PC is slow to boot and run programs
Page 1 of 2 12 LastLast
Results 1 to 15 of 17

Thread: PC is slow to boot and run programs

Hybrid View

  1. #1
    Join Date
    Sep 2005
    Location
    Limerick, Ireland
    Posts
    138

    PC is slow to boot and run programs

    I am using a Lenovo Ideapad Y700-15ACZ
    Processor AMD FX-8800P Radeon R7, 12 Compute Cores 4C+8G 2.10 GHz, with 8GB ram

    It has become a snail to boot up and run programs.

    FRST log part 1


    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <6>
    (C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
    (C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantage-(LenovoBoostAddin).exe
    (C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantage-(LenovoBoostSystemAddin).exe
    (C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
    (C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantage-(SmartInteractAddin).exe
    (C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantage-(VantageCoreAddin).exe
    (C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
    (C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvBugReport.exe
    (C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
    (C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
    (C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
    (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
    (C:\Users\molli\AppData\Local\Programs\RingCentral\RingCentral.exe ->) (RingCentral, Inc. -> RingCentral) C:\Users\molli\AppData\Local\Programs\RingCentral\resources\win\bin\Meetings.exe <4>
    (C:\Users\molli\AppData\Roaming\uTorrent\uTorrent.exe ->) (BitTorrent Inc -> BitTorrent Inc.) C:\Users\molli\AppData\Roaming\uTorrent\helper\helper.exe
    (C:\Users\molli\AppData\Roaming\uTorrent\uTorrent.exe ->) (BitTorrent Inc -> BitTorrent Inc.) C:\Users\molli\AppData\Roaming\uTorrent\updates\3.5.5_46248\utorrentie.exe <2>
    (C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe <4>
    (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    (explorer.exe ->) (BitTorrent Inc -> BitTorrent Inc.) C:\Users\molli\AppData\Roaming\uTorrent\uTorrent.exe
    (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <13>
    (explorer.exe ->) (HP Inc -> HP Inc.) C:\Program Files\HP\HP OfficeJet 8010 series\Bin\ScanToPCActivationApp.exe
    (explorer.exe ->) (Parallels International GmbH -> Parallels International GmbH.) C:\Program Files\Parallels\Client\APPServerClient.exe
    (LENOVO -> Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <2>
    (MusNotification.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotificationUx.exe
    (RingCentral, Inc. -> RingCentral) C:\Users\molli\AppData\Local\Programs\RingCentral\RingCentral.exe <6>
    (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    (services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
    (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
    (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
    (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
    (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
    (services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
    (services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
    (services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
    (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
    (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
    (services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantageService.exe
    (services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe <5>
    (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
    (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
    (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
    (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2>
    (services.exe ->) (Parallels International GmbH -> Parallels International GmbH.) C:\Program Files\Parallels\Client\x86\TuxWinClientService.exe
    (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
    (sihost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MSPaint_6.2203.1037.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe
    (svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    (svchost.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe <6>
    (svchost.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
    (svchost.exe ->) (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    (svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe
    (svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
    (svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP OfficeJet 8010 series\Bin\HPNetworkCommunicatorCom.exe
    (svchost.exe ->) (Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\molli\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe
    (svchost.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe
    (svchost.exe ->) (LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
    (svchost.exe ->) (LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe
    (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msoia.exe <2>
    (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe
    (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\RUXIM\PLUGScheduler.exe
    (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
    (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe
    (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
    (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotification.exe
    (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

    ==================== Registry (Whitelisted) ===================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18374632 2017-05-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1488360 2017-05-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1488360 2017-05-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1488360 2017-05-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
    HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791848 2015-11-28] (LENOVO -> )
    HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [230104 2015-07-11] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
    HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [628736 2015-06-16] () [File not signed]
    HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [212816 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110008 2015-07-21] (CyberLink Corp. -> CyberLink)
    HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492472 2015-07-21] (CyberLink Corp. -> CyberLink Corp.)
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
    HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [10586448 2022-05-21] (Dropbox, Inc -> Dropbox, Inc.)
    HKLM-x32\...\Run: [WDDiscovery] => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe [81359872 2021-07-31] (Western Digital Corporation) [File not signed]
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\Run: [BlueCoreInterfaceTrayApp] => C:\Program Files (x86)\Cardo Updater\CardoUpdater.exe [853912 2016-12-11] (Cardo Systems Inc -> )
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [116060056 2022-04-12] (Skype Software Sarl -> Skype Technologies S.A.)
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\Run: [HP OfficeJet 8010 series (NET)] => C:\Program Files\HP\HP OfficeJet 8010 series\Bin\ScanToPCActivationApp.exe [4075072 2021-03-29] (HP Inc -> HP Inc.)
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\Run: [ut] => C:\Users\molli\AppData\Roaming\uTorrent\uTorrent.exe [2103968 2022-04-13] (BitTorrent Inc -> BitTorrent Inc.)
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\MountPoints2: {5d469f1f-db53-11ec-9e1f-507b9d76ffe2} - "E:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\MountPoints2: {76246a4f-d02f-11eb-9dc7-507b9d76ffe2} - "E:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\MountPoints2: {9d8973b1-8551-11ec-9df5-507b9d76ffe2} - "E:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\MountPoints2: {c3ef43ca-d505-11eb-9dc7-507b9d76ffe2} - "E:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\MountPoints2: {e5cc98c8-0dc0-11ec-9dd3-507b9d76ffe2} - "E:\HiSuiteDownLoader.exe"
    HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
    HKLM\...\Print\Monitors\CutePDF Writer Monitor: C:\WINDOWS\system32\cpwmon64.dll [89008 2016-01-22] (Acro Software Inc. -> )
    HKLM\...\Print\Monitors\PCL hpz3lw71: C:\WINDOWS\system32\hpz3lw71.dll [46080 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\102.0.5005.63\Installer\chrmstp.exe [2022-05-31] (Google LLC -> Google LLC)
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\101.0.16440.68\Installer\chrmstp.exe [2022-05-26] (Avast Software s.r.o. -> AVAST Software)
    HKLM\Software\...\Authentication\Credential Providers: [{985546C2-9C8D-4EE6-A4FA-D8C004ED9EC0}] -> SCardWrapCredProv.dll
    Startup: C:\Users\molli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Parallels Client.lnk [2022-05-31]
    ShortcutTarget: Parallels Client.lnk -> C:\Program Files\Parallels\Client\APPServerClient.exe (Parallels International GmbH -> Parallels International GmbH.)
    Startup: C:\Users\molli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RingCentral.lnk [2022-04-22]
    ShortcutTarget: RingCentral.lnk -> C:\Users\molli\AppData\Local\Programs\RingCentral\RingCentral.exe (RingCentral, Inc. -> RingCentral)
    HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

    ==================== Scheduled Tasks (Whitelisted) ============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {02DD17FC-F0C8-4491-B2D0-45D62C726524} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_TH0AL3P1FG => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1136984 2020-09-17] (HP Inc. -> HP Inc.)
    Task: {09147153-2BD2-4C9A-AC43-3BBB9E22B7F7} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\2b6b756a-3867-45c2-a507-feec45f440b3 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
    Task: {10DE4B3A-E667-434E-B5EA-228698F17C98} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [676176 2016-05-18] (LENOVO -> Lenovo)
    Task: {22F70DE8-F69F-484F-AE63-E602B0146EFF} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [287688 2016-03-30] (LENOVO -> Lenovo)
    Task: {2B911569-A66E-4DFA-A151-27E7F3FD733D} - System32\Tasks\GoogleUpdateTaskMachineCore1d602e9b9647972 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-31] (Google Inc -> Google Inc.)
    Task: {32914283-B6C7-4535-8188-8D00D6708152} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
    Task: {346E8652-D6CA-4880-A401-9CC81D821DDB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [286088 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
    Task: {45C9D3D2-5170-4525-ADB9-C9E92AD9C9EA} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2717768 2022-05-13] (Avast Software s.r.o. -> AVAST Software)
    Task: {4B0472A9-C152-40BE-A3A2-800E757256C7} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1897824 2022-03-09] (Lenovo -> )
    Task: {50EF0B55-9E9B-46D6-A1D6-36F7443FB46E} - System32\Tasks\UMonitor Task => C:\WINDOWS\SysWOW64\UMonit64.exe [62560 2015-08-29] (Microsoft Windows Hardware Compatibility Publisher -> )
    Task: {543E4E37-84FB-4B80-AF58-4B8D55D643D8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
    Task: {548EC764-BFC0-4EBD-AD1D-6BBD62AF1838} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\ScheduleEventAction.exe [26384 2022-03-20] (Lenovo -> Lenovo Group Ltd.)
    Task: {57E90D42-DBC1-47D5-8AA4-285B90849D3B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972184 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
    Task: {595F2C3C-CE63-4108-B390-7FE6121EDE9C} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\7631dd97-7868-4b52-8539-e27a7c3699ea => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
    Task: {5ABB794C-14BA-45C3-8F85-8FBD84DD64B5} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
    Task: {5F01B491-8934-475E-8BD9-E4E9846A7187} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software)
    Task: {6BE3E2F3-36F9-473D-9F2B-DD78282F3B00} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\12065564-8fef-487f-9ca6-e2c93ac6ee3a => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
    Task: {6DB73BB3-2A8E-4827-91F4-A28523AB288A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [930960 2022-05-11] (HP Inc. -> HP Inc.)
    Task: {6EDD5101-3F5A-4A39-8922-52917FED8BFC} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3805500227-4192919812-1505005631-1002 => C:\Users\molli\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [122344 2019-04-04] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
    Task: {701B9749-3974-4F68-A006-AE597F3C72C3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136304 2021-03-30] (HP Inc. -> HP Inc.)
    Task: {71280683-330D-4B63-9359-2F27C6EE4813} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
    Task: {73EF4189-26C6-4149-809A-5660C9F963BC} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
    Task: {748496A6-02BB-4C59-8249-ABB80BFF7AAE} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\ScheduleEventAction.exe [26384 2022-03-20] (Lenovo -> Lenovo Group Ltd.)
    Task: {76025D61-D042-430E-8020-027EB9BFF6D9} - System32\Tasks\WD Device Agent Task molli => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Device Agent.exe [720432 2021-07-31] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
    Task: {7E917DB0-9CDC-4FB7-ADF4-7DB6F9856FDD} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [145480 2021-09-09] (Lenovo -> Lenovo Group Ltd.)
    Task: {80184825-2BFE-4A17-BE04-E446B10626B0} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-11] (Avast Software s.r.o. -> AVAST Software)
    Task: {89A42FFD-2F6F-4B1B-A725-FCA776BE39B4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [327256 2022-02-09] (HP Inc. -> HP Inc.)
    Task: {8BCAAF8E-F73C-4C9B-BD8D-0B6B9026F023} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe (No File)
    Task: {8C2A3648-2F5F-468F-B210-A6AA6726F929} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-31] (Google Inc -> Google Inc.)
    Task: {949D0EBD-B7F3-42A3-B933-A9553FEC2BAC} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-11] (Avast Software s.r.o. -> AVAST Software)
    Task: {953C7F48-81F5-4185-A1AF-A936F660619B} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-03-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
    Task: {96233069-34F9-4F33-98B7-6F87E6DB712E} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [676176 2016-05-18] (LENOVO -> Lenovo)
    Task: {987F8A50-3A9F-4F7C-8D8F-B2B5593359D8} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck
    Task: {992E5FD9-BD72-41B0-A82C-50E9CA2812E6} - System32\Tasks\HPCustParticipation HP OfficeJet 8010 series => C:\Program Files\HP\HP OfficeJet 8010 series\Bin\HPCustPartic.exe [6721184 2021-11-18] (HP Inc. -> HP Inc.)
    Task: {9A4F5C1C-787F-472D-9A54-99C7F495264C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1136984 2020-09-17] (HP Inc. -> HP Inc.)
    Task: {9C13AFE4-1664-43B5-B23E-122B46747114} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5e53d492-c689-4eaf-8ebb-a44d1fbea162 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
    Task: {9D520ADD-330E-403F-9988-942F97CC9872} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [1321296 2016-06-02] (LENOVO -> Lenovo)
    Task: {A5759B49-C9AA-420B-A5BD-2ACD14247B51} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [286088 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
    Task: {A88C97F6-BB13-4E0E-BA7F-24C68515C7A5} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\ScheduleEventAction.exe [26384 2022-03-20] (Lenovo -> Lenovo Group Ltd.)
    Task: {B0E7ED42-E7D0-4802-BAF0-E5AFC61728A8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
    Task: {B36B7D14-0AAF-40B3-882E-EC96A429844C} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
    Task: {B8045498-B5D0-46BA-9C3E-78BF62972088} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972184 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
    Task: {BA450CB0-D2FA-4092-9813-BEC7336F8B7A} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\834ecaf4-65d8-42c6-8b3a-691d62177f32 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
    Task: {BA61D100-8CCF-4980-8B72-4F7F41B23C67} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [745240 2016-09-22] (CyberLink Corp. -> CyberLink Corp.)
    Task: {BB09B081-3E05-4904-A173-08C2D7C85431} - System32\Tasks\WD Discovery Service Task molli => C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe [58880 2021-07-31] () [File not signed]
    Task: {BEF4DB56-9439-43F8-8C9C-C6F9315E58A9} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
    Task: {C6F2710D-E818-496B-8338-97AB3BF229CF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-31] (Google Inc -> Google Inc.)
    Task: {C8388F3A-C2B4-4CB2-9F4A-0778109ECF4E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [930960 2022-05-11] (HP Inc. -> HP Inc.)
    Task: {CE64F059-0402-4941-846D-085CC3309FAB} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16832 2015-07-08] (LENOVO -> Lenovo)
    Task: {D322E16D-87D1-40BB-9157-D96A73D7877E} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
    Task: {D5F26B4D-C936-4EF1-B58B-486064D0605C} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
    Task: {D9E857E0-7A73-4715-8670-888C056FBF2B} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4925264 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    Task: {DA2B9286-BBF1-4F1F-8093-BFF79841E8E6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [930960 2022-05-11] (HP Inc. -> HP Inc.)
    Task: {DC64D404-0AE3-465C-B961-2B60FDA79A29} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-25] (HP Inc. -> )
    Task: {E8C80844-8C86-4CD1-A122-C43C07AC5C73} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [263504 2016-06-02] (LENOVO -> )
    Task: {F056B9E3-8802-41E7-83C2-27AE79F98F85} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [85432 2015-08-05] (CyberLink Corp. -> CyberLink Corp.)
    Task: {F6722126-3039-4BE0-A61C-35002D6B7530} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
    Task: {F894F18F-83FA-4F02-9A38-4D090090D257} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1897824 2022-03-09] (Lenovo -> )
    Task: {FABEB7FD-365A-4F41-8804-25A91DC67F5C} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe /eu (No File)
    Task: {FE8B8E46-0ADF-4775-8A04-871F3020782D} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2717768 2022-05-13] (Avast Software s.r.o. -> AVAST Software)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

  2. #2
    Join Date
    Sep 2005
    Location
    Limerick, Ireland
    Posts
    138
    FRST log part 2

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 89.101.160.5 89.101.160.4
    Tcpip\..\Interfaces\{99dd8d5b-380b-4ad1-a687-a87487ff059a}: [DhcpNameServer] 192.168.42.129
    Tcpip\..\Interfaces\{b46db2f2-e42d-4142-8786-937e4b1aa7e3}: [DhcpNameServer] 89.101.160.5 89.101.160.4
    Tcpip\..\Interfaces\{c2c54ad8-35c7-4fee-9257-97ec8045a3b7}: [DhcpNameServer] 89.101.160.5 89.101.160.4

    Edge:
    =======
    Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
    Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
    Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
    Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
    Edge Profile: C:\Users\molli\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-26]
    Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

    FireFox:
    ========
    FF DefaultProfile: dg32le2u.default
    FF ProfilePath: C:\Users\molli\AppData\Roaming\Mozilla\Firefox\Profiles\dg32le2u.default [2020-10-11]
    FF Homepage: Mozilla\Firefox\Profiles\dg32le2u.default -> hxxps://www.google.com/
    FF NewTab: Mozilla\Firefox\Profiles\dg32le2u.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10440__180520
    FF Plugin: @videolan.org/vlc,version=3.0.13 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-03] (VideoLAN -> VideoLAN)
    FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-20] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2016-12-20] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-11] (Avast Software s.r.o. -> AVAST Software)
    FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-11] (Avast Software s.r.o. -> AVAST Software)

    Chrome:
    =======
    CHR DefaultProfile: Profile 1
    CHR Profile: C:\Users\molli\AppData\Local\Google\Chrome\User Data\Default [2021-04-10]
    CHR HomePage: Default -> hxxps://www.yahoo.com/
    CHR StartupUrls: Default -> "hxxps://www.yahoo.com/"
    CHR Profile: C:\Users\molli\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-06-01]
    CHR Notifications: Profile 1 -> hxxps://bringatrailer.com; hxxps://cricfree.sc; hxxps://football.fantasysports.yahoo.com; hxxps://www.dailymail.co.uk; hxxps://www.facebook.com; hxxps://www.yahoo.com
    CHR HomePage: Profile 1 -> hxxps://www.yahoo.com/
    CHR StartupUrls: Profile 1 -> "hxxps://www.yahoo.com/"
    CHR Extension: (Safe Torrent Scanner) - C:\Users\molli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2022-04-13]
    CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\molli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-05-31]
    CHR Extension: (ZenMate Free VPN–Best VPN for Chrome) - C:\Users\molli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2022-04-07]
    CHR Extension: (Malwarebytes Browser Guard) - C:\Users\molli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-05-26]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\molli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
    CHR Profile: C:\Users\molli\AppData\Local\Google\Chrome\User Data\System Profile [2018-09-29]
    CHR HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
    CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
    CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

    ==================== Services (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
    R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8434824 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-11] (Avast Software s.r.o. -> AVAST Software)
    R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [576336 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [576336 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-11] (Avast Software s.r.o. -> AVAST Software)
    S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\101.0.16440.68\elevation_service.exe [1982752 2022-05-13] (Avast Software s.r.o. -> AVAST Software)
    R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-06-01] (Avast Software s.r.o. -> AVAST Software)
    S4 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [41176 2015-03-03] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
    S4 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [120024 2015-07-02] (Realtek Semiconductor Corp -> )
    S4 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [650680 2015-07-29] (LENOVO -> Lenovo)
    R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3052952 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
    S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
    S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
    R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [45408 2022-05-21] (Dropbox, Inc -> Dropbox, Inc.)
    R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [194048 2017-04-10] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
    S4 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-30] (LENOVO -> Lenovo)
    R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [223904 2022-04-30] (HP Inc. -> HP Inc.)
    R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
    R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
    S2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-25] (HP Inc. -> HP Inc.)
    R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
    R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantageService.exe [29968 2022-03-20] (Lenovo -> Lenovo Group Ltd.)
    S4 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (LENOVO -> Lenovo)
    R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8524512 2022-05-21] (Malwarebytes Inc. -> Malwarebytes)
    S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
    S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
    R2 RAS RDP Backend Service; C:\Program Files\Parallels\Client\x86\TuxWinClientService.exe [3638040 2021-10-28] (Parallels International GmbH -> Parallels International GmbH.)
    S4 ShareItSvc; C:\Program Files (x86)\Lenovo\SHAREit\Shareit.Service.exe [31176 2016-01-20] (LENOVO -> SHAREit Technologies Co.Ltd)
    R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14754088 2021-11-06] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
    S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\NisSrv.exe [2372048 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
    S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MsMpEng.exe [128376 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)

    ===================== Drivers (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
    S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
    R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [38936 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [232648 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [381616 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [255144 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [102568 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-10-02] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
    R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [44568 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [271592 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [548976 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111056 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [86120 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [857488 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [558768 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [218088 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [317832 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
    S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
    S3 CSRBC; C:\WINDOWS\System32\Drivers\rider64.sys [38400 2015-03-10] (Microsoft Windows Hardware Compatibility Publisher -> CSR plc.)
    R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [103888 2022-04-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
    S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
    S3 GeneStor; C:\WINDOWS\system32\DRIVERS\GeneStor.sys [188840 2015-08-29] (GENESYS LOGIC, INC. -> GenesysLogic)
    R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
    S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-04-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
    R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [194512 2022-05-31] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
    R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [74688 2022-05-31] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
    R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239560 2022-05-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
    R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181992 2022-05-31] (Malwarebytes Inc. -> Malwarebytes)
    S3 RtkA2dp; C:\WINDOWS\system32\drivers\RtkA2dp.sys [182288 2015-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation)
    S3 RtkAvrcpCtrlr; C:\WINDOWS\System32\drivers\RtkAvrcpCtrlr.sys [70672 2015-05-12] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation)
    S3 Ser2pl; C:\WINDOWS\system32\DRIVERS\ser2pl64.sys [262160 2019-08-11] (WDKTestCert charles-yeh,132058328970830801 -> Prolific Technology Inc.)
    S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
    S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-10-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
    S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2018-06-04] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
    S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [428264 2020-10-07] (Microsoft Windows -> Microsoft Corporation)
    R1 wdfsconnect2017; C:\WINDOWS\system32\drivers\wdfsconnect2017.sys [468112 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
    S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69864 2020-10-07] (Microsoft Windows -> Microsoft Corporation)
    R3 wdvpnpbus; C:\WINDOWS\System32\drivers\wdvpnpbus.sys [20624 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
    S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

  3. #3
    Join Date
    Sep 2005
    Location
    Limerick, Ireland
    Posts
    138
    Additions part 2
    ==================== Loaded Modules (Whitelisted) =============

    2022-05-31 21:24 - 2022-05-27 23:14 - 000341504 _____ () [File not signed] \\?\C:\Users\molli\AppData\Local\Programs\RingCentral\resources\app.asar.unpacked\node_modules\@ringcentral\os-session\prebuilds\win32-x64\node.napi.node
    2022-05-31 21:24 - 2022-05-27 23:14 - 004775936 _____ () [File not signed] \\?\C:\Users\molli\AppData\Local\Programs\RingCentral\resources\app.asar.unpacked\node_modules\@ringcentral\rse-desktop\out\ringcentral-rse-desktop.node
    2022-05-31 21:24 - 2022-05-27 23:14 - 000086528 _____ () [File not signed] \\?\C:\Users\molli\AppData\Local\Programs\RingCentral\resources\app.asar.unpacked\node_modules\@ringcentral\rse-desktop\out\zlib1.dll
    2022-05-31 21:24 - 2022-05-27 23:14 - 000372224 _____ () [File not signed] \\?\C:\Users\molli\AppData\Local\Programs\RingCentral\resources\app.asar.unpacked\node_modules\get_win_version\prebuilds\win32-x64\node.napi.node
    2022-05-31 21:24 - 2022-05-27 23:14 - 000095744 _____ () [File not signed] \\?\C:\Users\molli\AppData\Local\Programs\RingCentral\resources\app.asar.unpacked\node_modules\macos-notification-state\build\Release\notificationstate.node
    2022-05-31 21:24 - 2022-05-27 23:14 - 025709568 _____ () [File not signed] \\?\C:\Users\molli\AppData\Local\Programs\RingCentral\resources\app.asar.unpacked\node_modules\rcv-desktop-sdk\tools\build\bin\krisp-audio-bindings.node
    2022-05-31 21:24 - 2022-05-27 23:14 - 003969024 _____ () [File not signed] \\?\C:\Users\molli\AppData\Local\Programs\RingCentral\resources\app.asar.unpacked\node_modules\rcv-desktop-sdk\tools\build\bin\rcv-desktop-tools.node
    2022-05-31 21:24 - 2022-05-27 23:14 - 000376832 _____ () [File not signed] \\?\C:\Users\molli\AppData\Local\Programs\RingCentral\resources\app.asar.unpacked\node_modules\winreglib\build\Release\node_winreglib.node
    2022-05-31 21:24 - 2022-05-27 23:14 - 001266176 _____ () [File not signed] \\?\C:\Users\molli\AppData\Local\Programs\RingCentral\resources\win\bin\resources\app.asar.unpacked\node_modules\@ringcentral\zsdk\prebuilds\win32-x64\electron.abi85.node
    2022-01-27 18:58 - 2022-01-27 18:58 - 001469440 _____ () [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_136.1.269.0_x64__v10z8vjag6ke6\e_sqlite3.dll
    2022-05-31 21:24 - 2022-05-27 23:14 - 002675712 _____ () [File not signed] C:\Users\molli\AppData\Local\Programs\RingCentral\ffmpeg.dll
    2022-05-31 21:24 - 2022-05-27 23:14 - 000435712 _____ () [File not signed] C:\Users\molli\AppData\Local\Programs\RingCentral\libegl.dll
    2022-05-31 21:24 - 2022-05-27 23:14 - 007936512 _____ () [File not signed] C:\Users\molli\AppData\Local\Programs\RingCentral\libglesv2.dll
    2022-05-31 21:24 - 2022-05-27 23:14 - 002823680 _____ () [File not signed] C:\Users\molli\AppData\Local\Programs\RingCentral\resources\win\bin\ffmpeg.dll
    2022-05-31 21:24 - 2022-05-27 23:14 - 000449024 _____ () [File not signed] C:\Users\molli\AppData\Local\Programs\RingCentral\resources\win\bin\libegl.dll
    2022-05-31 21:24 - 2022-05-27 23:14 - 007620096 _____ () [File not signed] C:\Users\molli\AppData\Local\Programs\RingCentral\resources\win\bin\libglesv2.dll
    2011-08-18 01:29 - 2011-08-18 01:29 - 001039360 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll
    2022-04-30 18:41 - 2022-04-30 18:41 - 119193088 _____ (HP Development Company, L.P.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_136.1.269.0_x64__v10z8vjag6ke6\HP.Smart.dll
    2021-11-02 23:15 - 2021-11-02 23:15 - 007170048 _____ (HP Development Company, L.P.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_136.1.269.0_x64__v10z8vjag6ke6\HPPageLift.UWP.dll
    2022-04-30 18:41 - 2022-04-30 18:41 - 000133632 _____ (HP Inc) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_136.1.269.0_x64__v10z8vjag6ke6\HP.OneDriver.UserForms.dll
    2022-03-22 21:14 - 2022-03-22 21:16 - 000013824 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_136.1.269.0_x64__v10z8vjag6ke6\NativeRpcClient.dll
    2019-02-21 21:00 - 2019-02-21 21:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
    2022-05-31 21:24 - 2022-05-27 23:14 - 000489984 _____ (The curl library, hxxps://curl.se/) [File not signed] \\?\C:\Users\molli\AppData\Local\Programs\RingCentral\resources\app.asar.unpacked\node_modules\@ringcentral\rse-desktop\out\libcurl.dll
    2022-05-31 21:24 - 2022-05-27 23:14 - 003406848 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] \\?\C:\Users\molli\AppData\Local\Programs\RingCentral\resources\app.asar.unpacked\node_modules\@ringcentral\rse-desktop\out\libcrypto-1_1-x64.dll
    2022-05-31 21:24 - 2022-05-27 23:14 - 000685056 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] \\?\C:\Users\molli\AppData\Local\Programs\RingCentral\resources\app.asar.unpacked\node_modules\@ringcentral\rse-desktop\out\libssl-1_1-x64.dll

    ==================== Alternate Data Streams (Whitelisted) ========

    ==================== Safe Mode (Whitelisted) ==================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

    ==================== Association (Whitelisted) =================

    ==================== Internet Explorer (Whitelisted) ==========

    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
    SearchScopes: HKU\S-1-5-21-3805500227-4192919812-1505005631-1002 -> DefaultScope {E09A2151-3467-4174-8E16-BD5B6D09480F} URL =
    SearchScopes: HKU\S-1-5-21-3805500227-4192919812-1505005631-1002 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://ie.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10440__180520__yaie&p={searchTerms}
    SearchScopes: HKU\S-1-5-21-3805500227-4192919812-1505005631-1002 -> {E09A2151-3467-4174-8E16-BD5B6D09480F} URL =
    BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2022-01-20] (Microsoft Corporation -> Microsoft Corporation)
    BHO: No Name -> {DBD7FD30-5740-4331-81CF-D711F322B06F}' -> No File
    BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
    BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2022-01-20] (Microsoft Corporation -> Microsoft Corporation)
    BHO-x32: No Name -> {DBD7FD30-5740-4331-81CF-D711F322B06F}' -> No File
    Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation -> Microsoft Corporation)

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
    IE trusted site: HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\localhost -> localhost

    ==================== Hosts content: =========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2016-07-16 12:47 - 2016-07-16 12:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

    ==================== Other Areas ===========================

    (Currently there is no automatic fix for this section.)

    HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Lenovo\FusionEngine;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\RogueKiller;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\HP\Common\HPDestPlgIn\
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
    DNS Servers: 89.101.160.5 - 89.101.160.4
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (If an entry is included in the fixlist, it will be removed.)

    MSCONFIG\Services: AdaptiveSleepService => 2
    MSCONFIG\Services: AdobeARMservice => 2
    MSCONFIG\Services: AMD External Events Utility => 2
    MSCONFIG\Services: AvrcpService => 2
    MSCONFIG\Services: BTDevManager => 2
    MSCONFIG\Services: CCSDK => 2
    MSCONFIG\Services: DAX2API => 2
    MSCONFIG\Services: dbupdate => 2
    MSCONFIG\Services: dbupdatem => 3
    MSCONFIG\Services: DbxSvc => 2
    MSCONFIG\Services: ETDService => 2
    MSCONFIG\Services: GDCAgent => 2
    MSCONFIG\Services: gupdate => 2
    MSCONFIG\Services: gupdatem => 3
    MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2
    MSCONFIG\Services: HuaweiHiSuiteService64.exe => 2
    MSCONFIG\Services: ImControllerService => 2
    MSCONFIG\Services: isesrv => 2
    MSCONFIG\Services: LSC.Services.SystemService => 3
    MSCONFIG\Services: MozillaMaintenance => 3
    MSCONFIG\Services: ShareItSvc => 3
    MSCONFIG\Services: SkypeUpdate => 2
    MSCONFIG\Services: tbaseprovisioning => 2
    HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk"
    HKLM\...\StartupApproved\Run: => "SecurityHealth"
    HKLM\...\StartupApproved\Run: => "RTHDVCPL"
    HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"
    HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_DOLBYDRAGON"
    HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_MICPKEY"
    HKLM\...\StartupApproved\Run: => "LenovoUtility"
    HKLM\...\StartupApproved\Run: => "DAX2_APP"
    HKLM\...\StartupApproved\Run: => "BtServer"
    HKLM\...\StartupApproved\Run: => "StartCN"
    HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
    HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
    HKLM\...\StartupApproved\Run32: => "Dropbox"
    HKLM\...\StartupApproved\Run32: => "HP Software Update"
    HKLM\...\StartupApproved\Run32: => "AvgUi"
    HKLM\...\StartupApproved\Run32: => "CCAV"
    HKLM\...\StartupApproved\Run32: => "IseUI"
    HKLM\...\StartupApproved\Run32: => "WDDiscovery"
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\StartupApproved\Run: => "OneDrive"
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\StartupApproved\Run: => "BlueCoreInterfaceTrayApp"
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\StartupApproved\Run: => "Skype"
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\StartupApproved\Run: => "Skype for Desktop"

    ==================== FirewallRules (Whitelisted) ================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [UDP Query User{B4BBEFFA-D6F9-40EE-B1AA-62F3E33811BC}C:\users\molli\appdata\roaming\utorrent\updates\3.5.5_45828.exe] => (Allow) C:\users\molli\appdata\roaming\utorrent\updates\3.5.5_45828.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [TCP Query User{98EF0F8A-EA8F-4BC6-BD89-BDA31E78E6A0}C:\users\molli\appdata\roaming\utorrent\updates\3.5.5_45828.exe] => (Allow) C:\users\molli\appdata\roaming\utorrent\updates\3.5.5_45828.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [{017DE5D4-AD84-4DC0-95E5-ABD8BF8EE798}] => (Allow) C:\Program Files (x86)\Cardo Updater\CardoUpdater.exe (Cardo Systems Inc -> )
    FirewallRules: [{F52C28C9-9366-459C-A3B0-6C8254768177}] => (Allow) C:\Program Files (x86)\Cardo Updater\CardoUpdater.exe (Cardo Systems Inc -> )
    FirewallRules: [{0153588C-5FB3-4D90-8EFF-896EA03A5163}] => (Allow) C:\Program Files (x86)\Cardo Updater\CardoUpdater.exe (Cardo Systems Inc -> )
    FirewallRules: [{833CA06F-2383-4DE5-BCFE-5A188FE9C97B}] => (Allow) C:\Program Files (x86)\Cardo Updater\CardoUpdater.exe (Cardo Systems Inc -> )
    FirewallRules: [{5C5718B9-8431-45F5-9680-332D313FB851}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{3F940AA2-3D16-4E16-8EFA-86CECCA919A4}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
    FirewallRules: [{A63FB4BF-0BCA-40BE-BCB9-500EA0672707}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{311A8BD1-BF43-4133-848C-85E82D700222}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{251D6BEC-47FD-4DBB-91BB-701F9A5308C0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett Packard -> Hewlett-Packard)
    FirewallRules: [{BD44DEAD-03E8-4C67-A61E-526547D9837A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{DF6DC4B7-3E77-4BDB-843F-C58306E2AD4D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{8D8BCE91-46A0-4AA7-9DDA-0C711CDFB03F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{CA1583A6-95A2-4EF1-B998-1E7D28852466}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{6864749C-43B2-47C4-9E3B-763CA1593B3C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe (Hewlett-Packard Co.) [File not signed]
    FirewallRules: [{8ADED271-20FF-4CDB-96C1-0E7D9F007AEE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{3B78500B-C9E9-4833-9B29-1C46AA276348}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{9472BDAA-662C-4F29-98B0-F714B153823B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{6283E653-DEE2-4E9D-8C74-B703E4567583}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{AFBDFC6D-17BC-4E03-8CBC-83BB1321047A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{21454B6C-61C2-426A-A63C-2AF316F2136D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{ECBAF2CC-E2CC-42DA-89A5-6A2B10F9FBEC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{D5D81A35-A848-4BBE-BC40-163CFB49E067}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{85C72577-23C7-4ADC-A6AF-A4769E09CF0F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{D35F49DC-8A11-49AD-ADC4-E786156CEA02}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
    FirewallRules: [{7C11E1D0-001D-40B3-8239-B4A851C674FF}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> SHAREit Technologies Co.Ltd)
    FirewallRules: [{A00A74F3-7F75-4658-8241-C2A62B52A4E0}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> SHAREit Technologies Co.Ltd)
    FirewallRules: [{07A9E33B-637E-44C4-92F6-EA1B6593A40A}] => (Allow) C:\Users\molli\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [{B8AED7C4-57CF-4BDD-BF0A-6C95BB4DDD9D}] => (Allow) C:\Users\molli\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [{59C3339F-516B-4E70-8E88-76BCE2D043C1}] => (Allow) C:\Users\molli\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [{06892A88-06A5-4BF4-9F47-AFBC50AAA457}] => (Allow) C:\Users\molli\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [{E55B8E25-78E6-4B2F-A90C-17F0E934666F}] => (Allow) C:\Users\molli\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [{F2140B2B-F580-4E87-9161-671669890C72}] => (Allow) C:\Users\molli\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [{52F0F72F-5953-4EF6-A2C6-CFB2E691E464}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{4DF68B5B-2658-4C83-A9E0-8CF8D60766E6}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{573CF173-FCF2-46F6-AE50-D5E55A198771}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [{69B17E52-9949-4B1D-9AFD-1885A282EB3C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
    FirewallRules: [TCP Query User{1355592A-4A96-4249-93CB-99AAE9C7F540}C:\users\molli\appdata\roaming\utorrent\updates\3.5.5_45291.exe] => (Allow) C:\users\molli\appdata\roaming\utorrent\updates\3.5.5_45291.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [UDP Query User{2888709D-154C-4049-9F14-A948FBAC2BC0}C:\users\molli\appdata\roaming\utorrent\updates\3.5.5_45291.exe] => (Allow) C:\users\molli\appdata\roaming\utorrent\updates\3.5.5_45291.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [{64C945B8-CEBE-4501-80DC-BEF8850ADB50}] => (Allow) C:\Users\molli\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
    FirewallRules: [{0D6DA26D-0968-43A2-AABA-A1C14321F9BD}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
    FirewallRules: [{9A03B354-FCC4-48BB-8B3D-513498EA4E97}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
    FirewallRules: [{036E10BD-72FA-465D-8DED-C8A8E340C937}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
    FirewallRules: [{DE8698F5-197B-4FF0-93EB-49C70B632F6E}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
    FirewallRules: [{3BD83479-0DD2-45EE-AA10-5310BDBF83FE}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
    FirewallRules: [{D192DC2A-FFE8-4129-B6B4-402323F1D455}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
    FirewallRules: [{85865557-468C-479D-885C-893D1E9A3F86}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
    FirewallRules: [{4F32B292-5FA6-489C-8B45-AE39EE242396}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
    FirewallRules: [{8DE0F070-2D11-4AC5-BE69-8862C80B7D46}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
    FirewallRules: [{21BD37CD-D312-4BCC-B7AE-EA7E9BCFB6EC}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
    FirewallRules: [{15542010-2F38-41CA-B881-D1110C2A376E}] => (Allow) LPort=50005
    FirewallRules: [{4DF95C14-F25A-4B6A-9BAA-BBBF48C961C7}] => (Allow) C:\Program Files\Parallels\Client\APPServerClient.exe (Parallels International GmbH -> Parallels International GmbH.)
    FirewallRules: [{DD69EC4F-B900-4ED2-A4F7-A6224DB61FEE}] => (Allow) C:\Program Files\Parallels\Client\TSClient.exe (Parallels International GmbH -> Parallels International GmbH.)
    FirewallRules: [TCP Query User{6B9C78A7-5375-48F8-B583-D2FBF3C85A7A}C:\users\molli\appdata\local\programs\ringcentral\ringcentral.exe] => (Allow) C:\users\molli\appdata\local\programs\ringcentral\ringcentral.exe (RingCentral, Inc. -> RingCentral)
    FirewallRules: [UDP Query User{D8896416-5CDB-42CB-BCED-C64B7F183697}C:\users\molli\appdata\local\programs\ringcentral\ringcentral.exe] => (Allow) C:\users\molli\appdata\local\programs\ringcentral\ringcentral.exe (RingCentral, Inc. -> RingCentral)
    FirewallRules: [{B7F8F179-80A5-41E2-AAC6-377D6DC596CF}] => (Block) C:\users\molli\appdata\local\programs\ringcentral\ringcentral.exe (RingCentral, Inc. -> RingCentral)
    FirewallRules: [{357825E6-59AC-4E01-9904-066F3444EB9B}] => (Block) C:\users\molli\appdata\local\programs\ringcentral\ringcentral.exe (RingCentral, Inc. -> RingCentral)
    FirewallRules: [{14518F47-8769-4280-B292-6D0F358616EA}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{4A758B59-8810-4066-AC23-BFAAC0E6D7A6}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{973FC89C-F981-4A78-860A-66C1E977B581}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
    FirewallRules: [{FD9FE2FF-4154-46C0-96F7-0B99F36AA8EE}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
    FirewallRules: [{7C490D35-D968-433F-860A-B7EBF206F3ED}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
    FirewallRules: [{862CDF21-A801-4B64-933C-464DC910FE61}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
    FirewallRules: [TCP Query User{C01AFF57-D17C-40B7-9A5D-87D1B7BD0469}C:\users\molli\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\molli\appdata\local\gamecenter\gamecenter.exe => No File
    FirewallRules: [UDP Query User{23B32CCF-9EB6-47A3-9A49-82DD35AFD043}C:\users\molli\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\molli\appdata\local\gamecenter\gamecenter.exe => No File
    FirewallRules: [{73EFB91F-8C34-477C-AB39-1EEF3F577340}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
    FirewallRules: [{152410C6-F7B0-4952-9013-4A071A23E4DB}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
    FirewallRules: [{EEB6F8D2-CECE-4BE3-BC93-62A744EAE6E1}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
    FirewallRules: [{278E31B4-A8A6-4722-BDD0-4CE6464ECE93}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
    FirewallRules: [{BE81E01C-3CC6-4AC9-91FD-8B95E7DAF22B}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
    FirewallRules: [{F8D1EE00-2DA7-4280-A707-B14459A7595A}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
    FirewallRules: [{A688B80E-196E-4DE3-81B2-5A4C1962DA6A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
    FirewallRules: [{64497A17-6A9F-4D38-A089-3D6E767E5543}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
    FirewallRules: [{5557C55E-40C5-4AB0-BBC6-2868741E9CC0}] => (Allow) C:\Program Files\HP\HP OfficeJet 8010 series\Bin\DeviceSetup.exe (HP Inc. -> HP Inc.)
    FirewallRules: [{89C0CD06-7620-4101-B1CC-5E4F2FA71B47}] => (Allow) LPort=5357
    FirewallRules: [{A7244B45-0175-4237-AC3D-074780604ACF}] => (Allow) C:\Program Files\HP\HP OfficeJet 8010 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc. -> HP Inc.)
    FirewallRules: [{24DC84CE-C1A6-499A-8181-71E9E55F5A28}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
    FirewallRules: [{10038C4A-1296-4585-A211-890C4F22344B}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
    FirewallRules: [{472C1433-0EE0-49DA-8BA1-669372D03A8A}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
    FirewallRules: [{C55FF48B-56D6-49C6-AC9C-AC04B2255379}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
    FirewallRules: [{BF52BCA7-3A1C-44CE-8A04-DA9836A8F5B6}] => (Allow) C:\Users\molli\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [{C5A4E187-E664-4E7F-B9EC-68EC357892CE}] => (Allow) C:\Users\molli\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
    FirewallRules: [TCP Query User{A8D373AD-745F-4B66-8B50-6FFEE0C20C3D}C:\users\molli\appdata\local\temp\7zs462c\enterprisedu.exe] => (Allow) C:\users\molli\appdata\local\temp\7zs462c\enterprisedu.exe (VistaName -> HP Inc.) [File not signed]
    FirewallRules: [UDP Query User{EBD15E50-7A82-4A30-A22A-29DD1687D327}C:\users\molli\appdata\local\temp\7zs462c\enterprisedu.exe] => (Allow) C:\users\molli\appdata\local\temp\7zs462c\enterprisedu.exe (VistaName -> HP Inc.) [File not signed]
    FirewallRules: [{89DBB667-C309-4DB8-B676-E7814B69AC1B}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
    FirewallRules: [{5B62B505-702E-4819-A48E-3A9F05885951}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
    FirewallRules: [{D66920BA-D3E5-45E1-8764-FBC907AC4CCC}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
    FirewallRules: [{EF9ECAFD-49C1-47D8-8D28-61C334251265}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
    FirewallRules: [{2E2536E7-F64A-4D8C-9F30-F7FA1FB6DB63}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{9ADC632C-79F4-4CBD-92C9-311044F0790F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{4D2FB71E-9496-4BD5-9387-6484BBA5E01C}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
    FirewallRules: [{68BF5DAE-C16A-4CC4-853F-E58078034D70}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
    FirewallRules: [{0886A637-1950-44B3-91FB-DF467CCA4A3F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{19AE090F-7C19-485B-953C-DDB09EAAC7AA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{F2D017A6-465D-47F1-B5B6-10C4266F1EB4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{55C52732-D381-4D8E-A679-8FE3C86C4FF6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
    FirewallRules: [{B51DED49-3FBD-441C-85C9-B8B8B2DA00B9}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
    FirewallRules: [{C3AD20D5-4FAB-42A9-B82B-706EE9DD8558}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
    FirewallRules: [{63897619-5C76-4A6A-88CC-9BB7F73F4129}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

    ==================== Restore Points =========================

    18-05-2022 18:28:15 Scheduled Checkpoint
    27-05-2022 17:51:47 Scheduled Checkpoint

    ==================== Faulty Device Manager Devices ============


    ==================== Event log errors: ========================

    Application errors:
    ==================
    Error: (06/01/2022 10:42:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program mbam.exe version 4.0.0.1302 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

    Process ID: 1238

    Start Time: 01d875ffa35a09f4

    Termination Time: 8777

    Application Path: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe

    Report Id: 205edced-06a1-4ffa-8582-8dbf0b949bb5

    Faulting package full name:

    Faulting package-relative application ID:

    Hang type: Unknown

    Error: (06/01/2022 10:18:38 PM) (Source: ESENT) (EventID: 447) (User: )
    Description: svchost (4248,D,29) SRUJet: A bad page link (error -327) has been detected in a B-Tree (ObjectId: 40, PgnoRoot: 287) of database C:\WINDOWS\system32\SRU\SRUDB.dat (4438 => 5297, 5295).

    Tag: BtNextBadPgnoNextOrBacklink

    Fatal: 1

    Error: (06/01/2022 10:17:50 PM) (Source: ESENT) (EventID: 467) (User: )
    Description: svchost (4248,D,23) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index AutoIncIdIndex of table {7ACBBAA3-D029-4BE4-9A7A-0885927F1D8F} is corrupted (0).

    Error: (06/01/2022 10:17:44 PM) (Source: ESENT) (EventID: 467) (User: )
    Description: svchost (4248,D,23) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index AppIdIndex of table {B6D82AF1-F780-4E17-8077-6CB9AD8A6FC4} is corrupted (0).

    Error: (06/01/2022 03:19:12 AM) (Source: ESENT) (EventID: 447) (User: )
    Description: svchost (4248,D,29) SRUJet: A bad page link (error -327) has been detected in a B-Tree (ObjectId: 40, PgnoRoot: 287) of database C:\WINDOWS\system32\SRU\SRUDB.dat (4438 => 5297, 5295).

    Tag: BtNextBadPgnoNextOrBacklink

    Fatal: 1

    Error: (06/01/2022 03:18:59 AM) (Source: ESENT) (EventID: 467) (User: )
    Description: svchost (4248,D,23) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index AutoIncIdIndex of table {7ACBBAA3-D029-4BE4-9A7A-0885927F1D8F} is corrupted (0).

    Error: (06/01/2022 03:18:59 AM) (Source: ESENT) (EventID: 467) (User: )
    Description: svchost (4248,D,23) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index AppIdIndex of table {B6D82AF1-F780-4E17-8077-6CB9AD8A6FC4} is corrupted (0).

    Error: (06/01/2022 12:07:02 AM) (Source: ESENT) (EventID: 447) (User: )
    Description: svchost (4248,D,29) SRUJet: A bad page link (error -327) has been detected in a B-Tree (ObjectId: 40, PgnoRoot: 287) of database C:\WINDOWS\system32\SRU\SRUDB.dat (4438 => 5297, 5295).

    Tag: BtNextBadPgnoNextOrBacklink

    Fatal: 1


    System errors:
    =============
    Error: (06/01/2022 10:27:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Software Protection service failed to start due to the following error:
    The service did not respond to the start or control request in a timely fashion.

    Error: (06/01/2022 10:27:05 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect.

    Error: (06/01/2022 10:17:30 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-3VS60BL9)
    Description: The server microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.

    Error: (05/31/2022 09:14:56 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: The Storage Service service hung on starting.

    Error: (05/31/2022 09:12:47 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: The System Guard Runtime Monitor Broker service hung on starting.

    Error: (05/31/2022 09:10:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The HP Touchpoint Analytics service failed to start due to the following error:
    The service did not respond to the start or control request in a timely fashion.

    Error: (05/31/2022 09:10:30 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the HP Touchpoint Analytics service to connect.

    Error: (05/31/2022 09:05:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The LenovoVantageService service failed to start due to the following error:
    The service did not respond to the start or control request in a timely fashion.


    CodeIntegrity:
    ===============
    Date: 2022-06-01 22:31:05
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

    Date: 2022-06-01 22:18:50
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.


    ==================== Memory info ===========================

    BIOS: LENOVO CECN43WW 09/15/2015
    Motherboard: LENOVO Allsparks 5B
    Processor: AMD FX-8800P Radeon R7, 12 Compute Cores 4C+8G
    Percentage of memory in use: 76%
    Total physical RAM: 7127.18 MB
    Available physical RAM: 1648.74 MB
    Total Virtual: 14039.18 MB
    Available Virtual: 6118.87 MB

    ==================== Drives ================================

    Drive c: (Windows) (Fixed) (Total:885.92 GB) (Free:207.02 GB) (Model: WDC WD10SPCX-24HWST1) NTFS ==>[system with boot components (obtained from drive)]
    Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.14 GB) (Model: WDC WD10SPCX-24HWST1) NTFS

    \\?\Volume{fe75932f-00b7-47b2-a944-89a1e2c3e23e}\ () (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
    \\?\Volume{0919af76-0e0f-4460-9657-7a2ecada3e3a}\ (LENOVO_PART) (Fixed) (Total:18.37 GB) (Free:6.39 GB) NTFS
    \\?\Volume{1d2c27e8-96fa-4a45-ae0c-42bcf61cbb5b}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

    ==================== MBR & Partition Table ====================

    ==========================================================
    Disk: 0 (Size: 931.5 GB) (Disk ID: C57589EA)

    Partition: GPT.

    ==================== End of Addition.txt =======================

  4. #4
    Join Date
    Sep 2005
    Location
    Limerick, Ireland
    Posts
    138
    Additions part 1

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-05-2022 01
    Ran by molli (01-06-2022 22:59:54)
    Running from C:\Users\molli\Desktop
    Microsoft Windows 10 Home Version 21H2 19044.1706 (X64) (2020-11-22 16:35:14)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================


    (If an entry is included in the fixlist, it will be removed.)

    Administrator (S-1-5-21-3805500227-4192919812-1505005631-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-3805500227-4192919812-1505005631-503 - Limited - Disabled)
    Guest (S-1-5-21-3805500227-4192919812-1505005631-501 - Limited - Disabled)
    molli (S-1-5-21-3805500227-4192919812-1505005631-1002 - Administrator - Enabled) => C:\Users\molli
    WDAGUtilityAccount (S-1-5-21-3805500227-4192919812-1505005631-504 - Limited - Disabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
    AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    µTorrent (HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\uTorrent) (Version: 3.5.5.46248 - BitTorrent Inc.)
    64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
    7-Zip 18.06 (x64) (HKLM\...\7-Zip) (Version: 18.06 - Igor Pavlov)
    7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
    Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.4.6011 - Avast Software)
    Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 101.0.16440.68 - AVAST Software)
    Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
    Cardo Updater (HKLM-x32\...\Cardo Updater_is1) (Version: - Cardo Systems, Inc.)
    Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
    Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
    Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
    Components (HKLM-x32\...\{1720B0E0-C520-43A6-B677-97A1D80F3B99}) (Version: 1.0.023.00 - Lenovo) Hidden
    CutePDF Writer 3.1 (HKLM\...\CutePDF Writer Installation) (Version: 3.1 - Acro Software Inc.)
    Dolby Audio X2 Windows API SDK (HKLM\...\{68B3293E-612B-48B4-BC0F-4CCFBF83AB96}) (Version: 0.8.2.76 - Dolby Laboratories, Inc.)
    Dolby Audio X2 Windows APP (HKLM\...\{7DA57EF8-9D20-4126-AF15-D0CC97D0C017}) (Version: 0.4.0.22 - Dolby Laboratories, Inc.)
    Dropbox (HKLM-x32\...\Dropbox) (Version: 149.4.4568 - Dropbox, Inc.)
    Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.583.1 - Dropbox, Inc.) Hidden
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 102.0.5005.63 - Google LLC)
    Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
    Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
    Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.) Hidden
    Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.)
    Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.5.5720.01 - CyberLink Corp.)
    Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.71.2 - ELAN Microelectronic Corp.)
    Lenovo PowerDVD12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5604.55 - CyberLink Corp.) Hidden
    Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5604.55 - CyberLink Corp.)
    Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.022.00 - Lenovo)
    Lenovo Service Bridge (HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 4.0.6.7 - Lenovo)
    Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
    Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.067.00 - Lenovo)
    Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0136 - Lenovo)
    Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.12.13.0 - Lenovo Group Ltd.)
    LenovoUtility (HKLM-x32\...\{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 - Lenovo) Hidden
    LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 - Lenovo)
    Malwarebytes version 4.5.9.198 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.9.198 - Malwarebytes)
    Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
    Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
    Microsoft OneDrive (HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\OneDriveSetup.exe) (Version: 21.139.0711.0001 - Microsoft Corporation)
    MY.GAMES GameCenter (HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\GameCenter) (Version: 4.1663 - MY.COM B.V.)
    OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
    OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
    Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5423.1000 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5423.1000 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.5423.1000 - Microsoft Corporation) Hidden
    Parallels Client-64 bit (HKLM\...\{6BD6F307-41E8-4570-9D5C-E03C34A81C00}) (Version: 18.2.22862 - Parallels International GmbH)
    Product Improvement Study for HP OfficeJet 8010 series (HKLM\...\{3A0E9F23-78FD-4AE0-BD79-59D37E6046DE}) (Version: 49.10.4647.21322 - HP Inc.)
    REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.5.005.12 - Lenovo)
    REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.868.867.071015 - REALTEK Semiconductor Corp.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
    REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0276 - REALTEK Semiconductor Corp.)
    RingCentral (HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\584acf4c-ebc3-56fa-9cfd-586227f098ba) (Version: 22.2.20 - RingCentral)
    SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.2.0.543 - Lenovo)
    Sky Go 21.3.2.0 (HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\com.bskyb.skygoplayer_is1) (Version: 21.3.2.0 - Sky)
    Skype version 8.83 (HKLM-x32\...\Skype_is1) (Version: 8.83 - Skype Technologies S.A.)
    TeamViewer (HKLM\...\TeamViewer) (Version: 15.23.9 - TeamViewer)
    Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
    User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
    User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
    VLC media player (HKLM\...\VLC media player) (Version: 3.0.13 - VideoLAN)
    Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Hidden
    Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-2) (Version: 1.0.26.0 - LunarG, Inc.)
    Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
    WD Desktop App 2.1.0.313 (HKLM-x32\...\{756e70ec-1fb0-41c8-896b-df0302d17bff}) (Version: 2.1.0.313 - Western Digital Corporation) Hidden
    WD Desktop App 2.1.0.313 (x64) (HKLM\...\{CA7F7232-526E-41BD-971A-47BE28C18516}) (Version: 2.1.0.313 - Western Digital Corporation) Hidden
    WD Discovery (HKLM-x32\...\WDDiscovery) (Version: 4.3.327 - Western Digital Technologies, Inc.)
    WD SES Driver Setup (HKLM-x32\...\{924A274D-38B6-4930-8859-F3F51CFA8DDD}) (Version: 1.1.0.25 - Western Digital) Hidden
    Zoom (HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\ZoomUMX) (Version: 5.5.2 (12494.0204) - Zoom Video Communications, Inc.)

    Packages:
    =========
    HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_136.1.269.0_x64__v10z8vjag6ke6 [2022-05-22] (HP Inc.)
    Lenovo Account Portal -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2022-05-22] (LENOVO INCORPORATED.)
    Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2022-03-29] (LENOVO INCORPORATED.)
    Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2204.14.0_x64__k1h2ywk1493x8 [2022-04-25] (LENOVO INC.)
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
    Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.5120.0_x64__8wekyb3d8bbwe [2022-05-17] (Microsoft Studios) [MS Ad]
    MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-05-03] (Microsoft Corporation)
    Open PDF + -> C:\Program Files\WindowsApps\3538OpenOffice.OpenOfficePDF_1.25.0.2_neutral__nmw6e14cfhspc [2017-04-05] (Open PDF, Word, Excel)
    Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation)

    ==================== Custom CLSID (Whitelisted): ==============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-3805500227-4192919812-1505005631-1002_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\molli\Dropbox [2016-04-18 23:36]
    SSODL: WDFSMountNotificator-wdfsconnect2017 - {DBD7FD30-5740-4331-81CF-D711F322B06F} - C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
    SSODL-x32: WDFSMountNotificator-wdfsconnect2017 - {DBD7FD30-5740-4331-81CF-D711F322B06F} - C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
    ShellServiceObjects: Virtual Storage Mount Notification -> {DBD7FD30-5740-4331-81CF-D711F322B06F} => C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
    ShellServiceObjects-x32: Virtual Storage Mount Notification -> {DBD7FD30-5740-4331-81CF-D711F322B06F} => C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
    ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay01] -> {4F8A325E-9DAF-44B8-A825-1A14DFA0FA78} => C:\Program Files\WD Desktop App\kda.DLL [2020-07-20] (Western Digital Technologies, Inc. -> Western Digital Corporation)
    ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay02] -> {0176BDDE-B59A-4A1E-808B-CAD461415CCA} => C:\Program Files\WD Desktop App\kda.DLL [2020-07-20] (Western Digital Technologies, Inc. -> Western Digital Corporation)
    ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay03] -> {B65909D1-57AF-41F5-AB94-BEB733F62B35} => C:\Program Files\WD Desktop App\kda.DLL [2020-07-20] (Western Digital Technologies, Inc. -> Western Digital Corporation)
    ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay04] -> {C6C2397D-8238-4332-8935-86C39C7C165F} => C:\Program Files\WD Desktop App\kda.DLL [2020-07-20] (Western Digital Technologies, Inc. -> Western Digital Corporation)
    ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay05] -> {E7B3BCF9-0386-4B5F-AE6A-91B9F1423973} => C:\Program Files\WD Desktop App\kda.DLL [2020-07-20] (Western Digital Technologies, Inc. -> Western Digital Corporation)
    ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay06] -> {564EA121-D9DA-485D-82C2-C2ED7BFCCEAD} => C:\Program Files\WD Desktop App\kda.DLL [2020-07-20] (Western Digital Technologies, Inc. -> Western Digital Corporation)
    ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
    ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\DevMenuExt.dll [2014-07-03] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
    ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-21] (CyberLink Corp. -> Cyberlink)
    ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ContextMenuHandlers1: [WDDesktopContextMenu] -> {fa00ba41-b6f6-3cfa-a300-f25ce175fe7e} => C:\Program Files\WD Desktop App\kda.DLL [2020-07-20] (Western Digital Technologies, Inc. -> Western Digital Corporation)
    ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-21] (CyberLink Corp. -> Cyberlink)
    ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-21] (Malwarebytes Inc. -> Malwarebytes)
    ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
    ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ContextMenuHandlers4: [WDDesktopContextMenu] -> {fa00ba41-b6f6-3cfa-a300-f25ce175fe7e} => C:\Program Files\WD Desktop App\kda.DLL [2020-07-20] (Western Digital Technologies, Inc. -> Western Digital Corporation)
    ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-03-21] (Advanced Micro Devices, Inc.) [File not signed]
    ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
    ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-21] (Malwarebytes Inc. -> Malwarebytes)

    ==================== Codecs (Whitelisted) ====================

    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)

    ShortcutWithArgument: C:\Users\molli\Desktop\Select profile Disney+.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=filcohkaojcjmnjcfcbijhiekgkfpimm
    ShortcutWithArgument: C:\Users\molli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Select profile Disney+.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=filcohkaojcjmnjcfcbijhiekgkfpimm
    ShortcutWithArgument: C:\Users\molli\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

  5. #5
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    First log is incomplete. The upper part is missing.

  6. #6
    Join Date
    Sep 2005
    Location
    Limerick, Ireland
    Posts
    138
    FRST Part 1
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-05-2022 01
    Ran by molli (administrator) on LAPTOP-3VS60BL9 (LENOVO 80NY) (02-06-2022 17:52:23)
    Running from C:\Users\molli\Desktop
    Loaded Profiles: molli
    Platform: Microsoft Windows 10 Home Version 21H2 19044.1706 (X64) Language: English (United States)
    Default browser: Chrome
    Boot Mode: Normal

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
    (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <5>
    (C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
    (C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantage-(LenovoBoostAddin).exe
    (C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantage-(LenovoBoostSystemAddin).exe
    (C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
    (C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantage-(SmartInteractAddin).exe
    (C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantage-(VantageCoreAddin).exe
    (C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
    (C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
    (C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
    (C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
    (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
    (C:\Users\molli\AppData\Local\Programs\RingCentral\RingCentral.exe ->) (RingCentral, Inc. -> RingCentral) C:\Users\molli\AppData\Local\Programs\RingCentral\resources\win\bin\Meetings.exe <4>
    (C:\Users\molli\AppData\Roaming\uTorrent\uTorrent.exe ->) (BitTorrent Inc -> BitTorrent Inc.) C:\Users\molli\AppData\Roaming\uTorrent\helper\helper.exe
    (C:\Users\molli\AppData\Roaming\uTorrent\uTorrent.exe ->) (BitTorrent Inc -> BitTorrent Inc.) C:\Users\molli\AppData\Roaming\uTorrent\updates\3.5.5_46248\utorrentie.exe <2>
    (C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe <4>
    (C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
    (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    (explorer.exe ->) (BitTorrent Inc -> BitTorrent Inc.) C:\Users\molli\AppData\Roaming\uTorrent\uTorrent.exe
    (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <15>
    (explorer.exe ->) (HP Inc -> HP Inc.) C:\Program Files\HP\HP OfficeJet 8010 series\Bin\ScanToPCActivationApp.exe
    (explorer.exe ->) (Parallels International GmbH -> Parallels International GmbH.) C:\Program Files\Parallels\Client\APPServerClient.exe
    (LENOVO -> Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
    (RingCentral, Inc. -> RingCentral) C:\Users\molli\AppData\Local\Programs\RingCentral\RingCentral.exe <6>
    (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    (services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
    (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
    (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
    (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
    (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
    (services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
    (services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
    (services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
    (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
    (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
    (services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantageService.exe
    (services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
    (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
    (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
    (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
    (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2>
    (services.exe ->) (Parallels International GmbH -> Parallels International GmbH.) C:\Program Files\Parallels\Client\x86\TuxWinClientService.exe
    (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
    (sihost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MSPaint_6.2203.1037.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe
    (svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP OfficeJet 8010 series\Bin\HPNetworkCommunicatorCom.exe
    (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
    (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

    ==================== Registry (Whitelisted) ===================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18374632 2017-05-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1488360 2017-05-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1488360 2017-05-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1488360 2017-05-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
    HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791848 2015-11-28] (LENOVO -> )
    HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [230104 2015-07-11] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
    HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [628736 2015-06-16] () [File not signed]
    HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [212816 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110008 2015-07-21] (CyberLink Corp. -> CyberLink)
    HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492472 2015-07-21] (CyberLink Corp. -> CyberLink Corp.)
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
    HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [10586448 2022-05-21] (Dropbox, Inc -> Dropbox, Inc.)
    HKLM-x32\...\Run: [WDDiscovery] => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe [81359872 2021-07-31] (Western Digital Corporation) [File not signed]
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\Run: [BlueCoreInterfaceTrayApp] => C:\Program Files (x86)\Cardo Updater\CardoUpdater.exe [853912 2016-12-11] (Cardo Systems Inc -> )
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [116060056 2022-04-12] (Skype Software Sarl -> Skype Technologies S.A.)
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\Run: [HP OfficeJet 8010 series (NET)] => C:\Program Files\HP\HP OfficeJet 8010 series\Bin\ScanToPCActivationApp.exe [4075072 2021-03-29] (HP Inc -> HP Inc.)
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\Run: [ut] => C:\Users\molli\AppData\Roaming\uTorrent\uTorrent.exe [2103968 2022-04-13] (BitTorrent Inc -> BitTorrent Inc.)
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\MountPoints2: {5d469f1f-db53-11ec-9e1f-507b9d76ffe2} - "E:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\MountPoints2: {76246a4f-d02f-11eb-9dc7-507b9d76ffe2} - "E:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\MountPoints2: {9d8973b1-8551-11ec-9df5-507b9d76ffe2} - "E:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\MountPoints2: {c3ef43ca-d505-11eb-9dc7-507b9d76ffe2} - "E:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\MountPoints2: {e5cc98c8-0dc0-11ec-9dd3-507b9d76ffe2} - "E:\HiSuiteDownLoader.exe"
    HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
    HKLM\...\Print\Monitors\CutePDF Writer Monitor: C:\WINDOWS\system32\cpwmon64.dll [89008 2016-01-22] (Acro Software Inc. -> )
    HKLM\...\Print\Monitors\PCL hpz3lw71: C:\WINDOWS\system32\hpz3lw71.dll [46080 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\102.0.5005.63\Installer\chrmstp.exe [2022-05-31] (Google LLC -> Google LLC)
    HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\101.0.16440.68\Installer\chrmstp.exe [2022-05-26] (Avast Software s.r.o. -> AVAST Software)
    HKLM\Software\...\Authentication\Credential Providers: [{985546C2-9C8D-4EE6-A4FA-D8C004ED9EC0}] -> SCardWrapCredProv.dll
    Startup: C:\Users\molli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Parallels Client.lnk [2022-05-31]
    ShortcutTarget: Parallels Client.lnk -> C:\Program Files\Parallels\Client\APPServerClient.exe (Parallels International GmbH -> Parallels International GmbH.)
    Startup: C:\Users\molli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RingCentral.lnk [2022-04-22]
    ShortcutTarget: RingCentral.lnk -> C:\Users\molli\AppData\Local\Programs\RingCentral\RingCentral.exe (RingCentral, Inc. -> RingCentral)
    HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

    ==================== Scheduled Tasks (Whitelisted) ============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {02DD17FC-F0C8-4491-B2D0-45D62C726524} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_TH0AL3P1FG => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1136984 2020-09-17] (HP Inc. -> HP Inc.)
    Task: {09147153-2BD2-4C9A-AC43-3BBB9E22B7F7} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\2b6b756a-3867-45c2-a507-feec45f440b3 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
    Task: {10DE4B3A-E667-434E-B5EA-228698F17C98} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [676176 2016-05-18] (LENOVO -> Lenovo)
    Task: {22F70DE8-F69F-484F-AE63-E602B0146EFF} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [287688 2016-03-30] (LENOVO -> Lenovo)
    Task: {2B911569-A66E-4DFA-A151-27E7F3FD733D} - System32\Tasks\GoogleUpdateTaskMachineCore1d602e9b9647972 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-31] (Google Inc -> Google Inc.)
    Task: {32914283-B6C7-4535-8188-8D00D6708152} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
    Task: {346E8652-D6CA-4880-A401-9CC81D821DDB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [286088 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
    Task: {45C9D3D2-5170-4525-ADB9-C9E92AD9C9EA} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2717768 2022-05-13] (Avast Software s.r.o. -> AVAST Software)
    Task: {4B0472A9-C152-40BE-A3A2-800E757256C7} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1897824 2022-03-09] (Lenovo -> )
    Task: {50EF0B55-9E9B-46D6-A1D6-36F7443FB46E} - System32\Tasks\UMonitor Task => C:\WINDOWS\SysWOW64\UMonit64.exe [62560 2015-08-29] (Microsoft Windows Hardware Compatibility Publisher -> )
    Task: {543E4E37-84FB-4B80-AF58-4B8D55D643D8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
    Task: {548EC764-BFC0-4EBD-AD1D-6BBD62AF1838} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\ScheduleEventAction.exe [26384 2022-03-20] (Lenovo -> Lenovo Group Ltd.)
    Task: {57E90D42-DBC1-47D5-8AA4-285B90849D3B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972184 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
    Task: {595F2C3C-CE63-4108-B390-7FE6121EDE9C} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\7631dd97-7868-4b52-8539-e27a7c3699ea => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
    Task: {5ABB794C-14BA-45C3-8F85-8FBD84DD64B5} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
    Task: {5F01B491-8934-475E-8BD9-E4E9846A7187} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software)
    Task: {6BE3E2F3-36F9-473D-9F2B-DD78282F3B00} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\12065564-8fef-487f-9ca6-e2c93ac6ee3a => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
    Task: {6DB73BB3-2A8E-4827-91F4-A28523AB288A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [930960 2022-05-11] (HP Inc. -> HP Inc.)
    Task: {6EDD5101-3F5A-4A39-8922-52917FED8BFC} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3805500227-4192919812-1505005631-1002 => C:\Users\molli\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [122344 2019-04-04] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
    Task: {701B9749-3974-4F68-A006-AE597F3C72C3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136304 2021-03-30] (HP Inc. -> HP Inc.)
    Task: {71280683-330D-4B63-9359-2F27C6EE4813} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
    Task: {73EF4189-26C6-4149-809A-5660C9F963BC} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
    Task: {748496A6-02BB-4C59-8249-ABB80BFF7AAE} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\ScheduleEventAction.exe [26384 2022-03-20] (Lenovo -> Lenovo Group Ltd.)
    Task: {76025D61-D042-430E-8020-027EB9BFF6D9} - System32\Tasks\WD Device Agent Task molli => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Device Agent.exe [720432 2021-07-31] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
    Task: {7E917DB0-9CDC-4FB7-ADF4-7DB6F9856FDD} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [145480 2021-09-09] (Lenovo -> Lenovo Group Ltd.)
    Task: {80184825-2BFE-4A17-BE04-E446B10626B0} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-11] (Avast Software s.r.o. -> AVAST Software)
    Task: {89A42FFD-2F6F-4B1B-A725-FCA776BE39B4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [327256 2022-02-09] (HP Inc. -> HP Inc.)
    Task: {8BCAAF8E-F73C-4C9B-BD8D-0B6B9026F023} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe (No File)
    Task: {8C2A3648-2F5F-468F-B210-A6AA6726F929} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-31] (Google Inc -> Google Inc.)
    Task: {949D0EBD-B7F3-42A3-B933-A9553FEC2BAC} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-11] (Avast Software s.r.o. -> AVAST Software)
    Task: {953C7F48-81F5-4185-A1AF-A936F660619B} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-03-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
    Task: {96233069-34F9-4F33-98B7-6F87E6DB712E} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [676176 2016-05-18] (LENOVO -> Lenovo)
    Task: {987F8A50-3A9F-4F7C-8D8F-B2B5593359D8} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck
    Task: {992E5FD9-BD72-41B0-A82C-50E9CA2812E6} - System32\Tasks\HPCustParticipation HP OfficeJet 8010 series => C:\Program Files\HP\HP OfficeJet 8010 series\Bin\HPCustPartic.exe [6721184 2021-11-18] (HP Inc. -> HP Inc.)
    Task: {9A4F5C1C-787F-472D-9A54-99C7F495264C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1136984 2020-09-17] (HP Inc. -> HP Inc.)
    Task: {9C13AFE4-1664-43B5-B23E-122B46747114} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5e53d492-c689-4eaf-8ebb-a44d1fbea162 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
    Task: {9D520ADD-330E-403F-9988-942F97CC9872} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [1321296 2016-06-02] (LENOVO -> Lenovo)
    Task: {A5759B49-C9AA-420B-A5BD-2ACD14247B51} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [286088 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
    Task: {A88C97F6-BB13-4E0E-BA7F-24C68515C7A5} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\ScheduleEventAction.exe [26384 2022-03-20] (Lenovo -> Lenovo Group Ltd.)
    Task: {B0E7ED42-E7D0-4802-BAF0-E5AFC61728A8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
    Task: {B36B7D14-0AAF-40B3-882E-EC96A429844C} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
    Task: {B8045498-B5D0-46BA-9C3E-78BF62972088} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972184 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
    Task: {BA450CB0-D2FA-4092-9813-BEC7336F8B7A} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\834ecaf4-65d8-42c6-8b3a-691d62177f32 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
    Task: {BA61D100-8CCF-4980-8B72-4F7F41B23C67} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [745240 2016-09-22] (CyberLink Corp. -> CyberLink Corp.)
    Task: {BB09B081-3E05-4904-A173-08C2D7C85431} - System32\Tasks\WD Discovery Service Task molli => C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe [58880 2021-07-31] () [File not signed]
    Task: {BEF4DB56-9439-43F8-8C9C-C6F9315E58A9} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
    Task: {C6F2710D-E818-496B-8338-97AB3BF229CF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-31] (Google Inc -> Google Inc.)
    Task: {C8388F3A-C2B4-4CB2-9F4A-0778109ECF4E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [930960 2022-05-11] (HP Inc. -> HP Inc.)
    Task: {CE64F059-0402-4941-846D-085CC3309FAB} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16832 2015-07-08] (LENOVO -> Lenovo)
    Task: {D322E16D-87D1-40BB-9157-D96A73D7877E} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
    Task: {D5F26B4D-C936-4EF1-B58B-486064D0605C} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
    Task: {D9E857E0-7A73-4715-8670-888C056FBF2B} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4925264 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    Task: {DA2B9286-BBF1-4F1F-8093-BFF79841E8E6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [930960 2022-05-11] (HP Inc. -> HP Inc.)
    Task: {DC64D404-0AE3-465C-B961-2B60FDA79A29} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-25] (HP Inc. -> )
    Task: {E8C80844-8C86-4CD1-A122-C43C07AC5C73} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [263504 2016-06-02] (LENOVO -> )
    Task: {F056B9E3-8802-41E7-83C2-27AE79F98F85} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [85432 2015-08-05] (CyberLink Corp. -> CyberLink Corp.)
    Task: {F6722126-3039-4BE0-A61C-35002D6B7530} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
    Task: {F894F18F-83FA-4F02-9A38-4D090090D257} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1897824 2022-03-09] (Lenovo -> )
    Task: {FABEB7FD-365A-4F41-8804-25A91DC67F5C} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe /eu (No File)
    Task: {FE8B8E46-0ADF-4775-8A04-871F3020782D} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2717768 2022-05-13] (Avast Software s.r.o. -> AVAST Software)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

  7. #7
    Join Date
    Sep 2005
    Location
    Limerick, Ireland
    Posts
    138
    FRST part 2
    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 89.101.160.5 89.101.160.4
    Tcpip\..\Interfaces\{99dd8d5b-380b-4ad1-a687-a87487ff059a}: [DhcpNameServer] 192.168.42.129
    Tcpip\..\Interfaces\{b46db2f2-e42d-4142-8786-937e4b1aa7e3}: [DhcpNameServer] 89.101.160.5 89.101.160.4
    Tcpip\..\Interfaces\{c2c54ad8-35c7-4fee-9257-97ec8045a3b7}: [DhcpNameServer] 89.101.160.5 89.101.160.4

    Edge:
    =======
    Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
    Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
    Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
    Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
    Edge Profile: C:\Users\molli\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-26]
    Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

    FireFox:
    ========
    FF DefaultProfile: dg32le2u.default
    FF ProfilePath: C:\Users\molli\AppData\Roaming\Mozilla\Firefox\Profiles\dg32le2u.default [2020-10-11]
    FF Homepage: Mozilla\Firefox\Profiles\dg32le2u.default -> hxxps://www.google.com/
    FF NewTab: Mozilla\Firefox\Profiles\dg32le2u.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10440__180520
    FF Plugin: @videolan.org/vlc,version=3.0.13 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-03] (VideoLAN -> VideoLAN)
    FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-20] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2016-12-20] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-11] (Avast Software s.r.o. -> AVAST Software)
    FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-11] (Avast Software s.r.o. -> AVAST Software)

    Chrome:
    =======
    CHR DefaultProfile: Profile 1
    CHR Profile: C:\Users\molli\AppData\Local\Google\Chrome\User Data\Default [2021-04-10]
    CHR HomePage: Default -> hxxps://www.yahoo.com/
    CHR StartupUrls: Default -> "hxxps://www.yahoo.com/"
    CHR Profile: C:\Users\molli\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-06-02]
    CHR Notifications: Profile 1 -> hxxps://bringatrailer.com; hxxps://cricfree.sc; hxxps://football.fantasysports.yahoo.com; hxxps://www.dailymail.co.uk; hxxps://www.facebook.com; hxxps://www.yahoo.com
    CHR HomePage: Profile 1 -> hxxps://www.yahoo.com/
    CHR StartupUrls: Profile 1 -> "hxxps://www.yahoo.com/"
    CHR Extension: (Safe Torrent Scanner) - C:\Users\molli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2022-04-13]
    CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\molli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-05-31]
    CHR Extension: (ZenMate Free VPN–Best VPN for Chrome) - C:\Users\molli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2022-04-07]
    CHR Extension: (Malwarebytes Browser Guard) - C:\Users\molli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-05-26]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\molli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
    CHR Profile: C:\Users\molli\AppData\Local\Google\Chrome\User Data\System Profile [2018-09-29]
    CHR HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
    CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
    CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

    ==================== Services (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
    R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8434824 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-11] (Avast Software s.r.o. -> AVAST Software)
    R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [576336 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [576336 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-11] (Avast Software s.r.o. -> AVAST Software)
    S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\101.0.16440.68\elevation_service.exe [1982752 2022-05-13] (Avast Software s.r.o. -> AVAST Software)
    R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-06-01] (Avast Software s.r.o. -> AVAST Software)
    S4 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [41176 2015-03-03] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
    S4 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [120024 2015-07-02] (Realtek Semiconductor Corp -> )
    S4 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [650680 2015-07-29] (LENOVO -> Lenovo)
    R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3052952 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
    S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
    S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
    R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [45408 2022-05-21] (Dropbox, Inc -> Dropbox, Inc.)
    R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [194048 2017-04-10] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
    S4 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-30] (LENOVO -> Lenovo)
    R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [223904 2022-04-30] (HP Inc. -> HP Inc.)
    R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
    R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
    S2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-25] (HP Inc. -> HP Inc.)
    R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
    R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.12.13.0\LenovoVantageService.exe [29968 2022-03-20] (Lenovo -> Lenovo Group Ltd.)
    S4 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (LENOVO -> Lenovo)
    R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8524512 2022-05-21] (Malwarebytes Inc. -> Malwarebytes)
    S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
    S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
    R2 RAS RDP Backend Service; C:\Program Files\Parallels\Client\x86\TuxWinClientService.exe [3638040 2021-10-28] (Parallels International GmbH -> Parallels International GmbH.)
    S4 ShareItSvc; C:\Program Files (x86)\Lenovo\SHAREit\Shareit.Service.exe [31176 2016-01-20] (LENOVO -> SHAREit Technologies Co.Ltd)
    R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14754088 2021-11-06] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
    S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\NisSrv.exe [2372048 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
    S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MsMpEng.exe [128376 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)

    ===================== Drivers (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
    S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
    R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [38936 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [232648 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [381616 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [255144 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [102568 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-10-02] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
    R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [44568 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [271592 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [548976 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111056 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [86120 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [857488 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [558768 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [218088 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [317832 2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
    S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
    S3 CSRBC; C:\WINDOWS\System32\Drivers\rider64.sys [38400 2015-03-10] (Microsoft Windows Hardware Compatibility Publisher -> CSR plc.)
    R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [103888 2022-04-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
    S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
    S3 GeneStor; C:\WINDOWS\system32\DRIVERS\GeneStor.sys [188840 2015-08-29] (GENESYS LOGIC, INC. -> GenesysLogic)
    R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
    S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-04-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
    R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [194512 2022-05-31] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
    R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [74688 2022-05-31] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
    R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239560 2022-05-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
    R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181992 2022-05-31] (Malwarebytes Inc. -> Malwarebytes)
    S3 RtkA2dp; C:\WINDOWS\system32\drivers\RtkA2dp.sys [182288 2015-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation)
    S3 RtkAvrcpCtrlr; C:\WINDOWS\System32\drivers\RtkAvrcpCtrlr.sys [70672 2015-05-12] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation)
    S3 Ser2pl; C:\WINDOWS\system32\DRIVERS\ser2pl64.sys [262160 2019-08-11] (WDKTestCert charles-yeh,132058328970830801 -> Prolific Technology Inc.)
    S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
    S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-10-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
    S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2018-06-04] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
    S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [428264 2020-10-07] (Microsoft Windows -> Microsoft Corporation)
    R1 wdfsconnect2017; C:\WINDOWS\system32\drivers\wdfsconnect2017.sys [468112 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
    S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69864 2020-10-07] (Microsoft Windows -> Microsoft Corporation)
    R3 wdvpnpbus; C:\WINDOWS\System32\drivers\wdvpnpbus.sys [20624 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
    S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One month (created) (Whitelisted) =========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2022-06-01 22:59 - 2022-06-01 23:15 - 000057096 _____ C:\Users\molli\Desktop\Addition.txt
    2022-06-01 22:35 - 2022-06-02 17:57 - 000042357 _____ C:\Users\molli\Desktop\FRST.txt
    2022-06-01 22:29 - 2022-06-01 22:30 - 002072576 _____ (Farbar) C:\Users\molli\Downloads\FRST.exe
    2022-06-01 22:22 - 2022-06-01 22:22 - 002367488 _____ (Farbar) C:\Users\molli\Downloads\FRST64 (1).exe
    2022-06-01 22:20 - 2022-06-01 22:21 - 002367488 _____ (Farbar) C:\Users\molli\Desktop\FRST64.exe
    2022-05-31 22:11 - 2022-05-31 22:11 - 000194512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
    2022-05-31 22:11 - 2022-05-31 22:11 - 000181992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
    2022-05-31 22:11 - 2022-05-31 22:11 - 000074688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
    2022-05-30 04:45 - 2022-05-30 04:45 - 000239560 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
    2022-05-26 18:12 - 2022-05-26 18:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
    2022-05-21 15:03 - 2022-05-21 15:03 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
    2022-05-21 15:03 - 2022-05-21 15:03 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
    2022-05-21 15:03 - 2022-05-21 15:03 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
    2022-05-21 15:03 - 2022-05-21 15:03 - 000045408 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
    2022-05-21 13:55 - 2022-05-21 13:55 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
    2022-05-21 12:46 - 2022-05-21 12:46 - 000014244 _____ C:\Users\molli\Downloads\2bf121a1.kml
    2022-05-16 22:28 - 2022-05-16 22:27 - 000287056 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
    2022-05-16 22:28 - 2022-05-16 22:27 - 000218088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
    2022-05-12 20:00 - 2022-05-12 20:00 - 006971326 _____ C:\Users\molli\Downloads\YourDocuments (2).pdf
    2022-05-10 20:38 - 2022-05-10 20:38 - 000011799 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
    2022-05-10 20:35 - 2022-05-10 20:35 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
    2022-05-10 20:35 - 2022-05-10 20:35 - 000093696 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
    2022-05-10 19:28 - 2022-05-10 19:28 - 000000000 ___HD C:\$WinREAgent
    2022-05-04 22:30 - 2022-05-04 22:30 - 000041152 _____ C:\Users\molli\Downloads\Seating_Plan.pdf
    2022-05-04 22:30 - 2022-05-04 22:30 - 000041152 _____ C:\Users\molli\Downloads\Seating_Plan (1).pdf
    2022-05-04 20:17 - 2022-05-04 20:42 - 001372388 _____ C:\WINDOWS\Minidump\050422-51359-01.dmp

    ==================== One month (modified) ==================

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2022-06-02 18:00 - 2019-03-19 22:04 - 000000000 ____D C:\Users\molli\AppData\Local\BitTorrentHelper
    2022-06-02 18:00 - 2016-04-09 21:17 - 000000000 ____D C:\Users\molli\AppData\Roaming\uTorrent
    2022-06-02 17:59 - 2021-11-15 15:26 - 000000000 ____D C:\Users\molli\AppData\Roaming\RingCentral
    2022-06-02 17:55 - 2022-01-28 00:33 - 000000000 ____D C:\FRST
    2022-06-02 17:51 - 2020-11-22 16:37 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
    2022-06-02 17:37 - 2016-03-31 11:14 - 000000000 ____D C:\Program Files (x86)\Google
    2022-06-02 17:01 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2022-06-02 07:32 - 2016-04-01 22:42 - 000000000 ____D C:\Users\molli\Desktop\Watch Me
    2022-06-02 03:51 - 2021-06-10 15:40 - 000000000 ____D C:\Users\molli\AppData\LocalLow\IGDump
    2022-06-01 23:29 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
    2022-06-01 23:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
    2022-06-01 23:29 - 2018-07-14 00:21 - 000000000 ____D C:\ProgramData\Packages
    2022-06-01 22:21 - 2021-11-15 15:34 - 000000000 ____D C:\Users\molli\AppData\Roaming\2XClient
    2022-06-01 22:18 - 2020-11-22 17:31 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
    2022-06-01 22:17 - 2022-03-12 16:10 - 000000000 ____D C:\Users\molli\AppData\Roaming\Meetings
    2022-06-01 22:17 - 2019-12-07 10:50 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
    2022-05-31 22:47 - 2016-03-31 11:15 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2022-05-31 21:28 - 2022-04-24 06:45 - 000000000 ____D C:\Users\molli\AppData\LocalLow\uTorrent
    2022-05-31 21:04 - 2021-11-15 15:15 - 000000000 ____D C:\Program Files\TeamViewer
    2022-05-31 21:04 - 2020-11-22 17:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2022-05-31 21:04 - 2020-11-22 16:36 - 000008192 ___SH C:\DumpStack.log.tmp
    2022-05-31 21:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
    2022-05-30 21:38 - 2020-11-30 21:26 - 000003270 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6c0e950b0a570
    2022-05-30 21:38 - 2020-11-22 17:31 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
    2022-05-30 21:38 - 2020-11-22 17:31 - 000003464 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
    2022-05-30 21:38 - 2020-11-22 17:31 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
    2022-05-30 21:38 - 2020-11-22 17:31 - 000003154 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d602e9b9647972
    2022-05-30 21:38 - 2020-11-22 17:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
    2022-05-29 00:34 - 2016-11-14 22:05 - 000000000 ____D C:\Users\molli\AppData\Local\CrashDumps
    2022-05-26 18:41 - 2020-10-11 22:44 - 000002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
    2022-05-26 18:15 - 2016-04-18 23:33 - 000000000 ____D C:\Program Files (x86)\Dropbox
    2022-05-25 17:15 - 2020-11-22 16:49 - 000000000 ____D C:\Users\molli
    2022-05-24 12:22 - 2016-11-12 21:07 - 000000000 ____D C:\ProgramData\AVAST Software
    2022-05-24 12:20 - 2015-11-28 20:34 - 000000000 ____D C:\ProgramData\Realtek
    2022-05-24 12:19 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
    2022-05-24 12:18 - 2017-06-04 02:49 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
    2022-05-24 12:18 - 2017-06-04 02:49 - 000065536 _____ C:\WINDOWS\psp_storage.bin
    2022-05-23 20:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
    2022-05-23 20:38 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
    2022-05-21 19:32 - 2020-06-03 23:58 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
    2022-05-21 14:10 - 2020-11-22 17:07 - 000840602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2022-05-21 09:13 - 2021-06-01 23:29 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
    2022-05-21 09:13 - 2021-06-01 23:29 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
    2022-05-21 09:10 - 2021-06-01 22:09 - 000000000 ____D C:\Program Files\Malwarebytes
    2022-05-21 09:10 - 2016-11-13 22:42 - 000000000 ____D C:\ProgramData\Malwarebytes
    2022-05-19 20:21 - 2021-05-10 13:42 - 000000000 ____D C:\Users\molli\AppData\Roaming\vlc
    2022-05-16 22:49 - 2020-10-11 22:37 - 000381616 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
    2022-05-16 22:42 - 2020-10-11 22:37 - 000317832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
    2022-05-16 22:28 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
    2022-05-16 22:27 - 2020-10-11 22:37 - 000558768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
    2022-05-16 22:27 - 2020-10-11 22:37 - 000548976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
    2022-05-16 22:27 - 2020-10-11 22:37 - 000271592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
    2022-05-16 22:27 - 2020-10-11 22:37 - 000255144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
    2022-05-16 22:27 - 2020-10-11 22:37 - 000111056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
    2022-05-16 22:27 - 2020-10-11 22:37 - 000102568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
    2022-05-16 22:27 - 2020-10-11 22:37 - 000086120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
    2022-05-16 22:27 - 2020-10-11 22:37 - 000044568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
    2022-05-16 22:26 - 2020-10-11 22:37 - 000857488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
    2022-05-16 22:26 - 2020-10-11 22:37 - 000232648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
    2022-05-16 22:26 - 2020-10-11 22:37 - 000038936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
    2022-05-13 07:22 - 2016-05-02 22:45 - 000000000 ____D C:\Users\molli\Desktop\excel spread sheets
    2022-05-11 00:20 - 2020-11-22 16:37 - 000452184 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2022-05-11 00:15 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
    2022-05-11 00:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
    2022-05-11 00:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
    2022-05-11 00:14 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
    2022-05-11 00:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
    2022-05-11 00:14 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
    2022-05-10 21:00 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
    2022-05-10 19:20 - 2016-04-11 02:11 - 000000000 ____D C:\WINDOWS\system32\MRT
    2022-05-10 19:13 - 2016-04-11 02:11 - 145501456 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2022-05-04 20:43 - 2021-02-01 05:48 - 000000000 ____D C:\WINDOWS\Minidump
    2022-05-04 20:17 - 2021-09-05 22:55 - 1113401607 _____ C:\WINDOWS\MEMORY.DMP

    ==================== Files in the root of some directories ========

    2016-11-12 21:50 - 2016-11-03 08:32 - 002594688 _____ (COMODO) C:\Users\molli\AppData\Roaming\temp~ccavstart.exe
    2016-11-12 21:50 - 2016-11-03 08:32 - 003856048 _____ (Terra Informatica Software, Inc.) C:\Users\molli\AppData\Roaming\temp~cmdhtml.dll
    2016-11-16 22:34 - 2016-11-24 16:10 - 000042847 _____ () C:\Users\molli\AppData\Local\BTServer.log
    2018-10-24 16:32 - 2018-10-24 16:32 - 000000000 _____ () C:\Users\molli\AppData\Local\{823E5C07-0FD7-4076-BCF6-EAFEAD04A47D}

    ==================== SigCheck ============================

    (There is no automatic fix for files that do not pass verification.)

    ==================== End of FRST.txt ========================

  8. #8
    Join Date
    Sep 2005
    Location
    Limerick, Ireland
    Posts
    138
    Additional Part 1
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-05-2022 01
    Ran by molli (02-06-2022 18:01:18)
    Running from C:\Users\molli\Desktop
    Microsoft Windows 10 Home Version 21H2 19044.1706 (X64) (2020-11-22 16:35:14)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================


    (If an entry is included in the fixlist, it will be removed.)

    Administrator (S-1-5-21-3805500227-4192919812-1505005631-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-3805500227-4192919812-1505005631-503 - Limited - Disabled)
    Guest (S-1-5-21-3805500227-4192919812-1505005631-501 - Limited - Disabled)
    molli (S-1-5-21-3805500227-4192919812-1505005631-1002 - Administrator - Enabled) => C:\Users\molli
    WDAGUtilityAccount (S-1-5-21-3805500227-4192919812-1505005631-504 - Limited - Disabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
    AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    µTorrent (HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\uTorrent) (Version: 3.5.5.46248 - BitTorrent Inc.)
    64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
    7-Zip 18.06 (x64) (HKLM\...\7-Zip) (Version: 18.06 - Igor Pavlov)
    7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
    Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.4.6011 - Avast Software)
    Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 101.0.16440.68 - AVAST Software)
    Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
    Cardo Updater (HKLM-x32\...\Cardo Updater_is1) (Version: - Cardo Systems, Inc.)
    Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
    Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
    Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
    Components (HKLM-x32\...\{1720B0E0-C520-43A6-B677-97A1D80F3B99}) (Version: 1.0.023.00 - Lenovo) Hidden
    CutePDF Writer 3.1 (HKLM\...\CutePDF Writer Installation) (Version: 3.1 - Acro Software Inc.)
    Dolby Audio X2 Windows API SDK (HKLM\...\{68B3293E-612B-48B4-BC0F-4CCFBF83AB96}) (Version: 0.8.2.76 - Dolby Laboratories, Inc.)
    Dolby Audio X2 Windows APP (HKLM\...\{7DA57EF8-9D20-4126-AF15-D0CC97D0C017}) (Version: 0.4.0.22 - Dolby Laboratories, Inc.)
    Dropbox (HKLM-x32\...\Dropbox) (Version: 149.4.4568 - Dropbox, Inc.)
    Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.583.1 - Dropbox, Inc.) Hidden
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 102.0.5005.63 - Google LLC)
    Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
    Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
    Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.) Hidden
    Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.)
    Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.5.5720.01 - CyberLink Corp.)
    Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.71.2 - ELAN Microelectronic Corp.)
    Lenovo PowerDVD12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5604.55 - CyberLink Corp.) Hidden
    Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5604.55 - CyberLink Corp.)
    Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.022.00 - Lenovo)
    Lenovo Service Bridge (HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 4.0.6.7 - Lenovo)
    Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
    Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.067.00 - Lenovo)
    Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0136 - Lenovo)
    Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.12.13.0 - Lenovo Group Ltd.)
    LenovoUtility (HKLM-x32\...\{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 - Lenovo) Hidden
    LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 - Lenovo)
    Malwarebytes version 4.5.9.198 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.9.198 - Malwarebytes)
    Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
    Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
    Microsoft OneDrive (HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\OneDriveSetup.exe) (Version: 21.139.0711.0001 - Microsoft Corporation)
    MY.GAMES GameCenter (HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\GameCenter) (Version: 4.1663 - MY.COM B.V.)
    OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
    OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
    Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5423.1000 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5423.1000 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.5423.1000 - Microsoft Corporation) Hidden
    Parallels Client-64 bit (HKLM\...\{6BD6F307-41E8-4570-9D5C-E03C34A81C00}) (Version: 18.2.22862 - Parallels International GmbH)
    Product Improvement Study for HP OfficeJet 8010 series (HKLM\...\{3A0E9F23-78FD-4AE0-BD79-59D37E6046DE}) (Version: 49.10.4647.21322 - HP Inc.)
    REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.5.005.12 - Lenovo)
    REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.868.867.071015 - REALTEK Semiconductor Corp.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
    REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0276 - REALTEK Semiconductor Corp.)
    RingCentral (HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\584acf4c-ebc3-56fa-9cfd-586227f098ba) (Version: 22.2.20 - RingCentral)
    SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.2.0.543 - Lenovo)
    Sky Go 21.3.2.0 (HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\com.bskyb.skygoplayer_is1) (Version: 21.3.2.0 - Sky)
    Skype version 8.83 (HKLM-x32\...\Skype_is1) (Version: 8.83 - Skype Technologies S.A.)
    TeamViewer (HKLM\...\TeamViewer) (Version: 15.23.9 - TeamViewer)
    Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
    User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
    User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
    VLC media player (HKLM\...\VLC media player) (Version: 3.0.13 - VideoLAN)
    Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Hidden
    Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-2) (Version: 1.0.26.0 - LunarG, Inc.)
    Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
    WD Desktop App 2.1.0.313 (HKLM-x32\...\{756e70ec-1fb0-41c8-896b-df0302d17bff}) (Version: 2.1.0.313 - Western Digital Corporation) Hidden
    WD Desktop App 2.1.0.313 (x64) (HKLM\...\{CA7F7232-526E-41BD-971A-47BE28C18516}) (Version: 2.1.0.313 - Western Digital Corporation) Hidden
    WD Discovery (HKLM-x32\...\WDDiscovery) (Version: 4.3.327 - Western Digital Technologies, Inc.)
    WD SES Driver Setup (HKLM-x32\...\{924A274D-38B6-4930-8859-F3F51CFA8DDD}) (Version: 1.1.0.25 - Western Digital) Hidden
    Zoom (HKU\S-1-5-21-3805500227-4192919812-1505005631-1002\...\ZoomUMX) (Version: 5.5.2 (12494.0204) - Zoom Video Communications, Inc.)

    Packages:
    =========
    HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_136.1.269.0_x64__v10z8vjag6ke6 [2022-05-22] (HP Inc.)
    Lenovo Account Portal -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2022-05-22] (LENOVO INCORPORATED.)
    Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2022-03-29] (LENOVO INCORPORATED.)
    Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2204.14.0_x64__k1h2ywk1493x8 [2022-04-25] (LENOVO INC.)
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
    Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
    Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.5120.0_x64__8wekyb3d8bbwe [2022-05-17] (Microsoft Studios) [MS Ad]
    MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-05-03] (Microsoft Corporation)
    Open PDF + -> C:\Program Files\WindowsApps\3538OpenOffice.OpenOfficePDF_1.25.0.2_neutral__nmw6e14cfhspc [2017-04-05] (Open PDF, Word, Excel)
    Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation)

    ==================== Custom CLSID (Whitelisted): ==============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-3805500227-4192919812-1505005631-1002_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\molli\Dropbox [2016-04-18 23:36]
    SSODL: WDFSMountNotificator-wdfsconnect2017 - {DBD7FD30-5740-4331-81CF-D711F322B06F} - C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
    SSODL-x32: WDFSMountNotificator-wdfsconnect2017 - {DBD7FD30-5740-4331-81CF-D711F322B06F} - C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
    ShellServiceObjects: Virtual Storage Mount Notification -> {DBD7FD30-5740-4331-81CF-D711F322B06F} => C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
    ShellServiceObjects-x32: Virtual Storage Mount Notification -> {DBD7FD30-5740-4331-81CF-D711F322B06F} => C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
    ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay01] -> {4F8A325E-9DAF-44B8-A825-1A14DFA0FA78} => C:\Program Files\WD Desktop App\kda.DLL [2020-07-20] (Western Digital Technologies, Inc. -> Western Digital Corporation)
    ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay02] -> {0176BDDE-B59A-4A1E-808B-CAD461415CCA} => C:\Program Files\WD Desktop App\kda.DLL [2020-07-20] (Western Digital Technologies, Inc. -> Western Digital Corporation)
    ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay03] -> {B65909D1-57AF-41F5-AB94-BEB733F62B35} => C:\Program Files\WD Desktop App\kda.DLL [2020-07-20] (Western Digital Technologies, Inc. -> Western Digital Corporation)
    ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay04] -> {C6C2397D-8238-4332-8935-86C39C7C165F} => C:\Program Files\WD Desktop App\kda.DLL [2020-07-20] (Western Digital Technologies, Inc. -> Western Digital Corporation)
    ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay05] -> {E7B3BCF9-0386-4B5F-AE6A-91B9F1423973} => C:\Program Files\WD Desktop App\kda.DLL [2020-07-20] (Western Digital Technologies, Inc. -> Western Digital Corporation)
    ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay06] -> {564EA121-D9DA-485D-82C2-C2ED7BFCCEAD} => C:\Program Files\WD Desktop App\kda.DLL [2020-07-20] (Western Digital Technologies, Inc. -> Western Digital Corporation)
    ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
    ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\DevMenuExt.dll [2014-07-03] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
    ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-21] (CyberLink Corp. -> Cyberlink)
    ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ContextMenuHandlers1: [WDDesktopContextMenu] -> {fa00ba41-b6f6-3cfa-a300-f25ce175fe7e} => C:\Program Files\WD Desktop App\kda.DLL [2020-07-20] (Western Digital Technologies, Inc. -> Western Digital Corporation)
    ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-21] (CyberLink Corp. -> Cyberlink)
    ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-21] (Malwarebytes Inc. -> Malwarebytes)
    ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
    ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ContextMenuHandlers4: [WDDesktopContextMenu] -> {fa00ba41-b6f6-3cfa-a300-f25ce175fe7e} => C:\Program Files\WD Desktop App\kda.DLL [2020-07-20] (Western Digital Technologies, Inc. -> Western Digital Corporation)
    ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-03-21] (Advanced Micro Devices, Inc.) [File not signed]
    ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-19] (Dropbox, Inc -> Dropbox, Inc.)
    ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
    ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-05-16] (Avast Software s.r.o. -> AVAST Software)
    ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-21] (Malwarebytes Inc. -> Malwarebytes)

    ==================== Codecs (Whitelisted) ====================

  9. #9
    Join Date
    Sep 2005
    Location
    Limerick, Ireland
    Posts
    138
    I will run them again as that was everything in the txt file.

  10. #10
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550

  11. #11
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    I don't see much, so far...

    Download RogueKiller from one of the following links and save it to your Desktop:

    Link 1
    Link 2

    • Close all the running programs
    • Double click on downloaded setup.exe file to install the program.
    • Click on Start Scan button.
    • Click on another Start Scan button.
    • Wait until the Status box shows Scan Finished
    • Click on Remove Selected.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.


    Please download Malwarebytes to your desktop.

    • Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
    • Then click Finish.
    • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
    • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
    • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
    • Restart your computer when prompted to do so.
    • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.


    Please download AdwCleaner by Xplode and save to your Desktop.

    • Double click on AdwCleaner.exe to run the tool.
      Vista/Windows 7/8/10 users right-click and select Run As Administrator
    • The tool will start to update the database if one is required.
    • Click on the Scan button.
    • AdwCleaner will begin...be patient as the scan may take some time to complete.
    • After the scan has finished, click on the Logfile button.
    • A window will open which lists the logs of your scans.
    • Click on the Scan tab.
    • Double-click the most recent scan which will be at the top of the list....the log will appear.
    • Review the results...see note below
    • After reviewing the log, click on the Clean button.
    • Press OK when asked to close all programs and follow the onscreen prompts.
    • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
    • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
    • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
    • A copy of all logfiles are saved to C:\AdwCleaner.


    -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.

  12. #12
    Join Date
    Sep 2005
    Location
    Limerick, Ireland
    Posts
    138
    # -------------------------------
    # Malwarebytes AdwCleaner 8.3.2.0
    # -------------------------------
    # Build: 03-23-2022
    # Database: 2022-03-15.3 (Local)
    # Support: https://www.malwarebytes.com/support
    #
    # -------------------------------
    # Mode: Scan
    # -------------------------------
    # Start: 06-06-2022
    # Duration: 00:02:07
    # OS: Windows 10 Home
    # Scanned: 32049
    # Detected: 66


    ***** [ Services ] *****

    No malicious services found.

    ***** [ Folders ] *****

    No malicious folders found.

    ***** [ Files ] *****

    No malicious files found.

    ***** [ DLL ] *****

    No malicious DLLs found.

    ***** [ WMI ] *****

    No malicious WMI found.

    ***** [ Shortcuts ] *****

    No malicious shortcuts found.

    ***** [ Tasks ] *****

    No malicious tasks found.

    ***** [ Registry ] *****

    No malicious registry entries found.

    ***** [ Chromium (and derivatives) ] *****

    No malicious Chromium entries found.

    ***** [ Chromium URLs ] *****

    No malicious Chromium URLs found.

    ***** [ Firefox (and derivatives) ] *****

    No malicious Firefox entries found.

    ***** [ Firefox URLs ] *****

    No malicious Firefox URLs found.

    ***** [ Hosts File Entries ] *****

    No malicious hosts file entries found.

    ***** [ Preinstalled Software ] *****

    Preinstalled.CyberLinkShellExtension Registry HKLM\Software\Classes\CLSID\{3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2}
    Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP CUSTOMER FEEDBACK
    Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
    Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS
    Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
    Preinstalled.HPSupportAssistant Folder C:\Users\molli\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
    Preinstalled.HPSupportAssistant Folder C:\Users\molli\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
    Preinstalled.HPSupportAssistant Folder C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
    Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{335F9A62-FE4B-40CD-B4ED-BB4DE21DC95D}
    Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{335F9A62-FE4B-40CD-B4ED-BB4DE21DC95D}
    Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{C0ABBA07-B636-47B8-B9E1-BB96D7CD4831}
    Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}
    Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{CE7447C2-EF12-4EF3-BE51-BFC3B049C0F6}
    Preinstalled.HPTouchpointAnalyticsClient Folder C:\Program Files\HP\HP TOUCHPOINT ANALYTICS CLIENT
    Preinstalled.HPTouchpointAnalyticsClient Folder C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT
    Preinstalled.HPTouchpointAnalyticsClient Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}
    Preinstalled.LenovoAcceleratorApplication Folder C:\Program Files (x86)\LENOVO\LENOVOPORTAL
    Preinstalled.LenovoCCSDK Folder C:\Program Files (x86)\LENOVO\CCSDK
    Preinstalled.LenovoCCSDK Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{67827BB6-4B05-6181-921A-E49FC484E859}
    Preinstalled.LenovoExperienceImprovement Folder C:\Program Files\LENOVO\EXPERIENCEIMPROVEMENT
    Preinstalled.LenovoExperienceImprovement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\LenovoExperienceImprovement
    Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
    Preinstalled.LenovoIMController Folder C:\Users\molli\AppData\Local\LENOVO\IMCONTROLLER
    Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
    Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
    Preinstalled.LenovoIMController Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}
    Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
    Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{1720B0E0-C520-43A6-B677-97A1D80F3B99}
    Preinstalled.LenovoPhotoMaster Folder C:\Program Files (x86)\LENOVO\LENOVO PHOTO MASTER
    Preinstalled.LenovoPhotoMaster Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{BC94C56A-3649-420C-8756-2ADEBE399D33}
    Preinstalled.LenovoPower2Go Folder C:\Program Files (x86)\LENOVO\POWER2GO
    Preinstalled.LenovoPower2Go Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CLMLServer_For_P2G8
    Preinstalled.LenovoPower2Go Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CLVirtualDrive
    Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|CLMLServer_For_P2G8
    Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|CLVirtualDrive
    Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
    Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
    Preinstalled.LenovoPowerDVD Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F056B9E3-8802-41E7-83C2-27AE79F98F85}
    Preinstalled.LenovoPowerDVD Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PDVDServ12 Task
    Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
    Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
    Preinstalled.LenovoPowerDVD Task C:\Windows\System32\Tasks\PDVDSERV12 TASK
    Preinstalled.LenovoQuickOptimizer Folder C:\Program Files\LENOVO\QUICKOPTIMIZER
    Preinstalled.LenovoQuickOptimizer Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}
    Preinstalled.LenovoREACHit Folder C:\Program Files (x86)\LENOVO\REACHIT
    Preinstalled.LenovoREACHit Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LENOVO\REACHIT
    Preinstalled.LenovoREACHit Folder C:\Users\molli\AppData\Local\LENOVO\REACHIT
    Preinstalled.LenovoREACHit Registry HKLM\Software\Classes\CLSID\{2B3256D4-49AA-11D1-8429-0050AE509033}
    Preinstalled.LenovoREACHit Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|{2B3256D4-49AA-11D1-8429-0050AE509033}
    Preinstalled.LenovoREACHit Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}
    Preinstalled.LenovoSHAREit Folder C:\Program Files (x86)\LENOVO\SHAREIT
    Preinstalled.LenovoSHAREit Folder C:\ProgramData\LENOVO\SHAREIT
    Preinstalled.LenovoSHAREit Folder C:\Users\molli\AppData\Local\SHAREIT\SHAREIT
    Preinstalled.LenovoSHAREit Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\SHAREit_is1
    Preinstalled.LenovoServiceBridge Folder C:\Users\molli\AppData\Local\PROGRAMS\LENOVO\LENOVO SERVICE BRIDGE
    Preinstalled.LenovoServiceBridge Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1
    Preinstalled.LenovoSolutionCenter Folder C:\Program Files\LENOVO\LENOVO SOLUTION CENTER
    Preinstalled.LenovoSolutionCenter Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}
    Preinstalled.LenovoUpdate Folder C:\Program Files (x86)\LENOVO\SYSTEM UPDATE
    Preinstalled.LenovoUpdate Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{03C6CC92-68F2-4961-9A73-CAECA350BD08}
    Preinstalled.LenovoUpdate Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\TVSU_is1
    Preinstalled.LenovoUtility Folder C:\Program Files\LENOVO\LENOVOUTILITY
    Preinstalled.LenovoUtility Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|LenovoUtility
    Preinstalled.LenovoUtility Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|LenovoUtility
    Preinstalled.LenovoUtility Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}
    Preinstalled.LenovoUtility Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}



    ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

  13. #13
    Join Date
    Sep 2005
    Location
    Limerick, Ireland
    Posts
    138
    Malwarebytes
    www.malwarebytes.com

    -Log Details-
    Scan Date: 6/6/22
    Scan Time: 6:45 PM
    Log File: 7b5e9f1a-e5c0-11ec-93e0-507b9d76ffe2.json

    -Software Information-
    Version: 4.5.9.198
    Components Version: 1.0.1689
    Update Package Version: 1.0.55884
    License: Trial

    -System Information-
    OS: Windows 10 (Build 19044.1706)
    CPU: x64
    File System: NTFS
    User: LAPTOP-3VS60BL9\molli

    -Scan Summary-
    Scan Type: Threat Scan
    Scan Initiated By: Manual
    Result: Completed
    Objects Scanned: 329495
    Threats Detected: 0
    Threats Quarantined: 0
    Time Elapsed: 23 min, 38 sec

    -Scan Options-
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Detect
    PUM: Detect

    -Scan Details-
    Process: 0
    (No malicious items detected)

    Module: 0
    (No malicious items detected)

    Registry Key: 0
    (No malicious items detected)

    Registry Value: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Data Stream: 0
    (No malicious items detected)

    Folder: 0
    (No malicious items detected)

    File: 0
    (No malicious items detected)

    Physical Sector: 0
    (No malicious items detected)

    WMI: 0
    (No malicious items detected)


    (end)

  14. #14
    Join Date
    Sep 2005
    Location
    Limerick, Ireland
    Posts
    138
    Program : RogueKiller Anti-Malware
    Version : 15.5.1.0
    x64 : Yes
    Program Date : May 13 2022
    Location : C:\Program Files\RogueKiller\RogueKiller64.exe
    Premium : No
    Company : Adlice Software
    Website : https://www.adlice.com/
    Contact : https://adlice.com/contact/
    Website : https://adlice.com/download/roguekiller/
    Operating System : Windows 10 (10.0.19044) 64-bit
    64-bit OS : Yes
    Startup : 0
    WindowsPE : No
    User : molli
    User is Admin : Yes
    Date : 2022/06/06 16:56:31
    Type : Scan
    Aborted : No
    Scan Mode : Standard
    Duration : 5627
    Found items : 0
    Total scanned : 115692
    Signatures Version : 20220530_080817
    Truesight Driver : Yes
    Updates Count : 5
    Arguments : -minimize

    ************************* Warnings *************************

    ************************* Updates *************************
    7-Zip 18.06 (x64) (64-bit), version 18.06
    [+] Available Version : 21.07
    [+] Size : 4.95 MB
    [+] Wow6432 : No
    [+] Portable : No
    [+] update_location : C:\Program Files\7-Zip\

    Avast Free Antivirus (64-bit), version 22.4.7175.0
    [+] Available Version : 22.5.7263
    [+] Wow6432 : No
    [+] Portable : No
    [+] update_location : C:\Program Files\Avast Software\Avast

    TeamViewer (64-bit), version 15.23.9
    [+] Available Version : 15.30.3
    [+] Wow6432 : No
    [+] Portable : No
    [+] update_location : C:\Program Files\TeamViewer

    VLC media player (64-bit), version 3.0.13
    [+] Available Version : 3.0.17.4
    [+] Wow6432 : No
    [+] Portable : No
    [+] update_location : C:\Program Files\VideoLAN\VLC

    7-Zip 19.00 (x64 edition) (64-bit), version 19.00.00.0
    [+] Available Version : 21.07
    [+] Size : 5.13 MB
    [+] Wow6432 : No
    [+] Portable : No


    ************************* Processes *************************

    ************************* Modules *************************

    ************************* Services *************************

    ************************* Scheduled Tasks *************************

    ************************* Registry *************************

    ************************* WMI *************************

    ************************* Hosts File *************************
    is_too_big : No
    hosts_file_path : C:\Windows\System32\drivers\etc\hosts


    ************************* Filesystem *************************

    ************************* Web Browsers *************************

    ************************* Antirootkit *************************

  15. #15
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    There is nothing malicious there.
    I suggest new topic in Windows forum.
    Good luck

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •