] Portable : No

    Python 3.10.2 (64-bit) (64-bit), version 3.10.2150.0
    [+] Available Version : 3.10.4000.0
    [+] Size : 99.6 MB
    [+] Wow6432 : No
    [+] Portable : No


    ************************* Processes *************************

    ************************* Modules *************************

    ************************* Services *************************

    ************************* Scheduled Tasks *************************

    ************************* Registry *************************

    ************************* WMI *************************

    ************************* Hosts File *************************
    is_too_big : No
    hosts_file_path : C:\Windows\System32\drivers\etc\hosts


    ************************* Filesystem *************************

    ************************* Web Browsers *************************

    ************************* Antirootkit *************************

  7. #7
    Join Date
    May 2005
    Posts
    122
    MBAM:
    Malwarebytes
    www.malwarebytes.com

    -Log Details-
    Scan Date: 4/6/22
    Scan Time: 7:51 AM
    Log File: faa30fe6-b5b8-11ec-a569-202564469259.json

    -Software Information-
    Version: 4.5.4.168
    Components Version: 1.0.1599
    Update Package Version: 1.0.53323
    License: Free

    -System Information-
    OS: Windows 10 (Build 19043.1586)
    CPU: x64
    File System: NTFS
    User: LLM-Win8-Laptop\c

    -Scan Summary-
    Scan Type: Threat Scan
    Scan Initiated By: Manual
    Result: Completed
    Objects Scanned: 429382
    Threats Detected: 0
    Threats Quarantined: 0
    Time Elapsed: 20 min, 16 sec

    -Scan Options-
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Detect
    PUM: Detect

    -Scan Details-
    Process: 0
    (No malicious items detected)

    Module: 0
    (No malicious items detected)

    Registry Key: 0
    (No malicious items detected)

    Registry Value: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Data Stream: 0
    (No malicious items detected)

    Folder: 0
    (No malicious items detected)

    File: 0
    (No malicious items detected)

    Physical Sector: 0
    (No malicious items detected)

    WMI: 0
    (No malicious items detected)


    (end)

  8. #8
    Join Date
    May 2005
    Posts
    122
    ADW
    # -------------------------------
    # Malwarebytes AdwCleaner 8.3.1.0
    # -------------------------------
    # Build: 11-18-2021
    # Database: 2022-03-15.3 (Cloud)
    # Support: https://www.malwarebytes.com/support
    #
    # -------------------------------
    # Mode: Clean
    # -------------------------------
    # Start: 04-06-2022
    # Duration: 00:00:26
    # OS: Windows 10 Home
    # Cleaned: 14
    # Failed: 0


    ***** [ Services ] *****

    No malicious services cleaned.

    ***** [ Folders ] *****

    Deleted C:\Users\Public\Documents\Downloaded Installers
    Deleted C:\Users\lillian3443\AppData\Local\iLivid
    Deleted C:\Users\lillian3443\AppData\Local\torch

    ***** [ Files ] *****

    Deleted C:\Windows\System32\wsusnative64.exe

    ***** [ DLL ] *****

    No malicious DLLs cleaned.

    ***** [ WMI ] *****

    No malicious WMI cleaned.

    ***** [ Shortcuts ] *****

    No malicious shortcuts cleaned.

    ***** [ Tasks ] *****

    No malicious tasks cleaned.

    ***** [ Registry ] *****

    Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|SlimCleaner Plus
    Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{0757C9D8-D8A3-33F5-CEE2-11D09918BA8F}
    Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\WinZip Malware Protector

    ***** [ Chromium (and derivatives) ] *****

    No malicious Chromium entries cleaned.

    ***** [ Chromium URLs ] *****

    No malicious Chromium URLs cleaned.

    ***** [ Firefox (and derivatives) ] *****

    No malicious Firefox entries cleaned.

    ***** [ Firefox URLs ] *****

    No malicious Firefox URLs cleaned.

    ***** [ Hosts File Entries ] *****

    No malicious hosts file entries cleaned.

    ***** [ Preinstalled Software ] *****

    Deleted Preinstalled.Pokki File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toshiba Start.lnk
    Deleted Preinstalled.ToshibaWildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-toshiba-darkorbit
    Deleted Preinstalled.ToshibaWildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-toshiba-worldofwarcraft
    Deleted Preinstalled.ToshibaWildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-toshiba-genres
    Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES
    Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES
    Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-toshiba-mahjonggdarkdimensions


    *************************

    [+] Delete Tracing Keys
    [+] Reset Winsock

    *************************

    AdwCleaner[S00].txt - [7157 octets] - [06/04/2022 08:20:57]

    ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

  9. #9
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    I don't see anything malicious there.
    I suggest new topic in Windows forum.

  10. #10
    Join Date
    May 2005
    Posts
    122
    OK. Thanks for looking.

  11. #11
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    You're very welcome

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •